, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 11)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:05 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExI3BHdUqUK5tHAyWns3MY4d8nDqwv5+0ioz3nFmPs+OPTtjB1Ba1YgYiojbIuLXPJ20F6g2/1xfXpz6c3lxKol6/fU/kka5a8uLU0XR4nl788xIGpF+nLT9w6b5CxfPTNZqM+fz/NjC2XfG5i9cfGr27OTpmdMz5yZOnDh+bPzZZyae7kmcWVzXDr0/d/jgy29efnXq5OW3fvgqyeOOtjh6pRrVTqE3PNrryvpsX0s6GehjQ9iUSkRk3TXYGP9DUYnVzhuKlz7qa+OAHVWv1+u7u59eqgP/Y0n0uwVAfxQf9Nn9b3HcoKnHTeHq880boCzu6/nRPDMQaV5msO3+tpeqEXFy6a/PsyN2aB0CAKDVN9n858lO87807m4pd3u+hzIcEXdExP6IuDMiDkTEXRGNsvdExL2brL/all87/0mvbCmwDcrmf8/le1v/nP8Vs78YruS5fY34B5NTs7WZo/lrMhKDu7P8+Dp1fPviz592O9c6/8uOrP5iLpi348pA2wLd9OTC5HZibnX1w4hDA53iT1Z2An6JiIMRcWiLdcw+/uXhbuf+Pf519GCfqf5FxGPN/l+KtvgLyfr7k2O3RG3m6FhxVaz140+XXutW/7bi74Gs//d0vP5X4h9OWvdr5zdfx6XfPul6T7PV639X8kYjvSt/7L3JhYXz4xG7klfWPj6x+twiX5TP4h850nn874/VV+K+iMgu4vsj4oGIeDBv+0MR8XBEHFkn/u9feOTtrce/s7L4pzfV/5tPVM5893W3+jfW/8cbqZH8kY28/220gdt57QAAAOC/Im18Bz5JR1fSaTo62vwO/4HYk9bm5heeODX37rnp5nflh2MwLVa6hlrWQ8fzteEiP9GWP5avG39WubWRH52aq033O3goub1dxn/m90q/WwfsOL/XgvIy/qG8jH8oL+Mfysv4h/LqNP4/6EM7gBvP5z+Ul/EP5WX8Q3kZ/1BK2/ldv0SZE5HeFM2Q2KFEv9+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuPvAAAA//+uSedO")
[ 3417.741605][T26755] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3417.754415][T26755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3417.781168][T26760] loop3: detected capacity change from 0 to 512
[ 3417.782310][T26762] FAULT_INJECTION: forcing a failure.
[ 3417.782310][T26762] name failslab, interval 1, probability 0, space 0, times 0
[ 3417.787789][T26760] EXT4-fs: Ignoring removed nobh option
[ 3417.800164][T26762] CPU: 1 PID: 26762 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3417.805721][T26760] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3417.816181][T26762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3417.816192][T26762] Call Trace:
[ 3417.816206][T26762]
[ 3417.822707][T26760] EXT4-fs: Ignoring removed nobh option
[ 3417.832986][T26762] dump_stack_lvl+0xda/0x130
[ 3417.840155][T26760] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3417.845138][T26762] dump_stack+0x15/0x20
[ 3417.845161][T26762] should_fail_ex+0x21f/0x230
[ 3417.872992][T26762] __should_failslab+0x92/0xa0
[ 3417.877770][T26762] should_failslab+0x9/0x20
[ 3417.883593][T26762] slab_pre_alloc_hook+0x38/0x180
[ 3417.888729][T26762] __kmem_cache_alloc_node+0x46/0x250
[ 3417.894123][T26762] ? io_drain_req+0x1e1/0x4f0
[ 3417.898802][T26762] kmalloc_trace+0x2a/0xa0
[ 3417.903223][T26762] io_drain_req+0x1e1/0x4f0
[ 3417.908088][T26762] io_queue_sqe_fallback+0xd1/0xe0
[ 3417.913239][T26762] io_submit_sqes+0xbf8/0xfe0
[ 3417.917969][T26762] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3417.923631][T26762] ? __fget_files+0x1c4/0x200
[ 3417.928311][T26762] ? mutex_lock+0xd/0x30
[ 3417.932555][T26762] ? fput+0x112/0x140
[ 3417.936530][T26762] ? ksys_write+0x178/0x1a0
[ 3417.941095][T26762] __x64_sys_io_uring_enter+0x78/0x90
[ 3417.946621][T26762] do_syscall_64+0x41/0xc0
[ 3417.951032][T26762] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3417.956953][T26762] RIP: 0033:0x7fbf4da9f169
[ 3417.961418][T26762] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3417.981129][T26762] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3417.989590][T26762] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3417.997611][T26762] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3418.005677][T26762] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3418.013655][T26762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3418.021628][T26762] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3418.029596][T26762]
[ 3418.039529][T26760] EXT4-fs (loop3): 1 truncate cleaned up
19:07:05 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0lobRAQ4FAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E9exQz6curC/n7TSjHeSmcezY8/OrAMorZGIGIyIOyLi1zydNJ1fPtQolJW7sbI0/efK0nQStdobfyT1ctdXlqaLssXf7cszo2lE+kly8z/MLVy8dHaqWp29kOfHF8+9O75w8dLTc+emzsyemT0/efLkieMTzz07+UxX4sziuj78wfyRw6+8deW16VNX3v7x6ySPO1ri6JaRGGkXet1j3a6sx/Y3pZO+HjaELalERNZd/fXxPxiVWOu8wXj54542DthVtVqttqfz6eUa8B+WRK9bAPRG8UWf3f8Wxy2aetwWrr3QuAHK4r6RH40zfXEiL9Pfcn/bTSMRcWr5ry+yI3ZpHQIAoNm32fznqXbzvzTuaSp3Z76HMhQRd0XEgYi4OyIORsShiHrZeyPivi3WP9KSXz//Sa9uK7BNyuZ/z+d7WzfP/9KiyFAlz+2vx9+fnJ6rzh7L35PR6N+T5Sc2qOO7l375rNO55vlfdmT1F3PBvB1X+1oW6GamFqd2EnOzax9FDPe1iz9Z3QlIIuJwRAxvs465J7460uncP8e/gS7sM9W+jHi80f/L0RJ/Idl4f3L8f1GdPTZeXBXr/fTz5dc71b+j+Lsg6/+9ba//1fiHkub92oWt13H5t0873tNs9/ofSN6spwfy196fWly8MBExkLy6/vXJtb8t8kX5LP7Ro+3H/4FYeyfuj4jsIn4gIh6MiIfytj8cEY9ExNEN4v/hxUff2X78uyuLf2ZL/b/1ROXs9990qn9z/d+4Ex/NX9nM599mG7iT9w4AAAD+LdL6M/BJOraaTtOxscYz/Adjb1qdX1h88vT8e+dnGs/KD0V/Wqx0DTath07ka8NFfrIlfzxfN/688v96fmx6vjrT6+Ch5PZ1GP+Z3yu9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr3fj/sAftAG493/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6WzRDYpcSvf5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I6/AwAA///gQ+cc")
19:07:05 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 32)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async, rerun: 64)
setsockopt(r3, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async, rerun: 64)
sendto$inet6(r3, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000080)=[r2, r3, r1, r1], 0x4)
[ 3418.045213][T26760] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3418.066598][T26760] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:05 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJH4I4qVSiXFk5Ga+8mxrFDHk5d2N9PWmXGO87M59mxZ2fsAEqrGhFDEXFbRPyap5P2AtXmn+vLi1N/Li9OJVGvv/5H0ih3bXlxqihaPG9vnhlJI9KPk7Z/2DR/4eKZyVpt5nyeH1s4+87Y/IWLT82enTw9c3rm3MSJE8ePjT/7zMTTPYkzi+vaoffnDh98+c3Lr06dvPzWD18ledzRFkevVKPaKfSGR3tdWZ/ta0knA31sCJtSiYisuwYb438oKrHaeUPx0kd9bRywo+r1en1399NLdeB/LIl+twDoj+KDPrv/LY4bNPW4KVx9vnkDlMV9PT+aZwYizcsMtt3f9lI1Ik4u/fV5dsQOrUMAALT6Jpv/PNlp/pfG3S3lbs/3UIYj4o6I2B8Rd0bEgYi4K6JR9p6IuHeT9Vfb8mvnP+mVLQW2Qdn877l8b+uf879i9hfDlTy3rxH/YHJqtjZzNH9NRmJwd5YfX6eOb1/8+dNu51rnf9mR1V/MBfN2XBloW6CbnlyY3E7Mra5+GHFooFP8ycpOwC8RcTAiDm2xjtnHvzzc7dy/x7+OHuwz1b+IeKzZ/0vRFn8hWX9/cuyWqM0cHSuuirV+/OnSa93q31b8PZD1/56O1/9K/MNJ637t/ObruPTbJ13vabZ6/e9K3mikd+WPvTe5sHB+PGJX8sraxydWn1vki/JZ/CNHOo///bH6StwXEdlFfH9EPBARD+ZtfygiHo6II+vE//0Lj7y99fh3Vhb/9Kb6f/OJypnvvu5W/8b6/3gjNZI/spH3v402cDuvHQAAAPxXpI3vwCfp6Eo6TUdHm9/hPxB70trc/MITp+bePTfd/K78cAymxUrXUMt66Hi+NlzkJ9ryx/J1488qtzbyo1Nztel+Bw8lt7fL+M/8Xul364Ad5/daUF7GP5SX8Q/lZfxDeRn/UF6dxv8HfWgHcOP5/IfyMv6hvIx/KC/jH0ppO7/rlyhzItKbohkSO5To9zsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAb/wdAAD//45h508=")
[ 3418.091213][T26776] loop1: detected capacity change from 0 to 512
[ 3418.097745][T26776] EXT4-fs: Ignoring removed nobh option
[ 3418.103434][T26776] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3418.110056][T26776] EXT4-fs: Ignoring removed nobh option
[ 3418.147155][T26781] loop3: detected capacity change from 0 to 512
[ 3418.158293][T26776] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3418.159268][T26781] EXT4-fs: Ignoring removed nobh option
[ 3418.177942][T26781] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3418.181048][T26776] EXT4-fs (loop1): 1 truncate cleaned up
[ 3418.184411][T26781] EXT4-fs: Ignoring removed nobh option
19:07:05 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000080))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
io_uring_register$IORING_UNREGISTER_RING_FDS(r0, 0x15, &(0x7f0000001600)=[{0x1, 0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)=""/192, 0xc0}], &(0x7f0000000380)=[0x8000]}, {0x3, 0x3eb09ecb2c38b64, 0x0, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/47, 0x2f}, {&(0x7f0000000400)=""/16, 0x10}, {&(0x7f0000000440)=""/121, 0x79}], &(0x7f0000000500)=[0x2, 0x45, 0x4, 0xca19, 0x1570, 0x9, 0xfffffffffffffffc, 0xfffffffffffffff9]}, {0x3, 0x1, 0x0, &(0x7f0000000640)=[{&(0x7f0000000540)=""/84, 0x54}, {&(0x7f00000005c0)=""/15, 0xf}, {&(0x7f0000000600)=""/60, 0x3c}], &(0x7f0000000680)=[0x80000000, 0x0]}, {0x4, 0x1, 0x0, &(0x7f00000009c0)=[{&(0x7f00000006c0)=""/65, 0x41}, {&(0x7f0000000740)=""/218, 0xda}, {&(0x7f0000000840)=""/176, 0xb0}, {&(0x7f0000000900)=""/134, 0x86}], &(0x7f0000000a00)=[0x6, 0x3, 0x1, 0x6]}, {0xa, 0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000a40)=""/64, 0x40}, {&(0x7f0000000a80)=""/234, 0xea}, {&(0x7f0000000b80)=""/220, 0xdc}, {&(0x7f0000000c80)=""/203, 0xcb}, {&(0x7f0000000d80)=""/178, 0xb2}, {&(0x7f0000000e40)=""/226, 0xe2}, {&(0x7f0000000f40)=""/92, 0x5c}, {&(0x7f0000000fc0)=""/222, 0xde}, {&(0x7f00000010c0)=""/46, 0x2e}, {&(0x7f0000001100)=""/178, 0xb2}], &(0x7f0000001280)=[0x800, 0x9, 0x1ff, 0x3, 0x7, 0x101]}, {0x5, 0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000012c0)=""/89, 0x59}, {&(0x7f0000001340)=""/100, 0x64}, {&(0x7f00000013c0)=""/42, 0x2a}, {&(0x7f0000001400)=""/218, 0xda}, {&(0x7f0000001500)=""/46, 0x2e}], &(0x7f00000015c0)=[0x3, 0xfffffffeffffffff, 0x7a2, 0x5, 0x45b]}], 0x6) (async)
socket(0x1a, 0x80000, 0x5)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:05 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r3, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r3, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000080)=[r2, r3, r1, r1], 0x4)
[ 3418.190075][T26776] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3418.216529][T26781] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3418.226569][T26776] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:05 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000080))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(r0, 0x15, &(0x7f0000001600)=[{0x1, 0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)=""/192, 0xc0}], &(0x7f0000000380)=[0x8000]}, {0x3, 0x3eb09ecb2c38b64, 0x0, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/47, 0x2f}, {&(0x7f0000000400)=""/16, 0x10}, {&(0x7f0000000440)=""/121, 0x79}], &(0x7f0000000500)=[0x2, 0x45, 0x4, 0xca19, 0x1570, 0x9, 0xfffffffffffffffc, 0xfffffffffffffff9]}, {0x3, 0x1, 0x0, &(0x7f0000000640)=[{&(0x7f0000000540)=""/84, 0x54}, {&(0x7f00000005c0)=""/15, 0xf}, {&(0x7f0000000600)=""/60, 0x3c}], &(0x7f0000000680)=[0x80000000, 0x0]}, {0x4, 0x1, 0x0, &(0x7f00000009c0)=[{&(0x7f00000006c0)=""/65, 0x41}, {&(0x7f0000000740)=""/218, 0xda}, {&(0x7f0000000840)=""/176, 0xb0}, {&(0x7f0000000900)=""/134, 0x86}], &(0x7f0000000a00)=[0x6, 0x3, 0x1, 0x6]}, {0xa, 0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000a40)=""/64, 0x40}, {&(0x7f0000000a80)=""/234, 0xea}, {&(0x7f0000000b80)=""/220, 0xdc}, {&(0x7f0000000c80)=""/203, 0xcb}, {&(0x7f0000000d80)=""/178, 0xb2}, {&(0x7f0000000e40)=""/226, 0xe2}, {&(0x7f0000000f40)=""/92, 0x5c}, {&(0x7f0000000fc0)=""/222, 0xde}, {&(0x7f00000010c0)=""/46, 0x2e}, {&(0x7f0000001100)=""/178, 0xb2}], &(0x7f0000001280)=[0x800, 0x9, 0x1ff, 0x3, 0x7, 0x101]}, {0x5, 0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000012c0)=""/89, 0x59}, {&(0x7f0000001340)=""/100, 0x64}, {&(0x7f00000013c0)=""/42, 0x2a}, {&(0x7f0000001400)=""/218, 0xda}, {&(0x7f0000001500)=""/46, 0x2e}], &(0x7f00000015c0)=[0x3, 0xfffffffeffffffff, 0x7a2, 0x5, 0x45b]}], 0x6)
socket(0x1a, 0x80000, 0x5)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000080)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
io_uring_register$IORING_UNREGISTER_RING_FDS(r0, 0x15, &(0x7f0000001600)=[{0x1, 0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)=""/192, 0xc0}], &(0x7f0000000380)=[0x8000]}, {0x3, 0x3eb09ecb2c38b64, 0x0, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/47, 0x2f}, {&(0x7f0000000400)=""/16, 0x10}, {&(0x7f0000000440)=""/121, 0x79}], &(0x7f0000000500)=[0x2, 0x45, 0x4, 0xca19, 0x1570, 0x9, 0xfffffffffffffffc, 0xfffffffffffffff9]}, {0x3, 0x1, 0x0, &(0x7f0000000640)=[{&(0x7f0000000540)=""/84, 0x54}, {&(0x7f00000005c0)=""/15, 0xf}, {&(0x7f0000000600)=""/60, 0x3c}], &(0x7f0000000680)=[0x80000000, 0x0]}, {0x4, 0x1, 0x0, &(0x7f00000009c0)=[{&(0x7f00000006c0)=""/65, 0x41}, {&(0x7f0000000740)=""/218, 0xda}, {&(0x7f0000000840)=""/176, 0xb0}, {&(0x7f0000000900)=""/134, 0x86}], &(0x7f0000000a00)=[0x6, 0x3, 0x1, 0x6]}, {0xa, 0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000a40)=""/64, 0x40}, {&(0x7f0000000a80)=""/234, 0xea}, {&(0x7f0000000b80)=""/220, 0xdc}, {&(0x7f0000000c80)=""/203, 0xcb}, {&(0x7f0000000d80)=""/178, 0xb2}, {&(0x7f0000000e40)=""/226, 0xe2}, {&(0x7f0000000f40)=""/92, 0x5c}, {&(0x7f0000000fc0)=""/222, 0xde}, {&(0x7f00000010c0)=""/46, 0x2e}, {&(0x7f0000001100)=""/178, 0xb2}], &(0x7f0000001280)=[0x800, 0x9, 0x1ff, 0x3, 0x7, 0x101]}, {0x5, 0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000012c0)=""/89, 0x59}, {&(0x7f0000001340)=""/100, 0x64}, {&(0x7f00000013c0)=""/42, 0x2a}, {&(0x7f0000001400)=""/218, 0xda}, {&(0x7f0000001500)=""/46, 0x2e}], &(0x7f00000015c0)=[0x3, 0xfffffffeffffffff, 0x7a2, 0x5, 0x45b]}], 0x6) (async)
socket(0x1a, 0x80000, 0x5) (async)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
[ 3418.244522][T26781] EXT4-fs (loop3): 1 truncate cleaned up
[ 3418.250232][T26781] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3418.270882][T26781] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:05 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExLXckeVKpRLCyejtXcT49ghD6cu7O8nrTLjHWfm8+zYszN2AKVVjYihiLgjIq7k6aS9QLX558by4tSfy4tTSdTrb/6RNMpdX16cKooWz9ubZ0bSiPTTpO0fNs1fuHhmslabOZ/nxxbOvjc2f+HiM7NnJ0/PnJ45N3HixPFj488/N/FsT+LM4rp+6MO5wwdfffvy61MnL7/z0zdJHne0xdEr1ah2Cr3h8V5X1mf7WtLJQB8bwqZUIiLrrsHG+B+KSqx23lC88klfGwfsqHq9Xt/d/fRSHfgfS6LfLQD6o/igz+5/i+MmTT1uCddebN4AZXHfyI/mmYFI8zKDbfe3vVSNiJNLf32ZHbFD6xAAAK2+y+Y/T3ea/6Vxb0u5O/M9lOGIuCsi9kfE3RFxICLuiWiUvS8i7t9k/dW2/Nr5T3p1S4FtUDb/eyHf2/rn/K+Y/cVwJc/ta8Q/mJyarc0czV+TkRjcneXH16nj+5d//bzbudb5X3Zk9RdzwbwdVwfaFuimJxcmtxNzq2sfRxwa6BR/srITcCUiDkbEoS3WMfvk14e7nfv3+NfRg32m+lcRTzT7fyna4i8k6+9Pjt0WtZmjY8VVsdbPv1x6o1v924q/B7L+39Px+l+Jfzhp3a+d33wdl377rOs9zVav/13JW430rvyxDyYXFs6PR+xKXlv7+MTqc4t8UT6Lf+RI5/G/P1ZfiQciIruIH4yIhyLi4bztj0TEoxFxZJ34f3zpsXe3Hv/OyuKf3lT/bz5ROfPDt93q31j/H2+kRvJHNvL+t9EGbue1AwAAgP+KtPEd+CQdXUmn6eho8zv8B2JPWpubX3jq1Nz756ab35UfjsG0WOkaalkPHc/Xhov8RFv+WL5u/EXl9kZ+dGquNt3v4KHk9nYZ/5nfK/1uHbDj/F4Lysv4h/Iy/qG8jH8oL+MfyqvT+P+oD+0Abj6f/1Bexj+Ul/EP5WX8Qylt53f9EmVORHpLNENihxL9fmcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojb8DAAD//25551A=")
19:07:05 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbE2qqNVaNVDP5ImrRqD14UBQ8Kgh7qMSZpid020kSwJWgUqUcpeBePgn+Bp3oR9SR41bsUiuTS6mlldmeS7WY35semW53PBwbe23nJe99983bfvDcbQGkNR8RARNwVEb/l6aTp/JWDjUJZuRvLi1N/LS9OJVGrvfVnUi93fXlxqihb/N3ePDOSRqSfJTf/w9z8hYtnJqvVmfN5fmzh7Ptj8xcuPjt7dvL0zOmZcxMnThw/Nv7C8xPPdSXOLK7rQx/NHT702juX35g6efndn75N8rijJY5uGY7hdqHXPdHtynpsX1M66ethQ9iUSkRk3dVfH/8DUYnVzhuIVz/taeOAHVWr1Wq7O59eqgH/Y0n0ugVAbxRf9Nn9b3HcoqnHbeHaS40boCzuG/nRONMXx/My/S33t900HBEnl/7+Kjtih9YhAACaXcnmP8+0m/+lcV9TubvzPZTBiLgnIvZHxL0RcSAiDkbUy94fEQ9ssv7hlvza+U96dUuBbVA2/3sx39u6ef6XFkUGK3luXz3+/uTUbHXmaP6ejET/7iw/vk4d37/y6xedzjXP/7Ijq7+YC+btuNrXskA3PbkwuZ2Ym137JGKor138ycpOQBIRhyJiaIt1zD71zeFO5/49/nV0YZ+p9nXEk43+X4qW+AvJ+vuTY3dEdeboWHFVrPXzL5fe7FT/tuLvgqz/97S9/lfiH0ya92vnN1/Hpd8/73hPs9Xrf1fydj29K3/tw8mFhfPjEbuS19e+PrH6t0W+KJ/FP3Kk/fjfH6vvxIMRkV3ED0XEwxHxSN72RyPisYg4sk78P778+Htbj39nZfFPb6r/N5+onPnhu071b6z/G3fiI/krG/n822gDt/PeAQAAwH9FWn8GPklHV9JpOjraeIb/QOxJq3PzC0+fmvvg3HTjWfnB6E+Lla6BpvXQ8XxtuMhPtOSP5evGX1burOdHp+aq070OHkpub4fxn/mj0uvWATvO77WgvIx/KC/jH8rL+IfyMv6hvNqN/4970A7g1vP9D+Vl/EN5Gf9QXsY/lNJ2ftcvUeZEpLdFMyR2KNHrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+CcAAP//5zTnXA==")
[ 3418.362394][T26822] loop3: detected capacity change from 0 to 512
[ 3418.370868][T26822] EXT4-fs: Ignoring removed nobh option
[ 3418.376633][T26822] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3418.383276][T26822] EXT4-fs: Ignoring removed nobh option
[ 3418.393522][T26822] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3418.394572][T26831] loop1: detected capacity change from 0 to 512
[ 3418.407949][T26822] EXT4-fs (loop3): 1 truncate cleaned up
[ 3418.419674][T26822] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3418.422114][T26831] EXT4-fs: Ignoring removed nobh option
[ 3418.437455][T26831] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3418.443249][T26822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3418.443916][T26831] EXT4-fs: Ignoring removed nobh option
19:07:05 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00'}, 0x1c) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x7, 0x4, 0x5e07d5c2, 0x224, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x4, 0xd}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYRESDEC, @ANYRES8, @ANYRES8=r2], &(0x7f00000002c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x24}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f6000000caaef775199bf6428d8b54e3e82cff4f73d40b822e017d63c86aa25dc100e18d6a93e1a52357faeb75d4c3e1aafc292954bc8ce90e6374f01c170de80004c2a3711feb2fe7d658d009cb7f5db338d6208ff72d7a5bdb5d73cb9114eef11c6a2cfd438ea46b3d36f70d6100bad9c8d8a55c4090ed1c3e6d4e2c4e3fc4975ec27ac9724e5ff42dae90c3e9376c22b7884cc2d8759592abcb79f17ff94db9cb52288393cef9db265fdba8d186439021c2194c9fbe5961c1274a36d195f12cbb59079f488777aa97b429739f5c8ecb4129934e2eb199aa8e97db35432f671dc2f1d4f701679903c60eeb1f887e3dd3e70c860d9ea0a6e027e53f3a8cf638aa60173e3096586d1835f380656274e6978293243d18244633f50ea81f1b104462f3be6981d5b1f25ea57e7df6877412e5642c1f462e4681e3629908c18b041935059ac79d2640dd335c81b817ea62bcfe706f7e062ed453c5e473dfe44d2f0c4fe1f7638757d5b8d153724284c68462101eb7f349dcaf7d75ec986b9d9df8c6", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c70001006f010000000000000000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:05 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
syz_io_uring_setup(0x236f, &(0x7f0000000540)={0x0, 0xa29e, 0x4}, &(0x7f00002eb000/0x2000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r3 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000de000/0x2000)=nil, 0x2000, 0x100000c, 0x810, r0, 0x10000000)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r6, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r6, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e21, @rand_addr=0x64010101}}}, &(0x7f0000000440)=0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000480)={r7, 0x675, 0x1}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040), 0x0)
setsockopt(r5, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r5, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x7, 0x2007, @fd=r5, 0x9, &(0x7f0000000080)="2216bfe91e311ecf45d50065d8a5f97fcba4c3853f631908cabb17d35ff6", 0x1e, 0x20}, 0x5)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3418.468467][T26831] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3418.489413][T26831] EXT4-fs (loop1): 1 truncate cleaned up
[ 3418.495094][T26831] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3418.527552][T26831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:06 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 12)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:06 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvNsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT/XV5dn/lhdnkmiXn/996RR7trq8kxRtHjevjwzlkakHydt/7Bp8cLFM9O12tz5PD+xdPadicULF5+aPzt9eu703LmpEyeOH5t89pmpp3sSZxbXtdH3Fw4fevnNy6/OnLz81g9fJXnc0RZHr1Sj2in0hkd7XVmf7W9JJwN9bAhbUomIrLsGG+N/OCqx1nnD8dJHfW0csKvq9Xp9T/fTK3XgPyyJfrcA6I/igz67/y2OmzT1uCVcfb55A5TFfT0/mmcGIs3LDLbd3/ZSNSJOrvz5eXbELq1DAAC0+iab/zzZaf6Xxt0t5W7P91BGIuKOiDgQEXdGxMGIuCuiUfaeiLh3i/VX2/Lr5z/plW0FtknZ/O+5fG/r7/O/YvYXI5U8t78R/2Byar42dzR/TcZicE+Wn9ygjm9f/PnTbuda53/ZkdVfzAXzdlwZaFugm51emt5JzK2ufhgxOtAp/mRtJyCJOBQRo9usY/7xLw93O/fP8W+gB/tM9S8iHmv2/0q0xV9INt6fnPhf1OaOThRXxXo//nTptW717yj+Hsj6f2/H6/9G/CNJ637t4tbruPTrJ13vabZ7/Q8lbzTSQ/lj700vLZ2fjBhKXln/+NTac4t8UT6Lf+xI5/F/INZeifsiIruI74+IByLiwbztD0XEwxFxZIP4v3/hkbe3H//uyuKf3VL/bz1ROfPd193q31z/H2+kxvJHNvP+t9kG7uS1AwAAgH+LtPEd+CQdv5FO0/Hx5nf4D8betLawuPTEqYV3z802vys/EoNpsdI13LIeOpmvDRf5qbb8sXzd+LPK/xv58ZmF2my/g4eS29dl/Gd+q/S7dcCu83stKC/jH8rL+IfyMv6hvIx/KK9O4/+DPrQDuPl8/kN5Gf9QXsY/lJfxD6W0k9/1S5Q5Eekt0QyJXUr0+50JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgN/4KAAD//7uF5nU=")
19:07:06 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lzgXsbhbJy11eWpv9aWZpOolZ788+kXu7aytJ0UbT4u315ZjSNSD9NWv5hw8KFi2emqtXZ83l+fPHse+MLFy4+M3d26vTs6dlzkydOHD828fxzk892Jc4srmvDH84fPvTq25dfnz55+Z2fvknyuKMljm4ZiZF2odc93u3Kemx/Uzrp62FD2JJKRGTd1V8f/4NRibXOG4xXPulp44BdVavVans6n16uAbewJHrdAqA3ii/67P63OG7Q1OOmcPXFxg1QFvf1/Gic6YvjeZn+lvvbbhqJiJPLf3+ZHbFL6xAAAM2+y+Y/T7eb/6X1rZ/CnfkeylBE3BURByLi7og4GBH35NtE90XE/Vusf6Qlv37+k17ZVmCblM3/Xsj3tv49/0uLIkOVPLe/Hn9/cmquOns0f09Go39Plp/YoI7vX/71807nmud/2ZHVX8wF83Zc6WtZoJuZWpzaSczNrn4cMdzXLv5kdScgiYhDETG8zTrmnvz6cKdz/x3/Brqwz1T7KuKJRv8vR0v8hWTj/cnx26I6e3S8uCrW+/mXS290qn9H8XdB1v97217/q/EPJc37tQtbr+PS7591vKfZ7vU/kLxVTw/kr30wtbh4fiJiIHlt/euTa39b5IvyWfyjR9qP/wOx9k48EBHZRfxgRDwUEQ/nbX8kIh6NiCMbxP/jS4+9u/34d1cW/8yW+n/ricqZH77tVP/m+r9xJz6av7KZz7/NNnAn7x0AAAD8X6T1Z+CTdGw1naZjY41n+A/G3rQ6v7D41Kn598/NNJ6VH4r+tFjpGmxaD53I14aL/GRL/li+bvxF5fZ6fmx6vjrT6+Ch5PZ1GP+ZPyq9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr3fj/qAftAG483/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6UzRDYpcSvf5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AgAA///OfOad")
19:07:06 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x7, 0x4, 0x5e07d5c2, 0x224, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x4, 0xd}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYRESDEC, @ANYRES8, @ANYRES8=r2], &(0x7f00000002c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x24}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f6000000caaef775199bf6428d8b54e3e82cff4f73d40b822e017d63c86aa25dc100e18d6a93e1a52357faeb75d4c3e1aafc292954bc8ce90e6374f01c170de80004c2a3711feb2fe7d658d009cb7f5db338d6208ff72d7a5bdb5d73cb9114eef11c6a2cfd438ea46b3d36f70d6100bad9c8d8a55c4090ed1c3e6d4e2c4e3fc4975ec27ac9724e5ff42dae90c3e9376c22b7884cc2d8759592abcb79f17ff94db9cb52288393cef9db265fdba8d186439021c2194c9fbe5961c1274a36d195f12cbb59079f488777aa97b429739f5c8ecb4129934e2eb199aa8e97db35432f671dc2f1d4f701679903c60eeb1f887e3dd3e70c860d9ea0a6e027e53f3a8cf638aa60173e3096586d1835f380656274e6978293243d18244633f50ea81f1b104462f3be6981d5b1f25ea57e7df6877412e5642c1f462e4681e3629908c18b041935059ac79d2640dd335c81b817ea62bcfe706f7e062ed453c5e473dfe44d2f0c4fe1f7638757d5b8d153724284c68462101eb7f349dcaf7d75ec986b9d9df8c6", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c70001006f010000000000000000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3418.636148][T26862] loop1: detected capacity change from 0 to 512
[ 3418.638296][T26864] loop3: detected capacity change from 0 to 512
[ 3418.650983][T26862] EXT4-fs: Ignoring removed nobh option
[ 3418.654081][T26864] EXT4-fs: Ignoring removed nobh option
[ 3418.656629][T26862] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3418.662143][T26864] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3418.668559][T26862] EXT4-fs: Ignoring removed nobh option
[ 3418.674995][T26864] EXT4-fs: Ignoring removed nobh option
[ 3418.687179][T26866] FAULT_INJECTION: forcing a failure.
[ 3418.687179][T26866] name failslab, interval 1, probability 0, space 0, times 0
[ 3418.699906][T26866] CPU: 0 PID: 26866 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3418.710337][T26866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3418.713413][T26864] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3418.720424][T26866] Call Trace:
[ 3418.720433][T26866]
[ 3418.720440][T26866] dump_stack_lvl+0xda/0x130
[ 3418.720463][T26866] dump_stack+0x15/0x20
[ 3418.720479][T26866] should_fail_ex+0x21f/0x230
[ 3418.745068][T26864] EXT4-fs (loop3): 1 truncate cleaned up
[ 3418.745209][T26866] __should_failslab+0x92/0xa0
[ 3418.749443][T26864] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3418.754009][T26866] should_failslab+0x9/0x20
[ 3418.761298][T26864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3418.764352][T26866] slab_pre_alloc_hook+0x38/0x180
[ 3418.764373][T26866] __kmem_cache_alloc_node+0x46/0x250
[ 3418.764389][T26866] ? io_drain_req+0x1e1/0x4f0
[ 3418.764411][T26866] kmalloc_trace+0x2a/0xa0
[ 3418.764435][T26866] io_drain_req+0x1e1/0x4f0
[ 3418.814191][T26866] io_queue_sqe_fallback+0xd1/0xe0
[ 3418.819387][T26866] io_submit_sqes+0xbf8/0xfe0
[ 3418.824152][T26866] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3418.829700][T26866] ? __fget_files+0x1c4/0x200
[ 3418.834432][T26866] ? mutex_lock+0xd/0x30
[ 3418.838716][T26866] ? fput+0x112/0x140
[ 3418.842778][T26866] ? ksys_write+0x178/0x1a0
[ 3418.847303][T26866] __x64_sys_io_uring_enter+0x78/0x90
[ 3418.852815][T26866] do_syscall_64+0x41/0xc0
[ 3418.857311][T26866] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3418.863294][T26866] RIP: 0033:0x7fbf4da9f169
[ 3418.867759][T26866] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3418.887362][T26866] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3418.895767][T26866] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3418.903752][T26866] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3418.911721][T26866] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3418.919735][T26866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3418.927711][T26866] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3418.935687][T26866]
19:07:06 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x200, @rand_addr=' \x01\x00'}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62b55284f83399f7ca948439f067000fddbdf257a0100", @ANYRES32=0x0, @ANYBLOB="0df6940099003b920000060000001c0000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6004000000000000000002020000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3418.945473][T26862] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3418.977695][T26862] EXT4-fs (loop1): 1 truncate cleaned up
[ 3418.983578][T26862] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
19:07:06 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvNsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT/XV5dn/lhdnkmiXn/996RR7trq8kxRtHjevjwzlkakHydt/7Bp8cLFM9O12tz5PD+xdPadicULF5+aPzt9eu703LmpEyeOH5t89pmpp3sSZxbXtdH3Fw4fevnNy6/OnLz81g9fJXnc0RZHr1Sj2in0hkd7XVmf7W9JJwN9bAhbUomIrLsGG+N/OCqx1nnD8dJHfW0csKvq9Xp9T/fTK3XgPyyJfrcA6I/igz67/y2OmzT1uCVcfb55A5TFfT0/mmcGIs3LDLbd3/ZSNSJOrvz5eXbELq1DAAC0+iab/zzZaf6Xxt0t5W7P91BGIuKOiDgQEXdGxMGIuCuiUfaeiLh3i/VX2/Lr5z/plW0FtknZ/O+5fG/r7/O/YvYXI5U8t78R/2Byar42dzR/TcZicE+Wn9ygjm9f/PnTbuda53/ZkdVfzAXzdlwZaFugm51emt5JzK2ufhgxOtAp/mRtJyCNOBQRo9usY/7xLw93O/fP8W+gB/tM9S8iHmv2/0q0xV9INt6fnPhf1OaOThRXxXo//nTptW717yj+Hsj6f2/H6/9G/CNJ637t4tbruPTrJ13vabZ7/Q8lbzTSQ/lj700vLZ2fjBhKXln/+NTac4t8UT6Lf+xI5/F/INZeifsiIruI74+IByLiwbztD0XEwxFxZIP4v3/hkbe3H//uyuKf3VL/bz1ROfPd193q31z/H2+kxvJHNvP+t9kG7uS1AwAAgH+LtPEd+CQdv5FO0/Hx5nf4D8betLawuPTEqYV3z802vys/EoNpsdI13LIeOpmvDRf5qbb8sXzd+LPK/xv58ZmF2my/g4eS29dl/Gd+q/S7dcCu83stKC/jH8rL+IfyMv6hvIx/KK9O4/+DPrQDuPl8/kN5Gf9QXsY/lJfxD6W0k9/1S5Q5Eekt0QyJXUr0+50JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgN/4KAAD//5uc5nY=")
[ 3419.022689][T26862] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.057010][T26892] loop3: detected capacity change from 0 to 512
[ 3419.063709][T26892] EXT4-fs: Ignoring removed nobh option
19:07:06 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
io_setup(0x40, &(0x7f0000000980)=0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff})
io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
shutdown(r2, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:06 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWquNVaNVDP5ImrRqDx5UFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k281uzI9NtzqfDwy8t/OS97775u2+eW82gNIajoiBiLgjIn7L00nT+RcONgpl5a4vL079tbw4lUSt9uafSb3cteXFqaJs8Xd788xIGpF+mtz4D3PzFy6emaxWZ87n+bGFs++NzV+4+PTs2cnTM6dnzk2cOHH82Phzz04805U4s7iuDX04d/jQq29ffn3q5OV3fvomyeOOlji6ZTiG24Ve91i3K+uxfU3ppK+HDWFTKhGRdVd/ffwPRCVWO28gXvmkp40DdlStVqvt7nx6qQb8jyXR6xYAvVF80Wf3v8Vxk6Yet4SrLzZugLK4r+dH40xfHM/L9Lfc33bTcEScXPr7y+yIHVqHAABo9l02/3mq3fwvjYNN5e7M91AGI+KuiNgfEXdHxIGIuCeiXvbeiLhvk/UPt+TXzn/SK1sKbIOy+d/z+d7WjfO/tCgyWMlz++rx9yenZqszR/P3ZCT6d2f58XXq+P7lXz/vdK55/pcdWf3FXDBvx5W+lgW66cmFye3E3OzqxxFDfe3iT1Z2ApKIOBQRQ1usY/aJrw93Ovfv8a+jC/tMta8iHm/0/1K0xF9I1t+fHLstqjNHx4qrYq2ff7n0Rqf6txV/F2T9v6ft9b8S/2DSvF87v/k6Lv3+Wcd7mq1e/7uSt+rpXflrH0wuLJwfj9iVvLb29YnVvy3yRfks/pEj7cf//lh9J+6PiOwifiAiHoyIh/K2PxwRj0TEkXXi//GlR9/devw7K4t/elP9v/lE5cwP33aqf2P937gTH8lf2cjn30YbuJ33DgAAAP4r0voz8Ek6upJO09HRxjP8B2JPWp2bX3jy1Nz756Ybz8oPRn9arHQNNK2Hjudrw0V+oiV/LF83/qJyez0/OjVXne518FByezuM/8wflV63Dthxfq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/Ug3YAN5/vfygv4x/Ky/iH8jL+oZS287t+iTInIr0lmiGxQ4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//9Vt5t0=")
[ 3419.063757][T26892] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3419.063770][T26892] EXT4-fs: Ignoring removed nobh option
[ 3419.081906][T26892] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3419.082149][T26892] EXT4-fs (loop3): 1 truncate cleaned up
[ 3419.082190][T26892] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3419.082976][T26892] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.137369][T26901] loop1: detected capacity change from 0 to 512
[ 3419.169534][T26901] EXT4-fs: Ignoring removed nobh option
[ 3419.175216][T26901] EXT4-fs: Ignoring removed mblk_io_submit option
19:07:06 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvNsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT/XV5dn/lhdnkmiXn/996RR7trq8kxRtHjevjwzlkakHydt/7Bp8cLFM9O12tz5PD+xdPadicULF5+aPzt9eu703LmpEyeOH5t89pmpp3sSZxbXtdH3Fw4fevnNy6/OnLz81g9fJXnc0RZHr1Sj2in0hkd7XVmf7W9JJwN9bAhbUomIrLsGG+N/OCqx1nnD8dJHfW0csKvq9Xp9T/fTK3XgPyyJfrcA6I/igz67/y2OmzT1uCVcfb55A5TFfT0/mmcGIs3LDLbd3/ZSNSJOrvz5eXbELq1DAAC0+iab/zzZaf6Xxt0t5W7P91BGIuKOiDgQEXdGxMGIuCuiUfaeiLh3i/VX2/Lr5z/plW0FtknZ/O+5fG/r7/O/YvYXI5U8t78R/2Byar42dzR/TcZicE+Wn9ygjm9f/PnTbuda53/ZkdVfzAXzdlwZaFugm51emt5JzK2ufhgxOtAp/mRtJ2Ag4lBEjG6zjvnHvzzc7dw/x7+BHuwz1b+IeKzZ/yvRFn8h2Xh/cuJ/UZs7OlFcFev9+NOl17rVv6P4eyDr/70dr/8b8Y8krfu1i1uv49Kvn3S9p9nu9T+UvNFID+WPvTe9tHR+MmIoeWX941Nrzy3yRfks/rEjncf/gVh7Je6LiOwivj8iHoiIB/O2PxQRD0fEkQ3i//6FR97efvy7K4t/dkv9v/VE5cx3X3erf3P9f7yRGssf2cz732YbuJPXDgAAAP4t0sZ34JN0/EY6TcfHm9/hPxh709rC4tITpxbePTfb/K78SAymxUrXcMt66GS+Nlzkp9ryx/J1488q/2/kx2cWarP9Dh5Kbl+X8Z/5rdLv1gG7zu+1oLyMfygv4x/Ky/iH8jL+obw6jf8P+tAO4Obz+Q/lZfxDeRn/UF7GP5TSTn7XL1HmRKS3RDMkdinR73cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3vgrAAD//1vK5ng=")
[ 3419.181699][T26901] EXT4-fs: Ignoring removed nobh option
[ 3419.191809][T26901] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3419.206558][T26901] EXT4-fs (loop1): 1 truncate cleaned up
[ 3419.212298][T26901] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3419.221836][T26912] loop3: detected capacity change from 0 to 512
[ 3419.226342][T26901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.231560][T26912] EXT4-fs: Ignoring removed nobh option
[ 3419.245258][T26912] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3419.251764][T26912] EXT4-fs: Ignoring removed nobh option
[ 3419.259572][T26912] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3419.273999][T26912] EXT4-fs (loop3): 1 truncate cleaned up
19:07:06 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZRCQ4FAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E9exQz6curC/n7TSjHeSmcezY8/OrAMorZGIGIyIOyLi1zydNJ1fPtQolJW7sbI0/efK0nQStdobfyT1ctdXlqaLssXf7cszo2lE+kly8z/MLVy8dHaqWp29kOfHF8+9O75w8dLTc+emzsyemT0/efLkieMTzz07+UxX4sziuj78wfyRw6+8deW16VNX3v7x6ySPO1ri6JaRGGkXet1j3a6sx/Y3pZO+HjaELalERNZd/fXxPxiVWOu8wXj54542DthVtVqttqfz6eUa8B+WRK9bAPRG8UWf3f8Wxy2aetwWrr3QuAHK4r6RH40zfXEiL9Pfcn/bTSMRcWr5ry+yI3ZpHQIAoNm32fznqXbzvzQONZW7M99DGYqIuyLiQETcHREHI+KeiHrZeyPivi3WP9KSXz//Sa9uK7BNyuZ/z+d7WzfP/9KiyFAlz+2vx9+fnJ6rzh7L35PR6N+T5Sc2qOO7l375rNO55vlfdmT1F3PBvB1X+1oW6GamFqd2EnOzax9FDPe1iz9Z3QlIIuJwRAxvs465J7460uncP8e/gS7sM9W+jHi80f/L0RJ/Idl4f3L8f1GdPTZeXBXr/fTz5dc71b+j+Lsg6/+9ba//1fiHkub92oWt13H5t0873tNs9/ofSN6spwfy196fWly8MBExkLy6/vXJtb8t8kX5LP7Ro+3H/4FYeyfuj4jsIn4gIh6MiIfytj8cEY9ExNEN4v/hxUff2X78uyuLf2ZL/b/1ROXs9990qn9z/d+4Ex/NX9nM599mG7iT9w4AAAD+LdL6M/BJOraaTtOxscYz/Adjb1qdX1h88vT8e+dnGs/KD0V/Wqx0DTath07ka8NFfrIlfzxfN/688v96fmx6vjrT6+Ch5PZ1GP+Z3yu9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr3fj/sAftAG493/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6WzRDYpcSvf5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I6/AwAA///cXucd")
[ 3419.279800][T26912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3419.294636][T26912] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.307485][T26915] loop1: detected capacity change from 0 to 512
[ 3419.314012][T26915] EXT4-fs: Ignoring removed nobh option
[ 3419.319609][T26915] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3419.326033][T26915] EXT4-fs: Ignoring removed nobh option
19:07:06 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
syz_io_uring_setup(0x236f, &(0x7f0000000540)={0x0, 0xa29e, 0x4}, &(0x7f00002eb000/0x2000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r3 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000de000/0x2000)=nil, 0x2000, 0x100000c, 0x810, r0, 0x10000000)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r6, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r6, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e21, @rand_addr=0x64010101}}}, &(0x7f0000000440)=0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000480)={r7, 0x675, 0x1}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040), 0x0)
setsockopt(r5, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r5, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x7, 0x2007, @fd=r5, 0x9, &(0x7f0000000080)="2216bfe91e311ecf45d50065d8a5f97fcba4c3853f631908cabb17d35ff6", 0x1e, 0x20}, 0x5) (async)
syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x7, 0x2007, @fd=r5, 0x9, &(0x7f0000000080)="2216bfe91e311ecf45d50065d8a5f97fcba4c3853f631908cabb17d35ff6", 0x1e, 0x20}, 0x5)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:06 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiLitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHje/jwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9ZH3548cfvnNK69On7ry1g9fJXnc0RZHr1Sj2in0hkd7XVmfHWhJJwN9bAhbUomIrLsGG+N/KCqx1nlD8dJHfW0csKvq9Xp9b/fTy3XgPyyJfrcA6I/igz67/y2OmzT1uCVce755A5TFfSM/mmcGIs3LDLbd3/ZSNSJOLf/5eXbELq1DAAC0+iab/zzZaf6Xxt0t5W7P91CGI+KOiDgYEXdGxKGIuCuiUfaeiLh3i/VX2/Lr5z/p1W0FtknZ/O+5fG/r7/O/YvYXw5U8d6AR/2Byeq42eyx/TUZjcG+Wn9igjm9f/PnTbuda53/ZkdVfzAXzdlwdaFugm5lanNpJzK2ufRgxMtAp/mR1JyAdiDgcESPbrGPu8S+PdDv3z/FvoAf7TPUvIh5r9v9ytMVfSDbenxz/X9Rmj40XV8V6P/50+bVu9e8o/h7I+n9fx+t/Nf7hpHW/dmHrdVz+9ZOu9zTbvf73JG800nvyx96bWly8MBGxJ3ll/eOTa88t8kX5LP7Ro53H/8FYeyXui4jsIr4/Ih6IiAfztj8UEQ9HxNEN4v/+hUfe3n78uyuLf2ZL/b/1ROXsd193q39z/X+ikRrNH9nM+99mG7iT1w4AAAD+LdLGd+CTdGw1naZjY83v8B+KfWltfmHxidPz756faX5XfjgG02Kla6hlPXQiXxsu8pNt+eP5uvFnlf838mPT87WZfgcPJbe/y/jP/Fbpd+uAXef3WlBexj+Ul/EP5WX8Q3kZ/1Bencb/B31oB3Dz+fyH8jL+obyMfygv4x9KaSe/65cocyLSW6IZEruU6Pc7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FQAA//8b+uZ6")
[ 3419.335058][T26915] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3419.351801][T26915] EXT4-fs (loop1): 1 truncate cleaned up
[ 3419.357501][T26915] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3419.371358][T26915] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.401800][T26921] loop3: detected capacity change from 0 to 512
[ 3419.408623][T26921] EXT4-fs: Ignoring removed nobh option
[ 3419.414199][T26921] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3419.420736][T26921] EXT4-fs: Ignoring removed nobh option
[ 3419.428480][T26921] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3419.444275][T26921] EXT4-fs (loop3): 1 truncate cleaned up
19:07:06 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 13)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:06 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWquNVaNVDP5ImrRqD14UBQ8Kgh7qMSZpid020kSwJWgUqUcpeBePgn+Bp3oR9SR41bsUiuTS6mlldmeS7WY35semW53PBwbe23nJe99983bfvDcbQGkNR8RARNwVEb/l6aTp/JWDjUJZuRvLi1N/LS9OJVGrvfVnUi93fXlxqihb/N3ePDOSRqSfJTf/w9z8hYtnJqvVmfN5fmzh7Ptj8xcuPjt7dvL0zOmZcxMnThw/Nv7C8xPPdSXOLK7rQx/NHT702juX35g6efndn75N8rijJY5uGY7hdqHXPdHtynpsX1M66ethQ9iUSkRk3dVfH/8DUYnVzhuIVz/taeOAHVWr1Wq7O59eqgH/Y0n0ugVAbxRf9Nn9b3HcoqnHbeHaS40boCzuG/nRONMXx/My/S33t900HBEnl/7+Kjtih9YhAACaXcnmP8+0m/+lcbCp3N35HspgRNwTEfsj4t6IOBAR90XUy94fEQ9ssv7hlvza+U96dUuBbVA2/3sx39u6ef6XFkUGK3luXz3+/uTUbHXmaP6ejET/7iw/vk4d37/y6xedzjXP/7Ijq7+YC+btuNrXskA3PbkwuZ2Ym137JGKor138ycpOQBIRhyJiaIt1zD71zeFO5/49/nV0YZ+p9nXEk43+X4qW+AvJ+vuTY3dEdeboWHFVrPXzL5fe7FT/tuLvgqz/97S9/lfiH0ya92vnN1/Hpd8/73hPs9Xrf1fydj29K3/tw8mFhfPjEbuS19e+PrH6t0W+KJ/FP3Kk/fjfH6vvxIMRkV3ED0XEwxHxSN72RyPisYg4sk78P778+Htbj39nZfFPb6r/N5+onPnhu071b6z/G3fiI/krG/n822gDt/PeAQAAwH9FWn8GPklHV9JpOjraeIb/QOxJq3PzC0+fmvvg3HTjWfnB6E+Lla6BpvXQ8XxtuMhPtOSP5evGX1burOdHp+aq070OHkpub4fxn/mj0uvWATvO77WgvIx/KC/jH8rL+IfyMv6hvNqN/4970A7g1vP9D+Vl/EN5Gf9QXsY/lNJ2ftcvUeZEpLdFMyR2KNHrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+CcAAP//40/nXQ==")
[ 3419.450081][T26921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3419.467543][T26921] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.504444][T26925] loop1: detected capacity change from 0 to 512
[ 3419.506562][T26929] FAULT_INJECTION: forcing a failure.
[ 3419.506562][T26929] name failslab, interval 1, probability 0, space 0, times 0
[ 3419.523422][T26929] CPU: 1 PID: 26929 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3419.525035][T26925] EXT4-fs: Ignoring removed nobh option
[ 3419.533838][T26929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3419.533853][T26929] Call Trace:
[ 3419.533859][T26929]
[ 3419.533865][T26929] dump_stack_lvl+0xda/0x130
[ 3419.533890][T26929] dump_stack+0x15/0x20
[ 3419.539454][T26925] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3419.549457][T26929] should_fail_ex+0x21f/0x230
[ 3419.549484][T26929] __should_failslab+0x92/0xa0
[ 3419.552754][T26925] EXT4-fs: Ignoring removed nobh option
[ 3419.555654][T26929] should_failslab+0x9/0x20
[ 3419.563477][T26925] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3419.564348][T26929] slab_pre_alloc_hook+0x38/0x180
[ 3419.571024][T26925] EXT4-fs (loop1): 1 truncate cleaned up
[ 3419.575482][T26929] __kmem_cache_alloc_node+0x46/0x250
[ 3419.580323][T26925] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3419.585767][T26929] ? io_drain_req+0x1e1/0x4f0
[ 3419.592919][T26925] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.604238][T26929] kmalloc_trace+0x2a/0xa0
[ 3419.604272][T26929] io_drain_req+0x1e1/0x4f0
19:07:07 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
syz_io_uring_setup(0x236f, &(0x7f0000000540)={0x0, 0xa29e, 0x4}, &(0x7f00002eb000/0x2000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r3 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0) (async)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000de000/0x2000)=nil, 0x2000, 0x100000c, 0x810, r0, 0x10000000) (async)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r6, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async)
sendto$inet6(r6, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e21, @rand_addr=0x64010101}}}, &(0x7f0000000440)=0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000480)={r7, 0x675, 0x1}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040), 0x0)
setsockopt(r5, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async)
sendto$inet6(r5, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x7, 0x2007, @fd=r5, 0x9, &(0x7f0000000080)="2216bfe91e311ecf45d50065d8a5f97fcba4c3853f631908cabb17d35ff6", 0x1e, 0x20}, 0x5)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:07 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3419.655307][T26929] io_queue_sqe_fallback+0xd1/0xe0
[ 3419.660434][T26929] io_submit_sqes+0xbf8/0xfe0
[ 3419.665195][T26929] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3419.670845][T26929] ? __fget_files+0x1c4/0x200
[ 3419.675550][T26929] ? mutex_lock+0xd/0x30
[ 3419.679820][T26929] ? fput+0x112/0x140
[ 3419.683916][T26929] ? ksys_write+0x178/0x1a0
[ 3419.688437][T26929] __x64_sys_io_uring_enter+0x78/0x90
[ 3419.693874][T26929] do_syscall_64+0x41/0xc0
[ 3419.698369][T26929] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3419.704428][T26929] RIP: 0033:0x7fbf4da9f169
[ 3419.708852][T26929] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3419.728512][T26929] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3419.737252][T26929] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3419.745231][T26929] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3419.753372][T26929] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3419.761367][T26929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3419.769334][T26929] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3419.777450][T26929]
19:07:07 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0laSkfLQUMBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXRDkhcYU7qlShXFo4Ga29mxjHDvlw6sL+ftIqM95xZh7Pjj07YwdQWtWIGIqIOyLilzydtBeoNv/cXF6c+mN5cSqJev2N35NGuRvLi1NF0eJ5e/PMSBqRfpK0/cOm+YuXzk7WajMX8vzYwrl3x+YvXnp69tzkmZkzM+cnTp48cXz8uWcnnulJnFlcNw5/MHfk0CtvXXlt6tSVt69+neRxR1scvVKNaqfQGx7rdWV9tq8lnQz0sSFsSiUisu4abIz/oajEaucNxcsf97VxwI6q1+v13d1PL9WB/7Ak+t0CoD+KD/rs/rc4btHU47Zw/YXmDVAW9838aJ4ZiDQvM9h2f9tL1Yg4tfTnF9kRO7QOAQDQ6tts/vNUp/lfGve0lLsz30MZjoj9EXEgIu6KiIMRcXdEo+y9EXHfJuuvtuXXzn/Sa1sKbIOy+d/z+d7W3+d/xewvhit5bl8j/sHk9Gxt5lj+mozE4O4sP75OHd+99PNn3c61zv+yI6u/mAvm7bg20LZANz25MLmdmFtd/yji8ECn+JOVnYCr+yMORcThLdYx+8RXR7qd++f419GDfab6lxGPN/t/KdriLyTr70+O/S9qM8fGiqtirR9/uvx6t/q3FX8PZP2/p+P1vxL/cNK6Xzu/+Tou//pp13uarV7/u5I3G+ld+WPvTy4sXBiP2JW8uvbxidXnFvmifBb/yNHO4/9ArL4S90dEdhE/EBEPRsRDedsfjohHIuLoOvH/8OKj72w9/p2VxT+9qf7ffKJy9vtvutW/sf4/0UiN5I9s5P1vow3czmsHAAAA/xZp4zvwSTq6kk7T0dHmd/gPxp60Nje/8OTpuffOTze/Kz8cg2mx0jXUsh46nq8NF/mJtvzxfN3488r/G/nRqbnadL+Dh5Lb22X8Z36r9Lt1wI7zey0oL+Mfysv4h/Iy/qG8jH8or07j/8M+tAO49Xz+Q3kZ/1Bexj+Ul/EPpbSd3/VLlDkR6W3RDIkdSvT7nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/goAAP//rjjnTg==")
19:07:07 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWq2NVaNVDP5ImrRqD14UBQ8Kgh7qMSZpid020kSwJWgUqUcpeBePgn+BJ72IehK86l0KRXJp9bQyuzPJutmN+bHpVufzgYH3dl7y3nffvN03780GUFojETEYEXdExK95OmkucKhRKCt3Y2Vp+s+VpekkarU3/kjq5a6vLE0XRYu/25dnRtOI9JOk5R82LFy8dHaqWp29kOfHF8+9O75w8dLTc+emzsyemT0/efLkieMTzz07+UxX4sziuj78wfyRw6+8deW16VNX3v7x6ySPO1ri6JaRGGkXet1j3a6sx/Y3pZO+HjaELalERNZd/fXxPxiVWOu8wXj54542DthVtVqttqfz6eUa8D+WRK9bAPRG8UWf3f8Wx02aetwSrr3QuAHK4r6RH40zfXEiL9Pfcn/bTSMRcWr5ry+yI3ZpHQIAoNm32fznqXbzvzTubSp3Z76HMhQRd0XEgYi4OyIORsQ9EfWyhyLivi3WP9KSXz//Sa9uK7BNyuZ/z+d7W/+c/6VFkaFKnttfj78/OT1XnT2Wvyej0b8ny09sUMd3L/3yWadzzfO/7MjqL+aCeTuu9rUs0M1MLU7tJOZm1z6KGO5rF3+yuhOQRMThiBjeZh1zT3x1pNO5f49/A13YZ6p9GfF4o/+XoyX+QrLx/uT4bVGdPTZeXBXr/fTz5dc71b+j+Lsg6/+9ba//1fiHkub92oWt13H5t0873tNs9/ofSN6spwfy196fWly8MBExkLy6/vXJtb8t8kX5LP7Ro+3H/4FYeyfuj4jsIn4gIh6MiIfytj8cEY9ExNEN4v/hxUff2X78uyuLf2ZL/b/1ROXs9990qn9z/d+4Ex/NX9nM599mG7iT9w4AAAD+K9L6M/BJOraaTtOxscYz/Adjb1qdX1h88vT8e+dnGs/KD0V/Wqx0DTath07ka8NFfrIlfzxfN/68cns9PzY9X53pdfBQcvs6jP/M75Vetw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVbvx/2IN2ADef738oL+Mfysv4h/Iy/qGUdvK7fokyJyK9JZohsUuJXn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMffAQAA///Kl+ae")
[ 3419.865069][T26957] loop3: detected capacity change from 0 to 512
[ 3419.870220][T26958] loop1: detected capacity change from 0 to 512
[ 3419.871595][T26957] EXT4-fs: Ignoring removed nobh option
[ 3419.877791][T26958] EXT4-fs: Ignoring removed nobh option
[ 3419.883224][T26957] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3419.888746][T26958] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3419.895138][T26957] EXT4-fs: Ignoring removed nobh option
[ 3419.901562][T26958] EXT4-fs: Ignoring removed nobh option
[ 3419.912438][T26957] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3419.915272][T26958] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3419.927534][T26957] EXT4-fs (loop3): 1 truncate cleaned up
[ 3419.944315][T26958] EXT4-fs (loop1): 1 truncate cleaned up
[ 3419.946475][T26957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
19:07:07 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x200, @rand_addr=' \x01\x00'}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62b55284f83399f7ca948439f067000fddbdf257a0100", @ANYRES32=0x0, @ANYBLOB="0df6940099003b920000060000001c0000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6004000000000000000002020000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0) (async)
socket(0x10, 0x80002, 0x0)
19:07:07 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0laSkfLQUMBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJxAXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiLitoj4JU8n7QWqzT83lhen/lhenEqiXn/t96RR7vry4lRRtHje3jwzkkakHyVt/7Bp/uKls5O12syFPD+2cO7tsfmLl56cPTd5ZubMzPmJkydPHB9/5umJp3oSZxbX9cPvzR059NIbV16ZOnXlze+/TPK4oy2OXqlGtVPoDY/0urI+29eSTgb62BA2pRIRWXcNNsb/UFRitfOG4sUP+9o4YEfV6/X67u6nl+rAf1gS/W4B0B/FB312/1scN2nqcUu49lzzBiiL+0Z+NM8MRJqXGWy7v+2lakScWvrzs+yIHVqHAABo9XU2/3mi0/wvjbtayt2e76EMR8T+iDgQEXdExMGIuDOiUfbuiLhnk/VX2/Jr5z/p1S0FtkHZ/O/ZfG/r7/O/YvYXw5U8t68R/2ByerY2cyx/TUZicHeWH1+njm9e+PmTbuda53/ZkdVfzAXzdlwdaFugm55cmNxOzK2ufRBxeKBT/MnKTsBP+yMORcThLdYx+9gXR7qd++f419GDfab65xGPNvt/KdriLyTr70+O/S9qM8fGiqtirR9+vPxqt/q3FX8PZP2/p+P1vxL/cNK6Xzu/+Tou//px13uarV7/u5LXG+ld+WPvTi4sXBiP2JW8vPbxidXnFvmifBb/yNHO4/9ArL4S90ZEdhHfFxH3R8QDedsfjIiHIuLoOvF/9/zDb209/p2VxT+9qf7ffKJy9tuvutW/sf4/0UiN5I9s5P1vow3czmsHAAAA/xZp4zvwSTq6kk7T0dHmd/gPxp60Nje/8PjpuXfOTze/Kz8cg2mx0jXUsh46nq8NF/mJtvzxfN3408r/G/nRqbnadL+Dh5Lb22X8Z36r9Lt1wI7zey0oL+Mfysv4h/Iy/qG8jH8or07j//0+tAO4+Xz+Q3kZ/1Bexj+Ul/EPpbSd3/VLlDkR6S3RDIkdSvT7nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/goAAP//runnVg==")
19:07:07 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
io_setup(0x40, &(0x7f0000000980)=0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff})
io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) (async)
shutdown(r2, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3419.947641][T26957] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3419.952215][T26958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3419.986274][T26958] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:07 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWq2NVaNVDP5ImrRqDx5UFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k281uzI9NtzqfDwy8t/OS97775u2+eW82gNIajoiBiLgjIn7L00nT+RcONgpl5a4vL079tbw4lUSt9uafSb3cteXFqaJs8Xd788xIGpF+mtz4D3PzFy6emaxWZ87n+bGFs++NzV+4+PTs2cnTM6dnzk2cOHH82Phzz04805U4s7iuDX04d/jQq29ffn3q5OV3fvomyeOOlji6ZTiG24Ve91i3K+uxfU3ppK+HDWFTKhGRdVd/ffwPRCVWO28gXvmkp40DdlStVqvt7nx6qQb8jyXR6xYAvVF80Wf3v8Vxk6Yet4SrLzZugLK4r+dH40xfHM/L9Lfc33bTcEScXPr7y+yIHVqHAABo9l02/3mq3fwvjXubyt2Z76EMRsRdEbE/Iu6OiAMRcU9EvezBiLhvk/UPt+TXzn/SK1sKbIOy+d/z+d7WjfO/tCgyWMlz++rx9yenZqszR/P3ZCT6d2f58XXq+P7lXz/vdK55/pcdWf3FXDBvx5W+lgW66cmFye3E3OzqxxFDfe3iT1Z2ApKIOBQRQ1usY/aJrw93Ovfv8a+jC/tMta8iHm/0/1K0xF9I1t+fHLstqjNHx4qrYq2ff7n0Rqf6txV/F2T9v6ft9b8S/2DSvF87v/k6Lv3+Wcd7mq1e/7uSt+rpXflrH0wuLJwfj9iVvLb29YnVvy3yRfks/pEj7cf//lh9J+6PiOwifiAiHoyIh/K2PxwRj0TEkXXi//GlR9/devw7K4t/elP9v/lE5cwP33aqf2P937gTH8lf2cjn30YbuJ33DgAAAP4r0voz8Ek6upJO09HRxjP8B2JPWp2bX3jy1Nz756Ybz8oPRn9arHQNNK2Hjudrw0V+oiV/LF83/qJyez0/OjVXne518FByezuM/8wflV63Dthxfq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/Ug3YAN5/vfygv4x/Ky/iH8jL+oZS287t+iTInIr0lmiGxQ4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//9GI5t4=")
[ 3420.063291][T26967] loop3: detected capacity change from 0 to 512
[ 3420.077482][T26967] EXT4-fs: Ignoring removed nobh option
[ 3420.083113][T26967] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3420.089578][T26967] EXT4-fs: Ignoring removed nobh option
[ 3420.103668][T26979] loop1: detected capacity change from 0 to 512
[ 3420.111598][T26967] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3420.123537][T26979] EXT4-fs: Ignoring removed nobh option
[ 3420.131326][T26979] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3420.137886][T26979] EXT4-fs: Ignoring removed nobh option
[ 3420.146015][T26967] EXT4-fs (loop3): 1 truncate cleaned up
[ 3420.151726][T26967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
19:07:07 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x200, @rand_addr=' \x01\x00'}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62b55284f83399f7ca948439f067000fddbdf257a0100", @ANYRES32=0x0, @ANYBLOB="0df6940099003b920000060000001c0000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62b55284f83399f7ca948439f067000fddbdf257a0100", @ANYRES32=0x0, @ANYBLOB="0df6940099003b920000060000001c0000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6004000000000000000002020000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6004000000000000000002020000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0) (async)
socket(0x10, 0x80002, 0x0)
[ 3420.166714][T26967] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3420.172516][T26979] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3420.190831][T26979] EXT4-fs (loop1): 1 truncate cleaned up
[ 3420.196806][T26979] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3420.210407][T26979] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:07 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0laSkfLQUMBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJwQXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiLitoj4JU8n7QWqzT83lhen/lhenEqiXn/t96RR7vry4lRRtHje3jwzkkakHyVt/7Bp/uKls5O12syFPD+2cO7tsfmLl56cPTd5ZubMzPmJkydPHB9/5umJp3oSZxbX9cPvzR059NIbV16ZOnXlze+/TPK4oy2OXqlGtVPoDY/0urI+29eSTgb62BA2pRIRWXcNNsb/UFRitfOG4sUP+9o4YEfV6/X67u6nl+rAf1gS/W4B0B/FB312/1scN2nqcUu49lzzBiiL+0Z+NM8MRJqXGWy7v+2lakScWvrzs+yIHVqHAABo9XU2/3mi0/wvjbtayt2e76EMR8T+iDgQEXdExMGIuDOiUfbuiLhnk/VX2/Jr5z/p1S0FtkHZ/O/ZfG/r7/O/YvYXw5U8t68R/2ByerY2cyx/TUZicHeWH1+njm9e+PmTbuda53/ZkdVfzAXzdlwdaFugm55cmNxOzK2ufRBxeKBT/MnKTsBP+yMORcThLdYx+9gXR7qd++f419GDfab65xGPNvt/KdriLyTr70+O/S9qM8fGiqtirR9+vPxqt/q3FX8PZP2/p+P1vxL/cNK6Xzu/+Tou//px13uarV7/u5LXG+ld+WPvTi4sXBiP2JW8vPbxidXnFvmifBb/yNHO4/9ArL4S90ZEdhHfFxH3R8QDedsfjIiHIuLoOvF/9/zDb209/p2VxT+9qf7ffKJy9tuvutW/sf4/0UiN5I9s5P1vow3czmsHAAAA/xZp4zvwSTq6kk7T0dHmd/gPxp60Nje/8PjpuXfOTze/Kz8cg2mx0jXUsh46nq8NF/mJtvzxfN3408r/G/nRqbnadL+Dh5Lb22X8Z36r9Lt1wI7zey0oL+Mfysv4h/Iy/qG8jH8or07j//0+tAO4+Xz+Q3kZ/1Bexj+Ul/EPpbSd3/VLlDkR6S3RDIkdSvT7nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/goAAP//jwHnVw==")
[ 3420.277942][T27003] loop3: detected capacity change from 0 to 512
[ 3420.288161][T27003] EXT4-fs: Ignoring removed nobh option
[ 3420.294022][T27003] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3420.301442][T27003] EXT4-fs: Ignoring removed nobh option
[ 3420.309833][T27003] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:07 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 14)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:07 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loRRKQ4FAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E9exQz6curC/n7TSjHeSmcezY8/OrAMorZGIGIyIOyLi1zydNJ1fPtQolJW7sbI0/efK0nQStdobfyT1ctdXlqaLssXf7cszo2lE+kly8z/MLVy8dHaqWp29kOfHF8+9O75w8dLTc+emzsyemT0/efLkieMTzz07+UxX4sziuj78wfyRw6+8deW16VNX3v7x6ySPO1ri6JaRGGkXet1j3a6sx/Y3pZO+HjaELalERNZd/fXxPxiVWOu8wXj54542DthVtVqttqfz6eUa8B+WRK9bAPRG8UWf3f8Wxy2aetwWrr3QuAHK4r6RH40zfXEiL9Pfcn/bTSMRcWr5ry+yI3ZpHQIAoNm32fznqXbzvzTubSp3Z76HMhQRd0XEgYi4OyIORsQ9EfWyhyLivi3WP9KSXz//Sa9uK7BNyuZ/z+d7WzfP/9KiyFAlz+2vx9+fnJ6rzh7L35PR6N+T5Sc2qOO7l375rNO55vlfdmT1F3PBvB1X+1oW6GamFqd2EnOzax9FDPe1iz9Z3QlIIuJwRAxvs465J7460uncP8e/gS7sM9W+jHi80f/L0RJ/Idl4f3L8f1GdPTZeXBXr/fTz5dc71b+j+Lsg6/+9ba//1fiHkub92oWt13H5t0873tNs9/ofSN6spwfy196fWly8MBExkLy6/vXJtb8t8kX5LP7Ro+3H/4FYeyfuj4jsIn4gIh6MiIfytj8cEY9ExNEN4v/hxUff2X78uyuLf2ZL/b/1ROXs9990qn9z/d+4Ex/NX9nM599mG7iT9w4AAAD+LdL6M/BJOraaTtOxscYz/Adjb1qdX1h88vT8e+dnGs/KD0V/Wqx0DTath07ka8NFfrIlfzxfN/688v96fmx6vjrT6+Ch5PZ1GP+Z3yu9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr3fj/sAftAG493/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6WzRDYpcSvf5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I6/AwAA///Yeece")
[ 3420.325581][T27003] EXT4-fs (loop3): 1 truncate cleaned up
[ 3420.331280][T27003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3420.356126][T27003] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3420.373333][T27015] loop1: detected capacity change from 0 to 512
[ 3420.378706][T27018] FAULT_INJECTION: forcing a failure.
[ 3420.378706][T27018] name failslab, interval 1, probability 0, space 0, times 0
[ 3420.381340][T27015] EXT4-fs: Ignoring removed nobh option
[ 3420.392672][T27018] CPU: 1 PID: 27018 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3420.398220][T27015] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3420.408592][T27018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3420.415008][T27015] EXT4-fs: Ignoring removed nobh option
[ 3420.425029][T27018] Call Trace:
[ 3420.425036][T27018]
[ 3420.425042][T27018] dump_stack_lvl+0xda/0x130
[ 3420.432846][T27015] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3420.433837][T27018] dump_stack+0x15/0x20
[ 3420.433857][T27018] should_fail_ex+0x21f/0x230
[ 3420.437153][T27015] EXT4-fs (loop1): 1 truncate cleaned up
[ 3420.441385][T27018] __should_failslab+0x92/0xa0
19:07:08 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3420.441406][T27018] should_failslab+0x9/0x20
[ 3420.455555][T27015] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3420.459626][T27018] slab_pre_alloc_hook+0x38/0x180
[ 3420.466135][T27015] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3420.470165][T27018] __kmem_cache_alloc_node+0x46/0x250
[ 3420.470188][T27018] ? io_drain_req+0x1e1/0x4f0
[ 3420.516273][T27018] kmalloc_trace+0x2a/0xa0
19:07:08 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvNsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT/XV5dn/lhdnkmiXn/996RR7trq8kxRtHjevjwzlkakHydt/7Bp8cLFM9O12tz5PD+xdPadicULF5+aPzt9eu703LmpEyeOH5t89pmpp3sSZxbXtdH3Fw4fevnNy6/OnLz81g9fJXnc0RZHr1Sj2in0hkd7XVmf7W9JJwN9bAhbUomIrLsGG+N/OCqx1nnD8dJHfW0csKvq9Xp9T/fTK3XgPyyJfrcA6I/igz67/y2OmzT1uCVcfb55A5TFfT0/mmcGIs3LDLbd3/ZSNSJOrvz5eXbELq1DAAC0+iab/zzZaf6Xxt0t5W7P91BGIuKOiDgQEXdGxMGIuCuiUfaeiLh3i/VX2/Lr5z/plW0FtknZ/O+5fG/r7/O/YvYXI5U8t78R/2Byar42dzR/TcZicE+Wn9ygjm9f/PnTbuda53/ZkdVfzAXzdlwZaFugm51emt5JzK2ufhgxOtAp/mRtJ6AacSgiRrdZx/zjXx7udu6f499AD/aZ6l9EPNbs/5Voi7+QbLw/OfG/qM0dnSiuivV+/OnSa93q31H8PZD1/96O1/+N+EeS1v3axa3XcenXT7re02z3+h9K3mikh/LH3pteWjo/GTGUvLL+8am15xb5onwW/9iRzuP/QKy9EvdFRHYR3x8RD0TEg3nbH4qIhyPiyAbxf//CI29vP/7dlcU/u6X+33qicua7r7vVv7n+P95IjeWPbOb9b7MN3MlrBwAAAP8WaeM78Ek6fiOdpuPjze/wH4y9aW1hcemJUwvvnpttfld+JAbTYqVruGU9dDJfGy7yU235Y/m68WeV/zfy4zMLtdl+Bw8lt6/L+M/8Vul364Bd5/daUF7GP5SX8Q/lZfxDeRn/UF6dxv8HfWgHcPP5/IfyMv6hvIx/KC/jH0ppJ7/rlyhzItJbohkSu5To9zsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAb/wVAAD//94S5pQ=")
[ 3420.516305][T27018] io_drain_req+0x1e1/0x4f0
[ 3420.516328][T27018] io_queue_sqe_fallback+0xd1/0xe0
[ 3420.516345][T27018] io_submit_sqes+0xbf8/0xfe0
[ 3420.516429][T27018] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3420.516502][T27018] ? __fget_files+0x1c4/0x200
[ 3420.516523][T27018] ? mutex_lock+0xd/0x30
[ 3420.516544][T27018] ? fput+0x112/0x140
[ 3420.516556][T27018] ? ksys_write+0x178/0x1a0
[ 3420.516661][T27018] __x64_sys_io_uring_enter+0x78/0x90
[ 3420.516684][T27018] do_syscall_64+0x41/0xc0
[ 3420.516699][T27018] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3420.516724][T27018] RIP: 0033:0x7fbf4da9f169
[ 3420.516756][T27018] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3420.516770][T27018] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
19:07:08 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e29, 0x85, @dev={0xfe, 0x80, '\x00', 0x36}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x10000, 0x1, 0x9, 0x280, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r6, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYRES32, @ANYRES16=r6, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=r2, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r4, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000b341c85c0919a1367f93df4af8ffc53f47f56924", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r8, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r8, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r8, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r8, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r8, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:08 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWq2NVaNVDP5ImrRqD14UBQ8Kgh7qMSZpid020kSwJWgUqUcpeBePgn+Bp3oR9SR41bsUiuTS6mlldmeS7WY35semW53PBwbe23nJe99983bfvDcbQGkNR8RARNwVEb/l6aTp/JWDjUJZuRvLi1N/LS9OJVGrvfVnUi93fXlxqihb/N3ePDOSRqSfJTf/w9z8hYtnJqvVmfN5fmzh7Ptj8xcuPjt7dvL0zOmZcxMnThw/Nv7C8xPPdSXOLK7rQx/NHT702juX35g6efndn75N8rijJY5uGY7hdqHXPdHtynpsX1M66ethQ9iUSkRk3dVfH/8DUYnVzhuIVz/taeOAHVWr1Wq7O59eqgH/Y0n0ugVAbxRf9Nn9b3HcoqnHbeHaS40boCzuG/nRONMXx/My/S33t900HBEnl/7+Kjtih9YhAACaXcnmP8+0m/+lcX9TubvzPZTBiLgnIvZHxL0RcSAi7ouolz0YEQ9ssv7hlvza+U96dUuBbVA2/3sx39u6ef6XFkUGK3luXz3+/uTUbHXmaP6ejET/7iw/vk4d37/y6xedzjXP/7Ijq7+YC+btuNrXskA3PbkwuZ2Ym137JGKor138ycpOQBIRhyJiaIt1zD71zeFO5/49/nV0YZ+p9nXEk43+X4qW+AvJ+vuTY3dEdeboWHFVrPXzL5fe7FT/tuLvgqz/97S9/lfiH0ya92vnN1/Hpd8/73hPs9Xrf1fydj29K3/tw8mFhfPjEbuS19e+PrH6t0W+KJ/FP3Kk/fjfH6vvxIMRkV3ED0XEwxHxSN72RyPisYg4sk78P778+Htbj39nZfFPb6r/N5+onPnhu071b6z/G3fiI/krG/n822gDt/PeAQAAwH9FWn8GPklHV9JpOjraeIb/QOxJq3PzC0+fmvvg3HTjWfnB6E+Lla6BpvXQ8XxtuMhPtOSP5evGX1burOdHp+aq070OHkpub4fxn/mj0uvWATvO77WgvIx/KC/jH8rL+IfyMv6hvNqN/4970A7g1vP9D+Vl/EN5Gf9QXsY/lNJ2ftcvUeZEpLdFMyR2KNHrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+CcAAP//32rnXg==")
[ 3420.516786][T27018] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3420.516796][T27018] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3420.516806][T27018] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3420.516817][T27018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3420.516826][T27018] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3420.516896][T27018]
[ 3420.558554][T27025] loop3: detected capacity change from 0 to 512
[ 3420.716527][T27043] loop1: detected capacity change from 0 to 512
[ 3420.733096][T27043] EXT4-fs: Ignoring removed nobh option
[ 3420.738721][T27043] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3420.745313][T27043] EXT4-fs: Ignoring removed nobh option
19:07:08 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e29, 0x85, @dev={0xfe, 0x80, '\x00', 0x36}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x10000, 0x1, 0x9, 0x280, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r6, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYRES32, @ANYRES16=r6, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=r2, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r4, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000b341c85c0919a1367f93df4af8ffc53f47f56924", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r8, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r8, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r8, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r8, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r8, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3420.754035][T27043] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3420.768363][T27043] EXT4-fs (loop1): 1 truncate cleaned up
[ 3420.769509][T27025] EXT4-fs: Ignoring removed nobh option
[ 3420.774222][T27043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3420.781473][T27043] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3420.792145][T27025] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3420.807868][T27025] EXT4-fs: Ignoring removed nobh option
19:07:08 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lzgfsbhbJy11eWpv9aWZpOolZ788+kXu7aytJ0UbT4u315ZjSNSD9NWv5hw8KFi2emqtXZ83l+fPHse+MLFy4+M3d26vTs6dlzkydOHD828fxzk892Jc4srmvDH84fPvTq25dfnz55+Z2fvknyuKMljm4ZiZF2odc93u3Kemx/Uzrp62FD2JJKRGTd1V8f/4NRibXOG4xXPulp44BdVavVans6n16uAbewJHrdAqA3ii/67P63OG7Q1OOmcPXFxg1QFvf1/Gic6YvjeZn+lvvbbhqJiJPLf3+ZHbFL6xAAAM2+y+Y/T7eb/6Vxb1O5O/M9lKGIuCsiDkTE3RFxMCLuiaiXvS/fLtqKkZb8+vlPemVbgW1SNv97Id/b+vf8Ly2KDFXy3P56/P3Jqbnq7NH8PRmN/j1ZfmKDOr5/+dfPO51rnv9lR1Z/MRfM23Glr2WBbmZqcWonMTe7+nHEcF+7+JPVnYAkIg5FxPA265h78uvDnc79d/wb6MI+U+2riCca/b8cLfEXko33J8dvi+rs0fHiqljv518uvdGp/h3F3wVZ/+9te/2vxj+UNO/XLmy9jku/f9bxnma71/9A8lY9PZC/9sHU4uL5iYiB5LX1r0+u/W2RL8pn8Y8eaT/+D8TaO/FARGQX8YMR8VBEPJy3/ZGIeDQijmwQ/48vPfbu9uPfXVn8M1vq/60nKmd++LZT/Zvr/8ad+Gj+ymY+/zbbwJ28dwAAAPB/kdafgU/SsdV0mo6NNZ7hPxh70+r8wuJTp+bfPzfTeFZ+KPrTYqVrsGk9dCJfGy7yky35Y/m68ReV2+v5sen56kyvg4eS29dh/Gf+qPS6dcCu83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPF8/0N5Gf9QXsY/lJfxD6W0k9/1S5Q5EelN0QyJXUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//8ay5p8=")
[ 3420.816782][T27025] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3420.848136][T27025] EXT4-fs (loop3): 1 truncate cleaned up
[ 3420.854066][T27025] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3420.873641][T27025] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3420.875782][T27065] loop1: detected capacity change from 0 to 512
[ 3420.891931][T27065] EXT4-fs: Ignoring removed nobh option
[ 3420.897531][T27065] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3420.904021][T27065] EXT4-fs: Ignoring removed nobh option
19:07:08 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
io_setup(0x40, &(0x7f0000000980)=0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff})
io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
shutdown(r2, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_setup(0x40, &(0x7f0000000980)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) (async)
io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) (async)
shutdown(r2, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
19:07:08 executing program 2:
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e29, 0x85, @dev={0xfe, 0x80, '\x00', 0x36}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x10000, 0x1, 0x9, 0x280, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x5}, 0x48) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x10000, 0x1, 0x9, 0x280, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r6, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYRES32, @ANYRES16=r6, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=r2, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r4, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r4, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000b341c85c0919a1367f93df4af8ffc53f47f56924", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10}) (async)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r8, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r8, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r8, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r8, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r8, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r8, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r8, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:08 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdDAUNBRDySJi3QAxcQSBxAQoJDuRGStAp1G9QEiVYRBITKEVXijjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+82xrFDHk5d2N9PWmXGO87M59mxZ2fsAEqrGhFDEXFbRPyap5P2AtXmn2srS9N/rixNJ1Gvv/5H0ih3dWVpuihaPG9vnhlNI9JPkrZ/2LRw/sLpqVpt9lyeH1888+74wvkLT82dmTo1e2r27OTx48eOTjz7zOTTPYkzi+vqyAfzhw6+/OalV6dPXHr7x6+TPO5oi6NXqlHtFHrDo72urM/2taSTgT42hE2pRETWXYON8T8UlVjtvKF46eO+Ng7YUfV6vb67++nlOvA/lkS/WwD0R/FBn93/FscNmnrcFK4837wByuK+lh/NMwOR5mUG2+5ve6kaESeW//oiO2KH1iEAAFp9m81/nuw0/0vj7pZyt+d7KMMRcUdE7I+IOyPiQETcFdEoe09E3LvJ+qtt+bXzn/TylgLboGz+91y+t/XP+V8x+4vhSp7b14h/MDk5V5s9kr8mozG4O8tPrFPHdy/+8lm3c63zv+zI6i/mgnk7Lg+0LdDNTC1ObSfmVlc+ihgZ6BR/sroT8FbEwYgY2WIdc49/dajbuX+Pfx092GeqfxnxWLP/l6Mt/kKy/v7k+C1Rmz0yXlwVa/3088XXutW/rfh7IOv/PR2v/+vxDyet+7ULm6/j4m+fdr2n2er1vyt5o5HelT/2/tTi4rmJiF3JK2sfn1x9bpEvymfxjx7uPP73x+orcV9EZBfx/RHxQEQ8mLf9oYh4OCIOrxP/Dy888s7W499ZWfwzm+r/zScqp7//plv9G+v/Y43UaP7IRt7/NtrA7bx2AAAA8F+RNr4Dn6Rj19NpOjbW/A7/gdiT1uYXFp84Of/e2Znmd+WHYzAtVrqGWtZDJ/K14SI/2ZY/mq8bf165tZEfm56vzfQ7eCi5vV3Gf+b3Sr9bB+w4v9eC8jL+obyMfygv4x/Ky/iH8uo0/j/sQzuAG8/nP5SX8Q/lZfxDeRn/UErb+V2/RJkTkd4UzZDYoUS/35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//+Na5tQ=")
[ 3420.911660][T27065] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3420.928991][T27065] EXT4-fs (loop1): 1 truncate cleaned up
[ 3420.934853][T27065] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3420.952506][T27065] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3420.983919][T27077] loop3: detected capacity change from 0 to 512
[ 3420.991375][T27077] EXT4-fs: Ignoring removed nobh option
[ 3420.996967][T27077] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.003455][T27077] EXT4-fs: Ignoring removed nobh option
[ 3421.012179][T27077] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3421.027023][T27077] EXT4-fs (loop3): 1 truncate cleaned up
19:07:08 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWrWNVaNVDP5ImrRqDx5UFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k281uzI9NtzqfDwy8t/OS97775u2+eW82gNIajoiBiLgjIn7L00nT+RcONgpl5a4vL079tbw4lUSt9uafSb3cteXFqaJs8Xd788xIGpF+mtz4D3PzFy6emaxWZ87n+bGFs++NzV+4+PTs2cnTM6dnzk2cOHH82Phzz04805U4s7iuDX04d/jQq29ffn3q5OV3fvomyeOOlji6ZTiG24Ve91i3K+uxfU3ppK+HDWFTKhGRdVd/ffwPRCVWO28gXvmkp40DdlStVqvt7nx6qQb8jyXR6xYAvVF80Wf3v8Vxk6Yet4SrLzZugLK4r+dH40xfHM/L9Lfc33bTcEScXPr7y+yIHVqHAABo9l02/3mq3fwvjXubyt2Z76EMRsRdEbE/Iu6OiAMRcU9Evex9EXFwk/UPt+TXzn/SK1sKbIOy+d/z+d7WjfO/tCgyWMlz++rx9yenZqszR/P3ZCT6d2f58XXq+P7lXz/vdK55/pcdWf3FXDBvx5W+lgW66cmFye3E3OzqxxFDfe3iT1Z2ApKIOBQRQ1usY/aJrw93Ovfv8a+jC/tMta8iHm/0/1K0xF9I1t+fHLstqjNHx4qrYq2ff7n0Rqf6txV/F2T9v6ft9b8S/2DSvF87v/k6Lv3+Wcd7mq1e/7uSt+rpXflrH0wuLJwfj9iVvLb29YnVvy3yRfks/pEj7cf//lh9J+6PiOwifiAiHoyIh/K2PxwRj0TEkXXi//GlR9/devw7K4t/elP9v/lE5cwP33aqf2P937gTH8lf2cjn30YbuJ33DgAAAP4r0voz8Ek6upJO09HRxjP8B2JPWp2bX3jy1Nz756Ybz8oPRn9arHQNNK2Hjudrw0V+oiV/LF83/qJyez0/OjVXne518FByezuM/8wflV63Dthxfq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/Ug3YAN5/vfygv4x/Ky/iH8jL+oZS287t+iTInIr0lmiGxQ4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//82j5t8=")
[ 3421.032804][T27077] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3421.051776][T27077] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3421.081084][T27105] loop1: detected capacity change from 0 to 512
[ 3421.087565][T27105] EXT4-fs: Ignoring removed nobh option
[ 3421.093292][T27105] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.099802][T27105] EXT4-fs: Ignoring removed nobh option
[ 3421.107298][T27105] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3421.122436][T27105] EXT4-fs (loop1): 1 truncate cleaned up
[ 3421.128215][T27105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3421.140993][T27105] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:08 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 15)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:08 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000040000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076766c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3421.232841][T27110] FAULT_INJECTION: forcing a failure.
[ 3421.232841][T27110] name failslab, interval 1, probability 0, space 0, times 0
[ 3421.245502][T27110] CPU: 0 PID: 27110 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3421.255995][T27110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3421.266102][T27110] Call Trace:
[ 3421.269466][T27110]
[ 3421.272427][T27110] dump_stack_lvl+0xda/0x130
[ 3421.277186][T27110] dump_stack+0x15/0x20
[ 3421.281346][T27110] should_fail_ex+0x21f/0x230
[ 3421.286071][T27110] __should_failslab+0x92/0xa0
[ 3421.291519][T27110] should_failslab+0x9/0x20
[ 3421.296067][T27110] slab_pre_alloc_hook+0x38/0x180
[ 3421.301091][T27110] __kmem_cache_alloc_node+0x46/0x250
[ 3421.306636][T27110] ? io_drain_req+0x1e1/0x4f0
[ 3421.311322][T27110] kmalloc_trace+0x2a/0xa0
[ 3421.315733][T27110] io_drain_req+0x1e1/0x4f0
[ 3421.320245][T27110] io_queue_sqe_fallback+0xd1/0xe0
[ 3421.325373][T27110] io_submit_sqes+0xbf8/0xfe0
[ 3421.330128][T27110] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3421.335742][T27110] ? __fget_files+0x1c4/0x200
[ 3421.340525][T27110] ? mutex_lock+0xd/0x30
[ 3421.344850][T27110] ? fput+0x112/0x140
[ 3421.348836][T27110] ? ksys_write+0x178/0x1a0
[ 3421.353336][T27110] __x64_sys_io_uring_enter+0x78/0x90
[ 3421.359324][T27110] do_syscall_64+0x41/0xc0
[ 3421.359393][T27110] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3421.359427][T27110] RIP: 0033:0x7fbf4da9f169
[ 3421.374194][T27110] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3421.394912][T27110] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3421.403400][T27110] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3421.411364][T27110] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3421.419443][T27110] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
19:07:08 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
19:07:08 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9wAIHEASQkOJRjSNIq1G1QEyRaRTQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCubRwMlp7NzGOHfLh1IX9/aRVZrzjzDyeHXt2xg6gtKoRMRQRt0XEL3k6aS9Qbf65sbw49cfy4lQS9fobvyeNcteXF6eKosXz9uaZkTQi/Thp+4dN8xcunpms1WbO5/mxhbPvjs1fuPjU7NnJ0zOnZ85NnDhx/Nj4s89MPN2TOLO4rh/6YO7wwVfeuvLa1Mkrb//wVZLHHW1x9Eo1qp1Cb3i015X12b6WdDLQx4awKZWIyLprsDH+h6ISq503FC9/1NfGATuqXq/Xd3c/vVQH/sOS6HcLgP4oPuiz+9/iuElTj1vCtReaN0BZ3Dfyo3lmINK8zGDb/W0vVSPi5NKfn2dH7NA6BABAq2+y+c+TneZ/adzdUu72fA9lOCLuiIj9EXFnRByIiLsiGmXviYh7N1l/tS2/dv6TXt1SYBuUzf+ey/e2/j7/K2Z/MVzJc/sa8Q8mp2ZrM0fz12QkBndn+fF16vj2pZ8/7Xaudf6XHVn9xVwwb8fVgbYFuunJhcntxNzq2ocRhwY6xZ+s7AQ8fyniYEQc2mIds49/ebjbuX+Ofx092GeqfxHxWLP/l6It/kKy/v7k2P+iNnN0rLgq1vrxp8uvd6t/W/H3QNb/ezpe/yvxDyet+7Xzm6/j8q+fdL2n2er1vyt5s5HelT/2/uTCwvnxiF3Jq2sfn1h9bpEvymfxjxzpPP73x+orcV9EZBfx/RHxQEQ8mLf9oYh4OCKOrBP/9y8+8s7W499ZWfzTm+r/zScqZ777ulv9G+v/443USP7IRt7/NtrA7bx2AAAA8G+RNr4Dn6SjK+k0HR1tfof/QOxJa3PzC0+cmnvv3HTzu/LDMZgWK11DLeuh4/nacJGfaMsfy9eNP6v8v5EfnZqrTfc7eCi5vV3Gf+a3Sr9bB+w4v9eC8jL+obyMfygv4x/Ky/iH8uo0/i/1oR3AzefzH8rL+IfyMv6hvIx/KKXt/K5fosyJSG+JZkjsUKLf70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC98VcAAAD//2s25zA=")
19:07:08 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'})
syncfs(r0)
r1 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r1, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f00000002c0)=ANY=[@ANYBLOB="01337584fe10ccf266000a835c00cd099659a3e92f5e0000", @ANYRES32, @ANYBLOB=' \x00\x00\x00\x00\x00\x00\x00./file0\x00'])
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:08 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loRRoQ4FAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E9exQz6curC/n7TSjHeSmcezY8/OrAMorZGIGIyIOyLi1zydNJ1fPtQolJW7sbI0/efK0nQStdobfyT1ctdXlqaLssXf7cszo2lE+kly8z/MLVy8dHaqWp29kOfHF8+9O75w8dLTc+emzsyemT0/efLkieMTzz07+UxX4sziuj78wfyRw6+8deW16VNX3v7x6ySPO1ri6JaRGGkXet1j3a6sx/Y3pZO+HjaELalERNZd/fXxPxiVWOu8wXj54542DthVtVqttqfz6eUa8B+WRK9bAPRG8UWf3f8Wxy2aetwWrr3QuAHK4r6RH40zfXEiL9Pfcn/bTSMRcWr5ry+yI3ZpHQIAoNm32fznqXbzvzTubSp3Z76HMhQRd0XEgYi4OyIORsQ9EfWy90XEoS3WP9KSXz//Sa9uK7BNyuZ/z+d7WzfP/9KiyFAlz+2vx9+fnJ6rzh7L35PR6N+T5Sc2qOO7l375rNO55vlfdmT1F3PBvB1X+1oW6GamFqd2EnOzax9FDPe1iz9Z3QlIIuJwRAxvs465J7460uncP8e/gS7sM9W+jHi80f/L0RJ/Idl4f3L8f1GdPTZeXBXr/fTz5dc71b+j+Lsg6/+9ba//1fiHkub92oWt13H5t0873tNs9/ofSN6spwfy196fWly8MBExkLy6/vXJtb8t8kX5LP7Ro+3H/4FYeyfuj4jsIn4gIh6MiIfytj8cEY9ExNEN4v/hxUff2X78uyuLf2ZL/b/1ROXs9990qn9z/d+4Ex/NX9nM599mG7iT9w4AAAD+LdL6M/BJOraaTtOxscYz/Adjb1qdX1h88vT8e+dnGs/KD0V/Wqx0DTath07ka8NFfrIlfzxfN/688v96fmx6vjrT6+Ch5PZ1GP+Z3yu9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr3fj/sAftAG493/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6WzRDYpcSvf5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I6/AwAA///UlOcf")
[ 3421.427486][T27110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3421.435532][T27110] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3421.443519][T27110]
[ 3421.467389][T27126] loop1: detected capacity change from 0 to 512
[ 3421.479672][T27128] loop3: detected capacity change from 0 to 512
[ 3421.489576][T27126] EXT4-fs: Ignoring removed nobh option
[ 3421.495343][T27126] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.501826][T27126] EXT4-fs: Ignoring removed nobh option
[ 3421.507643][T27128] EXT4-fs: Ignoring removed nobh option
[ 3421.513469][T27128] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.519989][T27128] EXT4-fs: Ignoring removed nobh option
[ 3421.534534][T27126] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3421.551002][T27128] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3421.576604][T27128] EXT4-fs (loop3): 1 truncate cleaned up
[ 3421.583842][T27126] EXT4-fs (loop1): 1 truncate cleaned up
19:07:09 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWrWNVaNVDP5ImrRqD14UBQ8Kgh7qMSZpid020kSwJWgUqUcpeBePgn+Bp3oR9SR41bsUiuTS6mlldmeS7WY35semW53PBwbe23nJe99983bfvDcbQGkNR8RARNwVEb/l6aTp/JWDjUJZuRvLi1N/LS9OJVGrvfVnUi93fXlxqihb/N3ePDOSRqSfJTf/w9z8hYtnJqvVmfN5fmzh7Ptj8xcuPjt7dvL0zOmZcxMnThw/Nv7C8xPPdSXOLK7rQx/NHT702juX35g6efndn75N8rijJY5uGY7hdqHXPdHtynpsX1M66ethQ9iUSkRk3dVfH/8DUYnVzhuIVz/taeOAHVWr1Wq7O59eqgH/Y0n0ugVAbxRf9Nn9b3HcoqnHbeHaS40boCzuG/nRONMXx/My/S33t900HBEnl/7+Kjtih9YhAACaXcnmP8+0m/+lcX9TubvzPZTBiLgnIvZHxL0RcSAi7ouol30gIg5usv7hlvza+U96dUuBbVA2/3sx39u6ef6XFkUGK3luXz3+/uTUbHXmaP6ejET/7iw/vk4d37/y6xedzjXP/7Ijq7+YC+btuNrXskA3PbkwuZ2Ym137JGKor138ycpOQBIRhyJiaIt1zD71zeFO5/49/nV0YZ+p9nXEk43+X4qW+AvJ+vuTY3dEdeboWHFVrPXzL5fe7FT/tuLvgqz/97S9/lfiH0ya92vnN1/Hpd8/73hPs9Xrf1fydj29K3/tw8mFhfPjEbuS19e+PrH6t0W+KJ/FP3Kk/fjfH6vvxIMRkV3ED0XEwxHxSN72RyPisYg4sk78P778+Htbj39nZfFPb6r/N5+onPnhu071b6z/G3fiI/krG/n822gDt/PeAQAAwH9FWn8GPklHV9JpOjraeIb/QOxJq3PzC0+fmvvg3HTjWfnB6E+Lla6BpvXQ8XxtuMhPtOSP5evGX1burOdHp+aq070OHkpub4fxn/mj0uvWATvO77WgvIx/KC/jH8rL+IfyMv6hvNqN/4970A7g1vP9D+Vl/EN5Gf9QXsY/lNJ2ftcvUeZEpLdFMyR2KNHrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+CcAAP//24XnXw==")
19:07:09 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA8ICQQSB5CQ4FCOIUmrULdBTZBoFdGAUDmiStwRRyT+Ak5wQcAJiSvcUaUK5dLCyWjt3cQ4dsiHUxf295NWmfGOM/N4duzZGTuA0qpGxFBE3BYRv+TppL1AtfnnxvLi1B/Li1NJ1Otv/J40yl1fXpwqihbP25tnRtKI9OOk7R82zV+4eGayVps5n+fHFs6+OzZ/4eJTs2cnT8+cnjk3ceLE8WPjzz4z8XRP4sziun7og7nDB19568prUyevvP3DV0ked7TF0SvVqHYKveHRXlfWZ/ta0slAHxvCplQiIuuuwcb4H4pKrHbeULz8UV8bB+yoer1e39399FId+A9Lot8tAPqj+KDP7n+L4yZNPW4J115o3gBlcd/Ij+aZgUjzMoNt97e9VI2Ik0t/fp4dsUPrEAAArb7J5j9Pdpr/pXF3S7nb8z2U4Yi4IyL2R8SdEXEgIu6KaJS9JyLu3WT91bb82vlPenVLgW1QNv97Lt/b+vv8r5j9xXAlz+1rxD+YnJqtzRzNX5ORGNyd5cfXqePbl37+tNu51vlfdmT1F3PBvB1XB9oW6KYnFya3E3Orax9GHBroFH+yshPw/KWIgxFxaIt1zD7+5eFu5/45/nX0YJ+p/kXEY83+X4q2+AvJ+vuTY/+L2szRseKqWOvHny6/3q3+bcXfA1n/7+l4/a/EP5y07tfOb76Oy79+0vWeZqvX/67kzUZ6V/7Y+5MLC+fHI3Ylr659fGL1uUW+KJ/FP3Kk8/jfH6uvxH0RkV3E90fEAxHxYN72hyLi4Yg4sk7837/4yDtbj39nZfFPb6r/N5+onPnu6271b6z/jzdSI/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOrqTTdHS0+R3+A7Enrc3NLzxxau69c9PN78oPx2BarHQNtayHjudrw0V+oi1/LF83/qzy/0Z+dGquNt3v4KHk9nYZ/5nfKv1uHbDj/F4Lysv4h/Iy/qG8jH8oL+MfyqvT+L/Uh3YAN5/Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0lmiGxQ4l+vzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xl8BAAD//0tO5zE=")
19:07:09 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c010000080a05000000000000000000070000020900020073797a3100000000240005800800014000008809080001400000002f080001400000002e0800024000000002000104803c000180090001006d657461000000002c00028008000340000000080800024000000008080001400000001708000240000000050800024000000000500001800e000100627974656f726465720000003c00028008000140000000150800054000000065080002400000001708000240000000120800024000000001080002400000000a08000140000000164c0001800b00010072656a65637400003c0002800800014000000002050002008000000005000200060000000500020065000000050002002c000000080001400000000205000200810000001800018008000100666962000c000280080001400000000a0c00018008000100636d70000c00064000000000000000030c0003400000000000000002d8000000050a01080000000000000000050000024c0004800800014000000001080002401c7e1be414000300626f6e645f736c6176654b30000000000800014000000004080001400000000314000300626f6e645f736c6176655f300000000008000b400000008108000a4000000001280004800800024011a3092d080001400000000414000300767863616e3100000000000000000000280008800c00014000000000000080010c000240000000000000003f0c00024080000000000000010c00024000000000000000010900010073797a3100000000140000001100010000000000000000000000000a"], 0x25c}, 0x1, 0x0, 0x0, 0x8044804}, 0x81)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3421.663853][T27162] loop1: detected capacity change from 0 to 512
[ 3421.675463][T27162] EXT4-fs: Ignoring removed nobh option
[ 3421.681090][T27162] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.687628][T27162] EXT4-fs: Ignoring removed nobh option
[ 3421.695946][T27164] loop3: detected capacity change from 0 to 512
[ 3421.702597][T27164] EXT4-fs: Ignoring removed nobh option
[ 3421.708265][T27164] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.714782][T27164] EXT4-fs: Ignoring removed nobh option
[ 3421.722916][T27164] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3421.725198][T27162] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3421.739837][T27164] EXT4-fs (loop3): 1 truncate cleaned up
[ 3421.753257][T27162] EXT4-fs (loop1): 1 truncate cleaned up
19:07:09 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQ0IlSOqxB1xROIv4AQXBJyQuMIdVapQOLRwMlp7NzGOHfLh1IX9/aRVZrzjzDyeHXt2xg6gtKoRMRQRt0XEz3k6aS9Qbf65sbw49cfy4lQS9frrvyWNcteXF6eKosXz9uaZkTQi/Shp+4dN8xcunpms1WbO5/mxhbPvjM1fuPjU7NnJ0zOnZ85NnDhx/Nj4s89MPN2TOLO4rh96f+7wwZffvPLq1Mkrb33/ZZLHHW1x9Eo1qp1Cb3i015X12b6WdDLQx4awKZWIyLprsDH+h6ISq503FC992NfGATuqXq/Xd3c/vVQH/sOS6HcLgP4oPuiz+9/iuElTj1vCteebN0BZ3Dfyo3lmINK8zGDb/W0vVSPi5NKfn2VH7NA6BABAq6+z+c+TneZ/adzdUu72fA9lOCLuiIj9EXFnRByIiLsiGmXviYh7N1l/tS2/dv6TXt1SYBuUzf+ey/e2/j7/K2Z/MVzJc/sa8Q8mp2ZrM0fz12QkBndn+fF16vjmxZ8+6Xaudf6XHVn9xVwwb8fVgbYFuunJhcntxNzq2gcRhwY6xZ+s7AT8Xq9fOhgRh7ZYx+zjXxzudu6f419HD/aZ6p9HPNbs/6Voi7+QrL8/Ofa/qM0cHSuuirV++PHya93q31b8PZD1/56O1/9K/MNJ637t/ObruPzLx13vabZ6/e9K3mikd+WPvTe5sHB+PGJX8sraxydWn1vki/JZ/CNHOo///bH6StwXEdlFfH9EPBARD+ZtfygiHo6II+vE/90Lj7y99fh3Vhb/9Kb6f/OJyplvv+pW/8b6/3gjNZI/spH3v402cDuvHQAAAPxbpI3vwCfp6Eo6TUdHm9/hPxB70trc/MITp+bePTfd/K78cAymxUrXUMt66Hi+NlzkJ9ryx/J1408r/2/kR6fmatP9Dh5Kbm+X8Z/5tdLv1gE7zu+1oLyMfygv4x/Ky/iH8jL+obw6jf9LfWgHcPP5/IfyMv6hvIx/KC/jH0ppO7/rlyhzItJbohkSO5To9zsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAb/wVAAD//0L56eM=")
19:07:09 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lzgUONQlm56ytL03+tLE0nUau9+WdSL3dtZWm6KFr83b48M5pGpJ8mLf+wYeHCxTNT1ers+Tw/vnj2vfGFCxefmTs7dXr29Oy5yRMnjh+beP65yWe7EmcW17XhD+cPH3r17cuvT5+8/M5P3yR53NESR7eMxEi70Ose73ZlPba/KZ309bAhbEklIrLu6q+P/8GoxFrnDcYrn/S0ccCuqtVqtT2dTy/XgFtYEr1uAdAbxRd9dv9bHDdo6nFTuPpi4wYoi/t6fjTO9MXxvEx/y/1tN41ExMnlv7/MjtildQgAgGbfZfOfp9vN/9K4t6ncnfkeylBE3BURByLi7og4GBH3RNTL3hcR92+x/pGW/Pr5T3plW4FtUjb/eyHf2/r3/C8tigxV8tz+evz9yam56uzR/D0Zjf49WX5igzq+f/nXzzuda57/ZUdWfzEXzNtxpa9lgW5manFqJzE3u/pxxHBfu/iT1Z2AJN8GHN5mHXNPfn2407n/jn8DXdhnqn0V8USj/5ejJf5CsvH+5PhtUZ09Ol5cFev9/MulNzrVv6P4uyDr/71tr//V+IeS5v3aha3Xcen3zzre02z3+h9I3qqnB/LXPphaXDw/ETGQvLb+9cm1vy3yRfks/tEj7cf/gVh7Jx6IiOwifjAiHoqIh/O2PxIRj0bEkQ3i//Glx97dfvy7K4t/Zkv9v/VE5cwP33aqf3P937gTH81f2czn32YbuJP3DgAAAP4v0voz8Ek6tppO07GxxjP8B2NvWp1fWHzq1Pz752Yaz8oPRX9arHQNNq2HTuRrw0V+siV/LF83/qJyez0/Nj1fnel18FBy+zqM/8wflV63Dth1fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/Ug3YAN57vfygv4x/Ky/iH8jL+oZR28rt+iTInIr0pmiGxS4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//8LN5qA=")
[ 3421.864624][T27179] loop3: detected capacity change from 0 to 512
[ 3421.866834][T27180] loop1: detected capacity change from 0 to 512
[ 3421.871505][T27179] EXT4-fs: Ignoring removed nobh option
[ 3421.877693][T27180] EXT4-fs: Ignoring removed nobh option
[ 3421.883096][T27179] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.888653][T27180] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3421.895044][T27179] EXT4-fs: Ignoring removed nobh option
[ 3421.901476][T27180] EXT4-fs: Ignoring removed nobh option
[ 3421.911909][T27179] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3421.915480][T27180] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3421.927237][T27179] EXT4-fs (loop3): 1 truncate cleaned up
[ 3421.942282][T27180] EXT4-fs (loop1): 1 truncate cleaned up
19:07:09 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQ0IlSOqxB1xROIv4AQXBJyQuMIdVapQLm05Ga29mxjHDvlw6sL+ftIqM95xZh7Pjj07YwdQWtWIGIqIOyLi1zydtBeoNv/cWF6curm8OJVEvf7mH0mj3PXlxamiaPG8vXlmJI1IP0na/mHT/IWLZyZrtZnzeX5s4ex7Y/MXLj4ze3by9MzpmXMTJ04cPzb+/HMTz/Ykziyu64c+nDt88NW3r7w+dfLKOz9+neRxR1scvVKNaqfQGx7vdWV9tq8lnQz0sSFsSiUisu4abIz/oajEaucNxSsf97VxwI6q1+v13d1PL9WB/7Ak+t0CoD+KD/rs/rc4btHU47Zw7cXmDVAW9438aJ4ZiDQvM9h2f9tL1Yg4ufTnF9kRO7QOAQDQ6tts/vN0p/lfGve2lLsz30MZjoi7ImJ/RNwdEQci4p6IRtn7IuL+TdZfbcuvnf+kV7cU2AZl878X8r2tv8//itlfDFfy3L5G/IPJqdnazNH8NRmJwd1ZfnydOr57+ZfPup1rnf9lR1Z/MRfM23F1oG2BbnpyYXI7Mbe69lHEoYFO8ScrOwE36/VLByPi0BbrmH3yq8Pdzv1z/OvowT5T/cuIJ5r9vxRt8ReS9fcnx/4XtZmjY8VVsdZPP19+o1v924q/B7L+39Px+l+Jfzhp3a+d33wdl3/7tOs9zVav/13JW430rvyxDyYXFs6PR+xKXlv7+MTqc4t8UT6Lf+RI5/G/P1ZfiQciIruIH4yIhyLi4bztj0TEoxFxZJ34f3jpsXe3Hv/OyuKf3lT/bz5ROfP9N93q31j/H2+kRvJHNvL+t9EGbue1AwAAgH+LtPEd+CQdXUmn6eho8zv8B2JPWpubX3jq1Nz756ab35UfjsG0WOkaalkPHc/Xhov8RFv+WL5u/Hnl/4386NRcbbrfwUPJ7e0y/jO/V/rdOmDH+b0WlJfxD+Vl/EN5Gf9QXsY/lFen8X+pD+0Abj2f/1Bexj+Ul/EP5WX8Qylt53f9EmVORHpbNENihxL9fmcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojb8CAAD//4N66ek=")
19:07:09 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 16)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:09 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhAKBgoj4SJq0QA8cAIHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFo4Ga29m7iOHfLh1IX9/aSVZryTzDyeHXt2Zh1AaY1ExEBE3BYRv+bppOn880ONQlm56ytL03+uLE0nUau98UdSL3dtZWm6KFv83f48M5pGpJ8kN/7D3MKFi2emqtXZ83l+fPHsu+MLFy4+NXd26vTs6dlzkydOHD828ewzk093Jc4srmvDH8wfHnrlrcuvTZ+8/PaPXyd53NESR7eMxEi70Ose7XZlPXagKZ309bAhbEklIrLu6q+P/4GoxFrnDcTLH/e0ccCuqtVqtb2dTy/XgP+wJHrdAqA3ii/67P63OG7S1OOWcPWFxg1QFvf1/Gic6YvjeZn+lvvbbhqJiJPLf32RHbFL6xAAAM2+zeY/T7ab/6Vxd1O52/M9lMGIuCMiDkbEnRFxKCLuiqiXvSci7t1i/SMt+fXzn/TKtgLbpGz+91y+t3Xj/C8tigxW8tyBevz9yam56uzR/D0Zjf69WX5igzq+e+mXzzqda57/ZUdWfzEXzNtxpa9lgW5manFqJzE3u/pRxHBfu/iT1Z2AJCKGImJ4m3XMPf7V4U7n/jn+DXRhn6n2ZcRjjf5fjpb4C8nG+5Pj/4vq7NHx4qpY76efL73eqf4dxd8FWf/va3v9r8Y/mDTv1y5svY5Lv33a8Z5mu9f/nuTNenpP/tr7U4uL5yci9iSvrn99cu1vi3xRPot/9Ej78X8w1t6J+yIiu4jvj4gHIuLBvO0PRcTDEXFkg/h/ePGRd7Yf/+7K4p/ZUv9vPVE58/03nerfXP837sRH81c28/m32Qbu5L0DAACAf4u0/gx8ko6tptN0bKzxDP+h2JdW5xcWnzg1/965mcaz8oPRnxYrXQNN66ET+dpwkZ9syR/L140/r/y/nh+bnq/O9Dp4KLn9HcZ/5vdKr1sH7Dq/14LyMv6hvIx/KC/jH8rL+Ifyajf+P+xBO4Cbz/c/lJfxD+Vl/EN5Gf9QSjv5Xb9EmROR3hLNkNilRK8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrj7wAAAP//yb7m4A==")
19:07:09 executing program 2:
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000040000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076766c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000040000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076766c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3422.017638][T27185] loop3: detected capacity change from 0 to 512
[ 3422.024463][T27185] EXT4-fs: Ignoring removed nobh option
[ 3422.030104][T27185] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.036560][T27185] EXT4-fs: Ignoring removed nobh option
[ 3422.043754][T27185] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3422.059690][T27185] EXT4-fs (loop3): 1 truncate cleaned up
[ 3422.085432][T27188] loop1: detected capacity change from 0 to 512
[ 3422.090908][T27190] FAULT_INJECTION: forcing a failure.
[ 3422.090908][T27190] name failslab, interval 1, probability 0, space 0, times 0
[ 3422.098746][T27188] EXT4-fs: Ignoring removed nobh option
[ 3422.104364][T27190] CPU: 1 PID: 27190 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3422.109972][T27188] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.120327][T27190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3422.120356][T27190] Call Trace:
[ 3422.120363][T27190]
[ 3422.120369][T27190] dump_stack_lvl+0xda/0x130
[ 3422.126865][T27188] EXT4-fs: Ignoring removed nobh option
[ 3422.136898][T27190] dump_stack+0x15/0x20
[ 3422.136917][T27190] should_fail_ex+0x21f/0x230
[ 3422.162128][T27190] __should_failslab+0x92/0xa0
[ 3422.166895][T27190] should_failslab+0x9/0x20
[ 3422.171428][T27190] slab_pre_alloc_hook+0x38/0x180
[ 3422.176506][T27190] __kmem_cache_alloc_node+0x46/0x250
[ 3422.181898][T27190] ? io_drain_req+0x1e1/0x4f0
[ 3422.186596][T27190] kmalloc_trace+0x2a/0xa0
[ 3422.191044][T27190] io_drain_req+0x1e1/0x4f0
[ 3422.195560][T27190] io_queue_sqe_fallback+0xd1/0xe0
[ 3422.200751][T27190] io_submit_sqes+0xbf8/0xfe0
[ 3422.205469][T27190] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3422.211030][T27190] ? __fget_files+0x1c4/0x200
[ 3422.215722][T27190] ? mutex_lock+0xd/0x30
[ 3422.215800][T27190] ? fput+0x112/0x140
[ 3422.215816][T27190] ? ksys_write+0x178/0x1a0
[ 3422.215839][T27190] __x64_sys_io_uring_enter+0x78/0x90
[ 3422.215927][T27190] do_syscall_64+0x41/0xc0
[ 3422.215944][T27190] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3422.216037][T27190] RIP: 0033:0x7fbf4da9f169
[ 3422.216049][T27190] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3422.216064][T27190] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3422.216121][T27190] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
19:07:09 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQ0IlSOqxB1xROIv4AQXBJyQuMIdVapQLi09Ga29mxjHDvlw6sL+ftIqM95xZh7Pjj07YwdQWtWIGIqIOyLi1zydtBeoNv/cWF6c+nN5cSqJev3NP5JGuevLi1NF0eJ5e/PMSBqRfpK0/cOm+QsXz0zWajPn8/zYwtn3xuYvXHxm9uzk6ZnTM+cmTpw4fmz8+ecmnu1JnFlc1w99OHf44KtvX3l96uSVd378OsnjjrY4eqUa1U6hNzze68r6bF9LOhnoY0PYlEpEZN012Bj/Q1GJ1c4bilc+7mvjgB1Vr9fru7ufXqoD/2FJ9LsFQH8UH/TZ/W9x3KKpx23h2ovNG6As7hv50TwzEGleZrDt/raXqhFxcunmF9kRO7QOAQDQ6tts/vN0p/lfGve2lLsz30MZjoi7ImJ/RNwdEQci4p6IRtn7IuL+TdZfbcuvnf+kV7cU2AZl878X8r2tv8//itlfDFfy3L5G/IPJqdnazNH8NRmJwd1ZfnydOr57+ZfPup1rnf9lR1Z/MRfM23F1oG2BbnpyYXI7Mbe69lHEoYFO8ScrOwE36/VLByPi0BbrmH3yq8Pdzv1z/OvowT5T/cuIJ5r9vxRt8ReS9fcnx/4XtZmjY8VVsdZPP19+o1v924q/B7L+39Px+l+Jfzhp3a+d33wdl3/7tOs9zVav/13JW430rvyxDyYXFs6PR+xKXlv7+MTqc4t8UT6Lf+RI5/G/P1ZfiQciIruIH4yIhyLi4bztj0TEoxFxZJ34f3jpsXe3Hv/OyuKf3lT/bz5ROfP9N93q31j/H2+kRvJHNvL+t9EGbue1AwAAgH+LtPEd+CQdXUmn6eho8zv8B2JPWpubX3jq1Nz756ab35UfjsG0WOkaalkPHc/Xhov8RFv+WL5u/Hnl/4386NRcbbrfwUPJ7e0y/jO/V/rdOmDH+b0WlJfxD+Vl/EN5Gf9QXsY/lFen8X+pD+0Abj2f/1Bexj+Ul/EP5WX8Qylt53f9EmVORHpbNENihxL9fmcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojb8CAAD//2OS6eo=")
[ 3422.216178][T27190] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3422.216226][T27190] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3422.216236][T27190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3422.216248][T27190] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3422.216262][T27190]
[ 3422.218463][T27188] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:09 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'})
syncfs(r0) (async)
r1 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r1, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f00000002c0)=ANY=[@ANYBLOB="01337584fe10ccf266000a835c00cd099659a3e92f5e0000", @ANYRES32, @ANYBLOB=' \x00\x00\x00\x00\x00\x00\x00./file0\x00']) (async)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:09 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000040000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076766c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3422.349609][T27188] EXT4-fs (loop1): 1 truncate cleaned up
[ 3422.374243][T27218] loop3: detected capacity change from 0 to 512
[ 3422.381283][T27218] EXT4-fs: Ignoring removed nobh option
[ 3422.386878][T27218] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.393378][T27218] EXT4-fs: Ignoring removed nobh option
19:07:09 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn8kVo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k281uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYiBiLgjIn7L00nT+eWhRqGs3PWVpem/Vpamk6jV3vwzqZe7trI0XZQt/m5/nhlNI9JPkxv/YW7hwsUzU9Xq7Pk8P7549r3xhQsXn5k7O3V69vTsuckTJ44fm3j+uclnuxJnFte14Q/nDw+9+vbl16dPXn7np2+SPO5oiaNbRmKkXeh1j3e7sh470JRO+nrYELakEhFZd/XXx/9AVGKt8wbilU962jhgV9VqtdrezqeXa8D/WBK9bgHQG8UXfXb/Wxw3aepxS7j6YuMGKIv7en40zvTF8bxMf8v9bTeNRMTJ5b+/zI7YpXUIAIBm32Xzn6fbzf/SuLep3J35HspgRNwVEQcj4u6IOBQR90TUy94XEfdvsf6Rlvz6+U96ZVuBbVI2/3sh39u6cf6XFkUGK3nuQD3+/uTUXHX2aP6ejEb/3iw/sUEd37/86+edzjXP/7Ijq7+YC+btuNLXskA3M7U4tZOYm139OGK4r138yepOQBIRQxExvM065p78+nCnc/8e/wa6sM9U+yriiUb/L0dL/IVk4/3J8duiOnt0vLgq1vv5l0tvdKp/R/F3Qdb/+9pe/6vxDybN+7ULW6/j0u+fdbyn2e71vyd5q57ek7/2wdTi4vmJiD3Ja+tfn1z72yJflM/iHz3SfvwfjLV34oGIyC7iByPioYh4OG/7IxHxaEQc2SD+H1967N3tx7+7svhnttT/W09Uzvzwbaf6N9f/jTvx0fyVzXz+bbaBO3nvAAAA4L8irT8Dn6Rjq+k0HRtrPMN/KPal1fmFxadOzb9/bqbxrPxg9KfFStdA03roRL42XOQnW/LH8nXjLyq31/Nj0/PVmV4HDyW3v8P4z/xR6XXrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXu3G/0c9aAdw8/n+h/Iy/qG8jH8oL+MfSmknv+uXKHMi0luiGRK7lOj1JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/BMAAP//0K/nIA==")
[ 3422.407460][T27218] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3422.421993][T27218] EXT4-fs (loop3): 1 truncate cleaned up
19:07:09 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolVEA0LliCpxRxyR+As4wQUBJySucEeVKpRLCyejtXcT49ghD6cu7O8nrTLjHWfm8+zYszN2AKVVjYihiLgjIn7N00l7gWrzz43lxak/lxenkqjX3/wjaZS7vrw4VRQtnrc3z4ykEeknSds/bJq/cPHMZK02cz7Pjy2cfW9s/sLFZ2bPTp6eOT1zbuLEiePHxp9/buLZnsSZxXX90Idzhw+++vaV16dOXnnnx6+TPO5oi6NXqlHtFHrD472urM/2taSTgT42hE2pRETWXYON8T8UlVjtvKF45eO+Ng7YUfV6vb67++mlOvA/lkS/WwD0R/FBn93/FsdNmnrcEq692LwByuK+kR/NMwOR5mUG2+5ve6kaESeX/voiO2KH1iEAAFp9m81/nu40/0vj3pZyd+Z7KMMRcVdE7I+IuyPiQETcE9Eoe19E3L/J+qtt+bXzn/TqlgLboGz+90K+t/XP+V8x+4vhSp7b14h/MDk1W5s5mr8mIzG4O8uPr1PHdy//8lm3c63zv+zI6i/mgnk7rg60LdBNTy5MbifmVtc+ijg00Cn+ZGUnoF6vXzoYEYe2WMfsk18d7nbu3+NfRw/2mepfRjzR7P+laIu/kKy/Pzl2W9Rmjo4VV8VaP/18+Y1u9W8r/h7I+n9Px+t/Jf7hpHW/dn7zdVz+7dOu9zRbvf53JW810rvyxz6YXFg4Px6xK3lt7eMTq88t8kX5LP6RI53H//5YfSUeiIjsIn4wIh6KiIfztj8SEY9GxJF14v/hpcfe3Xr8OyuLf3pT/b/5ROXM9990q39j/X+8kRrJH9nI+99GG7id1w4AAAD+K9LGd+CTdHQlnaajo83v8B+IPWltbn7hqVNz75+bbn5XfjgG02Kla6hlPXQ8Xxsu8hNt+WP5uvHnldsb+dGpudp0v4OHktvbZfxnfq/0u3XAjvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/Uh/aAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGxA4l+v3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bt/BwAA//+kE+nw")
[ 3422.457946][T27243] loop1: detected capacity change from 0 to 512
[ 3422.464519][T27243] EXT4-fs: Ignoring removed nobh option
[ 3422.470161][T27243] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.476692][T27243] EXT4-fs: Ignoring removed nobh option
[ 3422.503423][T27243] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3422.527384][T27247] loop3: detected capacity change from 0 to 512
[ 3422.529189][ T6589] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 3422.534443][T27247] EXT4-fs: Ignoring removed nobh option
19:07:10 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c010000080a05000000000000000000070000020900020073797a3100000000240005800800014000008809080001400000002f080001400000002e0800024000000002000104803c000180090001006d657461000000002c00028008000340000000080800024000000008080001400000001708000240000000050800024000000000500001800e000100627974656f726465720000003c00028008000140000000150800054000000065080002400000001708000240000000120800024000000001080002400000000a08000140000000164c0001800b00010072656a65637400003c0002800800014000000002050002008000000005000200060000000500020065000000050002002c000000080001400000000205000200810000001800018008000100666962000c000280080001400000000a0c00018008000100636d70000c00064000000000000000030c0003400000000000000002d8000000050a01080000000000000000050000024c0004800800014000000001080002401c7e1be414000300626f6e645f736c6176654b30000000000800014000000004080001400000000314000300626f6e645f736c6176655f300000000008000b400000008108000a4000000001280004800800024011a3092d080001400000000414000300767863616e3100000000000000000000280008800c00014000000000000080010c000240000000000000003f0c00024080000000000000010c00024000000000000000010900010073797a3100000000140000001100010000000000000000000000000a"], 0x25c}, 0x1, 0x0, 0x0, 0x8044804}, 0x81) (async)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:10 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0, @ANYRES16=r4, @ANYRES32, @ANYBLOB="0d3bc71c665afea8b37747e7e2967d722a64854c3e6f3d4ca2270d6ba680844704e7f847ed920605000000666377ff4516f1ea4ef7fbfdf611094917e2d83a91a75858434fd4618c951e259750885e619e3fae8402dc1838da1c486f5dfb2431b44dd1b73b195c685b554f069bdb60f5f300b19c31735b85a93bb658b33c"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3422.549637][T27247] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.556150][T27247] EXT4-fs: Ignoring removed nobh option
[ 3422.566046][T27243] EXT4-fs (loop1): 1 truncate cleaned up
[ 3422.576520][T27247] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3422.597555][T27247] EXT4-fs (loop3): 1 truncate cleaned up
19:07:10 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn+0Vl2tYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVcGjFIrk0uppZXZnknWzG/Nj063O5wND3tt5m/e+++btvnlvN4DSqkbEUETcFhG/5OmkvUC1+ef68uLUn8uLU0nU66//kTTKXVtenCqKFs/bm2dG0oj046TtHzbNX7h4ZrJWmzmf58cWzr4zNn/h4lOzZydPz5yeOTdx4sTxY+PPPjPxdE/izOK6duj9ucMHX37z8qtTJy+/9cNXSR53tMXRK9Wodgq94dFeV9Zn+1rSyUAfG8KmVCIi667Bxvgfikqsdt5QvPRRXxsH7Kh6vV7f3f30Uh34H0ui3y0A+qP4oM/uf4vjBk09bgpXn2/eAGVxX8+P5pmBSPMyg233t71UjYiTS399nh2xQ+sQAACtvsnmP092mv+lcXdLudvzPZThiLgjIvZHxJ0RcSAi7opolL0nIu7dZP3Vtvza+U96ZUuBbVA2/3su39v65/yvmP3FcCXP7WvEP5icmq3NHM1fk5EY3J3lx9ep49sXf/6027nW+V92ZPUXc8G8HVcG2hbopicXJrcTc6urH0YcGugUf7KyE/BbvV4/GBGHtljH7ONfHu527t/jX0cP9pnqX0Q81uz/pWiLv5Csvz85dkvUZo6OFVfFWj/+dOm1bvVvK/4eyPp/T8frfyX+4aR1v3Z+83Vc+vWTrvc0W73+dyVvNNK78sfem1xYOD8esSt5Ze3jE6vPLfJF+Sz+kSOdx//+WH0l7ouI7CK+PyIeiIgH87Y/FBEPR8SRdeL//oVH3t56/Dsri396U/2/+UTlzHdfd6t/Y/1/vJEayR/ZyPvfRhu4ndcOAAAA/ivSxnfgk3R0JZ2mo6PN7/AfiD1pbW5+4YlTc++em25+V344BtNipWuoZT10PF8bLvITbflj+brxZ5VbG/nRqbnadL+Dh5Lb22X8Z36v9Lt1wI7zey0oL+Mfysv4h/Iy/qG8jH8or07j/4M+tAO48Xz+Q3kZ/1Bexj+Ul/EPpbSd3/VLlDkR6U3RDIkdSvT7nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g4AAP//ivfqUQ==")
19:07:10 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhAKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcCoXBJyQuMIdVapQLi2cjNbeTVzHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYiAi7oiIX/N00nT+ylCjUFbuxsrS9J8rS9NJ1Gpv/pHUy11fWZouyhZ/tz/PjKYR6afJzf8wt3Dh4pmpanX2fJ4fXzz73vjChYvPzJ2dOj17evbc5IkTx49NPP/c5LNdiTOL6/rwh/OHh159+/Lr0ycvv/PjN0ked7TE0S0jMdIu9LrHu11Zjx1oSid9PWwIW1KJiKy7+uvjfyAqsdZ5A/HKJz1tHLCrarVabW/n08s14D8siV63AOiN4os+u/8tjls09bgtXHuxcQOUxX0jPxpn+uJ4Xqa/5f62m0Yi4uTyX19mR+zSOgQAQLMr2fzn6XbzvzTubSp3Z76HMhgRd0XEwYi4OyIORcQ9EfWy90XE/Vusf6Qlv37+k17dVmCblM3/Xsj3tm6e/6VFkcFKnjtQj78/OTVXnT2avyej0b83y09sUMd3L//yeadzzfO/7MjqL+aCeTuu9rUs0M1MLU7tJOZm1z6OGO5rF3+yuhOQRMRQRAxvs465J78+3OncP8e/gS7sM9W+inii0f/L0RJ/Idl4f3L8f1GdPTpeXBXr/fTzpTc61b+j+Lsg6/99ba//1fgHk+b92oWt13Hpt8863tNs9/rfk7xVT+/JX/tganHx/ETEnuS19a9Prv1tkS/KZ/GPHmk//g/G2jvxQERkF/GDEfFQRDyct/2RiHg0Io5sEP8PLz327vbj311Z/DNb6v+tJypnvv+2U/2b6//Gnfho/spmPv8228CdvHcAAADwb5HWn4FP0rHVdJqOjTWe4T8U+9Lq/MLiU6fm3z8303hWfjD602Kla6BpPXQiXxsu8pMt+WP5uvEXlf/X82PT89WZXgcPJbe/w/jP/F7pdeuAXef3WlBexj+Ul/EP5WX8Q3kZ/1Be7cb/Rz1oB3Dr+f6H8jL+obyMfygv4x9KaSe/65cocyLS26IZEruU6PUnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHf8HQAA///XoOdg")
[ 3422.679350][T27271] loop3: detected capacity change from 0 to 512
[ 3422.685978][T27271] EXT4-fs: Ignoring removed nobh option
[ 3422.691598][T27271] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.698081][T27271] EXT4-fs: Ignoring removed nobh option
[ 3422.706959][T27271] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3422.723239][T27271] EXT4-fs (loop3): 1 truncate cleaned up
[ 3422.735821][T27276] loop1: detected capacity change from 0 to 512
[ 3422.742620][T27276] EXT4-fs: Ignoring removed nobh option
[ 3422.748179][T27276] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.754645][T27276] EXT4-fs: Ignoring removed nobh option
[ 3422.762060][T27276] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3422.776813][T27276] EXT4-fs (loop1): 1 truncate cleaned up
19:07:10 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhQtGa+8mxrFDHk5d2N9PWmXGO87M59mxZ2fsAEqrGhFDEXFbRPySp5P2AtXmn+vLi1N/LC9OJVGvv/570ih3bXlxqihaPG9vnhlJI9KPk7Z/2DR/4eKZyVpt5nyeH1s4+87Y/IWLT82enTw9c3rm3MSJE8ePjT/7zMTTPYkzi+vaoffnDh98+c3Lr06dvPzWD18ledzRFkevVKPaKfSGR3tdWZ/ta0knA31sCJtSiYisuwYb438oKrHaeUPx0kd9bRywo+r1en1399NLdeB/LIl+twDoj+KDPrv/LY4bNPW4KVx9vnkDlMV9PT+aZwYizcsMtt3f9lI1Ik4u/fl5dsQOrUMAALT6Jpv/PNlp/pfG3S3lbs/3UIYj4o6I2B8Rd0bEgYi4K6JR9p6IuHeT9Vfb8mvnP+mVLQW2Qdn877l8b+uf879i9hfDlTy3rxH/YHJqtjZzNH9NRmJwd5YfX6eOb1/8+dNu51rnf9mR1V/MBfN2XBloW6CbnlyY3E7Mra5+GHFooFP8ycpOwF/1ev1gRBzaYh2zj395uNu5f49/HT3YZ6p/EfFYs/+Xoi3+QrL+/uTYLVGbOTpWXBVr/fjTpde61b+t+Hsg6/89Ha//lfiHk9b92vnN13Hp10+63tNs9frflbzRSO/KH3tvcmHh/HjEruSVtY9PrD63yBfls/hHjnQe//tj9ZW4LyKyi/j+iHggIh7M2/5QRDwcEUfWif/7Fx55e+vx76ws/ulN9f/mE5Uz333drf6N9f/xRmokf2Qj738bbeB2XjsAAAD4r0gb34FP0tGVdJqOjja/w38g9qS1ufmFJ07NvXtuuvld+eEYTIuVrqGW9dDxfG24yE+05Y/l68afVW5t5Een5mrT/Q4eSm5vl/Gf+a3S79YBO87vtaC8jH8oL+Mfysv4h/Iy/qG8Oo3/D/rQDuDG8/kP5WX8Q3kZ/1Bexj+U0nZ+1y9R5kSkN0UzJHYo0e93JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN74OwAA///Ni+pv")
19:07:10 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 17)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:10 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lzgeFGoazc9ZWl6b9WlqaTqNXe/DOpl7u2sjRdFC3+bl+eGU0j0k+Tln/YsHDh4pmpanX2fJ4fXzz73vjChYvPzJ2dOj17evbc5IkTx49NPP/c5LNdiTOL69rwh/OHD7369uXXp09efuenb5I87miJo1tGYqRd6HWPd7uyHtvflE76etgQtqQSEVl39dfH/2BUYq3zBuOVT3raOGBX1Wq12p7Op5drwC0siV63AOiN4os+u/8tjhs09bgpXH2xcQOUxX09Pxpn+uJ4Xqa/5f62m0Yi4uTy319mR+zSOgQAQLPvsvnP0+3mf2nc21TuznwPZSgi7oqIAxFxd0QcjIh7Iupl74uI+7dY/0hLfv38J72yrcA2KZv/vZDvbf17/pcWRYYqeW5/Pf7+5NRcdfZo/p6MRv+eLD+xQR3fv/zr553ONc//siOrv5gL5u240teyQDcztTi1k5ibXf04YrivXfzJ6k5AEhGH8q3A7Zh78uvDnc79d/wb6MI+U+2riCca/b8cLfEXko33J8dvi+rs0fHiqljv518uvdGp/h3F3wVZ/+9te/2vxj+UNO/XLmy9jku/f9bxnma71/9A8lY9PZC/9sHU4uL5iYiB5LX1r0+u/W2RL8pn8Y8eaT/+D8TaO/FARGQX8YMR8VBEPJy3/ZGIeDQijmwQ/48vPfbu9uPfXVn8M1vq/60nKmd++LZT/Zvr/8ad+Gj+ymY+/zbbwJ28dwAAAPB/kdafgU/SsdV0mo6NNZ7hPxh70+r8wuJTp+bfPzfTeFZ+KPrTYqVrsGk9dCJfGy7yky35Y/m68ReV2+v5sen56kyvg4eS29dh/Gf+qPS6dcCu83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPF8/0N5Gf9QXsY/lJfxD6W0k9/1S5Q5EelN0QyJXUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//77o5qE=")
[ 3422.942244][T27281] loop1: detected capacity change from 0 to 512
[ 3422.945748][T27283] FAULT_INJECTION: forcing a failure.
[ 3422.945748][T27283] name failslab, interval 1, probability 0, space 0, times 0
[ 3422.950846][T27280] loop3: detected capacity change from 0 to 512
[ 3422.961852][T27283] CPU: 1 PID: 27283 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3422.968735][T27281] EXT4-fs: Ignoring removed nobh option
[ 3422.978513][T27283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3422.978528][T27283] Call Trace:
[ 3422.978534][T27283]
[ 3422.978540][T27283] dump_stack_lvl+0xda/0x130
[ 3422.978564][T27283] dump_stack+0x15/0x20
[ 3422.984106][T27281] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3422.994212][T27283] should_fail_ex+0x21f/0x230
[ 3422.997495][T27281] EXT4-fs: Ignoring removed nobh option
[ 3423.000411][T27283] __should_failslab+0x92/0xa0
[ 3423.005590][T27280] EXT4-fs: Ignoring removed nobh option
[ 3423.009475][T27283] should_failslab+0x9/0x20
[ 3423.016171][T27280] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3423.021951][T27283] slab_pre_alloc_hook+0x38/0x180
[ 3423.021977][T27283] __kmem_cache_alloc_node+0x46/0x250
[ 3423.027578][T27280] EXT4-fs: Ignoring removed nobh option
[ 3423.032650][T27280] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3423.037937][T27283] ? io_drain_req+0x1e1/0x4f0
[ 3423.037968][T27283] kmalloc_trace+0x2a/0xa0
[ 3423.042846][T27280] EXT4-fs (loop3): 1 truncate cleaned up
[ 3423.049408][T27283] io_drain_req+0x1e1/0x4f0
[ 3423.098662][T27283] io_queue_sqe_fallback+0xd1/0xe0
[ 3423.103775][T27283] io_submit_sqes+0xbf8/0xfe0
[ 3423.108514][T27283] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3423.114061][T27283] ? __fget_files+0x1c4/0x200
[ 3423.118737][T27283] ? mutex_lock+0xd/0x30
[ 3423.123098][T27283] ? fput+0x112/0x140
[ 3423.127155][T27283] ? ksys_write+0x178/0x1a0
[ 3423.131676][T27283] __x64_sys_io_uring_enter+0x78/0x90
[ 3423.137055][T27283] do_syscall_64+0x41/0xc0
[ 3423.141989][T27283] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3423.147970][T27283] RIP: 0033:0x7fbf4da9f169
[ 3423.152379][T27283] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3423.172103][T27283] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3423.180536][T27283] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3423.188558][T27283] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3423.198260][T27283] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3423.206274][T27283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3423.214436][T27283] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3423.222503][T27283]
19:07:10 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'})
syncfs(r0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r1 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r1, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_uring_enter(r1, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f00000002c0)=ANY=[@ANYBLOB="01337584fe10ccf266000a835c00cd099659a3e92f5e0000", @ANYRES32, @ANYBLOB=' \x00\x00\x00\x00\x00\x00\x00./file0\x00'])
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:10 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiLitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHje/jwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9ZH3548cfvnNK69On7ry1g9fJXnc0RZHr1Sj2in0hkd7XVmfHWhJJwN9bAhbUomIrLsGG+N/KCqx1nlD8dJHfW0csKvq9Xp9b/fTy3XgPyyJfrcA6I/igz67/y2OmzT1uCVce755A5TFfSM/mmcGIs3LDLbd3/ZSNSJOLf/5eXbELq1DAAC0+iab/zzZaf6Xxt0t5W7P91CGI+KOiDgYEXdGxKGIuCuiUfaeiLh3i/VX2/Lr5z/p1W0FtknZ/O+5fG/r7/O/YvYXw5U8d6AR/2Byeq42eyx/TUZjcG+Wn9igjm9f/PnTbuda53/ZkdVfzAXzdlwdaFugm5lanNpJzK2ufRgxMtAp/mR1JyC7TzgcESPbrGPu8S+PdDv3z/FvoAf7TPUvIh5r9v9ytMVfSDbenxz/X9Rmj40XV8V6P/50+bVu9e8o/h7I+n9fx+t/Nf7hpHW/dmHrdVz+9ZOu9zTbvf73JG800nvyx96bWly8MBGxJ3ll/eOTa88t8kX5LP7Ro53H/8FYeyXui4jsIr4/Ih6IiAfztj8UEQ9HxNEN4v/+hUfe3n78uyuLf2ZL/b/1ROXsd193q39z/X+ikRrNH9nM+99mG7iT1w4AAAD+LdLGd+CTdGw1naZjY83v8B+KfWltfmHxidPz756faX5XfjgG02Kla6hlPXQiXxsu8pNt+eP5uvFnlf838mPT87WZfgcPJbe/y/jP/Fbpd+uAXef3WlBexj+Ul/EP5WX8Q3kZ/1Bencb/B31oB3Dz+fyH8jL+obyMfygv4x9KaSe/65cocyLSW6IZEruU6Pc7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FQAA//+to+pw")
[ 3423.232561][T27281] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3423.254163][T27281] EXT4-fs (loop1): 1 truncate cleaned up
19:07:10 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKBgoj4SJq0QA8cAIHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFo4Ga29m7iOHfLh1IX9/aSVZryTzDyeHXt2Zh1AaY1ExGBE3BYRv+bppOn888ONQlm56ytL03+uLE0nUau98UdSL3dtZWm6KFv83b48M5pGpJ8kN/7D3MKFi2emqtXZ83l+fPHsu+MLFy4+NXd26vTs6dlzkydOHD828ewzk093Jc4srmvDH8wfPvTKW5dfmz55+e0fv07yuKMljm4ZiZF2odc92u3Kemx/Uzrp62FD2JJKRGTd1V8f/4NRibXOG4yXP+5p44BdVavVans6n16uAf9hSfS6BUBvFF/02f1vcdykqcct4eoLjRugLO7r+dE40xfH8zL9Lfe33TQSESeX//oiO2KX1iEAAJp9m81/nmw3/0vj7qZyt+d7KEMRcUdEHIiIOyPiYETcFVEve09E3LvF+kda8uvnP+mVbQW2Sdn877l8b+vG+V9aFBmq5Ln99fj7k1Nz1dmj+XsyGv17svzEBnV899Ivn3U61zz/y46s/mIumLfjSl/LAt3M1OLUTmJudvWjiOG+dvEnqzsBSUQciojhbdYx9/hXhzud++f4N9CFfabalxGPNfp/OVriLyQb70+O/y+qs0fHi6tivZ9+vvR6p/p3FH8XZP2/t+31vxr/UNK8X7uw9Tou/fZpx3ua7V7/A8mb9fRA/tr7U4uL5yciBpJX178+ufa3Rb4on8U/eqT9+D8Qa+/EfRGRXcT3R8QDEfFg3vaHIuLhiDiyQfw/vPjIO9uPf3dl8c9sqf+3nqic+f6bTvVvrv8bd+Kj+Sub+fzbbAN38t4BAADAv0VafwY+ScdW02k6NtZ4hv9g7E2r8wuLT5yaf+/cTONZ+aHoT4uVrsGm9dCJfG24yE+25I/l68afV/5fz49Nz1dneh08lNy+DuM/83ul160Ddp3fa0F5Gf9QXsY/lJfxD+Vl/EN5tRv/H/agHcDN5/sfysv4h/Iy/qG8jH8opZ38rl+izIlIb4lmSOxSotefTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xdwAAAP//xdnm4Q==")
[ 3423.305609][T27299] loop3: detected capacity change from 0 to 512
[ 3423.318941][T27299] EXT4-fs: Ignoring removed nobh option
[ 3423.324587][T27299] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3423.331058][T27299] EXT4-fs: Ignoring removed nobh option
19:07:10 executing program 0:
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c010000080a05000000000000000000070000020900020073797a3100000000240005800800014000008809080001400000002f080001400000002e0800024000000002000104803c000180090001006d657461000000002c00028008000340000000080800024000000008080001400000001708000240000000050800024000000000500001800e000100627974656f726465720000003c00028008000140000000150800054000000065080002400000001708000240000000120800024000000001080002400000000a08000140000000164c0001800b00010072656a65637400003c0002800800014000000002050002008000000005000200060000000500020065000000050002002c000000080001400000000205000200810000001800018008000100666962000c000280080001400000000a0c00018008000100636d70000c00064000000000000000030c0003400000000000000002d8000000050a01080000000000000000050000024c0004800800014000000001080002401c7e1be414000300626f6e645f736c6176654b30000000000800014000000004080001400000000314000300626f6e645f736c6176655f300000000008000b400000008108000a4000000001280004800800024011a3092d080001400000000414000300767863616e3100000000000000000000280008800c00014000000000000080010c000240000000000000003f0c00024080000000000000010c00024000000000000000010900010073797a3100000000140000001100010000000000000000000000000a"], 0x25c}, 0x1, 0x0, 0x0, 0x8044804}, 0x81) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c010000080a05000000000000000000070000020900020073797a3100000000240005800800014000008809080001400000002f080001400000002e0800024000000002000104803c000180090001006d657461000000002c00028008000340000000080800024000000008080001400000001708000240000000050800024000000000500001800e000100627974656f726465720000003c00028008000140000000150800054000000065080002400000001708000240000000120800024000000001080002400000000a08000140000000164c0001800b00010072656a65637400003c0002800800014000000002050002008000000005000200060000000500020065000000050002002c000000080001400000000205000200810000001800018008000100666962000c000280080001400000000a0c00018008000100636d70000c00064000000000000000030c0003400000000000000002d8000000050a01080000000000000000050000024c0004800800014000000001080002401c7e1be414000300626f6e645f736c6176654b30000000000800014000000004080001400000000314000300626f6e645f736c6176655f300000000008000b400000008108000a4000000001280004800800024011a3092d080001400000000414000300767863616e3100000000000000000000280008800c00014000000000000080010c000240000000000000003f0c00024080000000000000010c00024000000000000000010900010073797a3100000000140000001100010000000000000000000000000a"], 0x25c}, 0x1, 0x0, 0x0, 0x8044804}, 0x81)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3423.360859][T27299] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3423.364526][T27310] loop1: detected capacity change from 0 to 512
[ 3423.381445][T27310] EXT4-fs: Ignoring removed nobh option
[ 3423.383212][T27299] EXT4-fs (loop3): 1 truncate cleaned up
[ 3423.387032][T27310] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3423.399266][T27310] EXT4-fs: Ignoring removed nobh option
19:07:10 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async, rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async, rerun: 64)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async, rerun: 32)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async, rerun: 32)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0, @ANYRES16=r4, @ANYRES32, @ANYBLOB="0d3bc71c665afea8b37747e7e2967d722a64854c3e6f3d4ca2270d6ba680844704e7f847ed920605000000666377ff4516f1ea4ef7fbfdf611094917e2d83a91a75858434fd4618c951e259750885e619e3fae8402dc1838da1c486f5dfb2431b44dd1b73b195c685b554f069bdb60f5f300b19c31735b85a93bb658b33c"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:10 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlFcoYCiIiEfSpAV64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezcxjh3ycOrC/n7SKjPecWY+z449O2MHUFrViBiKiNsi4tc8nbQXqDb/XF9Zmv5zZWk6iXr9jT+SRrlrK0vTRdHiefvzzGgakX6StP3DpoULF89M1Wqz5/P8+OLZd8cXLlx8eu7s1OnZ07PnJk+cOH5s4rlnJ5/pSZxZXNdGPpg/fN8rb11+bfrk5bd//DrJ4462OHqlGtVOoTc81uvK+uxASzoZ6GND2JJKRGTdNdgY/0NRibXOG4qXP+5r44BdVa/X63u7n16uA/9jSfS7BUB/FB/02f1vcdygqcdN4eoLzRugLO7r+dE8MxBpXmaw7f62l6oRcXL5ry+yI3ZpHQIAoNW32fznqU7zvzTubil3e76HMhwRd0TEwYi4MyIORcRdEY2y90TEvVusv9qWXz//Sa9sK7BNyuZ/z+d7W/+c/xWzvxiu5LkDjfgHk1Nztdmj+WsyGoN7s/zEBnV899Ivn3U71zr/y46s/mIumLfjykDbAt3M1OLUTmJudfWjiJGBTvEnqzsBSX6MbLOOuSe+Otzt3L/Hv4Ee7DPVv4x4vNn/y9EWfyHZeH9y/JaozR4dL66K9X76+dLr3erfUfw9kPX/vo7X/2r8w0nrfu3C1uu49NunXe9ptnv970nebKT35I+9P7W4eH4iYk/y6vrHJ9eeW+SL8ln8o0c6j/+DsfZK3B8R2UX8QEQ8GBEP5W1/OCIeiYgjG8T/w4uPvrP9+HdXFv/Mlvp/64nKme+/6Vb/5vr/eCM1mj+ymfe/zTZwJ68dAAAA/Fekje/AJ+nYajpNx8aa3+E/FPvS2vzC4pOn5t87N9P8rvxwDKbFStdQy3roRL42XOQn2/LH8nXjzyu3NvJj0/O1mX4HDyW3v8v4z/xe6XfrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXp3G/4d9aAdw4/n8h/Iy/qG8jH8oL+MfSmknv+uXKHMi0puiGRK7lOj3OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBv/B0AAP//udPmXQ==")
[ 3423.424589][T27310] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3423.439060][T27310] EXT4-fs (loop1): 1 truncate cleaned up
19:07:11 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k281uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00nT+eXhRqGs3PWVpem/Vpamk6jV3vwzqZe7trI0XZQt/m5fnhlNI9JPkxv/YW7hwsUzU9Xq7Pk8P7549r3xhQsXn5k7O3V69vTsuckTJ44fm3j+uclnuxJnFte14Q/nDx969e3Lr0+fvPzOT98kedzREke3jMRIu9DrHu92ZT22vymd9PWwIWxJJSKy7uqvj//BqMRa5w3GK5/0tHHArqrVarU9nU8v14D/sSR63QKgN4ov+uz+tzhu0tTjlnD1xcYNUBb39fxonOmL43mZ/pb7224aiYiTy39/mR2xS+sQAADNvsvmP0+3m/+lcW9TuTvzPZShiLgrIg5ExN0RcTAi7omol70vIu7fYv0jLfn185/0yrYC26Rs/vdCvrd14/wvLYoMVfLc/nr8/cmpuers0fw9GY3+PVl+YoM6vn/51887nWue/2VHVn8xF8zbcaWvZYFuZmpxaicxN7v6ccRwX7v4k9WdgCQiDkXE8DbrmHvy68Odzv17/Bvowj5T7auIJxr9vxwt8ReSjfcnx2+L6uzR8eKqWO/nXy690an+HcXfBVn/7217/a/GP5Q079cubL2OS79/1vGeZrvX/0DyVj09kL/2wdTi4vmJiIHktfWvT679bZEvymfxjx5pP/4PxNo78UBEZBfxgxHxUEQ8nLf9kYh4NCKObBD/jy899u72499dWfwzW+r/rScqZ374tlP9m+v/xp34aP7KZj7/NtvAnbx3AAAA8F+R1p+BT9Kx1XSajo01nuE/GHvT6vzC4lOn5t8/N9N4Vn4o+tNipWuwaT10Il8bLvKTLflj+brxF5Xb6/mx6fnqTK+Dh5Lb12H8Z/6o9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/6MetAO4+Xz/Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6S3RDIldSvT6kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/gkAAP//zMrnIQ==")
19:07:11 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async, rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x3) (rerun: 64)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async, rerun: 64)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) (rerun: 64)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0, @ANYRES16=r4, @ANYRES32, @ANYBLOB="0d3bc71c665afea8b37747e7e2967d722a64854c3e6f3d4ca2270d6ba680844704e7f847ed920605000000666377ff4516f1ea4ef7fbfdf611094917e2d83a91a75858434fd4618c951e259750885e619e3fae8402dc1838da1c486f5dfb2431b44dd1b73b195c685b554f069bdb60f5f300b19c31735b85a93bb658b33c"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3423.499275][T27329] loop3: detected capacity change from 0 to 512
[ 3423.523344][T27329] EXT4-fs: Ignoring removed nobh option
[ 3423.529095][T27329] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3423.535545][T27329] EXT4-fs: Ignoring removed nobh option
[ 3423.553868][T27345] loop1: detected capacity change from 0 to 512
[ 3423.561425][T27345] EXT4-fs: Ignoring removed nobh option
[ 3423.567142][T27345] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3423.573680][T27345] EXT4-fs: Ignoring removed nobh option
[ 3423.584794][T27329] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:11 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x746d, 0x0, &(0x7f0000000000)={[0xfff]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000840)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYRESOCT=r5], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:11 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcCoXBJyQuMIdVapQLi2cjNbeTVzHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYjAi7oiIX/N00nT+ynCjUFbuxsrS9J8rS9NJ1Gpv/pHUy11fWZouyhZ/ty/PjKYR6afJzf8wt3Dh4pmpanX2fJ4fXzz73vjChYvPzJ2dOj17evbc5IkTx49NPP/c5LNdiTOL6/rwh/OHD7369uXXp09efufHb5I87miJo1tGYqRd6HWPd7uyHtvflE76etgQtqQSEVl39dfH/2BUYq3zBuOVT3raOGBX1Wq12p7Op5drwH9YEr1uAdAbxRd9dv9bHLdo6nFbuPZi4wYoi/tGfjTO9MXxvEx/y/1tN41ExMnlv77MjtildQgAgGZXsvnP0+3mf2nc21TuznwPZSgi7oqIAxFxd0QcjIh7Iupl74uI+7dY/0hLfv38J726rcA2KZv/vZDvbd08/0uLIkOVPLe/Hn9/cmquOns0f09Go39Plp/YoI7vXv7l807nmud/2ZHVX8wF83Zc7WtZoJuZWpzaSczNrn0cMdzXLv5kdScgiYhDETG8zTrmnvz6cKdz/xz/Brqwz1T7KuKJRv8vR0v8hWTj/cnx/0V19uh4cVWs99PPl97oVP+O4u+CrP/3tr3+V+MfSpr3axe2Xsel3z7reE+z3et/IHmrnh7IX/tganHx/ETEQPLa+tcn1/62yBfls/hHj7Qf/wdi7Z14ICKyi/jBiHgoIh7O2/5IRDwaEUc2iP+Hlx57d/vx764s/pkt9f/WE5Uz33/bqf7N9X/jTnw0f2Uzn3+bbeBO3jsAAAD4t0jrz8An6dhqOk3HxhrP8B+MvWl1fmHxqVPz75+baTwrPxT9abHSNdi0HjqRrw0X+cmW/LF83fiLyv/r+bHp+epMr4OHktvXYfxnfq/0unXArvN7LSgv4x/Ky/iH8jL+obyMfyivduP/ox60A7j1fP9DeRn/UF7GP5SX8Q+ltJPf9UuUORHpbdEMiV1K9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DgAA///Tu+dh")
[ 3423.605468][T27345] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3423.621504][T27329] EXT4-fs (loop3): 1 truncate cleaned up
[ 3423.630214][T27345] EXT4-fs (loop1): 1 truncate cleaned up
[ 3423.685414][T27362] loop1: detected capacity change from 0 to 512
[ 3423.692044][T27362] EXT4-fs: Ignoring removed nobh option
[ 3423.697636][T27362] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3423.704084][T27362] EXT4-fs: Ignoring removed nobh option
[ 3423.711599][T27362] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3423.726187][T27362] EXT4-fs (loop1): 1 truncate cleaned up
19:07:11 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 18)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:11 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlFcoYCiIiEfSpAV64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezcxjh3ycOrC/n7SKjPecWY+z449O2MHUFrViBiKiNsi4tc8nbQXqDb/XF9Zmv5zZWk6iXr9jT+SRrlrK0vTRdHiefvzzGgakX6StP3DpoULF89M1Wqz5/P8+OLZd8cXLlx8eu7s1OnZ07PnJk+cOH5s4rlnJ5/pSZxZXNdGPpg/fN8rb11+bfrk5bd//DrJ4462OHqlGtVOoTc81uvK+uxASzoZ6GND2JJKRGTdNdgY/0NRibXOG4qXP+5r44BdVa/X63u7n16uA/9jSfS7BUB/FB/02f1vcdygqcdN4eoLzRugLO7r+dE8MxBpXmaw7f62l6oRcXL5ry+yI3ZpHQIAoNW32fznqU7zvzTubil3e76HMhwRd0TEwYi4MyIORcRdEY2y90TEvVusv9qWXz//Sa9sK7BNyuZ/z+d7W/+c/xWzvxiu5LkDjfgHk1Nztdmj+WsyGoN7s/zEBnV899Ivn3U71zr/y46s/mIumLfjykDbAt3M1OLUTmJudfWjiJGBTvEnqzsBSd73I9usY+6Jrw53O/fv8W+gB/tM9S8jHm/2/3K0xV9INt6fHL8larNHx4urYr2ffr70erf6dxR/D2T9v6/j9b8a/3DSul+7sPU6Lv32add7mu1e/3uSNxvpPflj708tLp6fiNiTvLr+8cm15xb5onwW/+iRzuP/YKy9EvdHRHYRPxARD0bEQ3nbH46IRyLiyAbx//Dio+9sP/7dlcU/s6X+33qicub7b7rVv7n+P95IjeaPbOb9b7MN3MlrBwAAAP8VaeM78Ek6tppO07Gx5nf4D8W+tDa/sPjkqfn3zs00vys/HINpsdI11LIeOpGvDRf5ybb8sXzd+PPKrY382PR8babfwUPJ7e8y/jO/V/rdOmDX+b0WlJfxD+Vl/EN5Gf9QXsY/lFen8f9hH9oB3Hg+/6G8jH8oL+Mfysv4h1Laye/6JcqciPSmaIbELiX6/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQG38HAAD///rN5ms=")
[ 3423.796410][T27367] loop3: detected capacity change from 0 to 512
[ 3423.802930][T27367] EXT4-fs: Ignoring removed nobh option
[ 3423.808530][T27367] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3423.814953][T27367] EXT4-fs: Ignoring removed nobh option
[ 3423.823350][T27367] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3423.839328][T27367] EXT4-fs (loop3): 1 truncate cleaned up
19:07:11 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80rRqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lzgcONQlm5GytL03+uLE0nUau98UdSL3d9ZWm6KFr83b48M5pGpJ8kLf+wYeHipbNT1ershTw/vnju3fGFi5eenjs3dWb2zOz5yZMnTxyfeO7ZyWe6EmcW1/XhD+aPHHrlrSuvTZ+68vaPXyd53NESR7eMxEi70Ose63ZlPba/KZ309bAhbEklIrLu6q+P/8GoxFrnDcbLH/e0ccCuqtVqtT2dTy/XgP+xJHrdAqA3ii/67P63OG7S1OOWcO2Fxg1QFveN/Gic6YsTeZn+lvvbbhqJiFPLf32RHbFL6xAAAM2+zeY/T7Wb/6Vxb1O5O/M9lKGIuCsiDkTE3RFxMCLuiaiXvS8i7t9i/SMt+fXzn/TqtgLbpGz+93y+t/XP+V9aFBmq5Ln99fj7k9Nz1dlj+XsyGv17svzEBnV899Ivn3U61zz/y46s/mIumLfjal/LAt3M1OLUTmJudu2jiOG+dvEnqzsBSUQciojhbdYx98RXRzqd+/f4N9CFfabalxGPN/p/OVriLyQb70+O3xbV2WPjxVWx3k8/X369U/07ir8Lsv7f2/b6X41/KGner13Yeh2Xf/u04z3Ndq//geTNenogf+39qcXFCxMRA8mr61+fXPvbIl+Uz+IfPdp+/B+ItXficERkF/EDEfFgRDyUt/3hiHgkIo5uEP8PLz76zvbj311Z/DNb6v+tJypnv/+mU/2b6//Gnfho/spmPv8228CdvHcAAADwX5HWn4FP0rHVdJqOjTWe4T8Ye9Pq/MLik6fn3zs/03hWfij602Kla7BpPXQiXxsu8pMt+eP5uvHnldvr+bHp+epMr4OHktvXYfxnfq/0unXArvN7LSgv4x/Ky/iH8jL+obyMfyivduP/wx60A7j5fP9DeRn/UF7GP5SX8Q+ltJPf9UuUORHpLdEMiV1K9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DgAA//+7A+ai")
19:07:11 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlFcoYCiIiEfSpAV64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezcxjh3ycOrC/n7SKjPecWY+z449O2MHUFrViBiKiNsi4tc8nbQXqDb/XF9Zmv5zZWk6iXr9jT+SRrlrK0vTRdHiefvzzGgakX6StP3DpoULF89M1Wqz5/P8+OLZd8cXLlx8eu7s1OnZ07PnJk+cOH5s4rlnJ5/pSZxZXNdGPpg/fN8rb11+bfrk5bd//DrJ4462OHqlGtVOoTc81uvK+uxASzoZ6GND2JJKRGTdNdgY/0NRibXOG4qXP+5r44BdVa/X63u7n16uA/9jSfS7BUB/FB/02f1vcdygqcdN4eoLzRugLO7r+dE8MxBpXmaw7f62l6oRcXL5ry+yI3ZpHQIAoNW32fznqU7zvzTubil3e76HMhwRd0TEwYi4MyIORcRdEY2y90TEvVusv9qWXz//Sa9sK7BNyuZ/z+d7W/+c/xWzvxiu5LkDjfgHk1Nztdmj+WsyGoN7s/zEBnV899Ivn3U71zr/y46s/mIumLfjykDbAt3M1OLUTmJudfWjiJGBTvEnqzsBSd6vI9usY+6Jrw53O/fv8W+gB/tM9S8jHm/2/3K0xV9INt6fHL8larNHx4urYr2ffr70erf6dxR/D2T9v6/j9b8a/3DSul+7sPU6Lv32add7mu1e/3uSNxvpPflj708tLp6fiNiTvLr+8cm15xb5onwW/+iRzuP/YKy9EvdHRHYRPxARD0bEQ3nbH46IRyLiyAbx//Dio+9sP/7dlcU/s6X+33qicub7b7rVv7n+P95IjeaPbOb9b7MN3MlrBwAAAP8VaeM78Ek6tppO07Gx5nf4D8W+tDa/sPjkqfn3zs00vys/HINpsdI11LIeOpGvDRf5ybb8sXzd+PPKrY382PR8babfwUPJ7e8y/jO/V/rdOmDX+b0WlJfxD+Vl/EN5Gf9QXsY/lFen8f9hH9oB3Hg+/6G8jH8oL+Mfysv4h1Laye/6JcqciPSmaIbELiX6/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQG38HAAD//9ty5nQ=")
19:07:11 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
r3 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000300)='cgroup.clone_children\x00', 0x2, 0x0)
setsockopt(r4, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r4, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r5, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e)
r6 = timerfd_create(0x5, 0x800)
r7 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r7, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r7, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[r1, r3, r0, r4, r2, r0, r5, r6, r7]}, 0x9)
[ 3424.131972][T27384] loop1: detected capacity change from 0 to 512
[ 3424.132661][T27385] loop3: detected capacity change from 0 to 512
[ 3424.145924][T27385] EXT4-fs: Ignoring removed nobh option
[ 3424.151520][T27385] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.151860][T27384] EXT4-fs: Ignoring removed nobh option
[ 3424.157928][T27385] EXT4-fs: Ignoring removed nobh option
[ 3424.163538][T27384] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.163555][T27384] EXT4-fs: Ignoring removed nobh option
[ 3424.182973][T27385] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3424.198598][T27385] EXT4-fs (loop3): 1 truncate cleaned up
[ 3424.206998][T27384] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3424.222704][T27384] EXT4-fs (loop1): 1 truncate cleaned up
19:07:11 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlFcoYCiIiEfSpAV64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezcxjh3ycOrC/n7SKjPecWY+z449O2MHUFrViBiKiNsi4tc8nbQXqDb/XF9Zmv5zZWk6iXr9jT+SRrlrK0vTRdHiefvzzGgakX6StP3DpoULF89M1Wqz5/P8+OLZd8cXLlx8eu7s1OnZ07PnJk+cOH5s4rlnJ5/pSZxZXNdGPpg/fN8rb11+bfrk5bd//DrJ4462OHqlGtVOoTc81uvK+uxASzoZ6GND2JJKRGTdNdgY/0NRibXOG4qXP+5r44BdVa/X63u7n16uA/9jSfS7BUB/FB/02f1vcdygqcdN4eoLzRugLO7r+dE8MxBpXmaw7f62l6oRcXL5ry+yI3ZpHQIAoNW32fznqU7zvzTubil3e76HMhwRd0TEwYi4MyIORcRdEY2y90TEvVusv9qWXz//Sa9sK7BNyuZ/z+d7W/+c/xWzvxiu5LkDjfgHk1Nztdmj+WsyGoN7s/zEBnV899Ivn3U71zr/y46s/mIumLfjykDbAt3M1OLUTmJudfWjiJGBTvEnqzsBSUSM5Md2zD3x1eFu5/49/g30YJ+p/mXE483+X462+AvJxvuT47dEbfboeHFVrPfTz5de71b/juLvgaz/93W8/lfjH05a92sXtl7Hpd8+7XpPs93rf0/yZiO9J3/s/anFxfMTEXuSV9c/Prn23CJflM/iHz3SefwfjLVX4v6IyC7iByLiwYh4KG/7wxHxSEQc2SD+H1589J3tx7+7svhnttT/W09Uznz/Tbf6N9f/xxup0fyRzbz/bbaBO3ntAAAA4L8ibXwHPknHVtNpOjbW/A7/odiX1uYXFp88Nf/euZnmd+WHYzAtVrqGWtZDJ/K14SI/2ZY/lq8bf165tZEfm56vzfQ7eCi5/V3Gf+b3Sr9bB+w6v9eC8jL+obyMfygv4x/Ky/iH8uo0/j/sQzuAG8/nP5SX8Q/lZfxDeRn/UEo7+V2/RJkTkd4UzZDYpUS/35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//5ua5nY=")
19:07:11 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000001280)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
io_uring_enter(r1, 0x3a15, 0xc0f2, 0xc, &(0x7f00000012c0)={[0x200]}, 0x8)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x6db6e571)
mq_timedreceive(r3, &(0x7f0000000280)=""/4096, 0x1000, 0x4, 0x0)
19:07:11 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn80rRqtYvBH0qRVe/CgouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU+CV71LoUgurZ5WZncm2W52Y35sutX5fGDgvZ2XvPfdN2/3zXuzAZTWcEQMRMQdEfFbnk6azr9wqFEoK3d9eXHqr+XFqSRqtTf/TOrlri0vThVli7/bm2dG0oj00+TGf5ibv3DxzGS1OnM+z48tnH1vbP7Cxadnz06enjk9c27ixInjx8afe3bima7EmcV1bejDucMHX3378utTJy+/89M3SR53tMTRLcMx3C70use6XVmP7WtKJ309bAibUomIrLv66+N/ICqx2nkD8conPW0csKNqtVptd+fTSzXgfyyJXrcA6I3iiz67/y2OmzT1uCVcfbFxA5TFfT0/Gmf64nhepr/l/rabhiPi5NLfX2ZH7NA6BABAs++y+c9T7eZ/adzbVO7OfA9lMCLuioj9EXF3RByIiHsi6mXvi4j7N1n/cEt+7fwnvbKlwDYom/89n+9t3Tj/S4sig5U8t68ef39yarY6czR/T0aif3eWH1+nju9f/vXzTuea53/ZkdVfzAXzdlzpa1mgm55cmNxOzM2ufhwx1Ncu/mRlJyCJiIMRMbTFOmaf+Ppwp3P/Hv86urDPVPsq4vFG/y9FS/yFZP39ybHbojpzdKy4Ktb6+ZdLb3Sqf1vxd0HW/3vaXv8r8Q8mzfu185uv49Lvn3W8p9nq9b8reaue3pW/9sHkwsL58YhdyWtrX59Y/dsiX5TP4h850n7874/Vd+JQRGQX8QMR8WBEPJS3/eGIeCQijqwT/48vPfru1uPfWVn805vq/80nKmd++LZT/Rvr/8ad+Ej+ykY+/zbawO28dwAAAPBfkdafgU/S0ZV0mo6ONp7hPxB70urc/MKTp+bePzfdeFZ+MPrTYqVroGk9dDxfGy7yEy35Y/m68ReV2+v50am56nSvg4eS29th/Gf+qPS6dcCO83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPl8/0N5Gf9QXsY/lJfxD6W0nd/1S5Q5Eekt0QyJHUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//8H05uI=")
[ 3424.307637][T27400] loop3: detected capacity change from 0 to 512
[ 3424.314220][T27400] EXT4-fs: Ignoring removed nobh option
[ 3424.319843][T27400] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.326278][T27400] EXT4-fs: Ignoring removed nobh option
[ 3424.336978][T27404] loop1: detected capacity change from 0 to 512
[ 3424.351204][T27404] EXT4-fs: Ignoring removed nobh option
[ 3424.352333][T27400] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3424.356804][T27404] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.377325][T27404] EXT4-fs: Ignoring removed nobh option
[ 3424.386707][T27400] EXT4-fs (loop3): 1 truncate cleaned up
19:07:11 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlFcoYCiIiEfSpAV64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezcxjh3ycOrC/n7SKjPecWY+z449O2MHUFrViBiKiNsi4tc8nbQXqDb/XF9Zmv5zZWk6iXr9jT+SRrlrK0vTRdHiefvzzGgakX6StP3DpoULF89M1Wqz5/P8+OLZd8cXLlx8eu7s1OnZ07PnJk+cOH5s4rlnJ5/pSZxZXNdGPpg/fN8rb11+bfrk5bd//DrJ4462OHqlGtVOoTc81uvK+uxASzoZ6GND2JJKRGTdNdgY/0NRibXOG4qXP+5r44BdVa/X63u7n16uA/9jSfS7BUB/FB/02f1vcdygqcdN4eoLzRugLO7r+dE8MxBpXmaw7f62l6oRcXL5ry+yI3ZpHQIAoNW32fznqU7zvzTubil3e76HMhwRd0TEwYi4MyIORcRdEY2y90TEvVusv9qWXz//Sa9sK7BNyuZ/z+d7W/+c/xWzvxiu5LkDjfgHk1Nztdmj+WsyGoN7s/zEBnV899Ivn3U71zr/y46s/mIumLfjykDbAt3M1OLUTmJudfWjiJGBTvEnqzsBSd7OkW3WMffEV4e7nfv3+DfQg32m+pcRjzf7fzna4i8kG+9Pjt8Stdmj48VVsd5PP196vVv9O4q/B7L+39fx+l+Nfzhp3a9d2Hodl377tOs9zXav/z3Jm430nvyx96cWF89PROxJXl3/+OTac4t8UT6Lf/RI5/F/MNZeifsjIruIH4iIByPiobztD0fEIxFxZIP4f3jx0Xe2H//uyuKf2VL/bz1ROfP9N93q31z/H2+kRvNHNvP+t9kG7uS1AwAAgP+KtPEd+CQdW02n6dhY8zv8h2JfWptfWHzy1Px752aa35UfjsG0WOkaalkPncjXhov8ZFv+WL5u/Hnl1kZ+bHq+NtPv4KHk9ncZ/5nfK/1uHbDr/F4Lysv4h/Iy/qG8jH8oL+MfyqvT+P+wD+0Abjyf/1Bexj+Ul/EP5WX8Qynt5Hf9EmVORHpTNENilxL9fmcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojb8DAAD//9wD5nw=")
[ 3424.402585][T27404] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3424.425402][T27404] EXT4-fs (loop1): 1 truncate cleaned up
19:07:11 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x746d, 0x0, &(0x7f0000000000)={[0xfff]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000840)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYRESOCT=r5], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000840)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYRESOCT=r5], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10}) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:11 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPpgUCBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTVzHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYjAi7oiIX/N00nR++XCjUFbuxsrS9J8rS9NJ1Gpv/JHUy11fWZouyhZ/ty/PjKYR6SfJzf8wt3Dx0tmpanX2Qp4fXzz37vjCxUtPz52bOjN7Zvb85MmTJ45PPPfs5DNdiTOL6/rwB/NHDr3y1pXXpk9defvHr5M87miJo1tGYqRd6HWPdbuyHtvflE76etgQtqQSEVl39dfH/2BUYq3zBuPlj3vaOGBX1Wq12p7Op5drwH9YEr1uAdAbxRd9dv9bHLdo6nFbuPZC4wYoi/tGfjTO9MWJvEx/y/1tN41ExKnlv77IjtildQgAgGbfZvOfp9rN/9K4t6ncnfkeylBE3BURByLi7og4GBH3RNTL3hcR92+x/pGW/Pr5T3p1W4FtUjb/ez7f27p5/pcWRYYqeW5/Pf7+5PRcdfZY/p6MRv+eLD+xQR3fvfTLZ53ONc//siOrv5gL5u242teyQDcztTi1k5ibXfsoYrivXfzJ6k5AEhGHImJ4m3XMPfHVkU7n/jn+DXRhn6n2ZcTjjf5fjpb4C8nG+5Pj/4vq7LHx4qpY76efL7/eqf4dxd8FWf/vbXv9r8Y/lDTv1y5svY7Lv33a8Z5mu9f/QPJmPT2Qv/b+1OLihYmIgeTV9a9Prv1tkS/KZ/GPHm0//g/E2jtxOCKyi/iBiHgwIh7K2/5wRDwSEUc3iP+HFx99Z/vx764s/pkt9f/WE5Wz33/Tqf7N9X/jTnw0f2Uzn3+bbeBO3jsAAAD4t0jrz8An6dhqOk3HxhrP8B+MvWl1fmHxydPz752faTwrPxT9abHSNdi0HjqRrw0X+cmW/PF83fjzyv/r+bHp+epMr4OHktvXYfxnfq/0unXArvN7LSgv4x/Ky/iH8jL+obyMfyivduP/wx60A7j1fP9DeRn/UF7GP5SX8Q+ltJPf9UuUORHpbdEMiV1K9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DgAA///I5eci")
[ 3424.471775][T27414] loop3: detected capacity change from 0 to 512
[ 3424.518076][T27419] loop1: detected capacity change from 0 to 512
[ 3424.524762][T27414] EXT4-fs: Ignoring removed nobh option
[ 3424.531000][T27414] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.537430][T27414] EXT4-fs: Ignoring removed nobh option
[ 3424.545860][T27419] EXT4-fs: Ignoring removed nobh option
[ 3424.551539][T27419] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.557969][T27419] EXT4-fs: Ignoring removed nobh option
19:07:12 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 19)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3424.566079][T27414] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3424.581311][T27414] EXT4-fs (loop3): 1 truncate cleaned up
[ 3424.588096][T27419] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3424.604091][T27419] EXT4-fs (loop1): 1 truncate cleaned up
19:07:12 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x746d, 0x0, &(0x7f0000000000)={[0xfff]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000840)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYRESOCT=r5], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:12 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSvUMBQEBEfSZMW6AEJgUDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjh3w4dWF/P2mVGe84M49nx56dsQMorWpEDEXELRHxS55O2gtUm3+uryxN/7GyNJ1Evf7670mj3LWVpemiaPG8/XlmNI1IP07a/mHTwoWLZ6ZqtdnzeX588ew74wsXLj45d3bq9Ozp2XOTJ04cPzbxzNOTT/UkziyuayPvzx++5+U3L786ffLyWz98leRxR1scvVKNaqfQGx7pdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd1PL9eB/7Ak+t0CoD+KD/rs/rc4btDU46Zw9fnmDVAW9/X8aJ4ZiDQvM9h2f9tL1Yg4ufzn59kRu7QOAQDQ6pts/vNEp/lfGne2lLs130MZjojbIuJgRNweEYci4o6IRtm7IuLuLdZfbcuvn/+kV7YV2CZl879n872tv8//itlfDFfy3IFG/IPJqbna7NH8NRmNwb1ZfmKDOr598edPu51rnf9lR1Z/MRfM23FloG2BbmZqcWonMbe6+mHEyECn+JPVnYAkIp6LiJFt1jH32JeHu5375/g30IN9pvoXEY82+3852uIvJBvvT47/L2qzR8eLq2K9H3+69Fq3+ncUfw9k/b+v4/W/Gv9w0rpfu7D1Oi79+knXe5rtXv97kjca6T35Y+9NLS6en4jYk7yy/vHJtecW+aJ8Fv/okc7j/2CsvRL3RkR2Ed8XEfdHxAN52x+MiIci4sgG8X//wsNvbz/+3ZXFP7Ol/t96onLmu6+71b+5/j/eSI3mj2zm/W+zDdzJawcAAAD/FmnjO/BJOraaTtOxseZ3+A/FvrQ2v7D4+Kn5d8/NNL8rPxyDabHSNdSyHjqRrw0X+cm2/LF83fizyv8b+bHp+dpMv4OHktvfZfxnfqv0u3XArvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/gz60A7jxfP5DeRn/UF7GP5SX8Q+ltJPf9UuUORHpTdEMiV1K9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+CgAA///+M+ab")
19:07:12 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn80rRqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPNWLqCfBq96lUCSXVk8rszuTbDe7MT823ep8PjDw3s5L3vvum7f75r3ZAEprOCIGIuKuiPgtTydN568cahTKyt1YXpz6a3lxKola7a0/k3q568uLU0XZ4u/25pmRNCL9LLn5H+bmL1w8M1mtzpzP82MLZ98fm79w8dnZs5OnZ07PnJs4ceL4sfEXnp94ritxZnFdH/po7vDB1965/MbUycvv/vRtkscdLXF0y3AMtwu97oluV9Zj+5rSSV8PG8KmVCIi667++vgfiEqsdt5AvPppTxsH7KharVbb3fn0Ug34H0ui1y0AeqP4os/uf4vjFk09bgvXXmrcAGVx38iPxpm+OJ6X6W+5v+2m4Yg4ufT3V9kRO7QOAQDQ7Eo2/3mm3fwvjfubyt2d76EMRsQ9EbE/Iu6NiAMRcV9EvewDEfHgJusfbsmvnf+kV7cU2AZl878X872tm+d/aVFksJLn9tXj709OzVZnjubvyUj0787y4+vU8f0rv37R6Vzz/C87svqLuWDejqt9LQt005MLk9uJudm1TyKG+trFn6zsBCQRcTAihrZYx+xT3xzudO7f419HF/aZal9HPNno/6Voib+QrL8/OXZHVGeOjhVXxVo//3LpzU71byv+Lsj6f0/b638l/sGkeb92fvN1XPr98473NFu9/nclb9fTu/LXPpxcWDg/HrEreX3t6xOrf1vki/JZ/CNH2o///bH6ThyKiOwifigiHo6IR/K2PxoRj0XEkXXi//Hlx9/bevw7K4t/elP9v/lE5cwP33Wqf2P937gTH8lf2cjn30YbuJ33DgAAAP4r0voz8Ek6upJO09HRxjP8B2JPWp2bX3j61NwH56Ybz8oPRn9arHQNNK2Hjudrw0V+oiV/LF83/rJyZz0/OjVXne518FByezuM/8wflV63Dthxfq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/cg3YAt57vfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiGxQ4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//8/W52I=")
[ 3424.689718][T27432] FAULT_INJECTION: forcing a failure.
[ 3424.689718][T27432] name failslab, interval 1, probability 0, space 0, times 0
[ 3424.702557][T27432] CPU: 1 PID: 27432 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3424.709280][T27433] loop1: detected capacity change from 0 to 512
[ 3424.713045][T27432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3424.713058][T27432] Call Trace:
[ 3424.713064][T27432]
[ 3424.713071][T27432] dump_stack_lvl+0xda/0x130
[ 3424.719635][T27433] EXT4-fs: Ignoring removed nobh option
[ 3424.729331][T27432] dump_stack+0x15/0x20
[ 3424.732693][T27433] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.735542][T27432] should_fail_ex+0x21f/0x230
[ 3424.740159][T27433] EXT4-fs: Ignoring removed nobh option
[ 3424.745678][T27432] __should_failslab+0x92/0xa0
[ 3424.771366][T27432] should_failslab+0x9/0x20
[ 3424.776141][T27432] slab_pre_alloc_hook+0x38/0x180
[ 3424.781191][T27432] __kmem_cache_alloc_node+0x46/0x250
[ 3424.786612][T27432] ? io_drain_req+0x1e1/0x4f0
[ 3424.791371][T27432] kmalloc_trace+0x2a/0xa0
[ 3424.795860][T27432] io_drain_req+0x1e1/0x4f0
[ 3424.800439][T27432] io_queue_sqe_fallback+0xd1/0xe0
[ 3424.805567][T27432] io_submit_sqes+0xbf8/0xfe0
[ 3424.810270][T27432] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3424.815918][T27432] ? __fget_files+0x1c4/0x200
[ 3424.820610][T27432] ? mutex_lock+0xd/0x30
[ 3424.824889][T27432] ? fput+0x112/0x140
[ 3424.828966][T27432] ? ksys_write+0x178/0x1a0
[ 3424.833491][T27432] __x64_sys_io_uring_enter+0x78/0x90
19:07:12 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f00000003c0)={0x40, 0x538708dc, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3424.838935][T27432] do_syscall_64+0x41/0xc0
[ 3424.843372][T27432] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3424.849313][T27432] RIP: 0033:0x7fbf4da9f169
[ 3424.853726][T27432] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3424.873588][T27432] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3424.882062][T27432] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3424.890045][T27432] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3424.898079][T27432] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3424.906066][T27432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3424.914047][T27432] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3424.922064][T27432]
[ 3424.932963][T27451] loop3: detected capacity change from 0 to 512
[ 3424.940284][T27451] EXT4-fs: Ignoring removed nobh option
[ 3424.945955][T27451] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3424.952416][T27451] EXT4-fs: Ignoring removed nobh option
[ 3424.958553][T27433] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3424.978528][T27433] EXT4-fs (loop1): 1 truncate cleaned up
19:07:12 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
r3 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000300)='cgroup.clone_children\x00', 0x2, 0x0)
setsockopt(r4, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r4, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
r5 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r5, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e)
r6 = timerfd_create(0x5, 0x800)
r7 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r7, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r7, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e) (async)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[r1, r3, r0, r4, r2, r0, r5, r6, r7]}, 0x9)
[ 3424.979995][T27451] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3425.000308][T27451] EXT4-fs (loop3): 1 truncate cleaned up
19:07:12 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgCBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TSjHeSmcezY8/OrAMordGIGIyI2yLilzydNBcYaRTKyt1YXZ75Y3V5Jola7fXfk3q566vLM0XR4u8O5JmxNCL9OGn5hw2LFy+dna5W5y7k+Ymlc+9MLF689NT8uekzc2fmzk+dPHni+OSzz0w93ZU4s7iuD7+/MHLk5TevvDpz6spbP3yV5HFHSxzdMhqj7UKve7TblfXYwaZ00tfDhrAtlYjIuqu/Pv4HoxLrnTcYL33U08YBe6pWq9X2dT69UgP+w5LodQuA3ii+6LP73+K4SVOPW8K15xs3QFncN/KjcaYvTuRl+lvub7tpNCJOrfz5eXbEHq1DAAA0+yab/zzZbv6Xxt1N5W7P91CGIuKOiDgUEXdGxOGIuCuiXvaeiLh3m/WPtuQ3zn/SqzsKbIuy+d9z+d7W3+d/aVFkqJLnDtbj709Oz1fnjuXvyVj078vyk5vU8e2LP3/a6Vzz/C87svqLuWDejqt9LQt0s9NL07uJudm1DyOG+9rFn6ztBCQRcSQihndYx/zjX450OvfP8W+iC/tMtS8iHmv0/0q0xF9INt+fnPhfVOeOTRRXxUY//nT5tU717yr+Lsj6f3/b638t/qGkeb92cft1XP71k473NDu9/geSN+rpgfy196aXli5MRgwkr2x8fWr9b4t8UT6Lf+xo+/F/KNbfifvyrfD7I+KBiHgwb/tDEfFwRBzdJP7vX3jk7Z3Hv7ey+Ge31f/bT1TOfvd1p/q31v+NO/Gx/JWtfP5ttYG7ee8AAADg3yKtPwOfpONr6TQdH288w3849qfVhcWlJ04vvHt+tvGs/FD0p8VK12DTeuhkvjZc5Kda8sfzdePPKv+v58dnFqqzvQ4eSu5Ah/Gf+a3S69YBe87vtaC8jH8oL+Mfysv4h/Iy/qG82o3/D3rQDuDm8/0P5WX8Q3kZ/1Bexj+U0m5+1y9R5kSkt0QzJPYo0etPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74KwAA//+3Huaj")
[ 3425.075974][T27468] loop1: detected capacity change from 0 to 512
[ 3425.084350][T27468] EXT4-fs: Ignoring removed nobh option
[ 3425.090062][T27468] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3425.096546][T27468] EXT4-fs: Ignoring removed nobh option
[ 3425.110820][T27468] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:12 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000001280)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
io_uring_enter(r1, 0x3a15, 0xc0f2, 0xc, &(0x7f00000012c0)={[0x200]}, 0x8)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (rerun: 32)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x6db6e571) (async)
mq_timedreceive(r3, &(0x7f0000000280)=""/4096, 0x1000, 0x4, 0x0)
19:07:12 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSvUMBQEBEfSZMW6IEDIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E+PYIR9OXdjfT1plxjvOzOPZsWdn7ABKqxoRQxFxS0T8kqeT9gLV5p/rK0vTf6wsTSdRr7/+e9Iod21labooWjxvf54ZTSPSj5O2f9i0cOHimalabfZ8nh9fPPvO+MKFi0/OnZ06PXt69tzkiRPHj0088/TkUz2JM4vr2sj784fvefnNy69On7z81g9fJXnc0RZHr1Sj2in0hkd6XVmfHWhJJwN9bAhbUomIrLsGG+N/KCqx1nlD8dJHfW0csKvq9Xp9b/fTy3XgPyyJfrcA6I/igz67/y2OGzT1uClcfb55A5TFfT0/mmcGIs3LDLbd3/ZSNSJOLv/5eXbELq1DAAC0+iab/zzRaf6Xxp0t5W7N91CGI+K2iDgYEbdHxKGIuCOiUfauiLh7i/VX2/Lr5z/plW0FtknZ/O/ZfG/r7/O/YvYXw5U8d6AR/2Byaq42ezR/TUZjcG+Wn9igjm9f/PnTbuda53/ZkdVfzAXzdlwZaFugm5lanNpJzK2ufhgxMtAp/mR1JyCJiOciYmSbdcw99uXhbuf+Of4N9GCfqf5FxKPN/l+OtvgLycb7k+P/i9rs0fHiqljvx58uvdat/h3F3wNZ/+/reP2vxj+ctO7XLmy9jku/ftL1nma71/+e5I1Gek/+2HtTi4vnJyL2JK+sf3xy7blFviifxT96pPP4Pxhrr8S9EZFdxPdFxP0R8UDe9gcj4qGIOLJB/N+/8PDb249/d2Xxz2yp/7eeqJz57utu9W+u/483UqP5I5t5/9tsA3fy2gEAAMC/Rdr4DnySjq2m03RsrPkd/kOxL63NLyw+fmr+3XMzze/KD8dgWqx0DbWsh07ka8NFfrItfyxfN/6s8v9Gfmx6vjbT7+Ch5PZ3Gf+Z3yr9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/oA/tAG48n/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6UzRDYpcS/X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I2/AgAA///eR+ac")
[ 3425.131025][T27468] EXT4-fs (loop1): 1 truncate cleaned up
[ 3425.156528][T27472] loop3: detected capacity change from 0 to 512
[ 3425.174379][T27472] EXT4-fs: Ignoring removed nobh option
[ 3425.180047][T27472] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3425.186494][T27472] EXT4-fs: Ignoring removed nobh option
[ 3425.212150][T27472] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:12 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgCBgoj4SJq0QA8cAIHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFo4Ga29m7iOHfLh1IX9/aSVZryTzDyeHXt2Zh1AaY1ExEBE3BYRv+bppOn888ONQlm56ytL03+uLE0nUau98UdSL3dtZWm6KFv83f48M5pGpJ8kN/7D3MKFi2emqtXZ83l+fPHsu+MLFy4+NXd26vTs6dlzkydOHD828ewzk093Jc4srmtDH8wPH37lrcuvTZ+8/PaPXyd53NESR7eMxEi70Ose7XZlPXagKZ309bAhbEklIrLu6q+P/4GoxFrnDcTLH/e0ccCuqtVqtb2dTy/XgP+wJHrdAqA3ii/67P63OG7S1OOWcPWFxg1QFvf1/Gic6YvjeZn+lvvbbhqJiJPLf32RHbFL6xAAAM2+zeY/T7ab/6Vxd1O52/M9lMGIuCMiDkbEnRFxKCLuiqiXvSci7t1i/SMt+fXzn/TKtgLbpGz+91y+t3Xj/C8tigxW8tyBevz9yam56uzR/D0Zjf69WX5igzq+e+mXzzqda57/ZUdWfzEXzNtxpa9lgW5manFqJzE3u/pRxFBfu/iT1Z2AJCIOR8TQNuuYe/yr4U7n/jn+DXRhn6n2ZcRjjf5fjpb4C8nG+5Pj/4vq7NHx4qpY76efL73eqf4dxd8FWf/va3v9r8Y/mDTv1y5svY5Lv33a8Z5mu9f/nuTNenpP/tr7U4uL5yci9iSvrn99cu1vi3xRPot/9Ej78X8w1t6J+yIiu4jvj4gHIuLBvO0PRcTDEXFkg/h/ePGRd7Yf/+7K4p/ZUv9vPVE58/03nerfXP837sRH81c28/m32Qbu5L0DAACAf4u0/gx8ko6tptN0bKzxDP+h2JdW5xcWnzg1/965mcaz8oPRnxYrXQNN66ET+dpwkZ9syR/L140/r/y/nh+bnq/O9Dp4KLn9HcZ/5vdKr1sH7Dq/14LyMv6hvIx/KC/jH8rL+Ifyajf+P+xBO4Cbz/c/lJfxD+Vl/EN5Gf9QSjv5Xb9EmROR3hLNkNilRK8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrj7wAAAP//vg/m4w==")
[ 3425.230095][T27472] EXT4-fs (loop3): 1 truncate cleaned up
19:07:12 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000001280)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
io_uring_enter(r1, 0x3a15, 0xc0f2, 0xc, &(0x7f00000012c0)={[0x200]}, 0x8)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x6db6e571) (async)
write$binfmt_script(r3, &(0x7f0000000000)=ANY=[], 0x6db6e571)
mq_timedreceive(r3, &(0x7f0000000280)=""/4096, 0x1000, 0x4, 0x0) (async)
mq_timedreceive(r3, &(0x7f0000000280)=""/4096, 0x1000, 0x4, 0x0)
19:07:12 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSvUMBQEBEfSZMW6IELCCQOICHBoRxDklahboOaINEqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrl0sIFo7V3E+PYIR9OXdjfT1plxjvOzOPZsWdn7ABKqxoRQxFxS0T8nKeT9gLV5p/rK0vTv68sTSdRr7/2W9Iod21labooWjxvf54ZTSPSj5K2f9i0cOHimalabfZ8nh9fPPv2+MKFi0/OnZ06PXt69tzkiRPHj0088/TkUz2JM4vr2sh784fveemNy69Mn7z85vdfJnnc0RZHr1Sj2in0hkd6XVmfHWhJJwN9bAhbUomIrLsGG+N/KCqx1nlD8eKHfW0csKvq9Xp9b/fTy3XgPyyJfrcA6I/igz67/y2OGzT1uClcfa55A5TFfT0/mmcGIs3LDLbd3/ZSNSJOLv/xWXbELq1DAAC0+jqb/zzRaf6Xxp0t5W7N91CGI+K2iDgYEbdHxKGIuCOiUfauiLh7i/VX2/Lr5z/plW0FtknZ/O/ZfG/r7/O/YvYXw5U8d6AR/2Byaq42ezR/TUZjcG+Wn9igjm9e+OmTbuda53/ZkdVfzAXzdlwZaFugm5lanNpJzK2ufhAxMtAp/mR1JyCJiD/r9frINuuYe+yLw93O/XP8G+jBPlP984hHm/2/HG3xF5KN9yfH/xe12aPjxVWx3g8/Xnq1W/07ir8Hsv7f1/H6X41/OGndr13Yeh2Xfvm46z3Ndq//PcnrjfSe/LF3pxYXz09E7EleXv/45Npzi3xRPot/9Ejn8X8w1l6JeyMiu4jvi4j7I+KBvO0PRsRDEXFkg/i/e/7ht7Yf/+7K4p/ZUv9vPVE58+1X3erfXP8fb6RG80c28/632Qbu5LUDAACAf4u08R34JB1bTafp2FjzO/yHYl9am19YfPzU/DvnZprflR+OwbRY6RpqWQ+dyNeGi/xkW/5Yvm78aeX/jfzY9Hxtpt/BQ8nt7zL+M79W+t06YNf5vRaUl/EP5WX8Q3kZ/1Bexj+UV6fx/34f2gHceD7/obyMfygv4x/Ky/iHUtrJ7/olypyI9KZohsQuJfr9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAbfwUAAP//u/DqVw==")
[ 3425.254547][T27485] loop1: detected capacity change from 0 to 512
[ 3425.282405][T27485] EXT4-fs: Ignoring removed nobh option
[ 3425.288674][T27485] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3425.295163][T27485] EXT4-fs: Ignoring removed nobh option
[ 3425.326130][T27494] loop3: detected capacity change from 0 to 512
[ 3425.331017][T27485] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3425.335373][T27494] EXT4-fs: Ignoring removed nobh option
[ 3425.352055][T27494] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3425.358498][T27494] EXT4-fs: Ignoring removed nobh option
[ 3425.364694][T27485] EXT4-fs (loop1): 1 truncate cleaned up
[ 3425.377576][T27494] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3425.397262][T27494] EXT4-fs (loop3): 1 truncate cleaned up
19:07:13 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 20)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:13 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 32)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
r3 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) (async)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000300)='cgroup.clone_children\x00', 0x2, 0x0) (async, rerun: 64)
setsockopt(r4, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async, rerun: 64)
sendto$inet6(r4, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 32)
r5 = socket(0x11, 0x2, 0x0) (rerun: 32)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c) (async)
setsockopt$packet_int(r5, 0x107, 0x13, &(0x7f0000000040), 0x4) (async)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e) (async, rerun: 32)
r6 = timerfd_create(0x5, 0x800) (async, rerun: 32)
r7 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c) (async)
setsockopt$packet_int(r7, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r7, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[r1, r3, r0, r4, r2, r0, r5, r6, r7]}, 0x9)
19:07:13 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQqdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQ5w4dWF/P2mVGe84M49nx56dsQMorWpEjETEbRHxS55O2gtUm39urCzN/LGyNJNEvf7670mj3PWVpZmiaPG8vXlmLI1IP07a/mHTwsVLZ6drtbkLeX5i8dw7EwsXLz115tz06bnTc+enTpw4fmzy2Wemnu5LnFlc1w+9P3/44MtvXnl15uSVt374KsnjjrY4+qUa1U6hNzza78oGbF9LOhkaYEPoSSUisu4aboz/kajEWueNxEsfDbRxwI6q1+v13d1PL9eB/7AkBt0CYDCKD/rs/rc4btLU45Zw7fnmDVAW9438aJ4ZijQvM9x2f9tP1Yg4ufzn59kRO7QOAQDQ6pts/vNkp/lfGne3lLs930MZjYg7ImJ/RNwZEQci4q6IRtl7IuLeHuuvtuXXz3/Sq1sKbJOy+d9z+d7W3+d/xewvRit5bl8j/uHk1Jna3NH8NRmL4d1ZfnKDOr598edPu51rnf9lR1Z/MRfM23F1qG2BbnZ6cXo7Mbe69mHEoaFO8SerOwFJRBxs3xfswZnHvzzc7dw/x7+BPuwz1b+IeKzZ/8vRFn8h2Xh/cuJ/UZs7OlFcFev9+NPl17rVv634+yDr/z0dr//V+EeT1v3ahd7ruPzrJ13vabZ6/e9K3mikd+WPvTe9uHhhMmJX8sr6x6fWnlvki/JZ/GNHOo///bH2StwXEdlFfH9EPBARD+ZtfygiHo6IIxvE//0Lj7y99fh3Vhb/bE/933uicva7r7vVv7n+P95IjeWPbOb9b7MN3M5rBwAAAP8WaeM78Ek6vppO0/Hx5nf4D8SetDa/sPjEqfl3z882vys/GsNpsdI10rIeOpmvDRf5qbb8sXzd+LPK/xv58Zn52uygg4eS29tl/Gd+qwy6dcCO83stKC/jH8rL+IfyMv6hvIx/KK9O4/+DAbQDuPl8/kN5Gf9QXsY/lJfxD6W0nd/1S5Q5Eekt0QyJHUoM+p0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgP/4KAAD//9oj5lw=")
19:07:13 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn80Ro1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k281uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYiBiLgjIn7L00nT+eXhRqGs3PWVpem/Vpamk6jV3vwzqZe7trI0XZQt/m5/nhlNI9JPkxv/YW7hwsUzU9Xq7Pk8P7549r3xhQsXn5k7O3V69vTsuckTJ44fm3j+uclnuxJnFte1oQ/nhw+/+vbl16dPXn7np2+SPO5oiaNbRmKkXeh1j3e7sh470JRO+nrYELakEhFZd/XXx/9AVGKt8wbilU962jhgV9VqtdrezqeXa8D/WBK9bgHQG8UXfXb/Wxw3aepxS7j6YuMGKIv7en40zvTF8bxMf8v9bTeNRMTJ5b+/zI7YpXUIAIBm32Xzn6fbzf/SuLep3J35HspgRNwVEQcj4u6IOBQR90TUy94XEfdvsf6Rlvz6+U96ZVuBbVI2/3sh39u6cf6XFkUGK3nuQD3+/uTUXHX2aP6ejEb/3iw/sUEd37/86+edzjXP/7Ijq7+YC+btuNLXskA3M7U4tZOYm139OGKor138yepOQBIRhyNiaJt1zD359XCnc/8e/wa6sM9U+yriiUb/L0dL/IVk4/3J8duiOnt0vLgq1vv5l0tvdKp/R/F3Qdb/+9pe/6vxDybN+7ULW6/j0u+fdbyn2e71vyd5q57ek7/2wdTi4vmJiD3Ja+tfn1z72yJflM/iHz3SfvwfjLV34oGIyC7iByPioYh4OG/7IxHxaEQc2SD+H1967N3tx7+7svhnttT/W09Uzvzwbaf6N9f/jTvx0fyVzXz+bbaBO3nvAAAA4L8irT8Dn6Rjq+k0HRtrPMN/KPal1fmFxadOzb9/bqbxrPxg9KfFStdA03roRL42XOQnW/LH8nXjLyq31/Nj0/PVmV4HDyW3v8P4z/xR6XXrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXu3G/0c9aAdw8/n+h/Iy/qG8jH8oL+MfSmknv+uXKHMi0luiGRK7lOj1JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/BMAAP//xQDnIw==")
[ 3425.540882][T27513] loop3: detected capacity change from 0 to 512
[ 3425.550146][T27514] loop1: detected capacity change from 0 to 512
[ 3425.559075][T27520] FAULT_INJECTION: forcing a failure.
[ 3425.559075][T27520] name failslab, interval 1, probability 0, space 0, times 0
[ 3425.562920][T27513] EXT4-fs: Ignoring removed nobh option
[ 3425.571900][T27520] CPU: 0 PID: 27520 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3425.577594][T27513] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3425.587970][T27520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3425.587984][T27520] Call Trace:
[ 3425.587989][T27520]
[ 3425.587995][T27520] dump_stack_lvl+0xda/0x130
[ 3425.588018][T27520] dump_stack+0x15/0x20
[ 3425.588031][T27520] should_fail_ex+0x21f/0x230
[ 3425.594493][T27513] EXT4-fs: Ignoring removed nobh option
[ 3425.605452][T27520] __should_failslab+0x92/0xa0
[ 3425.611832][T27514] EXT4-fs: Ignoring removed nobh option
[ 3425.616338][T27520] should_failslab+0x9/0x20
[ 3425.616363][T27520] slab_pre_alloc_hook+0x38/0x180
[ 3425.620586][T27514] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3425.625142][T27520] __kmem_cache_alloc_node+0x46/0x250
[ 3425.630834][T27514] EXT4-fs: Ignoring removed nobh option
[ 3425.635435][T27520] ? io_drain_req+0x1e1/0x4f0
[ 3425.645547][T27513] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3425.650485][T27520] kmalloc_trace+0x2a/0xa0
[ 3425.650518][T27520] io_drain_req+0x1e1/0x4f0
[ 3425.657240][T27513] EXT4-fs (loop3): 1 truncate cleaned up
[ 3425.662249][T27520] io_queue_sqe_fallback+0xd1/0xe0
[ 3425.662282][T27520] io_submit_sqes+0xbf8/0xfe0
[ 3425.662311][T27520] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3425.717195][T27520] ? __fget_files+0x1c4/0x200
[ 3425.721999][T27520] ? mutex_lock+0xd/0x30
[ 3425.726255][T27520] ? fput+0x112/0x140
[ 3425.730243][T27520] ? ksys_write+0x178/0x1a0
[ 3425.734821][T27520] __x64_sys_io_uring_enter+0x78/0x90
[ 3425.740220][T27520] do_syscall_64+0x41/0xc0
[ 3425.744640][T27520] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3425.750541][T27520] RIP: 0033:0x7fbf4da9f169
[ 3425.754948][T27520] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3425.774614][T27520] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3425.783582][T27520] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3425.791621][T27520] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3425.799583][T27520] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3425.807749][T27520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3425.815741][T27520] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3425.823706][T27520]
19:07:13 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r0, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r0, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$int_in(r0, 0x73, &(0x7f00000003c0)=0x2)
r1 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r4, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000230000/0x2000)=nil, 0x2000, 0x2000000, 0x110, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000380)=@IORING_OP_WRITE={0x17, 0x13, 0x3, @fd=r4, 0x43a0, &(0x7f0000000540)="910de1fd0fe5c0b3e240ede4d851c706794e709fd599ce51a17471cb2e7b055c186f943480e809490c08529afa6e0215b0fc00836f1ccfb769cc848640715bfd13e009b79c44415f2d354389b6f633544eafbbcd7f882e703e1e499eafaf5c9c996249c31bf16440767552bcaf6d28869a5c453aa8ba47fdda0e14daba09000000000000009184b535c55caeaf4f3d53f69775b553cb49990b1843f40c96162ab08b99ffaa7a652e01c048913286f0aa43a371c5af6646726bcc667f7c363c3d0e1310008364a479e8d386479f3f7639670b0d5ce69856540de442bdadce3074e7a291295219195b0f4a2cea9796f16e20573108a7f5319a5babd911e3ff4ac2780213efc57b6d8c36f749b9a9626d9c957d9725fd7ef60f48e5426ed629320856d4fadd0282496c559d892eb7c6ca2fe64da8f24ad7f85623979574c44f0a987f06689cc32c59e3cccd3ce2369af13756581b58155d895a25cddf3e36fcbdaf", 0x160, 0x0, 0x1}, 0x401)
sendto$inet6(r4, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r6, 0x107, 0x13, &(0x7f0000000040), 0x4)
r7 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r7, 0x107, 0x13, &(0x7f0000000040), 0x4)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000004c0)={0x0, 0x80, 0x10, 0x2, 0x9}, &(0x7f0000000500)=0x18)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r7, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e)
setsockopt$CAIFSO_REQ_PARAM(r7, 0x116, 0x80, &(0x7f0000000300)="c9055e0864e4480c92b5474012b2c8d7b0e865ff7c0bdecafa37e7242286d91e6065bc4f4c2e298e77793ce57f7b944daced6a57139a998af86d3b966888f1e6325e8ddb5ee30dcaf05eaa928ae98509195d57", 0x53)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r6, 0x84, 0x17, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="030096002956ad4a3c2d8dae5b63eef755e492cd1d081fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df767ade90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"], 0x9e)
syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_FILES_UPDATE={0x14, 0x38, 0x0, 0x0, 0x7c, &(0x7f0000000080)=[r1, r1, r4, r1, r6], 0x5}, 0x5)
io_uring_enter(r1, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
shutdown(r4, 0x0)
19:07:13 executing program 2:
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f00000003c0)={0x40, 0x538708dc, 0x3, 0x10}) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f00000003c0)={0x40, 0x538708dc, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0) (async)
socket(0x10, 0x80002, 0x0)
[ 3425.831669][T27514] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:13 executing program 5:
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000080)={0xd})
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:13 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs201vG0UYAOB3N0kLLSWhlI+WAoaCiPhImrRAD1xAIHEACQkO5RiStAp1G9QEiVYRBITKEVXijjgi8Qs4wQUBJySucEeVKpRLCyejtXcT49ghcZy6ZZ9HWmXGO87M69mxZ2fsAEqrEhHDEXFHRPyWp5PWApXGn+srS9N/rSxNJ1GrvflnUi93bWVpuihaPG9vnhlNI9JPk5Z/2LBw4eKZqWp19nyeH188+974woWLz8ydnTo9e3r23OSJE8ePTTz/3OSzPYkzi+vaoQ/nDx989e3Lr0+fvPzOT98kedzREkevVKLSLvS6x3tdWZ/ta0ong31sCFsyEBFZdw3Vx/9wDMRa5w3HK5/0tXHAjqrVarXdnU8v14D/sST63QKgP4oP+uz+tzhu0NTjpnD1xcYNUBb39fxonBmMNC8z1HJ/20uViDi5/PeX2RE7tA4BANDsu2z+83S7+V8a9zaVuzPfQxmJiLsiYn9E3B0RByLinoh62fsi4v4t1l9pya+f/6RXugpsk7L53wv53ta/53/F7C9GBvLcvnr8Q8mpuers0fw1GY2h3Vl+YoM6vn/51887nWue/2VHVn8xF8zbcWWwZYFuZmpxajsxN7v6ccShwXbxJ6s7AUlEHMz3Crox9+TXhzud++/4N9CDfabaVxFPNPp/OVriLyQb70+O3xbV2aPjxVWx3s+/XHqjU/3bir8Hsv7f0/b6X41/JGner13Yeh2Xfv+s4z1Nt9f/ruStenpX/tgHU4uL5ycidiWvrX98cu25Rb4on8U/eqT9+N8fa6/EAxGRXcQPRsRDEfFw3vZHIuLRiDiyQfw/vvTYu93Hv7Oy+Ge21P9bTwyc+eHbTvVvrv+P11Oj+SObef/bbAO389oBAADArSKtfwc+ScdW02k6Ntb4Dv+B2JNW5xcWnzo1//65mcZ35UdiKC1Wuoab1kMn8rXhIj/Zkj+Wrxt/MXB7PT82PV+d6XfwUHJ7O4z/zB/dLvgDtw6/14LyMv6hvIx/KC/jH8rL+Ifyajf+P+pDO4Abz+c/lJfxD+Vl/EN5Gf9QStv5Xb9EmROR3hTNkNihRL/fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHrjnwAAAP//mkPmXg==")
[ 3425.870091][T27514] EXT4-fs (loop1): 1 truncate cleaned up
19:07:13 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgCBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcCoXBJyQuMIdVapQLi2cjNbeTVzHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYiAi7oiIX/N00nT+ynCjUFbuxsrS9J8rS9NJ1Gpv/pHUy11fWZouyhZ/tz/PjKYR6afJzf8wt3Dh4pmpanX2fJ4fXzz73vjChYvPzJ2dOj17evbc5IkTx49NPP/c5LNdiTOL6/rQh/PDh199+/Lr0ycvv/PjN0ked7TE0S0jMdIu9LrHu11Zjx1oSid9PWwIW1KJiKy7+uvjfyAqsdZ5A/HKJz1tHLCrarVabW/n08s14D8siV63AOiN4os+u/8tjls09bgtXHuxcQOUxX0jPxpn+uJ4Xqa/5f62m0Yi4uTyX19mR+zSOgQAQLMr2fzn6XbzvzTubSp3Z76HMhgRd0XEwYi4OyIORcQ9EfWy90XE/Vusf6Qlv37+k17dVmCblM3/Xsj3tm6e/6VFkcFKnjtQj78/OTVXnT2avyej0b83y09sUMd3L//yeadzzfO/7MjqL+aCeTuu9rUs0M1MLU7tJOZm1z6OGOprF3+yuhOQRMThiBjaZh1zT3493OncP8e/gS7sM9W+inii0f/L0RJ/Idl4f3L8f1GdPTpeXBXr/fTzpTc61b+j+Lsg6/99ba//1fgHk+b92oWt13Hpt8863tNs9/rfk7xVT+/JX/tganHx/ETEnuS19a9Prv1tkS/KZ/GPHmk//g/G2jvxQERkF/GDEfFQRDyct/2RiHg0Io5sEP8PLz327vbj311Z/DNb6v+tJypnvv+2U/2b6//Gnfho/spmPv8228CdvHcAAADwb5HWn4FP0rHVdJqOjTWe4T8U+9Lq/MLiU6fm3z8303hWfjD602Kla6BpPXQiXxsu8pMt+WP5uvEXlf/X82PT89WZXgcPJbe/w/jP/F7pdeuAXef3WlBexj+Ul/EP5WX8Q3kZ/1Be7cb/Rz1oB3Dr+f6H8jL+obyMfygv4x9KaSe/65cocyLS26IZEruU6PUnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHf8HQAA///L8edj")
[ 3425.961473][T27548] loop3: detected capacity change from 0 to 512
[ 3425.983201][T27548] EXT4-fs: Ignoring removed nobh option
[ 3425.988781][T27559] loop1: detected capacity change from 0 to 512
[ 3425.993145][T27559] EXT4-fs: Ignoring removed nobh option
[ 3425.995113][T27548] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3425.995128][T27548] EXT4-fs: Ignoring removed nobh option
[ 3426.012879][T27559] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.019378][T27559] EXT4-fs: Ignoring removed nobh option
[ 3426.031667][T27548] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:13 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 32)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async, rerun: 32)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f00000003c0)={0x40, 0x538708dc, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3426.051641][T27559] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3426.070796][T27548] EXT4-fs (loop3): 1 truncate cleaned up
[ 3426.076014][T27559] EXT4-fs (loop1): 1 truncate cleaned up
19:07:13 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgCBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TSjHeSmcezY8/OrAMordGIGIyI2yLilzydNBe4v1EoK3djdXnmj9XlmSRqtdd/T+rlrq8uzxRFi787kGfG0oj046TlHzYsXrx0drpanbuQ5yeWzr0zsXjx0lPz56bPzJ2ZOz918uSJ45PPPjP1dFfizOK6Pvz+wsiRl9+88urMqStv/fBVkscdLXF0y2iMtgu97tFuV9ZjB5vSSV8PG8K2VCIi667++vgfjEqsd95gvPRRTxsH7KlarVbb1/n0Sg34D0ui1y0AeqP4os/uf4vjJk09bgnXnm/cAGVx38iPxpm+OJGX6W+5v+2m0Yg4tfLn59kRe7QOAQDQ7Jts/vNku/lfGnc3lbs930MZiog7IuJQRNwZEYcj4q6Ietl7IuLebdY/2pLfOP9Jr+4osC3K5n/P5Xtbf5//pUWRoUqeO1iPvz85PV+dO5a/J2PRvy/LT25Sx7cv/vxpp3PN87/syOov5oJ5O672tSzQzU4vTe8m5mbXPowY7msXf7K2E5BExJGIGN5hHfOPfznS6dw/x7+JLuwz1b6IeKzR/yvREn8h2Xx/cuJ/UZ07NlFcFRv9+NPl1zrVv6v4uyDr//1tr/+1+IeS5v3axe3XcfnXTzre0+z0+h9I3qinB/LX3pteWrowGTGQvLLx9an1vy3yRfks/rGj7cf/oVh/J+6LiJF8O/yBiHgwb/tDEfFwRBzdJP7vX3jk7Z3Hv7ey+Ge31f/bT1TOfvd1p/q31v+NO/Gx/JWtfP5ttYG7ee8AAADg3yKtPwOfpONr6TQdH288w3849qfVhcWlJ04vvHt+tvGs/FD0p8VK12DTeuhkvjZc5Kda8sfzdePPKv+v58dnFqqzvQ4eSu5Ah/Gf+a3S69YBe87vtaC8jH8oL+Mfysv4h/Iy/qG82o3/D3rQDuDm8/0P5WX8Q3kZ/1Bexj+U0m5+1y9R5kSkt0QzJPYo0etPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74KwAA//+zOeak")
19:07:13 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHjevjwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9cPvzx859PKbV16dPnXlrR++SvK4oy2OXqlGtVPoDY/2urI+29+STgb62BC2pBIRWXcNNsb/cFRirfOG46WP+to4YFfV6/X6nu6nl+vAf1gS/W4B0B/FB312/1scN2nqcUu49nzzBiiL+0Z+NM8MRJqXGWy7v+2lakScWv7z8+yIXVqHAABo9U02/3my0/wvjbtbyt2e76GMRMQdEXEgIu6MiIMRcVdEo+w9EXHvFuuvtuXXz3/Sq9sKbJOy+d9z+d7W3+d/xewvRip5bn8j/sHk9Fxt9lj+mozG4J4sP7FBHd+++POn3c61zv+yI6u/mAvm7bg60LZANzO1OLWTmFtd+zDi8ECn+JPVnYAkIg7l8W7H3ONfHul27p/j30AP9pnqX0Q81uz/5WiLv5BsvD85/r+ozR4bL66K9X786fJr3erfUfw9kPX/3o7X/2r8I0nrfu3C1uu4/OsnXe9ptnv9DyVvNNJD+WPvTS0uXpiIGEpeWf/45Npzi3xRPot/9Gjn8X8g1l6J+yIiu4jvj4gHIuLBvO0PRcTDEXF0g/i/f+GRt7cf/+7K4p/ZUv9vPVE5+93X3erfXP+faKRG80c28/632Qbu5LUDAACAf4u08R34JB1bTafp2FjzO/wHY29am19YfOL0/LvnZ5rflR+JwbRY6RpuWQ+dyNeGi/xkW/54vm78WeX/jfzY9Hxtpt/BQ8nt6zL+M79V+t06YNf5vRaUl/EP5WX8Q3kZ/1Bexj+UV6fx/0Ef2gHcfD7/obyMfygv4x/Ky/iHUtrJ7/olypyI9JZohsQuJfr9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAbfwUAAP//OuTmaQ==")
[ 3426.155638][T27575] loop1: detected capacity change from 0 to 512
[ 3426.179518][T27579] loop3: detected capacity change from 0 to 512
[ 3426.180865][T27575] EXT4-fs: Ignoring removed nobh option
[ 3426.186025][T27579] EXT4-fs: Ignoring removed nobh option
[ 3426.191462][T27575] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.197001][T27579] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.203428][T27575] EXT4-fs: Ignoring removed nobh option
[ 3426.209829][T27579] EXT4-fs: Ignoring removed nobh option
[ 3426.246490][T27575] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3426.246733][T27579] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3426.275225][T27575] EXT4-fs (loop1): 1 truncate cleaned up
[ 3426.277530][T27579] EXT4-fs (loop3): 1 truncate cleaned up
19:07:13 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:13 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHjevjwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9cPvzx859PKbV16dPnXlrR++SvK4oy2OXqlGtVPoDY/2urI+29+STgb62BC2pBIRWXcNNsb/cFRirfOG46WP+to4YFfV6/X6nu6nl+vAf1gS/W4B0B/FB312/1scN2nqcUu49nzzBiiL+0Z+NM8MRJqXGWy7v+2lakScWv7z8+yIXVqHAABo9U02/3my0/wvjbtbyt2e76GMRMQdEXEgIu6MiIMRcVdEo+w9EXHvFuuvtuXXz3/Sq9sKbJOy+d9z+d7W3+d/xewvRip5bn8j/sHk9Fxt9lj+mozG4J4sP7FBHd+++POn3c61zv+yI6u/mAvm7bg60LZANzO1OLWTmFtd+zDi8ECn+JPVnYAkIg7l/b8dc49/eaTbuX+OfwM92GeqfxHxWLP/l6Mt/kKy8f7k+P+iNntsvLgq1vvxp8uvdat/R/H3QNb/ezte/6vxjySt+7ULW6/j8q+fdL2n2e71P5S80UgP5Y+9N7W4eGEiYih5Zf3jk2vPLfJF+Sz+0aOdx/+BWHsl7ouI7CK+PyIeiIgH87Y/FBEPR8TRDeL//oVH3t5+/Lsri39mS/2/9UTl7Hdfd6t/c/1/opEazR/ZzPvfZhu4k9cOAAAA/i3Sxnfgk3RsNZ2mY2PN7/AfjL1pbX5h8YnT8++en2l+V34kBtNipWu4ZT10Il8bLvKTbfnj+brxZ5X/N/Jj0/O1mX4HDyW3r8v4z/xW6XfrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXp3G/wd9aAdw8/n8h/Iy/qG8jH8oL+MfSmknv+uXKHMi0luiGRK7lOj3OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBv/BUAAP//GvTmag==")
19:07:13 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn80thqtYvBH0qRVe/CgouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU+CV71LoUgurZ5WZncm2W52Y35sutX5fGDgvZ2XvPfdN2/3zXuzAZTWcEQMRMQdEfFbnk6azr9wuFEoK3d9eXHqr+XFqSRqtTf/TOrlri0vThVli7/bm2dG0oj00+TGf5ibv3DxzGS1OnM+z48tnH1vbP7Cxadnz06enjk9c27ixInjx8afe3bima7EmcV1bejDuUMHX3378utTJy+/89M3SR53tMTRLcMx3C70use6XVmP7WtKJ309bAibUomIrLv66+N/ICqx2nkD8conPW0csKNqtVptd+fTSzXgfyyJXrcA6I3iiz67/y2OmzT1uCVcfbFxA5TFfT0/Gmf64nhepr/l/rabhiPi5NLfX2ZH7NA6BABAs++y+c9T7eZ/adzbVO7OfA9lMCLuioj9EXF3RByIiHsi6mXvi4j7N1n/cEt+7fwnvbKlwDYom/89n+9t3Tj/S4sig5U8t68ef39yarY6czR/T0aif3eWH1+nju9f/vXzTuea53/ZkdVfzAXzdlzpa1mgm55cmNxOzM2ufhwx1Ncu/mRlJyCJiIMRMbTFOmaf+PpQp3P/Hv86urDPVPsq4vFG/y9FS/yFZP39ybHbojpzdKy4Ktb6+ZdLb3Sqf1vxd0HW/3vaXv8r8Q8mzfu185uv49Lvn3W8p9nq9b8reaue3pW/9sHkwsL58YhdyWtrX59Y/dsiX5TP4h850n7874/Vd+KBiMgu4sMR8WBEPJS3/eGIeCQijqwT/48vPfru1uPfWVn805vq/80nKmd++LZT/Rvr/8ad+Ej+ykY+/zbawO28dwAAAPBfkdafgU/S0ZV0mo6ONp7hPxB70urc/MKTp+bePzfdeFZ+MPrTYqVroGk9dDxfGy7yEy35Y/m68ReV2+v50am56nSvg4eS29th/Gf+qPS6dcCO83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPl8/0N5Gf9QXsY/lJfxD6W0nd/1S5Q5Eekt0QyJHUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//7oq5uQ=")
19:07:13 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 21)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3426.412652][T27593] loop1: detected capacity change from 0 to 512
[ 3426.422475][T27597] FAULT_INJECTION: forcing a failure.
[ 3426.422475][T27597] name failslab, interval 1, probability 0, space 0, times 0
[ 3426.428103][T27595] loop3: detected capacity change from 0 to 512
[ 3426.435290][T27597] CPU: 1 PID: 27597 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3426.442662][T27593] EXT4-fs: Ignoring removed nobh option
[ 3426.452017][T27597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3426.452054][T27597] Call Trace:
[ 3426.457607][T27593] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.467618][T27597]
[ 3426.467687][T27597] dump_stack_lvl+0xda/0x130
[ 3426.470937][T27593] EXT4-fs: Ignoring removed nobh option
[ 3426.477302][T27597] dump_stack+0x15/0x20
[ 3426.480850][T27595] EXT4-fs: Ignoring removed nobh option
[ 3426.484841][T27597] should_fail_ex+0x21f/0x230
[ 3426.490488][T27595] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.494556][T27597] __should_failslab+0x92/0xa0
[ 3426.500139][T27595] EXT4-fs: Ignoring removed nobh option
[ 3426.504756][T27597] should_failslab+0x9/0x20
[ 3426.526049][T27597] slab_pre_alloc_hook+0x38/0x180
[ 3426.531112][T27597] __kmem_cache_alloc_node+0x46/0x250
[ 3426.536495][T27597] ? io_drain_req+0x1e1/0x4f0
[ 3426.541457][T27597] kmalloc_trace+0x2a/0xa0
[ 3426.545930][T27597] io_drain_req+0x1e1/0x4f0
[ 3426.550470][T27597] io_queue_sqe_fallback+0xd1/0xe0
[ 3426.555741][T27597] io_submit_sqes+0xbf8/0xfe0
[ 3426.560441][T27597] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3426.566069][T27597] ? __fget_files+0x1c4/0x200
[ 3426.570820][T27597] ? mutex_lock+0xd/0x30
[ 3426.575068][T27597] ? fput+0x112/0x140
[ 3426.579083][T27597] ? ksys_write+0x178/0x1a0
[ 3426.583804][T27597] __x64_sys_io_uring_enter+0x78/0x90
[ 3426.587713][T27595] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3426.589338][T27597] do_syscall_64+0x41/0xc0
[ 3426.589388][T27597] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3426.604955][T27595] EXT4-fs (loop3): 1 truncate cleaned up
[ 3426.607918][T27597] RIP: 0033:0x7fbf4da9f169
[ 3426.607936][T27597] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3426.644398][T27597] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3426.652882][T27597] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3426.660852][T27597] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3426.668826][T27597] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3426.676828][T27597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3426.684934][T27597] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3426.693010][T27597]
19:07:14 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r0, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async)
sendto$inet6(r0, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
ioctl$int_in(r0, 0x73, &(0x7f00000003c0)=0x2) (async)
r1 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) (async, rerun: 32)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84) (rerun: 32)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async, rerun: 32)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async, rerun: 32)
setsockopt(r4, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000230000/0x2000)=nil, 0x2000, 0x2000000, 0x110, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000380)=@IORING_OP_WRITE={0x17, 0x13, 0x3, @fd=r4, 0x43a0, &(0x7f0000000540)="910de1fd0fe5c0b3e240ede4d851c706794e709fd599ce51a17471cb2e7b055c186f943480e809490c08529afa6e0215b0fc00836f1ccfb769cc848640715bfd13e009b79c44415f2d354389b6f633544eafbbcd7f882e703e1e499eafaf5c9c996249c31bf16440767552bcaf6d28869a5c453aa8ba47fdda0e14daba09000000000000009184b535c55caeaf4f3d53f69775b553cb49990b1843f40c96162ab08b99ffaa7a652e01c048913286f0aa43a371c5af6646726bcc667f7c363c3d0e1310008364a479e8d386479f3f7639670b0d5ce69856540de442bdadce3074e7a291295219195b0f4a2cea9796f16e20573108a7f5319a5babd911e3ff4ac2780213efc57b6d8c36f749b9a9626d9c957d9725fd7ef60f48e5426ed629320856d4fadd0282496c559d892eb7c6ca2fe64da8f24ad7f85623979574c44f0a987f06689cc32c59e3cccd3ce2369af13756581b58155d895a25cddf3e36fcbdaf", 0x160, 0x0, 0x1}, 0x401) (async)
sendto$inet6(r4, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
r6 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c) (async)
setsockopt$packet_int(r6, 0x107, 0x13, &(0x7f0000000040), 0x4) (async)
r7 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c) (async, rerun: 64)
setsockopt$packet_int(r7, 0x107, 0x13, &(0x7f0000000040), 0x4) (async, rerun: 64)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000004c0)={0x0, 0x80, 0x10, 0x2, 0x9}, &(0x7f0000000500)=0x18) (async)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r7, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e)
setsockopt$CAIFSO_REQ_PARAM(r7, 0x116, 0x80, &(0x7f0000000300)="c9055e0864e4480c92b5474012b2c8d7b0e865ff7c0bdecafa37e7242286d91e6065bc4f4c2e298e77793ce57f7b944daced6a57139a998af86d3b966888f1e6325e8ddb5ee30dcaf05eaa928ae98509195d57", 0x53)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r6, 0x84, 0x17, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="030096002956ad4a3c2d8dae5b63eef755e492cd1d081fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df767ade90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"], 0x9e)
syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_FILES_UPDATE={0x14, 0x38, 0x0, 0x0, 0x7c, &(0x7f0000000080)=[r1, r1, r4, r1, r6], 0x5}, 0x5) (async)
io_uring_enter(r1, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
shutdown(r4, 0x0)
19:07:14 executing program 5:
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000080)={0xd}) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:14 executing program 0:
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r0, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async)
setsockopt(r0, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r0, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$int_in(r0, 0x73, &(0x7f00000003c0)=0x2)
r1 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r4, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async)
setsockopt(r4, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000230000/0x2000)=nil, 0x2000, 0x2000000, 0x110, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000380)=@IORING_OP_WRITE={0x17, 0x13, 0x3, @fd=r4, 0x43a0, &(0x7f0000000540)="910de1fd0fe5c0b3e240ede4d851c706794e709fd599ce51a17471cb2e7b055c186f943480e809490c08529afa6e0215b0fc00836f1ccfb769cc848640715bfd13e009b79c44415f2d354389b6f633544eafbbcd7f882e703e1e499eafaf5c9c996249c31bf16440767552bcaf6d28869a5c453aa8ba47fdda0e14daba09000000000000009184b535c55caeaf4f3d53f69775b553cb49990b1843f40c96162ab08b99ffaa7a652e01c048913286f0aa43a371c5af6646726bcc667f7c363c3d0e1310008364a479e8d386479f3f7639670b0d5ce69856540de442bdadce3074e7a291295219195b0f4a2cea9796f16e20573108a7f5319a5babd911e3ff4ac2780213efc57b6d8c36f749b9a9626d9c957d9725fd7ef60f48e5426ed629320856d4fadd0282496c559d892eb7c6ca2fe64da8f24ad7f85623979574c44f0a987f06689cc32c59e3cccd3ce2369af13756581b58155d895a25cddf3e36fcbdaf", 0x160, 0x0, 0x1}, 0x401) (async)
syz_io_uring_submit(r5, r3, &(0x7f0000000380)=@IORING_OP_WRITE={0x17, 0x13, 0x3, @fd=r4, 0x43a0, &(0x7f0000000540)="910de1fd0fe5c0b3e240ede4d851c706794e709fd599ce51a17471cb2e7b055c186f943480e809490c08529afa6e0215b0fc00836f1ccfb769cc848640715bfd13e009b79c44415f2d354389b6f633544eafbbcd7f882e703e1e499eafaf5c9c996249c31bf16440767552bcaf6d28869a5c453aa8ba47fdda0e14daba09000000000000009184b535c55caeaf4f3d53f69775b553cb49990b1843f40c96162ab08b99ffaa7a652e01c048913286f0aa43a371c5af6646726bcc667f7c363c3d0e1310008364a479e8d386479f3f7639670b0d5ce69856540de442bdadce3074e7a291295219195b0f4a2cea9796f16e20573108a7f5319a5babd911e3ff4ac2780213efc57b6d8c36f749b9a9626d9c957d9725fd7ef60f48e5426ed629320856d4fadd0282496c559d892eb7c6ca2fe64da8f24ad7f85623979574c44f0a987f06689cc32c59e3cccd3ce2369af13756581b58155d895a25cddf3e36fcbdaf", 0x160, 0x0, 0x1}, 0x401)
sendto$inet6(r4, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r4, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket(0x11, 0x2, 0x0) (async)
r6 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c) (async)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r6, 0x107, 0x13, &(0x7f0000000040), 0x4)
r7 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r7, 0x107, 0x13, &(0x7f0000000040), 0x4)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000004c0)={0x0, 0x80, 0x10, 0x2, 0x9}, &(0x7f0000000500)=0x18)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r7, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x3, 0x96, "2956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"}, 0x9e)
setsockopt$CAIFSO_REQ_PARAM(r7, 0x116, 0x80, &(0x7f0000000300)="c9055e0864e4480c92b5474012b2c8d7b0e865ff7c0bdecafa37e7242286d91e6065bc4f4c2e298e77793ce57f7b944daced6a57139a998af86d3b966888f1e6325e8ddb5ee30dcaf05eaa928ae98509195d57", 0x53)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r6, 0x84, 0x17, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="030096002956ad4a3c2d8dae5b63eef755e492cd1d081fb816655e221d0929e4e1a86bffacfd93e634b8bb49a54de46c753268531e92b188a6afabdaef191c553649ce892d21a64ae35f6d06df767ade90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8f7d5ae760a73d"], 0x9e)
syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_FILES_UPDATE={0x14, 0x38, 0x0, 0x0, 0x7c, &(0x7f0000000080)=[r1, r1, r4, r1, r6], 0x5}, 0x5)
io_uring_enter(r1, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
shutdown(r4, 0x0)
[ 3426.716574][T27593] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3426.751965][T27593] EXT4-fs (loop1): 1 truncate cleaned up
19:07:14 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHjevjwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9cPvzx859PKbV16dPnXlrR++SvK4oy2OXqlGtVPoDY/2urI+29+STgb62BC2pBIRWXcNNsb/cFRirfOG46WP+to4YFfV6/X6nu6nl+vAf1gS/W4B0B/FB312/1scN2nqcUu49nzzBiiL+0Z+NM8MRJqXGWy7v+2lakScWv7z8+yIXVqHAABo9U02/3my0/wvjbtbyt2e76GMRMQdEXEgIu6MiIMRcVdEo+w9EXHvFuuvtuXXz3/Sq9sKbJOy+d9z+d7W3+d/xewvRip5bn8j/sHk9Fxt9lj+mozG4J4sP7FBHd+++POn3c61zv+yI6u/mAvm7bg60LZANzO1OLWTmFtd+zDi8ECn+JPVnYAkIg7lx3bMPf7lkW7n/jn+DfRgn6n+RcRjzf5fjrb4C8nG+5Pj/4va7LHx4qpY78efLr/Wrf4dxd8DWf/v7Xj9r8Y/krTu1y5svY7Lv37S9Z5mu9f/UPJGIz2UP/be1OLihYmIoeSV9Y9Prj23yBfls/hHj3Ye/wdi7ZW4LyKyi/j+iHggIh7M2/5QRDwcEUc3iP/7Fx55e/vx764s/pkt9f/WE5Wz333drf7N9f+JRmo0f2Qz73+bbeBOXjsAAAD4t0gb34FP0rHVdJqOjTW/w38w9qa1+YXFJ07Pv3t+pvld+ZEYTIuVruGW9dCJfG24yE+25Y/n68afVf7fyI9Nz9dm+h08lNy+LuM/81ul360Ddp3fa0F5Gf9QXsY/lJfxD+Vl/EN5dRr/H/ShHcDN5/Mfysv4h/Iy/qG8jH8opZ38rl+izIlIb4lmSOxSot/vTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xVwAAAP//23bmdA==")
19:07:14 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhhYCBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTVzHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYjAi7oiIX/N00nR++UijUFbuxsrS9J8rS9NJ1Gpv/JHUy11fWZouyhZ/ty/PjKYR6SfJzf8wt3Dx0tmpanX2Qp4fXzz37vjCxUtPz52bOjN7Zvb85MmTJ45PPPfs5DNdiTOL6/rwB/OHD73y1pXXpk9defvHr5M87miJo1tGYqRd6HWPdbuyHtvflE76etgQtqQSEVl39dfH/2BUYq3zBuPlj3vaOGBX1Wq12p7Op5drwH9YEr1uAdAbxRd9dv9bHLdo6nFbuPZC4wYoi/tGfjTO9MWJvEx/y/1tN41ExKnlv77IjtildQgAgGbfZvOfp9rN/9K4t6ncnfkeylBE3BURByLi7og4GBH3RNTL3hcR92+x/pGW/Pr5T3p1W4FtUjb/ez7f27p5/pcWRYYqeW5/Pf7+5PRcdfZY/p6MRv+eLD+xQR3fvfTLZ53ONc//siOrv5gL5u242teyQDcztTi1k5ibXfsoYrivXfzJ6k5AEhGHImJ4m3XMPfHV4U7n/jn+DXRhn6n2ZcTjjf5fjpb4C8nG+5Pj/4vq7LHx4qpY76efL7/eqf4dxd8FWf/vbXv9r8Y/lDTv1y5svY7Lv33a8Z5mu9f/QPJmPT2Qv/b+1OLihYmIgeTV9a9Prv1tkS/KZ/GPHm0//g/E2jvxQERkF/GRiHgwIh7K2/5wRDwSEUc3iP+HFx99Z/vx764s/pkt9f/WE5Wz33/Tqf7N9X/jTnw0f2Uzn3+bbeBO3jsAAAD4t0jrz8An6dhqOk3HxhrP8B+MvWl1fmHxydPz752faTwrPxT9abHSNdi0HjqRrw0X+cmW/PF83fjzyv/r+bHp+epMr4OHktvXYfxnfq/0unXArvN7LSgv4x/Ky/iH8jL+obyMfyivduP/wx60A7j1fP9DeRn/UF7GP5SX8Q+ltJPf9UuUORHpbdEMiV1K9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DgAA///BG+ck")
[ 3426.835717][T27643] loop3: detected capacity change from 0 to 512
[ 3426.843616][T27643] EXT4-fs: Ignoring removed nobh option
[ 3426.849255][T27643] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.855779][T27643] EXT4-fs: Ignoring removed nobh option
[ 3426.863912][T27646] loop1: detected capacity change from 0 to 512
19:07:14 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r3 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_LINKAT={0x27, 0x10, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x1}, 0x4)
r4 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r4, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000280)=0xe3)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
open$dir(&(0x7f0000000500)='./file0\x00', 0x8000, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f00000004c0)=0x20)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r7 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000480)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r4, 0x0, &(0x7f0000000440)='./file0\x00', 0x24, 0x202040, 0x65cfa}, 0x7f)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000080))
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
io_uring_enter(r0, 0xe9a, 0x10e3, 0x0, &(0x7f0000000400)={[0x8]}, 0x8)
[ 3426.881680][T27643] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3426.882421][T27646] EXT4-fs: Ignoring removed nobh option
[ 3426.897280][T27643] EXT4-fs (loop3): 1 truncate cleaned up
[ 3426.901640][T27646] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.913680][T27646] EXT4-fs: Ignoring removed nobh option
[ 3426.921499][T27646] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:14 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHjevjwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9cPvzx859PKbV16dPnXlrR++SvK4oy2OXqlGtVPoDY/2urI+29+STgb62BC2pBIRWXcNNsb/cFRirfOG46WP+to4YFfV6/X6nu6nl+vAf1gS/W4B0B/FB312/1scN2nqcUu49nzzBiiL+0Z+NM8MRJqXGWy7v+2lakScWv7z8+yIXVqHAABo9U02/3my0/wvjbtbyt2e76GMRMQdEXEgIu6MiIMRcVdEo+w9EXHvFuuvtuXXz3/Sq9sKbJOy+d9z+d7W3+d/xewvRip5bn8j/sHk9Fxt9lj+mozG4J4sP7FBHd+++POn3c61zv+yI6u/mAvm7bg60LZANzO1OLWTmFtd+zDi8ECn+JPVnYAkIg5FxH3brGPu8S+PdDv3z/FvoAf7TPUvIh5r9v9ytMVfSDbenxz/X9Rmj40XV8V6P/50+bVu9e8o/h7I+n9vx+t/Nf6RpHW/dmHrdVz+9ZOu9zTbvf6Hkjca6aH8sfemFhcvTEQMJa+sf3xy7blFviifxT96tPP4PxBrr0R27WcX8f0R8UBEPJi3/aGIeDgijm4Q//cvPPL29uPfXVn8M1vq/60nKme/+7pb/Zvr/xON1Gj+yGbe/zbbwJ28dgAAAPBvkTa+A5+kY6vpNB0ba36H/2DsTWvzC4tPnJ5/9/xM87vyIzGYFitdwy3roRP52nCRn2zLH8/XjT+r/L+RH5uer830O3gouX1dxn/mt0q/WwfsOr/XgvIy/qG8jH8oL+Mfysv4h/LqNP4/6EM7gJvP5z+Ul/EP5WX8Q3kZ/1BKO/ldv0SZE5HeEs2Q2KVEv9+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuOvAAAA//+bluZ2")
[ 3426.941216][T27646] EXT4-fs (loop1): 1 truncate cleaned up
[ 3426.972587][T27658] loop3: detected capacity change from 0 to 512
[ 3426.980458][T27658] EXT4-fs: Ignoring removed nobh option
19:07:14 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn80thqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPNWLqCfBq96lUCSXVk8rszuTbDe7MT823ep8PjDw3s5L3vvum7f75r3ZAEprOCIGIuKuiPgtTydN568cbhTKyt1YXpz6a3lxKola7a0/k3q568uLU0XZ4u/25pmRNCL9LLn5H+bmL1w8M1mtzpzP82MLZ98fm79w8dnZs5OnZ07PnJs4ceL4sfEXnp94ritxZnFdH/po7tDB1965/MbUycvv/vRtkscdLXF0y3AMtwu97oluV9Zj+5rSSV8PG8KmVCIi667++vgfiEqsdt5AvPppTxsH7KharVbb3fn0Ug34H0ui1y0AeqP4os/uf4vjFk09bgvXXmrcAGVx38iPxpm+OJ6X6W+5v+2m4Yg4ufT3V9kRO7QOAQDQ7Eo2/3mm3fwvjfubyt2d76EMRsQ9EbE/Iu6NiAMRcV9EvewDEfHgJusfbsmvnf+kV7cU2AZl878X872tm+d/aVFksJLn9tXj709OzVZnjubvyUj0787y4+vU8f0rv37R6Vzz/C87svqLuWDejqt9LQt005MLk9uJudm1TyKG+trFn6zsBCQRcTAihrZYx+xT3xzqdO7f419HF/aZal9HPNno/6Voib+QrL8/OXZHVGeOjhVXxVo//3LpzU71byv+Lsj6f0/b638l/sGkeb92fvN1XPr98473NFu9/nclb9fTu/LXPpxcWDg/HrEreX3t6xOrf1vki/JZ/CNH2o///bH6TjwUEdlFfDgiHo6IR/K2PxoRj0XEkXXi//Hlx9/bevw7K4t/elP9v/lE5cwP33Wqf2P937gTH8lf2cjn30YbuJ33DgAAAP4r0voz8Ek6upJO09HRxjP8B2JPWp2bX3j61NwH56Ybz8oPRn9arHQNNK2Hjudrw0V+oiV/LF83/rJyZz0/OjVXne518FByezuM/8wflV63Dthxfq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/cg3YAt57vfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiGxQ4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//8gM52Q=")
[ 3426.986198][T27658] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3426.992724][T27658] EXT4-fs: Ignoring removed nobh option
[ 3427.021727][T27658] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3427.030292][T27662] loop1: detected capacity change from 0 to 512
[ 3427.036990][T27658] EXT4-fs (loop3): 1 truncate cleaned up
[ 3427.051141][T27662] EXT4-fs: Ignoring removed nobh option
[ 3427.056884][T27662] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3427.063359][T27662] EXT4-fs: Ignoring removed nobh option
[ 3427.072063][T27662] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3427.090396][T27662] EXT4-fs (loop1): 1 truncate cleaned up
19:07:14 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjD3OzOPZsWdn1gGUVjUihiPitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHjdvjwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9cPvzx859PKbV16dPnXlrR++SvK4oy2OXqlGtVPoDY/2urI+29+STgb62BC2pBIRWXcNNsb/cFRirfOG46WP+to4YFfV6/X6nu5PL9eB/7Ak+t0CoD+KL/rs+rc4btLU45Zw7fnmBVAW9438aD4zEGleZrDt+raXqhFxavnPz7MjdmkdAgCg1TfZ/OfJTvO/NO5uKXd7vocyEhF3RMSBiLgzIg5GxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5Xtbf5//FbO/GKnkuf2N+AeT03O12WP5ezIag3uy/MQGdXz74s+fdnuudf6XHVn9xVwwb8fVgbYFupmpxamdxNzq2ocRhwc6xZ+s7gQkEXEoIo5ss465x7/s+tJ/jn8DPdhnqn8R8Viz/5ejLf5CsvH+5Pj/ojZ7bLw4K9b78afLr3Wrf0fx90DW/3s7nv+r8Y8krfu1C1uv4/Kvn3S9ptnu+T+UvNFID+WPvTe1uHhhImIoeWX945Nrry3yRfks/tGjncf/gVh7J+7Lz//7I+KBiHgwb/tDEfFwRBzdIP7vX3jk7e3Hv7uy+Ge21P9bT1TOfvd1t/o31/8nGqnR/JHNfP5ttoE7ee8AAADg3yJt3AOfpGOr6TQdG2vew38w9qa1+YXFJ07Pv3t+pnmv/EgMpsVK13DLeuhEvjZc5Cfb8sfzdePPKv9v5Mem52sz/Q4eSm5fl/Gf+a3S79YBu87vtaC8jH8oL+Mfysv4h/Iy/qG8Oo3/D/rQDuDm8/0P5WX8Q3kZ/1Bexj+U0k5+1y9R5kSkt0QzJHYp0e9PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN74KwAA//97puZ3")
19:07:14 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lzgYcahbJy11eWpv9aWZpOolZ788+kXu7aytJ0UbT4u315ZjSNSD9NWv5hw8KFi2emqtXZ83l+fPHse+MLFy4+M3d26vTs6dlzkydOHD828fxzk892Jc4srmvDH84fPvTq25dfnz55+Z2fvknyuKMljm4ZiZF2odc93u3Kemx/Uzrp62FD2JJKRGTd1V8f/4NRibXOG4xXPulp44BdVavVans6n16uAbewJHrdAqA3ii/67P63OG7Q1OOmcPXFxg1QFvf1/Gic6YvjeZn+lvvbbhqJiJPLf3+ZHbFL6xAAAM2+y+Y/T7eb/6Vxb1O5O/M9lKGIuCsiDkTE3RFxMCLuiaiXvS8i7t9i/SMt+fXzn/TKtgLbpGz+90K+t/Xv+V9aFBmq5Ln99fj7k1Nz1dmj+XsyGv17svzEBnV8//Kvn3c61zz/y46s/mIumLfjSl/LAt3M1OLUTmJudvXjiOG+dvEnqzsBSUQciojhbdYx9+TXhzud++/4N9CFfabaVxFPNPp/OVriLyQb70+O3xbV2aPjxVWx3s+/XHqjU/07ir8Lsv7f2/b6X41/KGner13Yeh2Xfv+s4z3Ndq//geStenogf+2DqcXF8xMRA8lr61+fXPvbIl+Uz+IfPdJ+/B+ItXfigYjILuIH8y3xh/O2PxIRj0bEkQ3i//Glx97dfvy7K4t/Zkv9v/VE5cwP33aqf3P937gTH81f2czn32YbuJP3DgAAAP4v0voz8Ek6tppO07GxxjP8B2NvWp1fWHzq1Pz752Yaz8oPRX9arHQNNq2HTuRrw0V+siV/LF83/qJyez0/Nj1fnel18FBy+zqM/8wflV63Dth1fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/Ug3YAN57vfygv4x/Ky/iH8jL+oZR28rt+iTInIr0pmiGxS4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//69U5qU=")
19:07:14 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, 0x1c) (async)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, 0x1c)
listen(r2, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10}) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:14 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 22)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3427.257607][T27673] loop3: detected capacity change from 0 to 512
[ 3427.261270][T27675] loop1: detected capacity change from 0 to 512
[ 3427.281598][T27675] EXT4-fs: Ignoring removed nobh option
[ 3427.287229][T27675] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3427.291081][T27673] EXT4-fs: Ignoring removed nobh option
[ 3427.293684][T27675] EXT4-fs: Ignoring removed nobh option
[ 3427.299246][T27673] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3427.311443][T27673] EXT4-fs: Ignoring removed nobh option
[ 3427.320646][T27679] FAULT_INJECTION: forcing a failure.
[ 3427.320646][T27679] name failslab, interval 1, probability 0, space 0, times 0
[ 3427.333387][T27679] CPU: 1 PID: 27679 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3427.344055][T27679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3427.354110][T27679] Call Trace:
[ 3427.357400][T27679]
[ 3427.360354][T27679] dump_stack_lvl+0xda/0x130
[ 3427.363591][T27673] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3427.364966][T27679] dump_stack+0x15/0x20
[ 3427.364989][T27679] should_fail_ex+0x21f/0x230
[ 3427.379762][T27673] EXT4-fs (loop3): 1 truncate cleaned up
[ 3427.383178][T27679] __should_failslab+0x92/0xa0
[ 3427.383202][T27679] should_failslab+0x9/0x20
[ 3427.402897][T27679] slab_pre_alloc_hook+0x38/0x180
[ 3427.408092][T27679] __kmem_cache_alloc_node+0x46/0x250
[ 3427.415994][T27679] ? io_drain_req+0x1e1/0x4f0
[ 3427.420762][T27679] kmalloc_trace+0x2a/0xa0
[ 3427.425244][T27679] io_drain_req+0x1e1/0x4f0
[ 3427.429750][T27679] io_queue_sqe_fallback+0xd1/0xe0
[ 3427.434890][T27679] io_submit_sqes+0xbf8/0xfe0
[ 3427.439606][T27679] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3427.445199][T27679] ? __fget_files+0x1c4/0x200
[ 3427.449951][T27679] ? mutex_lock+0xd/0x30
[ 3427.454211][T27679] ? fput+0x112/0x140
[ 3427.458207][T27679] ? ksys_write+0x178/0x1a0
[ 3427.462710][T27679] __x64_sys_io_uring_enter+0x78/0x90
[ 3427.468085][T27679] do_syscall_64+0x41/0xc0
[ 3427.472562][T27679] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3427.478524][T27679] RIP: 0033:0x7fbf4da9f169
[ 3427.483015][T27679] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3427.502643][T27679] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3427.511226][T27679] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3427.519230][T27679] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3427.527197][T27679] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3427.535340][T27679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3427.543305][T27679] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3427.551705][T27679]
[ 3427.558237][T27675] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3427.575978][T27675] EXT4-fs (loop1): 1 truncate cleaned up
19:07:15 executing program 5:
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000080)={0xd}) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:15 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn801hqtYvBH0qRVe/CgouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU+CV71LoUgurZ5WZncm2W52Y35sutX5fGDgvZ2XvPfdN2/3zXuzAZTWcEQMRMQdEfFbnk6azr9wuFEoK3d9eXHqr+XFqSRqtTf/TOrlri0vThVli7/bm2dG0oj00+TGf5ibv3DxzGS1OnM+z48tnH1vbP7Cxadnz06enjk9c27ixInjx8afe3bima7EmcV1bejDuUMHX3378utTJy+/89M3SR53tMTRLcMx3C70use6XVmP7WtKJ309bAibUomIrLv66+N/ICqx2nkD8conPW0csKNqtVptd+fTSzXgfyyJXrcA6I3iiz67/y2OmzT1uCVcfbFxA5TFfT0/Gmf64nhepr/l/rabhiPi5NLfX2ZH7NA6BABAs++y+c9T7eZ/adzbVO7OfA9lMCLuioj9EXF3RByIiHsi6mXvi4j7N1n/cEt+7fwnvbKlwDYom/89n+9t3Tj/S4sig5U8t68ef39yarY6czR/T0aif3eWH1+nju9f/vXzTuea53/ZkdVfzAXzdlzpa1mgm55cmNxOzM2ufhwx1Ncu/mRlJyCJiIMRMbTFOmaf+PpQp3P/Hv86urDPVPsq4vFG/y9FS/yFZP39ybHbojpzdKy4Ktb6+ZdLb3Sqf1vxd0HW/3vaXv8r8Q8mzfu185uv49Lvn3W8p9nq9b8reaue3pW/9sHkwsL58YhdyWtrX59Y/dsiX5TP4h850n7874/Vd+KBiMgu4gcj4nBEPJS3/eGIeCQijqwT/48vPfru1uPfWVn805vq/80nKmd++LZT/Rvr/8ad+Ej+ykY+/zbawO28dwAAAPBfkdafgU/S0ZV0mo6ONp7hPxB70urc/MKTp+bePzfdeFZ+MPrTYqVroGk9dDxfGy7yEy35Y/m68ReV2+v50am56nSvg4eS29th/Gf+qPS6dcCO83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPl8/0N5Gf9QXsY/lJfxD6W0nd/1S5Q5Eekt0QyJHUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//7ZF5uU=")
19:07:15 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGUVjUihiPitoj4JU8n7QWqzT83Vpam/1hZmk6iXn/996RR7vrK0nRRtHjevjwzmkakHydt/7Bp4eKls1O12uyFPD++eO6d8YWLl56aOzd1ZvbM7PnJkydPHJ949pnJp3sSZxbX9cPvzx859PKbV16dPnXlrR++SvK4oy2OXqlGtVPoDY/2urI+29+STgb62BC2pBIRWXcNNsb/cFRirfOG46WP+to4YFfV6/X6nu6nl+vAf1gS/W4B0B/FB312/1scN2nqcUu49nzzBiiL+0Z+NM8MRJqXGWy7v+2lakScWv7z8+yIXVqHAABo9U02/3my0/wvjbtbyt2e76GMRMQdEXEgIu6MiIMRcVdEo+w9EXHvFuuvtuXXz3/Sq9sKbJOy+d9z+d7W3+d/xewvRip5bn8j/sHk9Fxt9lj+mozG4J4sP7FBHd+++POn3c61zv+yI6u/mAvm7bg60LZANzO1OLWTmFtd+zDi8ECn+JPVnYAkIg516KvNmnv8yyPdzv1z/BvowT5T/YuIx5r9vxxt8ReSjfcnx/8Xtdlj48VVsd6PP11+rVv9O4q/B7L+39vx+l+NfyRp3a9d2Hodl3/9pOs9zXav/6HkjUZ6KH/svanFxQsTEUPJK+sfn1x7bpEvymfxjx7tPP4PxNorcV9EZBfx/RHxQEQ8mLf9oYh4OCKObhD/9y888vb2499dWfwzW+r/rScqZ7/7ulv9m+v/E43UaP7IZt7/NtvAnbx2AAAA8G+RNr4Dn6Rjq+k0HRtrfof/YOxNa/MLi0+cnn/3/Ezzu/IjMZgWK13DLeuhE/nacJGfbMsfz9eNP6v8v5Efm56vzfQ7eCi5fV3Gf+a3Sr9bB+w6v9eC8jL+obyMfygv4x/Ky/iH8uo0/j/oQzuAm8/nP5SX8Q/lZfxDeRn/UEo7+V2/RJkTkd4SzZDYpUS/35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB6468AAAD///vX5ns=")
19:07:15 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, 0x1c) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3427.671798][T27706] loop1: detected capacity change from 0 to 512
[ 3427.682355][T27716] loop3: detected capacity change from 0 to 512
[ 3427.688894][T27706] EXT4-fs: Ignoring removed nobh option
[ 3427.694467][T27706] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3427.700937][T27706] EXT4-fs: Ignoring removed nobh option
[ 3427.708067][T27716] EXT4-fs: Ignoring removed nobh option
[ 3427.713717][T27716] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3427.720165][T27716] EXT4-fs: Ignoring removed nobh option
[ 3427.742055][T27706] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3427.756565][T27706] EXT4-fs (loop1): 1 truncate cleaned up
19:07:15 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r3 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_LINKAT={0x27, 0x10, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x1}, 0x4) (async)
r4 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r4, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000280)=0xe3) (async)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0) (async)
open$dir(&(0x7f0000000500)='./file0\x00', 0x8000, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f00000004c0)=0x20)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4) (async)
r7 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000480)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r4, 0x0, &(0x7f0000000440)='./file0\x00', 0x24, 0x202040, 0x65cfa}, 0x7f) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000080))
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
io_uring_enter(r0, 0xe9a, 0x10e3, 0x0, &(0x7f0000000400)={[0x8]}, 0x8)
19:07:15 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x1}, &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83da863dfd8322f16962532295e5cfb00dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd70007a000000080003002bb8afbd0de9ecc0483de1068997349bd6ffb500000000", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3427.764030][T27716] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3427.789166][T27716] EXT4-fs (loop3): 1 truncate cleaned up
19:07:15 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhlICBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTVzHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYjAi7oiIX/N00nR++UijUFbuxsrS9J8rS9NJ1Gpv/JHUy11fWZouyhZ/ty/PjKYR6SfJzf8wt3Dx0tmpanX2Qp4fXzz37vjCxUtPz52bOjN7Zvb85MmTJ45PPPfs5DNdiTOL6/rwB/OHD73y1pXXpk9defvHr5M87miJo1tGYqRd6HWPdbuyHtvflE76etgQtqQSEVl39dfH/2BUYq3zBuPlj3vaOGBX1Wq12p7Op5drwH9YEr1uAdAbxRd9dv9bHLdo6nFbuPZC4wYoi/tGfjTO9MWJvEx/y/1tN41ExKnlv77IjtildQgAgGbfZvOfp9rN/9K4t6ncnfkeylBE3BURByLi7og4GBH3RNTL3hcR92+x/pGW/Pr5T3p1W4FtUjb/ez7f27p5/pcWRYYqeW5/Pf7+5PRcdfZY/p6MRv+eLD+xQR3fvfTLZ53ONc//siOrv5gL5u242teyQDcztTi1k5ibXfsoYrivXfzJ6k5AEhGHImJ4m3XMPfHV4U7n/jn+DXRhn6n2ZcTjjf5fjpb4C8nG+5Pj/4vq7LHx4qpY76efL7/eqf4dxd8FWf/vbXv9r8Y/lDTv1y5svY7Lv33a8Z5mu9f/QPJmPT2Qv/b+1OLihYmIgeTV9a9Prv1tkS/KZ/GPHm0//g/E2jvxQERkF/GDEXEkIh7K2/5wRDwSEUc3iP+HFx99Z/vx764s/pkt9f/WE5Wz33/Tqf7N9X/jTnw0f2Uzn3+bbeBO3jsAAAD4t0jrz8An6dhqOk3HxhrP8B+MvWl1fmHxydPz752faTwrPxT9abHSNdi0HjqRrw0X+cmW/PF83fjzyv/r+bHp+epMr4OHktvXYfxnfq/0unXArvN7LSgv4x/Ky/iH8jL+obyMfyivduP/wx60A7j1fP9DeRn/UF7GP5SX8Q+ltJPf9UuUORHpbdEMiV1K9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DgAA//+9Nucl")
19:07:15 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn+0Vl2tYvBH0qRVexBEUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxjy3s7bvPfdN2/3zXu7AZRWNSKGIuK2iPg1TyftBarNP9eXF6f+XF6cSqJef+OPpFHu2vLiVFG0eN7ePDOSRqSfJG3/sGn+wsUzk7XazPk8P7Zw9t2x+QsXn5o9O3l65vTMuYkTJ44fG3/2mYmnexJnFte1Qx/MHT74yluXX5s6efntH79O8rijLY5eqUa1U+gNj/a6sj7b15JOBvrYEDalEhFZdw02xv9QVGK184bi5Y/72jhgR9Xr9fru7qeX6sD/WBL9bgHQH8UHfXb/Wxw3aOpxU7j6QvMGKIv7en40zwxEmpcZbLu/7aVqRJxc+uuL7IgdWocAAGj1bTb/ebLT/C+Nu1vK3Z7voQxHxB0RsT8i7oyIAxFxV0Sj7D0Rce8m66+25dfOf9IrWwpsg7L533P53tY/53/F7C+GK3luXyP+weTUbG3maP6ajMTg7iw/vk4d3730y2fdzrXO/7Ijq7+YC+btuDLQtkA3PbkwuZ2YW139KOLQQKf4k5WdgCQiDkbE81usY/bxrw53O/fv8a+jB/tM9S8jHmv2/1K0xV9I1t+fHLslajNHx4qrYq2ffr70erf6txV/D2T9v6fj9b8S/3DSul87v/k6Lv32add7mq1e/7uSNxvpXflj708uLJwfj9iVvLr28YnV5xb5onwW/8iRzuN/f6y+EvdFRHYR3x8RD0TEg3nbH4qIhyPiyDrx//DiI+9sPf6dlcU/van+33yicub7b7rVv7H+P95IjeSPbOT9b6MN3M5rBwAAAP8VaeM78Ek6upJO09HR5nf4D8SetDY3v/DEqbn3zk03vys/HINpsdI11LIeOp6vDRf5ibb8sXzd+PPKrY386NRcbbrfwUPJ7e0y/jO/V/rdOmDH+b0WlJfxD+Vl/EN5Gf9QXsY/lFen8f9hH9oB3Hg+/6G8jH8oL+Mfysv4h1Lazu/6JcqciPSmaIbEDiX6/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQG38HAAD//x2a5po=")
19:07:15 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
r3 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_LINKAT={0x27, 0x10, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x1}, 0x4) (async)
r4 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r4, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000280)=0xe3) (async)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
open$dir(&(0x7f0000000500)='./file0\x00', 0x8000, 0x2) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f00000004c0)=0x20)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4) (async)
r7 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0) (async)
syz_io_uring_submit(r1, r6, &(0x7f0000000480)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r4, 0x0, &(0x7f0000000440)='./file0\x00', 0x24, 0x202040, 0x65cfa}, 0x7f) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000080))
r8 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r8, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
io_uring_enter(r0, 0xe9a, 0x10e3, 0x0, &(0x7f0000000400)={[0x8]}, 0x8)
[ 3427.867645][T27758] loop1: detected capacity change from 0 to 512
[ 3427.890470][T27764] loop3: detected capacity change from 0 to 512
[ 3427.891604][T27758] EXT4-fs: Ignoring removed nobh option
[ 3427.900229][T27764] EXT4-fs: Ignoring removed nobh option
[ 3427.902374][T27758] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3427.907868][T27764] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3427.914318][T27758] EXT4-fs: Ignoring removed nobh option
[ 3427.926361][T27764] EXT4-fs: Ignoring removed nobh option
[ 3427.945325][T27758] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:15 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn801hqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPNWLqCfBq96lUCSXVk8rszuTbDe7MT823ep8PjDw3s5L3vvum7f75r3ZAEprOCIGIuKuiPgtTydN568cbhTKyt1YXpz6a3lxKola7a0/k3q568uLU0XZ4u/25pmRNCL9LLn5H+bmL1w8M1mtzpzP82MLZ98fm79w8dnZs5OnZ07PnJs4ceL4sfEXnp94ritxZnFdH/po7tDB1965/MbUycvv/vRtkscdLXF0y3AMtwu97oluV9Zj+5rSSV8PG8KmVCIi667++vgfiEqsdt5AvPppTxsH7KharVbb3fn0Ug34H0ui1y0AeqP4os/uf4vjFk09bgvXXmrcAGVx38iPxpm+OJ6X6W+5v+2m4Yg4ufT3V9kRO7QOAQDQ7Eo2/3mm3fwvjfubyt2d76EMRsQ9EbE/Iu6NiAMRcV9EvewDEfHgJusfbsmvnf+kV7cU2AZl878X872tm+d/aVFksJLn9tXj709OzVZnjubvyUj0787y4+vU8f0rv37R6Vzz/C87svqLuWDejqt9LQt005MLk9uJudm1TyKG+trFn6zsBCQRcTAihrZYx+xT3xzqdO7f419HF/aZal9HPNno/6Voib+QrL8/OXZHVGeOjhVXxVo//3LpzU71byv+Lsj6f0/b638l/sGkeb92fvN1XPr98473NFu9/nclb9fTu/LXPpxcWDg/HrEreX3t6xOrf1vki/JZ/CNH2o///bH6TjwUEdlF/HBEHI6IR/K2PxoRj0XEkXXi//Hlx9/bevw7K4t/elP9v/lE5cwP33Wqf2P937gTH8lf2cjn30YbuJ33DgAAAP4r0voz8Ek6upJO09HRxjP8B2JPWp2bX3j61NwH56Ybz8oPRn9arHQNNK2Hjudrw0V+oiV/LF83/rJyZz0/OjVXne518FByezuM/8wflV63Dthxfq8F5WX8Q3kZ/1Bexj+Ul/EP5dVu/H/cg3YAt57vfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiGxQ4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xz8BAAD//8Qn52U=")
[ 3427.964804][T27758] EXT4-fs (loop1): 1 truncate cleaned up
[ 3427.980333][T27764] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3427.997335][T27764] EXT4-fs (loop3): 1 truncate cleaned up
19:07:15 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAwdAIHEACQkO5RiStAp1G9QEiVYRBITKEVXijjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+8mxrFDHk5d2N9PWmXGO87M59mxZ2fsAEqrGhFDEXFbRPyap5P2AtXmn+vLi1N/Li9OJVGvv/FH0ih3bXlxqihaPG9vnhlJI9JPkrZ/2DR/4eKZyVpt5nyeH1s4++7Y/IWLT82enTw9c3rm3MSJE8ePjT/7zMTTPYkzi+vaoQ/mDh985a3Lr02dvPz2j18nedzRFkevVKPaKfSGR3tdWZ/ta0knA31sCJtSiYisuwYb438oKrHaeUPx8sd9bRywo+r1en1399NLdeB/LIl+twDoj+KDPrv/LY4bNPW4KVx9oXkDlMV9PT+aZwYizcsMtt3f9lI1Ik4u/fVFdsQOrUMAALT6Npv/PNlp/pfG3S3lbs/3UIYj4o6I2B8Rd0bEgYi4K6JR9p6IuHeT9Vfb8mvnP+mVLQW2Qdn877l8b+uf879i9hfDlTy3rxH/YHJqtjZzNH9NRmJwd5YfX6eO71765bNu51rnf9mR1V/MBfN2XBloW6CbnlyY3E7Mra5+FHFooFP8ycpOQBIRByPi+S3WMfv4V4e7nfv3+NfRg32m+pcRjzX7fyna4i8k6+9Pjt0StZmjY8VVsdZPP196vVv924q/B7L+39Px+l+Jfzhp3a+d33wdl377tOs9zVav/13Jm430rvyx9ycXFs6PR+xKXl37+MTqc4t8UT6Lf+RI5/G/P1ZfifsiIruI74+IByLiwbztD0XEwxFxZJ34f3jxkXe2Hv/OyuKf3lT/bz5ROfP9N93q31j/H2+kRvJHNvL+t9EGbue1AwAAgP+KtPEd+CQdXUmn6eho8zv8B2JPWpubX3ji1Nx756ab35UfjsG0WOkaalkPHc/Xhov8RFv+WL5u/Hnl1kZ+dGquNt3v4KHk9nYZ/5nfK/1uHbDj/F4Lysv4h/Iy/qG8jH8oL+MfyqvT+P+wD+0Abjyf/1Bexj+Ul/EP5WX8Qylt53f9EmVORHpTNENihxL9fmcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojb8DAAD///2b5ps=")
[ 3428.034268][T27771] loop1: detected capacity change from 0 to 512
[ 3428.040883][T27771] EXT4-fs: Ignoring removed nobh option
[ 3428.046475][T27771] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3428.053043][T27771] EXT4-fs: Ignoring removed nobh option
[ 3428.076380][T27771] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3428.084021][T27774] loop3: detected capacity change from 0 to 512
[ 3428.098188][T27774] EXT4-fs: Ignoring removed nobh option
[ 3428.103872][T27774] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3428.110356][T27774] EXT4-fs: Ignoring removed nobh option
[ 3428.120849][T27771] EXT4-fs (loop1): 1 truncate cleaned up
19:07:15 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 23)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3428.124398][T27774] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3428.152817][T27774] EXT4-fs (loop3): 1 truncate cleaned up
[ 3428.159654][T27777] FAULT_INJECTION: forcing a failure.
[ 3428.159654][T27777] name failslab, interval 1, probability 0, space 0, times 0
[ 3428.172296][T27777] CPU: 0 PID: 27777 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3428.182767][T27777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3428.192843][T27777] Call Trace:
[ 3428.196149][T27777]
[ 3428.199131][T27777] dump_stack_lvl+0xda/0x130
[ 3428.203832][T27777] dump_stack+0x15/0x20
[ 3428.208097][T27777] should_fail_ex+0x21f/0x230
[ 3428.212874][T27777] __should_failslab+0x92/0xa0
[ 3428.217658][T27777] should_failslab+0x9/0x20
[ 3428.222320][T27777] slab_pre_alloc_hook+0x38/0x180
[ 3428.227500][T27777] __kmem_cache_alloc_node+0x46/0x250
[ 3428.233001][T27777] ? io_drain_req+0x1e1/0x4f0
[ 3428.237705][T27777] kmalloc_trace+0x2a/0xa0
[ 3428.242205][T27777] io_drain_req+0x1e1/0x4f0
[ 3428.246804][T27777] io_queue_sqe_fallback+0xd1/0xe0
[ 3428.251936][T27777] io_submit_sqes+0xbf8/0xfe0
[ 3428.256673][T27777] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3428.262433][T27777] ? __fget_files+0x1c4/0x200
[ 3428.267234][T27777] ? mutex_lock+0xd/0x30
[ 3428.271598][T27777] ? fput+0x112/0x140
[ 3428.275591][T27777] ? ksys_write+0x178/0x1a0
[ 3428.280205][T27777] __x64_sys_io_uring_enter+0x78/0x90
[ 3428.285671][T27777] do_syscall_64+0x41/0xc0
[ 3428.290716][T27777] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3428.296719][T27777] RIP: 0033:0x7fbf4da9f169
[ 3428.302111][T27777] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3428.321735][T27777] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3428.330162][T27777] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3428.338151][T27777] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3428.346155][T27777] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3428.354167][T27777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3428.362217][T27777] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3428.370390][T27777]
19:07:16 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lzgYcbhbJy11eWpv9aWZpOolZ788+kXu7aytJ0UbT4u315ZjSNSD9NWv5hw8KFi2emqtXZ83l+fPHse+MLFy4+M3d26vTs6dlzkydOHD828fxzk892Jc4srmvDH84fPvTq25dfnz55+Z2fvknyuKMljm4ZiZF2odc93u3Kemx/Uzrp62FD2JJKRGTd1V8f/4NRibXOG4xXPulp44BdVavVans6n16uAbewJHrdAqA3ii/67P63OG7Q1OOmcPXFxg1QFvf1/Gic6YvjeZn+lvvbbhqJiJPLf3+ZHbFL6xAAAM2+y+Y/T7eb/6Vxb1O5O/M9lKGIuCsiDkTE3RFxMCLuiaiXvS8i7t9i/SMt+fXzn/TKtgLbpGz+90K+t/Xv+V9aFBmq5Ln99fj7k1Nz1dmj+XsyGv17svzEBnV8//Kvn3c61zz/y46s/mIumLfjSl/LAt3M1OLUTmJudvXjiOG+dvEnqzsBSUQciojhbdYx9+TXhzud++/4N9CFfabaVxFPNPp/OVriLyQb70+O3xbV2aPjxVWx3s+/XHqjU/07ir8Lsv7f2/b6X41/KGner13Yeh2Xfv+s4z3Ndq//geStenogf+2DqcXF8xMRA8lr61+fXPvbIl+Uz+IfPdJ+/B+ItXfigYjILuIHI+KhtW3xeCQiHo2IIxvE/+NLj727/fh3Vxb/zJb6f+uJypkfvu1U/+b6v3EnPpq/spnPv802cCfvHQAAAPxfpPVn4JN0bDWdpmNjjWf4D8betDq/sPjUqfn3z800npUfiv60WOkabFoPncjXhov8ZEv+WL5u/EXl9np+bHq+OtPr4KHk9nUY/5k/Kr1uHbDr/F4Lysv4h/Iy/qG8jH8oL+Mfyqvd+P+oB+0Abjzf/1Bexj+Ul/EP5WX8Qynt5Hf9EmVORHpTNENilxK9/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojn8CAAD//6tv5qY=")
19:07:16 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxYuGK29mxjHTvPh1IX9/aRVZrzjzDyeHXt2xg6gtKoRMRQRt0XEL3k6aS9Qbf65vrw49cfy4lQS9frrvyeNcteWF6eKosXz9uaZkTQi/Thp+4dN8xcunpms1WbO5/mxhbPvjM1fuPjU7NnJ0zOnZ85NnDhx/Nj4s89MPN2TOLO4rh16f+7wwZffvPzq1MnLb/3wVZLHHW1x9Eo1qp1Cb3i015X12b6WdDLQx4awKZWIyLprsDH+h6ISq503FC991NfGATuqXq/Xd3c/vVQH/sOS6HcLgP4oPuiz+9/iuElTj1vC1eebN0BZ3Nfzo3lmINK8zGDb/W0vVSPi5NKfn2dH7NA6BABAq2+y+c+TneZ/adzdUu72fA9lOCLuiIj9EXFnRByIiLsiGmXviYh7N1l/tS2/dv6TXtlSYBuUzf+ey/e2/jn/K2Z/MVzJc/sa8Q8mp2ZrM0fz12QkBndn+fF16vj2xZ8/7Xaudf6XHVn9xVwwb8eVgbYFuunJhcntxNzq6ocRhwY6xZ+s7AQkEXEwIv7qtpl1A7OPf3m427kbx7+OHuwz1b+IeKzZ/0vRFn8hWX9/cux/UZs5OlZcFWv9+NOl17rVv634eyDr/z0dr/+V+IeT1v3a+c3XcenXT7re02z1+t+VvNFI78ofe29yYeH8eMSu5JW1j0+sPrfIF+Wz+EeOdB7/+2P1lbgvIrKL+P6IeCAiHszb/lBEPBwRR9aJ//sXHnl76/HvrCz+6U31/+YTlTPffd2t/o31//FGaiR/ZCPvfxtt4HZeOwAAAPi3SBvfgU/S0ZV0mo6ONr/DfyD2pLW5+YUnTs29e266+V354RhMi5WuoZb10PF8bbjIT7Tlj+Xrxp9V/t/Ij07N1ab7HTyU3N4u4z/zW6XfrQN2nN9rQXkZ/1Bexj+Ul/EP5WX8Q3l1Gv8f9KEdwM3n8x/Ky/iH8jL+obyMfyil7fyuX6LMiUhviWZI7FCi3+9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfF3AAAA//8oMeda")
[ 3428.517188][T27785] loop1: detected capacity change from 0 to 512
[ 3428.526412][T27786] loop3: detected capacity change from 0 to 512
[ 3428.549447][T27785] EXT4-fs: Ignoring removed nobh option
[ 3428.555440][T27785] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3428.562117][T27785] EXT4-fs: Ignoring removed nobh option
19:07:16 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x280600, 0x0)
r3 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r3, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
mq_timedreceive(r2, &(0x7f0000000280)=""/50, 0x32, 0x0, 0x0)
[ 3428.569568][T27786] EXT4-fs: Ignoring removed nobh option
[ 3428.575263][T27786] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3428.581794][T27786] EXT4-fs: Ignoring removed nobh option
[ 3428.615299][T27785] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:16 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x1}, &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 64)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async, rerun: 64)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x0) (rerun: 64)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83da863dfd8322f16962532295e5cfb00dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd70007a000000080003002bb8afbd0de9ecc0483de1068997349bd6ffb500000000", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async, rerun: 32)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10}) (rerun: 32)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3428.656154][T27786] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3428.678662][T27785] EXT4-fs (loop1): 1 truncate cleaned up
[ 3428.718757][T27786] EXT4-fs (loop3): 1 truncate cleaned up
19:07:16 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQqdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQ5w4dWF/P2mVGe84M8/ujj07sw6gtKoRMRIRt0XEL3k6aS9Qbf65sbI088fK0kwS9frrvyeNctdXlmaKosX79uaZsTQi/Thp+4dNCxcvnZ2u1eYu5PmJxXPvTCxcvPTUmXPTp+dOz52fOnHi+LHJZ5+ZerovcWZxXT/0/vzhgy+/eeXVmZNX3vrhqySPO9ri6JdqVDuF3vBovysbsH0t6WRogA2hJ5WIyE7XcKP/j0Ql1k7eSLz00UAbB+yoer1e391993Id+A9LYtAtAAaj+KLP7n+L7SYNPW4J155v3gBlcd/It+aeoUjzMsNt97f9VI2Ik8t/fp5tsUPzEAAArb7Jxj9Pdhr/pXF3S7nb8zWU0Yi4IyL2R8SdEXEgIu6KaJS9JyLu7bH+alt+/fgnvbqlwDYpG/89l69t/X38V4z+YrSS5/Y14h9OTp2pzR3Nj8lYDO/O8pMb1PHtiz9/2m1f6/gv27L6i7Fg3o6rQ20TdLPTi9PbibnVtQ8jDg11ij9ZXQlIIuJgtB6S3px5/MvD3fb9c/wb6MM6U/2LiMea53852uIvJBuvT078L2pzRyeKq2K9H3+6/Fq3+rcVfx9k539Px+t/Nf7RpHW9dqH3Oi7/+knXe5qtXv+7kjca6V35a+9NLy5emIzYlbyy/vWptfcW+aJ8Fv/Ykc79f3+sHYn7IiK7iO+PiAci4sG87Q9FxMMRcWSD+L9/4ZG3tx7/zsrin+3p/PeeqJz97utu9W/u/B9vpMbyVzbz+bfZBm7n2AEAAMC/Rdp4Bj5Jx1fTaTo+3nyG/0DsSWvzC4tPnJp/9/xs81n50RhOi5mukZb50Ml8brjIT7Xlj+Xzxp9V/t/Ij8/M12YHHTyU3N4u/T/zW2XQrQN2nN9rQXnp/1Be+j+Ul/4P5aX/Q3l16v8fDKAdwM3n+x/KS/+H8tL/obz0fyil7fyuX6LMiUhviWZI7FBi0J9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fFXAAAA//+6MeZd")
19:07:16 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x1}, &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async, rerun: 32)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (rerun: 32)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83da863dfd8322f16962532295e5cfb00dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd70007a000000080003002bb8afbd0de9ecc0483de1068997349bd6ffb500000000", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async, rerun: 32)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async, rerun: 64)
fallocate(r7, 0x30, 0x9, 0x10000) (rerun: 64)
socket(0x10, 0x80002, 0x0)
19:07:16 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKBgoj4SJq0QA8cAIHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFo4Ga29m7iOHfLh1IX9/aSVZryTzDyeHXt2Zh1AaY1ExGBE3BYRv+bppOn88w82CmXlrq8sTf+5sjSdRK32xh9Jvdy1laXpomzxd/vyzGgakX6S3PgPcwsXLp6ZqlZnz+f58cWz744vXLj41NzZqdOzp2fPTZ44cfzYxLPPTD7dlTizuK4NfzB/+NArb11+bfrk5bd//DrJ446WOLplJEbahV73aLcr67H9Temkr4cNYUsqEZF1V399/A9GJdY6bzBe/rinjQN2Va1Wq+3pfHq5BvyHJdHrFgC9UXzRZ/e/xXGTph63hKsvNG6Asriv50fjTF8cz8v0t9zfdtNIRJxc/uuL7IhdWocAAGj2bTb/ebLd/C+Nu5vK3Z7voQxFxB0RcSAi7oyIgxFxV0S97D0Rce8W6x9pya+f/6RXthXYJmXzv+fyva0b539pUWSokuf21+PvT07NVWeP5u/JaPTvyfITG9Tx3Uu/fNbpXPP8Lzuy+ou5YN6OK30tC3QzU4tTO4m52dWPIob72sWfrO4EJBFxKCKGt1nH3ONfHe507p/j30AX9plqX0Y81uj/5WiJv5BsvD85/r+ozh4dL66K9X76+dLrnerfUfxdkPX/3rbX/2r8Q0nzfu3C1uu49NunHe9ptnv9DyRv1tMD+WvvTy0unp+IGEheXf/65NrfFvmifBb/6JH24/9ArL0T90VEdhHfHxEPRES+LR4PRcTDEXFkg/h/ePGRd7Yf/+7K4p/ZUv9vPVE58/03nerfXP837sRH81c28/m32Qbu5L0DAACAf4u0/gx8ko6tptN0bKzxDP/B2JtW5xcWnzg1/965mcaz8kPRnxYrXYNN66ET+dpwkZ9syR/L140/r/y/nh+bnq/O9Dp4KLl9HcZ/5vdKr1sH7Dq/14LyMv6hvIx/KC/jH8rL+Ifyajf+P+xBO4Cbz/c/lJfxD+Vl/EN5Gf9QSjv5Xb9EmROR3hLNkNilRK8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrj7wAAAP//smDm5g==")
[ 3428.820963][T27810] loop3: detected capacity change from 0 to 512
[ 3428.824034][T27812] loop1: detected capacity change from 0 to 512
[ 3428.827619][T27810] EXT4-fs: Ignoring removed nobh option
[ 3428.839409][T27810] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3428.845340][T27812] EXT4-fs: Ignoring removed nobh option
[ 3428.846041][T27810] EXT4-fs: Ignoring removed nobh option
[ 3428.857297][T27812] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3428.863757][T27812] EXT4-fs: Ignoring removed nobh option
19:07:16 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYRES64, @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3428.886398][T27810] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3428.913236][T27812] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3428.934249][T27810] EXT4-fs (loop3): 1 truncate cleaned up
[ 3428.948164][T27812] EXT4-fs (loop1): 1 truncate cleaned up
19:07:16 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k281uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00nT+eWHG4WyctdXlqb/WlmaTqJWe/PPpF7u2srSdFG2+Lt9eWY0jUg/TW78h7mFCxfPTFWrs+fz/Pji2ffGFy5cfGbu7NTp2dOz5yZPnDh+bOL55yaf7UqcWVzXhj+cP3zo1bcvvz598vI7P32T5HFHSxzdMhIj7UKve7zblfXY/qZ00tfDhrAllYjIuqu/Pv4HoxJrnTcYr3zS08YBu6pWq9X2dD69XAP+x5LodQuA3ii+6LP73+K4SVOPW8LVFxs3QFnc1/OjcaYvjudl+lvub7tpJCJOLv/9ZXbELq1DAAA0+y6b/zzdbv6Xxr1N5e7M91CGIuKuiDgQEXdHxMGIuCeiXva+iLh/i/WPtOTXz3/SK9sKbJOy+d8L+d7WjfO/tCgyVMlz++vx9yen5qqzR/P3ZDT692T5iQ3q+P7lXz/vdK55/pcdWf3FXDBvx5W+lgW6manFqZ3E3OzqxxHDfe3iT1Z3ApKIOBQRw9usY+7Jrw93Ovfv8W+gC/tMta8inmj0/3K0xF9INt6fHL8tqrNHx4urYr2ff7n0Rqf6dxR/F2T9v7ft9b8a/1DSvF+7sPU6Lv3+Wcd7mu1e/wPJW/X0QP7aB1OLi+cnIgaS19a/Prn2t0W+KJ/FP3qk/fg/EGvvxAMRkV3ED0bEQxGRb4vHIxHxaEQc2SD+H1967N3tx7+7svhnttT/W09Uzvzwbaf6N9f/jTvx0fyVzXz+bbaBO3nvAAAA4L8irT8Dn6Rjq+k0HRtrPMN/MPam1fmFxadOzb9/bqbxrPxQ9KfFStdg03roRL42XOQnW/LH8nXjLyq31/Nj0/PVmV4HDyW3r8P4z/xR6XXrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXu3G/0c9aAdw8/n+h/Iy/qG8jH8oL+MfSmknv+uXKHMi0luiGRK7lOj1JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/BMAAP//uVHnJg==")
19:07:16 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs201vG0UYAOB310kLLSWhlI+WAoaCiPhImrRAD1xAIHEACQkO5RiStCp1G9QEiVYVBITKEVXijjgi8Qs4wQUBJySucEeVKpRLCxeM1t5NjGOHOHHqwj6PtMqMd5yZ17Njz87YAZRWNSJGIuK2iPglTyftBarNP9eXL878sXxxJol6/fXfk0a5a8sXZ4qixfN255mxNCL9OGn7h00L5y+cnq7V5s7l+YnFM+9MLJy/8NSpM9Mn507OnZ06duzokclnn5l6ui9xZnFdO/D+/MH9L795+dWZ45ff+uGrJI872uLol2pUO4Xe8Gi/KxuwPS3pZGiADaEnlYjIumu4Mf5HohKrnTcSL3000MYB26per9d3dj+9VAf+x5IYdAuAwSg+6LP73+K4QVOPm8LV55s3QFnc1/OjeWYo0rzMcNv9bT9VI+L40p+fZ0ds0zoEAECrb7L5z5Od5n9p3N1S7vZ8D2U0Iu6IiL0RcWdE7IuIuyIaZe+JiHt7rL/all87/0mvbCqwDcrmf8/le1v/nP8Vs78YreS5PY34h5MTp2pzh/PXZCyGd2b5yXXq+PbFnz/tdq51/pcdWf3FXDBvx5WhtgW62enF6a3E3OrqhxEHhjrFn6zsBCQRsT8i/mq5X+jFqce/PNjt3L/Hv44+7DPVv4h4rNn/S9EWfyFZf39y4paozR2eKK6KtX786dJr3erfUvx9kPX/ro7X/0r8o0nrfu1C73Vc+vWTrvc0m73+dyRvNNI78sfem15cPDcZsSN5Ze3jU6vPLfJF+Sz+sUOdx//eWH0l7ouI7CK+PyIeiIgH87Y/FBEPR8ShdeL//oVH3t58/Nsri3+2p/7vPVE5/d3X3erfWP8fbaTG8kc28v630QZu5bUDAACA/4q08R34JB1fSafp+HjzO/z7Yldam19YfOLE/LtnZ5vflR+N4bRY6RppWQ+dzNeGi/xUW/5Ivm78WeXWRn58Zr42O+jgoeR2dxn/md8qg24dsO38XgvKy/iH8jL+obyMfygv4x/Kq9P4/2AA7QBuPJ//UF7GP5SX8Q/lZfxDKW3ld/0SZU5EelM0Q2KbEoN+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiPvwMAAP//zFjqVg==")
19:07:16 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 24)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3429.047523][T27837] FAULT_INJECTION: forcing a failure.
[ 3429.047523][T27837] name failslab, interval 1, probability 0, space 0, times 0
[ 3429.056817][T27838] loop3: detected capacity change from 0 to 512
[ 3429.060180][T27837] CPU: 1 PID: 27837 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3429.060205][T27837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3429.060216][T27837] Call Trace:
[ 3429.060222][T27837]
[ 3429.074202][T27838] EXT4-fs: Ignoring removed nobh option
[ 3429.076828][T27837] dump_stack_lvl+0xda/0x130
[ 3429.076856][T27837] dump_stack+0x15/0x20
[ 3429.086975][T27838] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.090282][T27837] should_fail_ex+0x21f/0x230
[ 3429.090311][T27837] __should_failslab+0x92/0xa0
[ 3429.093231][T27838] EXT4-fs: Ignoring removed nobh option
[ 3429.098740][T27837] should_failslab+0x9/0x20
[ 3429.098760][T27837] slab_pre_alloc_hook+0x38/0x180
[ 3429.142541][T27837] __kmem_cache_alloc_node+0x46/0x250
[ 3429.148031][T27837] ? io_drain_req+0x1e1/0x4f0
[ 3429.152900][T27837] kmalloc_trace+0x2a/0xa0
[ 3429.157459][T27837] io_drain_req+0x1e1/0x4f0
[ 3429.161987][T27837] io_queue_sqe_fallback+0xd1/0xe0
[ 3429.167186][T27837] io_submit_sqes+0xbf8/0xfe0
[ 3429.171904][T27837] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3429.177474][T27837] ? __fget_files+0x1c4/0x200
[ 3429.182207][T27837] ? mutex_lock+0xd/0x30
[ 3429.186474][T27837] ? fput+0x112/0x140
[ 3429.190469][T27837] ? ksys_write+0x178/0x1a0
[ 3429.195033][T27837] __x64_sys_io_uring_enter+0x78/0x90
[ 3429.200657][T27837] do_syscall_64+0x41/0xc0
[ 3429.205096][T27837] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3429.211037][T27837] RIP: 0033:0x7fbf4da9f169
[ 3429.211492][T27834] loop1: detected capacity change from 0 to 512
[ 3429.215517][T27837] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3429.215538][T27837] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246
[ 3429.229339][T27834] EXT4-fs: Ignoring removed nobh option
[ 3429.242739][T27837] ORIG_RAX: 00000000000001aa
[ 3429.242751][T27837] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3429.248906][T27834] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.255055][T27837] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3429.259804][T27834] EXT4-fs: Ignoring removed nobh option
[ 3429.267763][T27837] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3429.296121][T27837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3429.304214][T27837] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3429.312199][T27837]
[ 3429.325798][T27838] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:16 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x280600, 0x0)
r3 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r3, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) (async)
mq_timedreceive(r2, &(0x7f0000000280)=""/50, 0x32, 0x0, 0x0)
[ 3429.356583][T27834] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3429.371192][T27838] EXT4-fs (loop3): 1 truncate cleaned up
[ 3429.388700][T27834] EXT4-fs (loop1): 1 truncate cleaned up
19:07:16 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0loZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcCoXBJyQuMIdVapQLi2cjNbeTVzHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYjAi7oiIX/N00nT+ysONQlm5GytL03+uLE0nUau9+UdSL3d9ZWm6KFv83b48M5pGpJ8mN//D3MKFi2emqtXZ83l+fPHse+MLFy4+M3d26vTs6dlzkydOHD828fxzk892Jc4sruvDH84fPvTq25dfnz55+Z0fv0nyuKMljm4ZiZF2odc93u3Kemx/Uzrp62FD2JJKRGTd1V8f/4NRibXOG4xXPulp44BdVavVans6n16uAf9hSfS6BUBvFF/02f1vcdyiqcdt4dqLjRugLO4b+dE40xfH8zL9Lfe33TQSESeX//oyO2KX1iEAAJpdyeY/T7eb/6Vxb1O5O/M9lKGIuCsiDkTE3RFxMCLuiaiXvS8i7t9i/SMt+fXzn/TqtgLbpGz+90K+t3Xz/C8tigxV8tz+evz9yam56uzR/D0Zjf49WX5igzq+e/mXzzuda57/ZUdWfzEXzNtxta9lgW5manFqJzE3u/ZxxHBfu/iT1Z2AJCIORcTwNuuYe/Lrw53O/XP8G+jCPlPtq4gnGv2/HC3xF5KN9yfH/xfV2aPjxVWx3k8/X3qjU/07ir8Lsv7f2/b6X41/KGner13Yeh2Xfvus4z3Ndq//geStenogf+2DqcXF8xMRA8lr61+fXPvbIl+Uz+IfPdJ+/B+ItXfigYjILuIHI+KhiMi3xeORiHg0Io5sEP8PLz327vbj311Z/DNb6v+tJypnvv+2U/2b6//Gnfho/spmPv8228CdvHcAAADwb5HWn4FP0rHVdJqOjTWe4T8Ye9Pq/MLiU6fm3z8303hWfij602Kla7BpPXQiXxsu8pMt+WP5uvEXlf/X82PT89WZXgcPJbevw/jP/F7pdeuAXef3WlBexj+Ul/EP5WX8Q3kZ/1Be7cb/Rz1oB3Dr+f6H8jL+obyMfygv4x9KaSe/65cocyLS26IZEruU6PUnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHf8HQAA///AQudm")
19:07:16 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhQtGa+8mxrFDHk5d2N9PWmXGO87M59mxZ2fsAEqrGhFDEXFbRPySp5P2AtXmn+vLi1N/LC9OJVGvv/570ih3bXlxqihaPG9vnhlJI9KPk7Z/2DR/4eKZyVpt5nyeH1s4+87Y/IWLT82enTw9c3rm3MSJE8ePjT/7zMTTPYkzi+vaoffnDh98+c3Lr06dvPzWD18ledzRFkevVKPaKfSGR3tdWZ/ta0knA31sCJtSiYisuwYb438oKrHaeUPx0kd9bRywo+r1en1399NLdeB/LIl+twDoj+KDPrv/LY4bNPW4KVx9vnkDlMV9PT+aZwYizcsMtt3f9lI1Ik4u/fl5dsQOrUMAALT6Jpv/PNlp/pfG3S3lbs/3UIYj4o6I2B8Rd0bEgYi4K6JR9p6IuHeT9Vfb8mvnP+mVLQW2Qdn877l8b+uf879i9hfDlTy3rxH/YHJqtjZzNH9NRmJwd5YfX6eOb1/8+dNu51rnf9mR1V/MBfN2XBloW6CbnlyY3E7Mra5+GHFooFP8ycpOQBIRByPir7Z7ho2affzLw93O/Xv86+jBPlP9i4jHmv2/FG3xF5L19yfHbonazNGx4qpY68efLr3Wrf5txd8DWf/v6Xj9r8Q/nLTu185vvo5Lv37S9Z5mq9f/ruSNRnpX/th7kwsL58cjdiWvrH18YvW5Rb4on8U/cqTz+N8fq6/EfRGRXcT3R8QDEfFg3vaHIuLhiDiyTvzfv/DI21uPf2dl8U9vqv83n6ic+e7rbvVvrP+PN1Ij+SMbef/baAO389oBAADAf0Xa+A58ko6upNN0dLT5Hf4DsSetzc0vPHFq7t1z083vyg/HYFqsdA21rIeO52vDRX6iLX8sXzf+rHJrIz86NVeb7nfwUHJ7u4z/zG+VfrcO2HF+rwXlZfxDeRn/UF7GP5SX8Q/l1Wn8f9CHdgA3ns9/KC/jH8rL+IfyMv6hlLbzu36JMicivSmaIbFDiX6/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTG3wEAAP//br3uUg==")
[ 3429.478442][T27861] loop1: detected capacity change from 0 to 512
[ 3429.497646][T27866] loop3: detected capacity change from 0 to 512
[ 3429.498628][T27861] EXT4-fs: Ignoring removed nobh option
[ 3429.509642][T27861] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.511969][T27866] EXT4-fs: Ignoring removed nobh option
[ 3429.516063][T27861] EXT4-fs: Ignoring removed nobh option
19:07:17 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x280600, 0x0)
r3 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r3, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
mq_timedreceive(r2, &(0x7f0000000280)=""/50, 0x32, 0x0, 0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x280600, 0x0) (async)
dup(0xffffffffffffffff) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r3, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) (async)
mq_timedreceive(r2, &(0x7f0000000280)=""/50, 0x32, 0x0, 0x0) (async)
[ 3429.528054][T27866] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.534526][T27866] EXT4-fs: Ignoring removed nobh option
[ 3429.547539][T27861] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3429.574242][T27861] EXT4-fs (loop1): 1 truncate cleaned up
[ 3429.580871][T27866] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3429.600383][T27866] EXT4-fs (loop3): 1 truncate cleaned up
19:07:17 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqoN2OSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5PmAm81CmXlrq8sTf+5sjSdRK32+h9Jvdy1laXpomjxd/vyzGgakX6StPzDhoULF89MVauz5/P8+OLZd8cXLlx8au7s1OnZ07PnJk+cOH5s4tlnJp/uSpxZXNeGP5g/fOjlNy+/On3y8ts/fp3kcUdLHN0yEiPtQq97tNuV9dj+pnTS18OGsCWViMi6q78+/gejEmudNxgvfdzTxgG7qlar1fZ0Pr1cA/7Hkuh1C4DeKL7os/vf4rhBU4+bwtXnGzdAWdzX86Nxpi+O52X6W+5vu2kkIk4u//VFdsQurUMAADT7Npv/PNlu/pfG3U3lbs/3UIYi4o6IOBARd0bEwYi4K6Je9p6IuHeL9Y+05NfPf9Ir2wpsk7L533P53tY/539pUWSokuf21+PvT07NVWeP5u/JaPTvyfITG9Tx3Yu/fNbpXPP8Lzuy+ou5YN6OK30tC3QzU4tTO4m52dWPIob72sWfrO4EJBFxKCKGt1nH3ONfHe507t/j30AX9plqX0Y81uj/5WiJv5BsvD85fktUZ4+OF1fFej/9fOm1TvXvKP4uyPp/b9vrfzX+oaR5v3Zh63Vc+u3Tjvc0273+B5I36umB/LX3pxYXz09EDCSvrH99cu1vi3xRPot/9Ej78X8g1t6J+yIiu4jvj4gHIuLBvO0PRcTDEXFkg/h/eOGRd7Yf/+7K4p/ZUv9vPVE58/03nerfXP837sRH81c28/m32Qbu5L0DAACA/4q0/gx8ko6tptN0bKzxDP/B2JtW5xcWnzg1/965mcaz8kPRnxYrXYNN66ET+dpwkZ9syR/L140/r9xaz49Nz1dneh08lNy+DuM/83ul160Ddp3fa0F5Gf9QXsY/lJfxD+Vl/EN5tRv/H/agHcCN5/sfysv4h/Iy/qG8jH8opZ38rl+izIlIb4pmSOxSotefTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xdwAAAP//rjvm5w==")
19:07:17 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQqdRvUBIlWFRSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxTT7surC/n7TKjHecmcezY8/O2AGUVjUixiLitoj4JU8n7QWqzT83Vi7O/bFycS6Jev3135NGuesrF+eKosXzdueZiTQi/Thp+4dNS+cvnJ6t1RbO5fmp5TPvTC2dv/DUqTOzJxdOLpydOXbs6JHpZ5+ZebovcWZxXT/w/uLB/S+/eeXVueNX3vrhqySPO9ri6JdqVDuF3vBovysbsj0t6WRkiA1hUyoRkXXXaGP8j0Ul1jpvLF76aKiNAwaqXq/Xd3Y/fakO/IclMewWAMNRfNBn97/FcZOmHreEa883b4CyuG/kR/PMSKR5mdG2+9t+qkbE8Ut/fp4dMaB1CACAVt9k858nO83/0ri7pdzt+R7KeETcERF7I+LOiNgXEXdFNMreExH3brL+alt+/fwnvbqlwDYom/89l+9t/X3+V8z+YryS5/Y04h9NTpyqLRzOX5OJGN2Z5ad71PHtiz9/2u1c6/wvO7L6i7lg3o6rI20LdPOzy7PbibnVtQ8jDox0ij9Z3QlIImJ/RBzYYh2nHv/yYK/zvePvoQ/7TPUvIh5r9v+laIu/kPTen5z6X9QWDk8VV8V6P/50+bVu9f9z/w9W1v+7Ol7/q/GPJ637tUubr+Pyr590vafZ6vW/I3mjkd6RP/be7PLyuemIHckr6x+fWXtukS/KZ/FPHOo8/vfG2itxX0RkF/H9EfFARDyYt/2hiHg4Ig71iP/7Fx55e+vxD1YW//ym+n/zicrp777uVv/G+v9oIzWRP7KR97+NNnA7rx0AAAD8W6SN78An6eRqOk0nJ5vf4d8Xu9La4tLyEycW3z073/yu/HiMpsVK11jLeuh0vjZc5Gfa8kfydePPKv9v5CfnFmvzww4eSm53l/Gf+a0y7NYBA+f3WlBexj+Ul/EP5WX8Q3kZ/1Bencb/B0NoB3Dz+fyH8jL+obyMfygv4x9KaTu/65cocyLSW6IZEgNKDPudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD/+CgAA///EQuZV")
19:07:17 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x5cf8, 0xe393, 0x1, &(0x7f0000000080)={[0xffff]}, 0x8)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3429.681575][T27885] loop1: detected capacity change from 0 to 512
[ 3429.688867][T27885] EXT4-fs: Ignoring removed nobh option
[ 3429.694541][T27885] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.701014][T27885] EXT4-fs: Ignoring removed nobh option
[ 3429.714782][T27887] loop3: detected capacity change from 0 to 512
[ 3429.714826][T27885] EXT4-fs (loop1): #blocks per group too big: 24576
19:07:17 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdDgUBBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJceyQh1OX7u8nrTLjHWfm8+zYszN2AKU1EhGDEXFHRPyWp5PWAvmf6ytL03+tLE0nUau9+WdSL3dtZWm6KFo8b1+eGU0j0k+Tln/YsHDh4pmpanX2fJ4fXzz73vjChYvPzJ2dOj17evbc5IkTx49NPP/c5LNdiTOL69rwh/OHD7369uXXp09efuenb5I87miJo1tGYqRd6HWPd7uyHtvflE76etgQtqQSEVl39dfH/2BUYq3zBuOVT3raOGBX1Wq12p7Op5drwC0siV63AOiN4oM+u/8tjhs09bgpXH2xcQOUxX09Pxpn+uJ4Xqa/5f62m0Yi4uTy319mR+zSOgQAQLPvsvnP0+3mf2nc21TuznwPZSgi7oqIAxFxd0QcjIh7Iupl74uI+7dY/0hLfv38J72yrcA2KZv/vZDvbf17/pcWRYYqeW5/Pf7+5NRcdfZo/pqMRv+eLD+xQR3fv/zr553ONc//siOrv5gL5u240teyQDcztTi1k5ibXf04YrivXfzJ6k5AEhGHImJ4m3XMPfn14U7n/jv+DXRhn6n2VcQTjf5fjpb4C8nG+5Pjt0V19uh4cVWs9/Mvl97oVP+O4u+CrP/3tr3+V+MfSpr3axe2Xsel3z/reE+z3et/IHmrnh7IH/tganHx/ETEQPLa+scn155b5IvyWfyjR9qP/wOx9ko8EBHZRfxgRDwUEQ/nbX8kIh6NiCMbxP/jS4+9u/34d1cW/8yW+n/ricqZH77tVP/m+r9xJz6aP7KZ97/NNnAnrx0AAAD8X6T178An6dhqOk3Hxhrf4T8Ye9Pq/MLiU6fm3z830/iu/FD0p8VK12DTeuhEvjZc5Cdb8sfydeMvKrfX82PT89WZXgcPJbevw/jP/FHpdeuAXef3WlBexj+Ul/EP5WX8Q3kZ/1Be7cb/Rz1oB3Dj+fyH8jL+obyMfygv4x9KaSe/65cocyLSm6IZEruU6PU7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHf8EwAA//8kueaH")
19:07:17 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYRES64, @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3429.739771][T27887] EXT4-fs: Ignoring removed nobh option
[ 3429.745394][T27887] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.751876][T27887] EXT4-fs: Ignoring removed nobh option
[ 3429.775310][T27887] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:17 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdDAUNBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2uvEOHaah10X9veTVpnxjjPzeXbs2Rk7gMIqR8RwRNwREb/l6aS1QLn+5/rq8sxfq8szSVSrb/6Z1MpdW12eaRRtPG9fnhlLI9JPk5Z/WLd44eKZ6Upl7nyen1g6+97E4oWLz8yfnT49d3ru3NSJE8ePTT7/3NSzXYkzi+va6IcLhw+9+vbl12dOXn7np2+SPO5oiaNbylFuF3rN492urM/2N6WTgT42hG0pRUTWXYO18T8cpVjvvOF45ZO+Ng7oqWq1Wt3T+fRKFfgfS6LfLQD6o/FBn93/No6bNPW4JVx9sX4DlMV9PT/qZwYizcsMttzfdlM5Ik6u/P1ldkSP1iEAAJp9l81/nm43/0vj3qZyd+Z7KCMRcVdEHIiIuyPiYETcE1Ere19E3L/N+sst+Y3zn/TKjgLbomz+90K+t/Xv+V9j9hcjpTy3vxb/YHJqvjJ3NH9NxmJwT5af3KSO71/+9fNO55rnf9mR1d+YC+btuDLQskA3O700vZuYm139OGJ0oF38ydpOQBIRhyJidId1zD/59eFO55Ibxr+JLuwzVb+KeKLe/yvREn9zGzfZn5y4LSpzRycaV8VGP/9y6Y1O9d+4/3sr6/+9ba//tfhHkub92sXt13Hp98863tPs9PofSt6qpYfyxz6YXlo6PxkxlLy28fGp9ec28o3yWfxjR9qP/wOx/ko8EBHZRfxgRDwUEQ/nbX8kIh6NiCObxP/jS4+9u/P4eyuLf3Zb/b/9ROnMD992qn9r/X+8lhrLH9nK+99WG7ib1w4AAAD+K9Lad+CTdHwtnabj4/Xv8B+MvWllYXHpqVML75+brX9XfiQG08ZK13DTeuhkvjbcyE+15I/l68ZflG6v5cdnFiqz/Q4eCm5fh/Gf+aPU79YBPef3WlBcxj8Ul/EPxWX8Q3EZ/1Bc7cb/R31oB3Dz+fyH4jL+obiMfygu4x8KaTe/65cociLSW6IZEj1K9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+CQAA//+j/uZW")
[ 3429.803877][T27887] EXT4-fs (loop3): 1 truncate cleaned up
[ 3429.830171][T27894] loop1: detected capacity change from 0 to 512
19:07:17 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)={0x0, ""/256, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {r2}, {r2}, {}, {}, {r3}, {r2}, {0x0, r4}, {r2}, {0x0, r4}, {0x0, r4}, {}, {}, {r3}, {0x0, r4}, {r3}, {}, {0x0, r4}, {0x0, r4}, {}, {0x0, r4}, {}, {r3}, {}, {0x0, r4}, {r3}, {0x0, r4}, {}, {0x0, r4}, {}, {0x0, r4}, {}, {}, {}, {}, {r2, r4}, {0x0, r4}, {r2}, {r2}, {r2}, {0x0, r4}, {}, {}, {}, {0x0, r4}, {0x0, r4}, {}, {r2}, {}, {}, {r2}, {}, {0x0, r4}, {r2, r4}, {}, {r3, r4}, {}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {}, {}, {r2}, {}, {r3, r4}, {r3, r4}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {r2}, {r2}, {}, {0x0, r4}, {r2}, {0x0, r4}, {}, {0x0, r4}, {r2}, {}, {r3}, {}, {}, {}, {0x0, r4}, {}, {}, {0x0, r4}, {r2}, {}, {0x0, r4}, {}, {r3, r4}, {r3}, {r3}, {r3}, {}, {r3}, {0x0, r4}, {}, {r2}, {r2}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {}, {}, {}, {r2}, {}, {r2}, {r2}, {}, {}, {r3}, {}, {0x0, r4}, {}, {0x0, r4}, {0x0, r4}, {}, {r3}, {r2}, {}, {}, {0x0, r4}, {r3, r4}, {}, {}, {r3, r4}, {r2}, {r3}, {r3}, {r3, r4}, {r2, r4}, {r2}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r2, r4}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {r2, r4}, {}, {}, {}, {r3, r4}, {0x0, r4}, {0x0, r4}, {r3}, {r3}, {0x0, r4}, {0x0, r4}, {r3}, {}, {}, {r3}, {0x0, r4}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {}, {r3, r4}, {}, {}, {}, {}, {}, {r2}, {r2, r4}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r3, r4}, {}, {r3}, {r3}, {r3}, {r2}, {}, {}, {r3}, {}, {0x0, r4}, {}, {0x0, r4}, {r3, r4}, {r3}, {r2, r4}, {}, {0x0, r4}, {}, {}, {0x0, r4}, {r2}, {r3}, {r2}, {0x0, r4}, {r2}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r3}, {}, {}, {}, {}, {}, {r3, r4}, {r3, r4}, {}, {0x0, r4}, {r2}, {}, {r2}, {}, {r2}, {r3}, {}, {r2}, {}, {r2, r4}, {}, {r2}, {r3, r4}, {}, {r3}, {}, {0x0, r4}, {r2}, {0x0, r4}, {0x0, r4}, {r2}, {r2}], 0x8, "a3fa374174c840"})
r5 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000000)={0x0})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/9p', 0x280000, 0xb)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = perf_event_open(&(0x7f0000001940)={0x3, 0x80, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000080)}, 0x4000, 0xfffffffffffffffe, 0xc6, 0x2, 0x0, 0x4}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x8)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r9, 0x50009418, &(0x7f0000000400)={{r9}, r11, 0x14, @inherit={0x88, &(0x7f0000000180)=ANY=[@ANYRESHEX=r12]}, @devid})
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r')
ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ')
sendmsg$NLBL_CIPSOV4_C_REMOVE(r14, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001840)=ANY=[@ANYRES32=r14, @ANYRES32=r13, @ANYRESOCT, @ANYRES32=r10, @ANYRES16=r11, @ANYRES64, @ANYRESHEX=r8], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x20040065)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r7, 0xd000943e, &(0x7f0000001c40)={r10, 0x0, "d93356f533e0070d026a2b11e74703c2e70a0ad6d7d9c1d8feba30048b4686bb6ab47591f48ef78dbfe251ee9ec12d654b32e8f1c0084df1a0cbcc011e0937b7c8c65687019a17e0d05352560105c06d6db0225bb0a5cd0e2d0a50d516aaea707d9aedeeb2fbaaecd95b23829a752ece010ac6bbe70aaed2105ab8926342481e9a327f7ebc9db85fb348088fd581e77752415b2db9dffd7e076dfb73ff2f4bc6d4ce8eff4f6b5a7e39fa7b9d66acdc9a604a2d5f804e69aa63fa523d78f9d187d2bfee51bc4db1ab7eeced9cb0b39896073f3b47963a2853c0d13ca9f62eecdeb762b3a55b273ac7eecdb9db9e65ab91ee5d622781f68a88850ce57ab09d1527", "c21ab51e00e5778ab96256127e43c7edd21070bd76272641dcf6dc144ec2a449139ff9f8cdbea61178f60594355633e602c87492f12d2a19bb0a4ca46746b645168323274614ec4d7ba8b6ec2d688c5a64fed3cd3228dacd4a94544bd87820ebe9b0e4b5c15d933bfb93b5ba34481c48a4becfeb8898914b06374ed7b407455760513017b3414d6cff69dac6807e7134f61ec3a159444ad2169cc4145f59a8aba3d7d82b81f0998c0d6a012e16f27f45efc584dce1c849ab28e0658ac51c1bdd8439eab2ce7e489ddb0c115572d37da0ecf51d11849702238439b9a41eb8203f0f6d2253056da3f5bc5435d4788fc76d7a0409fa4ecdcac1fdd1e5784fe6d25e8d1e99d0e485bfd50dc33e56403016734b2f035ca193d9216f8159af56016f8d83c61a95a3803cd17d4d143200da917e061752f719614a2ea4224842bac56d20a9f0dd1930017ef8538f074e4fed1e18f8d7815b237d078059dad372c660bf818e4506e1d09d53ecb491981633e382f7c3c371bdb37c8d97c7421a7025e9bdad3d32b65caa6ae97fe9c764b323e7ef3717689e21b87f0e4f8b09a0918f47d4f8369136a471ac96a0d41c5c3182107c045c48a5e6598c406fa3b85572acb1e06ef8eb7071b63ceccc469d0f338bcfe3d6c48ee8bdc22837db001e5530f0a553fb5c89ae7dc5cca092f8052031f760134df9ef6aa15b736817f5ec9ffca9461dc7bce65e883449496828a9ae7fd99a1432dedc874434dfd8fc4d0695c529001e673098e1aeda8e8176d2221aefb6953cb723bdee6d5575bde5c8ab39f2ea628e36da2e511ae6e71b26cc0acdd930172794a2a07b669e3ce7f9a9f0a42f253780e132adf682409b07c0e3b0ed52b68d4e9191fe027c09f6df2fe290a6e6d9d82c9696bdbc3e7b5a8e068dcdd64fc658d0c076b1c5a88ad484a48a366bccf9d92d06ba3b8fe435a4cc8af841f6cefa1ba239f70a5f69cc4c79e135286735a9a3fc66b441fd6643ecc83c03587289bbc8fa852dc7d6f9094887f3039475c33bd1274327f4a59bfe10943744dbe4d6ae61da4a19202b07c10f9fb72fbd1a808b9f0bb725d11bec91f5007581f71bb6ef298c0c8c41c33f517ef571498d34739cf477986bc98e55c37c7cb3095f5c0899a6a00a5d4eaa6546ddb105af8bc739a8d7d54c244611f4daf86a7a39fe80b282b1cf093ae328a0e8b0a918f8b2821cc00376b5b33b7060ec5e11f5bce746e55f3babcb10360997151abc76423c5f4453261bd157ab93a6fd45c85c7cf7c3a6c16a5633ade9b4d5a0c6883228d50f9114337979b153caf6a908cdd7349184bbb917f125de3c96b3623d242564ccb4bc2fb99d307ffdec2f0720382e73ce3e9a182c9abf2926feb1e3d1838f7e1dc99873797637b8e3248164f2c871ba684898aa2a093fabc6155d1b0d601f41e46d731d835a10db50c59cb458b073d38cef9d9007a367ffcab77479d264a32ed769c768d09784f8fdb3797c3d4a3b0f58c1c04380cb3c265486517efa577dd25e8f4cadeca1fd940ccb6f32e770a90bd0bdbe99bb24ce3c8fe76c67430f6066d9fb2af99f788cef996b5dea3118d1c2a6325bb7d43554913a80a43fc45b5ffb52ac6fe57da3db64f1e4e42597908e995c2c16da8fdd3f8f4619e81bba2b9108b6eaae0850a13061ff049abdbced553df6af40a93cc81b192cba6933910276c8d8c0a9f23af824d2d4bed74e6afe08d5521e6a4a7d4a2f2e817af526e6501abf19b4187245c2317de6657a0b71d8115c556c8ff04339ece97e8bae56e89752a826354172d730c37a3bab4b02e797586137b3678fbfbd521a3ab991e82e39e69b3bc198408c6d58a8fd31fb60420e67fca16024906255c54ccff6bcc204314ed0841cfc916bc4f330ccf0856212329c58b7343dad8837bb1dbf138c7fd19e9f672550485ea4724aa0577c786267b89157818fea5485ac05ceb2d8bcdbdfa2615ef719ce4f2f6ca11e20904321bb7864be575a4616858801290e572bc1d79d401a6195d4edafdb0285a03af4e18634648f89686c5fd859dc138aa0ec4b66d5e507bf1370431ff17b578a8ca6c84587bf5d0fbd20e59d05095adc6bd4f20ae0404535967190654fa2dac128783aef42cc1282c07683c979701b31bb054094a401e76ce681c36abdea40b47435b723c0cbe42ce2ee5963fd0f0011ee0e89270dfc2415f4e2202cef3c50076ac0b2205cadb4dad6dac5db4c977ea7af14cde4d18d84c539d49d07990ea870505aaf8a75ebb7181cc6279baa6fb9462a0b92c2327380c52b52c10898130ce35bc7e42f44722b56c3e04f020c721457ccf54bc60be768c148f7bbec0aa403812c55fa261bb1ba20b75d4f1b6b93f6a4710e3e79384ac34da40833b7831c0df57e89123281a810d8202e90127e18916d0da237f1e69b3e8bb4610bd86549757fe88a1d6437978b391aca44797483b6d82fcc6a23a482110a7fa29d89796afb3fc0916b82997a9d724b70006ea5dee8f4aa433366804b82fc30c9c624f9db701fcc78c22de9e1f797ac8fbd8c85d617fa1ea7c7ba9989a4a4d6d4295287cfe3bee83c78872fe34e43803e606b5b1dbecafc90a6023b1bc769f34920880cc97de321ba85a5f62ee3f1552a17d7f3838c331fa64347dd1e12ec5a8f9e585f25ab65922cf32a1b93aa332cba117e5ab34dc57544f51e15e0aeedef036dbd5ab57046532d375a2e0888c9e6d85a11b15673fa3dee592b75eb36d61c49c8130e9b60e62ad42171159101f88b51906a73a1db2181fd5bb0d1e8ce60207ed3035c1e700ee66f0af0833e1cce7608e6b7de33fc4e3bc36abfc5968fa5086af9b11b92a3471c5188e28862da6c509528258aa279526a826808c3b4dc33463820dc702a7e23e88cca68cb10d5eb6990a220000c65100b18de9713f1a00a07f0afaf07dc61a4a0e6ec4e79f79862c4bc722e5ce2ab4e93da4759c87418e4b411a4af0d36dfe643377fe9cf4d9e87df761299f827fb38e9614f29a6dd9ac9721994d4c134380068d7c90413c14bf4dbb4f29b675f3799731b53002640a99f164de700bbaabab785276552cbcaba84c8b4dfb954d95c1f5a201209e8b3cec19d84e0f31f59c7c355ed79cf172d04539d43e47383c8e28af1bc9753e496562d4b4c59297d7f8437e9662d9f23fd3e91407081e07671763c03313616d7ecff65c531f4f15ce2b428a336ea857180b6460257856445113715555acac02d4bb07e74844dab429897f7dc7db4e9b1d38cfc62d74a9ff402978cc6207eb103099b894c74690769768c4e9b287c162f9e2abbd44b692333beb490700b0990d08b0217056245eb9957216ce0ff5de1d366e76355b57f498df62b8a2a769dff35524acf51a69a0b746946c7b1ab8f380a9e7446592fa519abd92e56a82f91638db76621c904077a6b4a1e1fd6eba382e3758329de77b8431e7975b6482c29a06d9233adcee83ceb82d1bd7ddae0c60838cba423ebb55bd377ab8ce76a983457ed29195ee23b9b43982e2e74b6e5e7b2e78fca83e75ccbb4ddcb45f97cdf84437fd1eb2d95ad2ddc95e6b7c96a3b8b641e60b6e53e1f42a548d0dcf217fc625f70a856d290cb6b9400a5f861e977cce0522f443bd005eec04d1eba19f4372d86d17f33ad7a36dba6bd65107dfbd01001ef1fd71191332c483b65c4c81205e842acbe443326cefd84b6d605d0e1f8ee91f3abf753ac2d88d08e12aa8cee48072196b0992d9c7692f0740c1a1317f4de68100a3db360f3c69b18da7a51df9042a229aba87b3608dfadf60c7dcf3c947e0b5b25192bde3b33635d1699b1fa1e456bf7fc5a373b8226c679fe5fb8eec715f9ee0c1a1223e08235137d0aa6df29096ce5d295163d7f8a1d08afacf5bf349d4819381ef513d5d703a3d0c8a19009e50df2912ee1d0cf5d865e9883ca20e131500d3a55b3e1746781b5f10611ea7c457317ec2153691e1362fe109432e091cb7a8c74fbf316753eee5de22fea1e80cbb077a85c8f882a2e6c40d156a37f21d750830f11741dfc16511834a114af31e6e8edef849d438524892af08e68fefc8a5ac26205468aab334296edec5b2bacb91bdda3296cd7f9d9ca68260a8709a332b9f422acfc05e61587f20c99e03495a5e271ab938928c9fb3012a428157a5ca6724154667dc7a02c126bab9deddb45254f965e3d1e8e2326cdbb7f8279b158ff19d2de5fafedbaccb4bca4888a2e8bc74a4b39db6bb9beecf69f5945bc526f62140b5919ee46e29935f63705542550982aff7f5ae7fa1a4f424dc1ef9e8d338cc98276bb0d5889127c00d34fcbf74a819fe340e8249c1e60e953726fe1f2b0857d3fbb100d09c5f28b0e8bf7fecb15e9b9a4a6d3dd2fb2b8d71c8b57e6cf0533b340422c43ec53de0c3785cad282046556216f3da7224ad8ab38cffd0c503a960548a3d5c3bd862a6c5907e3a665615cfb0218359511f64033e88e4fd5d2f78d0b4a22dffa71c5ba27e8233ffebf3729033828d02732e08dd3ec028a94b14496950249bd24bd55123795d66c3a1a629e533085878c4cc425e2e9717c7ee6c9d719fa8db1ea4c16f3b5df660b71c1b87996c96c0cfb257faa41c1d7b8a07e0df3d75588ed3c5f7f5a05d119ab254c95128cc0b4d550f726909042730742e9a35bf35019ab38222e7dad59e673eabdd39f84c5dcaef6907f4f8b7a5f8b3d930d4370abfd530c051e5473675d194f0bfc1d6a50d4d24d8d93e2fa3aba80b632685d02f1c29ce6b206b55ca7e42de7efb41326446f23fd1349da3ca4ba50ebb3b354729177221f1b8acc8d9d3fe1e88995aeadf16af73fe1d0e8287ced39c33830dbe970fd0c4c0a50e49d1617786d569ea804b4a6b26724a032fbf83ec6bf209688ad134a9ded234832a5078e1639c6982d848587e600a9e1de3d27243f6b37a5bc60b535cc12387f07bcd0d5cca82b9fe4b5bc24f988e426e05cdbe9ee1514f3726eb8756812e23b069c4d5ab7ec3524ef6583e81216055baf6caaf92e2581f30754e127319cf12339fb3bdf61e2870ff2f1518e37395c49fb392cdb5f2443bcec7162258c9bb05c330c3003eabac85a578faa87690ccbf214f3cdac196bbe6d1028c46ac2183026c9d931400fa507ca935c824ca996010248021e9783ba1b7c7d969c007c7b8625c6da10f3864736355237b3799bbe3e7c731f000d20d3980e13ed6902770104d35cf6b474eb04d921ea7f8f44da3bfec32701286efd47738951e947e0ea9eba03ac6980c31148c385edaa1c51f1c038fbf46b75059a66735c9d75285a4aa386d44e38440acba4cc93a1be79ebcbde0879b3ef4a1fab9fa0b9ab2fd79b1e6a4e9f4dc97f1ae8ad4c3df7ab96899c9af3700ef29fd7ef6931cbbaf1ae400ccf6b1892454317"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0x8, "a3fa374174c840"})
r18 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r18, 0x890c, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x2, @remote={0xac, 0x10, 0x3}}, @l2tp={0x2, 0x0, @empty, 0x1}, @generic={0x2, "bcbc5dada046e4d15ddee9502b10"}, 0xf0f4, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='syz_tun\x00'})
ioctl$FS_IOC_FIEMAP(r18, 0xc020660b, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000001400), 0x800, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000001440)={0x0, ""/256, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {r19}, {r19}, {}, {}, {r20}, {r19}, {0x0, r21}, {r19}, {0x0, r21}, {0x0, r21}, {}, {}, {r20}, {0x0, r21}, {r20}, {}, {0x0, r21}, {0x0, r21}, {}, {0x0, r21}, {}, {r20}, {}, {0x0, r21}, {r20}, {0x0, r21}, {}, {0x0, r21}, {}, {0x0, r21}, {}, {}, {}, {}, {r19, r21}, {0x0, r21}, {r19}, {r19}, {r19}, {0x0, r21}, {}, {}, {}, {0x0, r21}, {0x0, r21}, {}, {r19}, {}, {}, {r19}, {}, {0x0, r21}, {r19, r21}, {}, {r20, r21}, {}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {}, {}, {r19}, {}, {r20, r21}, {r20, r21}, {}, {}, {}, {}, {}, {}, {}, {0x0, r21}, {}, {0x0, r21}, {r19}, {r19}, {}, {0x0, r21}, {r19}, {0x0, r21}, {}, {0x0, r21}, {r19}, {}, {r20}, {r15}, {}, {}, {0x0, r21}, {}, {}, {0x0, r21}, {r19}, {}, {0x0, r21}, {}, {r20, r21}, {r20}, {r20}, {r20}, {}, {r20}, {0x0, r21}, {}, {r19}, {r19}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {}, {}, {}, {r19}, {}, {r19}, {r19}, {}, {}, {r20}, {}, {0x0, r21}, {}, {0x0, r21}, {0x0, r21}, {}, {r20}, {r19}, {}, {}, {0x0, r21}, {r20, r21}, {}, {}, {r20, r21}, {r19}, {r20}, {r20}, {r20, r21}, {r19, r21}, {r19}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r19, r21}, {}, {}, {}, {}, {}, {0x0, r21}, {}, {0x0, r21}, {r19, r21}, {}, {}, {}, {r20, r21}, {0x0, r21}, {0x0, r21}, {r20}, {r20}, {0x0, r21}, {0x0, r21}, {r20}, {}, {}, {r20}, {0x0, r21}, {}, {}, {0x0, r21}, {0x0, 0x0}, {0x0, r21}, {}, {r20, r21}, {}, {}, {}, {}, {}, {r19}, {r19, r21}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r20, r21}, {}, {r20}, {r20}, {r20}, {r19}, {}, {}, {r20}, {}, {0x0, r21}, {}, {0x0, r21}, {r20, r21}, {r20}, {r19, r21}, {}, {0x0, r21}, {}, {}, {0x0, r21}, {r19}, {r20}, {r19}, {0x0, r21}, {r19}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r20}, {}, {}, {}, {}, {}, {r20, r21}, {r20, r21}, {}, {0x0, r21}, {r19}, {}, {r19}, {}, {r19}, {r20}, {}, {r19}, {}, {r19, r21}, {}, {r19}, {r20, r21}, {}, {r20}, {}, {0x0, r21}, {r19}, {0x0, r21}, {0x0, r21}, {r19}, {r19}], 0x8, "a3fa374174c840"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000200)={0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r5, 0xd000943e, &(0x7f0000000400)={r10, r23, "261648060feef3e5f1c53d293c1a8154d9dd0f24796a5e5db43f8a6adcd07c4f7401d862dc00dc1380880d50869f11346a7894251ea59ce1e2641a061a1263149e0d2e5b5332ef3237661474fc323e15ca6935c4755a59b9ac13935e5aa74acf80f3e232e828fde244869167310ad32a7f8110b5abc80e4017a2fdbc7110a36bce5fc639736c8ae9af285aadf65e02b868e6ab943fea9a2a364cc6cf3c0e80ad9843fc59f68fa37d9f14ce0af727f0b9978b5db3c6939467414ae3cc354ffd46690df0ef6dfb6a5251d290b0884fb80bf4985770406bf5552c9f7a5ce82ecc21c8bf6633e65f244d112f130472bb5e8142d8021c800ba202aa6eb89312acc6d0", "6d7bb9bc231700be531390d8505523de2f060fd71ce5ca2d39b84810ebde9415e12df058944a26f3213acc2cca254ce5bb74a643cf9adeb92797c5ae03841dc93f63dcd3ff188a79a35c0329527abfb12d43221347b08c85f4141b9b74375f11d1543fe173e3d80834259ddeedbe503b1d208533cd7fd8f3d1fd73ca7e17c1aa70785ddfaf0aeff8a96f7b1ba1aee60cfad09217c8bede17cb0dadfa4457315fd0ecd1f7bc3c5fe5c1e1d372b6d16aea28fab256a70f0666e81d7af62fa2d9d0faacd6ac20264d92c85e31d858ca600dd0bcf4da5ed3bf2634e18da07d00389b34e722982a09d9d55905c4906da31f879798db6ef81a6071a98b4eba8888b99c70a390c955bd073e6c90a7970c2711732deb661bb8dae98c5a2132673b63990ad38f43f833b261f3abccdafc2740d84b871ad060fa434f3db464a98c2031f990381a045c892607976f06862baa2b9ec5cff0e2218088956e596763d64f68c2c6c11b3707050cedb5c10f9670745246848b3bb39c96b26e42e505a2ed53ef97b2171efd99b4568d2879700ea735f7abe6c815153ec11425f513bcd290baaedc41602cc0c44e2ed25314fe4cc3c4ad8cf5d42b468ba4d0cfbe40682ca2f3aab49cd351f8959b2ea16d97f3f0a476b0b28f7bc3ba16c4c2230903d9029da6b89199813d46de89862e6c1d92e3460963abccda1f814cce77cfa91267857229b19f787e263b580d0de96a68d07c075114e56c630338f70ba0a0d473bb8dee011a1701e12856b96d8a6b9a14a9da3d5bd4bb094b3e849924d22dbedcda98fcc5e6a60b31e73f1e71295754b06fc22acff834161043bc0706f7df9aa91bcc57ea3cb40c4089ad05388147e881e93fb32c7246f2cdd0f354edcf39276e091f824f096728b27b9348e7bda68f7cb1316c129fd45327be62cd33930fb4c03f1e112b52c0eb4aa4e914574c8dc85217e5250a7a5f098482400775dbb3c7683099c0fa24bf5d4a130db96e7cd803e4dd471a6143e5d1bd5884c5147322726a0bbe6fbc375a2308d9a36a21b3bbcd797ff4a34b8cc48b6a13540e9c689efa7acb8d289e3ac37cb8ab163e882e5d918be5da3c43939bc873307de2681373d287e3c7aba92be5e01939b0591e58326832a593e6b86127e7bdd503b48c2cb19f7ba249573e946feff16dd7afa2fea887c3a16b069fe46d3ea30c553738d29a00e0ff294bb28895a4b9a00d11c40e364b2a51b2d97efbb0e1f8a7a565df220ea10ab4507b16c67d1a8111c826064fc3e5f3480646c22855ee4283dc8d8c36fb5af3253e519e0b300d6d2b1aebf33a2b7eba476ac93dca1790db2cc66a9dedbae62fb5ee358dcd402125bc8a4514639175d6ffa00e1241a94a99feb0a46cddbebd0986ca9b09f9f6fdefbbf1391ba19c9be378b3f366671e23381d17657e46a9cf894b0fae5227ce25b82ad8a23d6ebcb2f8c68e51d52a3097a7ff37ba0e58ed9ef9b788cee6f8306e196cc519110a810bc578883d5c5cba61a3d350741c416235413543399f49fba82503b48c3bba99cf325fe953bae9604a0e72b9a62772a7baef481395b73e5deb65df656344223c03d15c067b5f98f4f8a8f29818b265e2a906b83fb3f396fc91094e6012f04bbc224be4f2ac4fd2d0c95906aaecf9340da0bf8c44cc2c693386d681a14eb7e38babcab6500d4ad22140502a3321e2d3d5d599869f5406f1d658198831ffebe4d53cd06f681ba8d4bf0df1191077154d8aff7ff581f0187a695cc62d479761136d3b6f3af3dd3bde4c1dbc528825cc2a565cdb028ade45275368c822326fb10c0ffbe76f701a28b23152a8f8324d7df13525e29287897695887babb4b8a637e75bd17b41d1ea12ccc9eec79e31da8d337ceb1784e74475b67fc23a463e7128d80fdbb536d98fc664d565bb791250f5d9b4149ac087878d7d6519f525b042d5850332a0c98557285307d11ce2c2ce77b7f4c4e69908b0a644780d32594bb770e4ce154f9a9ff8151a7eba670c02ed3fa1eb38c5953b3040bfc1c13630b64deba2bbd1412b92e3b09aa7d7932bb8da2051e36baaf4010395df77dbe15d3cf82f181fff264c5f1e50b6d2ce00beee1121f986dff021ea7fe126ee411eb93f17c7d8337e47853b44186d69acdfa3bbd3ce5c6e6061ae8c92e86bebba49d73d7c60f8a910a445ccc8a95db72f948e8ccf5c6cf33eb0d5a4fee769d3560f323e46b00f660c2483a09acb20e0217a5b582483f5a5655746dcdbe408cab9aab9d74c7c29cf6064ca774dac93dab8df52abbdb7d2a79926c4e42bb794898d90941c4fbfb28caddb29125db1bd150d182de0bf9ac223fdea29976c4f59c2203de2fcd3d8f8c3ba3c6fd7640d61a61ce183cd67f8d31a0f4a92d33e4110c2a3bd1b993ea8d9701e98aee8f619a109d033f0d7debf935caa1a55c04a220d860cb6f88efcfc5d55b5c8b16f609c8ad81fcd7a75ee5d12c225b8660053b44d48dc1d61d0de5cde1cd1c4e2ce3a51b1ef4847c9a6394bd478f20a8c5168ad4cf33f2d81f172b659083816b1bcd6640aab3be47df8205035cd4397439ad2b97fb5d0b8c58d78b432a8c3ae19f14cd3a676c56f20aa53943b0ee501a674b814357ca64fc1f3ba37f030149f4b2317b93026860b33dea477d286aa62efa9bd7400fca2db12c15dc9c6ce8e0897de0ddee8e73186c3e19a41f5d76f3f62b288f23a38c0c2d1d317a6f6939f3ebc14aa38194889be6ebc890655e4da3e24b34c1b8c24e0621ff4f63f08aecf4623219aa217757e1dd06c8f175ded0bde1f3575737fbbfff5e433ac63c3c6fd749face99e29dfa2ef78c605b4f1223c4ed06116a514970b781931e6d22b2812bf575e156d3207afe9204e10804817e266ff120ef913732678fe1792db06a6ba1e9d6f02035423866ae65c12c39ac5b32c17b552b5dce58d98217528396f35f38ff761eb898c4eb68ea6d7af713a1299e59998d273c2e7957eaf37712bc7b9556b3dea8c267ee15c490a94c117a55191c32bdd0c82a4ea705d49af3e9c21e22af02eb7521a2c2f903167e11ec9bc057f64ad95c676b23ff763c50992a9a801fcf2e0fd7ea8d25cb21c1bf5560c4b5bebe51b97f8b202d2f24396bb38b2d5b549a4b57260e0f54504320eddacc8e7a1d5942a4fd82f2ca4061239202b41a30bc834f07ce733898dd32cd5a4ce6f86c0b0270c0bfc42604a1c85eb4b9efe78ab5fab25356e774b30798e46812ab9ed3b72a59396a02530d5c5ca825ef7e9f166af904ef52cb002e3a71650dcd72538b1c00fdee892108961da7ff9e35870194f8d649c7851dc8dfbb3080e0fd33afb94ed5a904a1539d1686c175f84338e8e0bd67cb3d3e984620a2f5f25e98246a4bac3e2bda697d819bd0fdd3b7c4b1b1fde68437f0242162ee0cfed5669ff736964796e8a0170d2d0fce756bfdf96507280b49855fa686ded77ae170e189dcdb78d03a2679912b32579ab7410d52d463d60fb3609325028d989de25213b330b398018384d72e760dc982016f46ba6729676aa6c73382ec1165d2bc9f4d4612019124a2be7796f226b4a4fa5ffed4ac40225fe6d3bb644158bea098b417552f4e252e9835f7150fb9b2b9399833dc13267bc8296c62e38b79baff29536127554d7fc45cec6c369ac6b02d98c4afc3f9aeb36255fbcc886bcef2c515246fe984a92559d5ec5b21d66749974cd3af5e2ff620e5445b8a5b7484080518c6670047ca57072d58fc2cdfdf788832d77b7c489ec5ed86152bfa9ecfca027f5394d40e6e1d20b80f9d1b71efcbc78f0637ea26ea85df471cf768afd21868b8e2e6e51d0630b664d30286d2a5483f65e4e7f4465860df9408cf3bf909481c3b509d2ecd398cf23271416b5f51349e627d55fd755ed647047f09f8d138f6dca88f81235637815da570239aee0000dc1f0d3867e092116052b286522427e1e676a9b56fa9620ee0b1904336946e87d2d9f477a2828a92bf79ff5bf5246419f5ea2762f05a8d43d51ade69f5d645ca2c22cb66254195fa030364badf6f2393f2eaf30186bc55a9c5d316ab80be7060cb13c9ee5fd10f5f100c39334296997ed27bb4e64aecf3bd5b3e8db59cbe81d064bd4ea5d59f6e25401c0cabc72d0e09e9fd3094edcfd3bac6db749e4d0324ed62021d892bd59366f36a7f84aae451ab0c4870036b89e0396b784bbe5af5c658d9dea1362fce0dc3a8719211aaccf3484e31c47d1c6e81f4af0b6e724ccd94da45ffe3254ee0cb20013a229562de4d5e2363d90d5d341b967d2fb4861725d0f77c489688e63a7e42cae30516aa69c58af24cf097153359725b86cc43b1847bc2a927740c89c37f71b24154c555c42d0c6a34fdb7b8661a8c2644511dd1f2edf61b5520e1ca29c1e7ea9c4e5146174c2886cb60117826d2caacb18afbbcf623c89e42e9c7bdd6eeb590998e7aece96d21097f3b2f1d9df63df746034e42fc5942a86abf80f97168cbd6c7a1714106697109c82e660b231f22823c7843468ded2ba2aead049e8c833600c297fd0a1bf5e9f28661f71dc4faed3cdfc5916b122de8f7dff7ce2361bac58db7029732df0dcb719035a18dea2514e0f17dcee17a458b7b25ad30c5bb247f7ab42769011c87a7599994c723bcfdfbd800c74e0742aa04ed39abb33447c9fadd8a271d35e93e49b05f2f8ba5fc7b24a7ade58be95fb1f4f0d734f4dd6da439165456084cbadc97fe09b492d9c34071a42392b014a6f8bb6ee78aeb3d073c5180954e59ff0af9ca9eaad6543801bb2f9d6abfe94f5618283793f3c7f21a48331d6f47dd2fe4e81a3f47f849611fd5cf7720dcb50f5b61300afdf6dda19830b5b7e6a1f862a7064f3cdfcdafeb86c53dd6a521a74786d09593d52e43a7912d1235e6f747a26a21d01695b023c0f4264909176e28ab8a8cc10dcc74c1c81d241af966031837f4810064acb632bb271f15f41b7caf55b4bf7288c0461b40ec1f7520fdad34fbff843f88bbca8b00a965fb5aff52646c35f9e9a96722b0acb713e1664795722268fda65d5d3d174d1471257329487202fc42082861854f59a3b013a649bf9058eca80026b55441536f62433474c6a2c5d1851287e12f038394e351abd6b8f59e61f52c2f37e4d82f48adb981351b557fd00266033523cc9ea644760292716a5304e10a75382b190b5b9c93c9e9a2f961aba78131b354821ce0819810cbf632793c57cb64f8b5af33bc2456fa090473fb50ad21a46db197c9bd7ebfda24f677be93bf575103e6a67a8a5bd9d3b0e2b44dd632c022f06d6e0aafa9b6d297925b0218ab863038eb925fce5b1b50fcb456048147397b143dbfb423f2f5dda58cbdb5bf35c93aa736413e600e91a19930e3b2e91b26ee25b0590783df66bdf2fc6c80622ffc701"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000060600)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r22}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2, r10}], 0xb2, "9daadf054df44c"})
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3429.862936][T27907] loop3: detected capacity change from 0 to 512
[ 3429.879622][T27894] EXT4-fs: Ignoring removed nobh option
[ 3429.885242][T27894] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.885261][T27894] EXT4-fs: Ignoring removed nobh option
[ 3429.898983][T27907] EXT4-fs: Ignoring removed nobh option
[ 3429.899006][T27907] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3429.899035][T27907] EXT4-fs: Ignoring removed nobh option
[ 3429.916801][T27907] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3429.917012][T27907] EXT4-fs (loop3): 1 truncate cleaned up
19:07:17 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 25)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:17 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 32)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async, rerun: 32)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async, rerun: 64)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async, rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async, rerun: 64)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 64)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async, rerun: 32)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYRES64, @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async, rerun: 32)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async, rerun: 32)
fallocate(r7, 0x30, 0x9, 0x10000) (async, rerun: 32)
socket(0x10, 0x80002, 0x0)
19:07:17 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdi69Yfzr6ME+U/2riCea/b8UbfEXkvX3Jydui9rc4Yniqljr518uvdGt/hv3f39l/b+r4/W/Ev9o0rpfu7D5Oi79/lnXe5qtXv87krca6R35Yx9MLy6em4zYkby29vGp1ecW+aJ8Fv/Yoc7jf2+svhIPRER2ET8YEQ9FxMN52x+JiEcj4tA68f/40mPvbj3+/srin91U/28+UTn9w7fd6t9Y/x9tpMbyRzby/rfRBm7ntQMAAID/irTxHfgkHV9Jp+n4ePM7/PtiV1qbX1h86sT8+2dnm9+VH43htFjpGmlZD53M14aL/FRb/ki+bvxF5fZGfnxmvjY76OCh5HZ3Gf+ZPyqDbh3Qd36vBeVl/EN5Gf9QXsY/lJfxD+XVafx/NIB2ADefz38oL+Mfysv4h/Iy/qGUtvO7fokyJyK9JZoh0afEoN+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuOfAAAA//+DuuZX")
[ 3429.953717][T27894] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3430.018473][T27894] EXT4-fs (loop1): 1 truncate cleaned up
[ 3430.019654][T27929] FAULT_INJECTION: forcing a failure.
[ 3430.019654][T27929] name failslab, interval 1, probability 0, space 0, times 0
[ 3430.036840][T27929] CPU: 0 PID: 27929 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3430.047363][T27929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3430.057864][T27929] Call Trace:
[ 3430.061163][T27929]
[ 3430.064091][T27929] dump_stack_lvl+0xda/0x130
[ 3430.068703][T27929] dump_stack+0x15/0x20
[ 3430.072880][T27929] should_fail_ex+0x21f/0x230
[ 3430.078173][T27929] __should_failslab+0x92/0xa0
[ 3430.083013][T27929] should_failslab+0x9/0x20
[ 3430.087512][T27929] slab_pre_alloc_hook+0x38/0x180
[ 3430.092541][T27929] __kmem_cache_alloc_node+0x46/0x250
[ 3430.097990][T27929] ? io_drain_req+0x1e1/0x4f0
[ 3430.102710][T27929] kmalloc_trace+0x2a/0xa0
[ 3430.107232][T27929] io_drain_req+0x1e1/0x4f0
[ 3430.111903][T27929] io_queue_sqe_fallback+0xd1/0xe0
[ 3430.117043][T27929] io_submit_sqes+0xbf8/0xfe0
[ 3430.121757][T27929] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3430.127331][T27929] ? __fget_files+0x1c4/0x200
[ 3430.132017][T27929] ? mutex_lock+0xd/0x30
[ 3430.136429][T27929] ? fput+0x112/0x140
[ 3430.141709][T27929] ? ksys_write+0x178/0x1a0
[ 3430.146221][T27929] __x64_sys_io_uring_enter+0x78/0x90
[ 3430.152764][T27929] do_syscall_64+0x41/0xc0
[ 3430.157337][T27929] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3430.163339][T27929] RIP: 0033:0x7fbf4da9f169
[ 3430.167760][T27929] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3430.187454][T27929] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3430.193249][T27932] loop3: detected capacity change from 0 to 512
[ 3430.195975][T27929] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3430.210439][T27929] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3430.218420][T27929] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3430.226404][T27929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3430.234374][T27929] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3430.242861][T27929]
[ 3430.248153][T27932] EXT4-fs: Ignoring removed nobh option
[ 3430.253848][T27932] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3430.260438][T27932] EXT4-fs: Ignoring removed nobh option
19:07:17 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000000840)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3430.424334][T27932] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3430.454479][T27932] EXT4-fs (loop3): 1 truncate cleaned up
19:07:18 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdq5yw/jX0YN9pvpXEU80+38p2uIvJOvvT07cFrW5wxPFVbHWz79ceqNb/Tfu//7K+n9Xx+t/Jf7RpHW/dmHzdVz6/bOu9zRbvf53JG810jvyxz6YXlw8NxmxI3lt7eNTq88t8kX5LP6xQ53H/95YfSUeiIjsIn4wIh6KiIfztj8SEY9GxKF14v/xpcfe3Xr8/ZXFP7up/t98onL6h2+71b+x/j/aSI3lj2zk/W+jDdzOawcAAAD/FWnjO/BJOr6STtPx8eZ3+PfFrrQ2v7D41In598/ONr8rPxrDabHSNdKyHjqZrw0X+am2/JF83fiLyu2N/PjMfG120MFDye3uMv4zf1QG3Tqg7/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/aADtAG4+n/9QXsY/lJfxD+Vl/EMpbed3/RJlTkR6SzRDok+JQb8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MY/AQAA//9jduZY")
19:07:18 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8N/OS97775u2+eW83gNIaiYjBiLgjIn7L00lLgSQvd31lafqvlaXpJGq1N/9M6uevrSxNF0WLv9uXZ0bTiPTTpOUfNixcuHhmqlqdPZ/nxxfPvje+cOHiM3Nnp07Pnp49N3nixPFjE88/N/lsV+LM4ro2/OH84UOvvn359emTl9/56Zskjzta4uiWkRhpF3rd492urMf2N6WTvh42hC2pRETWXf318T8YlVjrvMF45ZOeNg7YVbVarban8+XlGnALS6LXLQB6o/igz55/i+MGTT1uCldfbDwAZXFfz4/Glb44npfpb3m+7aaRiDi5/PeX2RG7tA4BANDsu2z+83S7+V8a9zaVuzPfQxmKiLsi4kBE3B0RByPinoh62fsi4v4t1j/Skl8//0mvbCuwTcrmfy/ke1v/nv+lRZGhSp7bX4+/Pzk1V509mr8mo9G/J8tPbFDH9y//+nmna83zv+zI6i/mgnk7rvS1LNDNTC1O7STmZlc/jhjuaxd/sroTkETEoYgY3mYdc09+fbjTtf+OfwNd2GeqfRXxRKP/l6Ml/kKy8f7k+G1RnT06XtwV6/38y6U3OtW/o/i7IOv/vW3v/9X4h5Lm/dqFrddx6ffPOj7TbPf+H0jeqqcH8nMfTC0unp+IGEheW39+cu1vi3xRPot/9Ej78X8g1l6JByIiu4kfjIiHIuLhvO2PRMSjEXFkg/h/fOmxd7cf/+7K4p/ZUv9vPVE588O3nerfXP83nsRH8zObef/bbAN38toBAADA/0Va/w58ko6tptN0bKzxHf6DsTetzi8sPnVq/v1zM43vyg9Ff1qsdA02rYdO5GvDRX6yJX8sXzf+onJ7PT82PV+d6XXwUHL7Ooz/zB+VXrcO2HV+rwXlZfxDeRn/UF7GP5SX8Q/l1W78f9SDdgA3ns9/KC/jH8rL+IfyMv6hlHbyu36JMicivSmaIbFLiV6/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHPwEAAP//INHmiA==")
19:07:18 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x5cf8, 0xe393, 0x1, &(0x7f0000000080)={[0xffff]}, 0x8)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3430.530010][T27971] loop3: detected capacity change from 0 to 512
[ 3430.531085][ T6589] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 3430.536839][T27971] EXT4-fs: Ignoring removed nobh option
[ 3430.552660][T27971] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3430.559184][T27971] EXT4-fs: Ignoring removed nobh option
[ 3430.573998][T27973] loop1: detected capacity change from 0 to 512
[ 3430.587399][T27973] EXT4-fs: Ignoring removed nobh option
[ 3430.593136][T27973] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3430.599791][T27973] EXT4-fs: Ignoring removed nobh option
[ 3430.614163][T27971] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3430.634898][T27973] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3430.653643][T27971] EXT4-fs (loop3): 1 truncate cleaned up
[ 3430.661397][T27973] EXT4-fs (loop1): 1 truncate cleaned up
19:07:18 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7ohvGvowf7TPWvIp5o9v9StMVfSNbfn5y4LWpzhyeKq2Ktn3+59Ea3+m/c//2V9f+ujtf/SvyjSet+7cLm67j0+2dd72m2ev3vSN5qpHfkj30wvbh4bjJiR/La2senVp9b5IvyWfxjhzqP/72x+ko8EBHZRfxgRDwUEQ/nbX8kIh6NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//9DMuZZ")
19:07:18 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgTQvd31lafqvlaXpJGq1N/9M6uWurSxNF0WLv9uXZ0bTiPTTpOUfNixcuHhmqlqdPZ/nxxfPvje+cOHiM3Nnp07Pnp49N3nixPFjE88/N/lsV+LM4ro2/OH84UOvvn359emTl9/56Zskjzta4uiWkRhpF3rd492urMf2N6WTvh42hC2pRETWXf318T8YlVjrvMF45ZOeNg7YVbVarban8+nlGnALS6LXLQB6o/iiz+5/i+MGTT1uCldfbNwAZXFfz4/Gmb44npfpb7m/7aaRiDi5/PeX2RG7tA4BANDsu2z+83S7+V8a9zaVuzPfQxmKiLsi4kBE3B0RByPinoh62fsi4v4t1j/Skl8//0mvbCuwTcrmfy/ke1v/nv+lRZGhSp7bX4+/Pzk1V509mr8no9G/J8tPbFDH9y//+nmnc83zv+zI6i/mgnk7rvS1LNDNTC1O7STmZlc/jhjuaxd/sroTkETEoYgY3mYdc09+fbjTuf+OfwNd2GeqfRXxRKP/l6Ml/kKy8f7k+G1RnT06XlwV6/38y6U3OtW/o/i7IOv/vW2v/9X4h5Lm/dqFrddx6ffPOt7TbPf6H0jeqqcH8tc+mFpcPD8RMZC8tv71ybW/LfJF+Sz+0SPtx/+BWHsnHoiI7CJ+MCIeioiH87Y/EhGPRsSRDeL/8aXH3t1+/Lsri39mS/2/9UTlzA/fdqp/c/3fuBMfzV/ZzOffZhu4k/cOAAAA/i/S+jPwSTq2mk7TsbHGM/wHY29anV9YfOrU/PvnZhrPyg9Ff1qsdA02rYdO5GvDRX6yJX8sXzf+onJ7PT82PV+d6XXwUHL7Ooz/zB+VXrcO2HV+rwXlZfxDeRn/UF7GP5SX8Q/l1W78f9SDdgA3nu9/KC/jH8rL+IfyMv6hlHbyu36JMicivSmaIbFLiV5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHPwEAAP//HOnmiQ==")
19:07:18 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 32)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (rerun: 32)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, 0x0) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)={0x0, ""/256, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {r2}, {r2}, {}, {}, {r3}, {r2}, {0x0, r4}, {r2}, {0x0, r4}, {0x0, r4}, {}, {}, {r3}, {0x0, r4}, {r3}, {}, {0x0, r4}, {0x0, r4}, {}, {0x0, r4}, {}, {r3}, {}, {0x0, r4}, {r3}, {0x0, r4}, {}, {0x0, r4}, {}, {0x0, r4}, {}, {}, {}, {}, {r2, r4}, {0x0, r4}, {r2}, {r2}, {r2}, {0x0, r4}, {}, {}, {}, {0x0, r4}, {0x0, r4}, {}, {r2}, {}, {}, {r2}, {}, {0x0, r4}, {r2, r4}, {}, {r3, r4}, {}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {}, {}, {r2}, {}, {r3, r4}, {r3, r4}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {r2}, {r2}, {}, {0x0, r4}, {r2}, {0x0, r4}, {}, {0x0, r4}, {r2}, {}, {r3}, {}, {}, {}, {0x0, r4}, {}, {}, {0x0, r4}, {r2}, {}, {0x0, r4}, {}, {r3, r4}, {r3}, {r3}, {r3}, {}, {r3}, {0x0, r4}, {}, {r2}, {r2}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {}, {}, {}, {r2}, {}, {r2}, {r2}, {}, {}, {r3}, {}, {0x0, r4}, {}, {0x0, r4}, {0x0, r4}, {}, {r3}, {r2}, {}, {}, {0x0, r4}, {r3, r4}, {}, {}, {r3, r4}, {r2}, {r3}, {r3}, {r3, r4}, {r2, r4}, {r2}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r2, r4}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {r2, r4}, {}, {}, {}, {r3, r4}, {0x0, r4}, {0x0, r4}, {r3}, {r3}, {0x0, r4}, {0x0, r4}, {r3}, {}, {}, {r3}, {0x0, r4}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {}, {r3, r4}, {}, {}, {}, {}, {}, {r2}, {r2, r4}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r3, r4}, {}, {r3}, {r3}, {r3}, {r2}, {}, {}, {r3}, {}, {0x0, r4}, {}, {0x0, r4}, {r3, r4}, {r3}, {r2, r4}, {}, {0x0, r4}, {}, {}, {0x0, r4}, {r2}, {r3}, {r2}, {0x0, r4}, {r2}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r3}, {}, {}, {}, {}, {}, {r3, r4}, {r3, r4}, {}, {0x0, r4}, {r2}, {}, {r2}, {}, {r2}, {r3}, {}, {r2}, {}, {r2, r4}, {}, {r2}, {r3, r4}, {}, {r3}, {}, {0x0, r4}, {r2}, {0x0, r4}, {0x0, r4}, {r2}, {r2}], 0x8, "a3fa374174c840"})
r5 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000000)={0x0})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/9p', 0x280000, 0xb)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r9 = perf_event_open(&(0x7f0000001940)={0x3, 0x80, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000080)}, 0x4000, 0xfffffffffffffffe, 0xc6, 0x2, 0x0, 0x4}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x8) (rerun: 64)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r9, 0x50009418, &(0x7f0000000400)={{r9}, r11, 0x14, @inherit={0x88, &(0x7f0000000180)=ANY=[@ANYRESHEX=r12]}, @devid}) (async)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r')
ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') (async)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r14, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001840)=ANY=[@ANYRES32=r14, @ANYRES32=r13, @ANYRESOCT, @ANYRES32=r10, @ANYRES16=r11, @ANYRES64, @ANYRESHEX=r8], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x20040065) (async)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r7, 0xd000943e, &(0x7f0000001c40)={r10, 0x0, "d93356f533e0070d026a2b11e74703c2e70a0ad6d7d9c1d8feba30048b4686bb6ab47591f48ef78dbfe251ee9ec12d654b32e8f1c0084df1a0cbcc011e0937b7c8c65687019a17e0d05352560105c06d6db0225bb0a5cd0e2d0a50d516aaea707d9aedeeb2fbaaecd95b23829a752ece010ac6bbe70aaed2105ab8926342481e9a327f7ebc9db85fb348088fd581e77752415b2db9dffd7e076dfb73ff2f4bc6d4ce8eff4f6b5a7e39fa7b9d66acdc9a604a2d5f804e69aa63fa523d78f9d187d2bfee51bc4db1ab7eeced9cb0b39896073f3b47963a2853c0d13ca9f62eecdeb762b3a55b273ac7eecdb9db9e65ab91ee5d622781f68a88850ce57ab09d1527", "c21ab51e00e5778ab96256127e43c7edd21070bd76272641dcf6dc144ec2a449139ff9f8cdbea61178f60594355633e602c87492f12d2a19bb0a4ca46746b645168323274614ec4d7ba8b6ec2d688c5a64fed3cd3228dacd4a94544bd87820ebe9b0e4b5c15d933bfb93b5ba34481c48a4becfeb8898914b06374ed7b407455760513017b3414d6cff69dac6807e7134f61ec3a159444ad2169cc4145f59a8aba3d7d82b81f0998c0d6a012e16f27f45efc584dce1c849ab28e0658ac51c1bdd8439eab2ce7e489ddb0c115572d37da0ecf51d11849702238439b9a41eb8203f0f6d2253056da3f5bc5435d4788fc76d7a0409fa4ecdcac1fdd1e5784fe6d25e8d1e99d0e485bfd50dc33e56403016734b2f035ca193d9216f8159af56016f8d83c61a95a3803cd17d4d143200da917e061752f719614a2ea4224842bac56d20a9f0dd1930017ef8538f074e4fed1e18f8d7815b237d078059dad372c660bf818e4506e1d09d53ecb491981633e382f7c3c371bdb37c8d97c7421a7025e9bdad3d32b65caa6ae97fe9c764b323e7ef3717689e21b87f0e4f8b09a0918f47d4f8369136a471ac96a0d41c5c3182107c045c48a5e6598c406fa3b85572acb1e06ef8eb7071b63ceccc469d0f338bcfe3d6c48ee8bdc22837db001e5530f0a553fb5c89ae7dc5cca092f8052031f760134df9ef6aa15b736817f5ec9ffca9461dc7bce65e883449496828a9ae7fd99a1432dedc874434dfd8fc4d0695c529001e673098e1aeda8e8176d2221aefb6953cb723bdee6d5575bde5c8ab39f2ea628e36da2e511ae6e71b26cc0acdd930172794a2a07b669e3ce7f9a9f0a42f253780e132adf682409b07c0e3b0ed52b68d4e9191fe027c09f6df2fe290a6e6d9d82c9696bdbc3e7b5a8e068dcdd64fc658d0c076b1c5a88ad484a48a366bccf9d92d06ba3b8fe435a4cc8af841f6cefa1ba239f70a5f69cc4c79e135286735a9a3fc66b441fd6643ecc83c03587289bbc8fa852dc7d6f9094887f3039475c33bd1274327f4a59bfe10943744dbe4d6ae61da4a19202b07c10f9fb72fbd1a808b9f0bb725d11bec91f5007581f71bb6ef298c0c8c41c33f517ef571498d34739cf477986bc98e55c37c7cb3095f5c0899a6a00a5d4eaa6546ddb105af8bc739a8d7d54c244611f4daf86a7a39fe80b282b1cf093ae328a0e8b0a918f8b2821cc00376b5b33b7060ec5e11f5bce746e55f3babcb10360997151abc76423c5f4453261bd157ab93a6fd45c85c7cf7c3a6c16a5633ade9b4d5a0c6883228d50f9114337979b153caf6a908cdd7349184bbb917f125de3c96b3623d242564ccb4bc2fb99d307ffdec2f0720382e73ce3e9a182c9abf2926feb1e3d1838f7e1dc99873797637b8e3248164f2c871ba684898aa2a093fabc6155d1b0d601f41e46d731d835a10db50c59cb458b073d38cef9d9007a367ffcab77479d264a32ed769c768d09784f8fdb3797c3d4a3b0f58c1c04380cb3c265486517efa577dd25e8f4cadeca1fd940ccb6f32e770a90bd0bdbe99bb24ce3c8fe76c67430f6066d9fb2af99f788cef996b5dea3118d1c2a6325bb7d43554913a80a43fc45b5ffb52ac6fe57da3db64f1e4e42597908e995c2c16da8fdd3f8f4619e81bba2b9108b6eaae0850a13061ff049abdbced553df6af40a93cc81b192cba6933910276c8d8c0a9f23af824d2d4bed74e6afe08d5521e6a4a7d4a2f2e817af526e6501abf19b4187245c2317de6657a0b71d8115c556c8ff04339ece97e8bae56e89752a826354172d730c37a3bab4b02e797586137b3678fbfbd521a3ab991e82e39e69b3bc198408c6d58a8fd31fb60420e67fca16024906255c54ccff6bcc204314ed0841cfc916bc4f330ccf0856212329c58b7343dad8837bb1dbf138c7fd19e9f672550485ea4724aa0577c786267b89157818fea5485ac05ceb2d8bcdbdfa2615ef719ce4f2f6ca11e20904321bb7864be575a4616858801290e572bc1d79d401a6195d4edafdb0285a03af4e18634648f89686c5fd859dc138aa0ec4b66d5e507bf1370431ff17b578a8ca6c84587bf5d0fbd20e59d05095adc6bd4f20ae0404535967190654fa2dac128783aef42cc1282c07683c979701b31bb054094a401e76ce681c36abdea40b47435b723c0cbe42ce2ee5963fd0f0011ee0e89270dfc2415f4e2202cef3c50076ac0b2205cadb4dad6dac5db4c977ea7af14cde4d18d84c539d49d07990ea870505aaf8a75ebb7181cc6279baa6fb9462a0b92c2327380c52b52c10898130ce35bc7e42f44722b56c3e04f020c721457ccf54bc60be768c148f7bbec0aa403812c55fa261bb1ba20b75d4f1b6b93f6a4710e3e79384ac34da40833b7831c0df57e89123281a810d8202e90127e18916d0da237f1e69b3e8bb4610bd86549757fe88a1d6437978b391aca44797483b6d82fcc6a23a482110a7fa29d89796afb3fc0916b82997a9d724b70006ea5dee8f4aa433366804b82fc30c9c624f9db701fcc78c22de9e1f797ac8fbd8c85d617fa1ea7c7ba9989a4a4d6d4295287cfe3bee83c78872fe34e43803e606b5b1dbecafc90a6023b1bc769f34920880cc97de321ba85a5f62ee3f1552a17d7f3838c331fa64347dd1e12ec5a8f9e585f25ab65922cf32a1b93aa332cba117e5ab34dc57544f51e15e0aeedef036dbd5ab57046532d375a2e0888c9e6d85a11b15673fa3dee592b75eb36d61c49c8130e9b60e62ad42171159101f88b51906a73a1db2181fd5bb0d1e8ce60207ed3035c1e700ee66f0af0833e1cce7608e6b7de33fc4e3bc36abfc5968fa5086af9b11b92a3471c5188e28862da6c509528258aa279526a826808c3b4dc33463820dc702a7e23e88cca68cb10d5eb6990a220000c65100b18de9713f1a00a07f0afaf07dc61a4a0e6ec4e79f79862c4bc722e5ce2ab4e93da4759c87418e4b411a4af0d36dfe643377fe9cf4d9e87df761299f827fb38e9614f29a6dd9ac9721994d4c134380068d7c90413c14bf4dbb4f29b675f3799731b53002640a99f164de700bbaabab785276552cbcaba84c8b4dfb954d95c1f5a201209e8b3cec19d84e0f31f59c7c355ed79cf172d04539d43e47383c8e28af1bc9753e496562d4b4c59297d7f8437e9662d9f23fd3e91407081e07671763c03313616d7ecff65c531f4f15ce2b428a336ea857180b6460257856445113715555acac02d4bb07e74844dab429897f7dc7db4e9b1d38cfc62d74a9ff402978cc6207eb103099b894c74690769768c4e9b287c162f9e2abbd44b692333beb490700b0990d08b0217056245eb9957216ce0ff5de1d366e76355b57f498df62b8a2a769dff35524acf51a69a0b746946c7b1ab8f380a9e7446592fa519abd92e56a82f91638db76621c904077a6b4a1e1fd6eba382e3758329de77b8431e7975b6482c29a06d9233adcee83ceb82d1bd7ddae0c60838cba423ebb55bd377ab8ce76a983457ed29195ee23b9b43982e2e74b6e5e7b2e78fca83e75ccbb4ddcb45f97cdf84437fd1eb2d95ad2ddc95e6b7c96a3b8b641e60b6e53e1f42a548d0dcf217fc625f70a856d290cb6b9400a5f861e977cce0522f443bd005eec04d1eba19f4372d86d17f33ad7a36dba6bd65107dfbd01001ef1fd71191332c483b65c4c81205e842acbe443326cefd84b6d605d0e1f8ee91f3abf753ac2d88d08e12aa8cee48072196b0992d9c7692f0740c1a1317f4de68100a3db360f3c69b18da7a51df9042a229aba87b3608dfadf60c7dcf3c947e0b5b25192bde3b33635d1699b1fa1e456bf7fc5a373b8226c679fe5fb8eec715f9ee0c1a1223e08235137d0aa6df29096ce5d295163d7f8a1d08afacf5bf349d4819381ef513d5d703a3d0c8a19009e50df2912ee1d0cf5d865e9883ca20e131500d3a55b3e1746781b5f10611ea7c457317ec2153691e1362fe109432e091cb7a8c74fbf316753eee5de22fea1e80cbb077a85c8f882a2e6c40d156a37f21d750830f11741dfc16511834a114af31e6e8edef849d438524892af08e68fefc8a5ac26205468aab334296edec5b2bacb91bdda3296cd7f9d9ca68260a8709a332b9f422acfc05e61587f20c99e03495a5e271ab938928c9fb3012a428157a5ca6724154667dc7a02c126bab9deddb45254f965e3d1e8e2326cdbb7f8279b158ff19d2de5fafedbaccb4bca4888a2e8bc74a4b39db6bb9beecf69f5945bc526f62140b5919ee46e29935f63705542550982aff7f5ae7fa1a4f424dc1ef9e8d338cc98276bb0d5889127c00d34fcbf74a819fe340e8249c1e60e953726fe1f2b0857d3fbb100d09c5f28b0e8bf7fecb15e9b9a4a6d3dd2fb2b8d71c8b57e6cf0533b340422c43ec53de0c3785cad282046556216f3da7224ad8ab38cffd0c503a960548a3d5c3bd862a6c5907e3a665615cfb0218359511f64033e88e4fd5d2f78d0b4a22dffa71c5ba27e8233ffebf3729033828d02732e08dd3ec028a94b14496950249bd24bd55123795d66c3a1a629e533085878c4cc425e2e9717c7ee6c9d719fa8db1ea4c16f3b5df660b71c1b87996c96c0cfb257faa41c1d7b8a07e0df3d75588ed3c5f7f5a05d119ab254c95128cc0b4d550f726909042730742e9a35bf35019ab38222e7dad59e673eabdd39f84c5dcaef6907f4f8b7a5f8b3d930d4370abfd530c051e5473675d194f0bfc1d6a50d4d24d8d93e2fa3aba80b632685d02f1c29ce6b206b55ca7e42de7efb41326446f23fd1349da3ca4ba50ebb3b354729177221f1b8acc8d9d3fe1e88995aeadf16af73fe1d0e8287ced39c33830dbe970fd0c4c0a50e49d1617786d569ea804b4a6b26724a032fbf83ec6bf209688ad134a9ded234832a5078e1639c6982d848587e600a9e1de3d27243f6b37a5bc60b535cc12387f07bcd0d5cca82b9fe4b5bc24f988e426e05cdbe9ee1514f3726eb8756812e23b069c4d5ab7ec3524ef6583e81216055baf6caaf92e2581f30754e127319cf12339fb3bdf61e2870ff2f1518e37395c49fb392cdb5f2443bcec7162258c9bb05c330c3003eabac85a578faa87690ccbf214f3cdac196bbe6d1028c46ac2183026c9d931400fa507ca935c824ca996010248021e9783ba1b7c7d969c007c7b8625c6da10f3864736355237b3799bbe3e7c731f000d20d3980e13ed6902770104d35cf6b474eb04d921ea7f8f44da3bfec32701286efd47738951e947e0ea9eba03ac6980c31148c385edaa1c51f1c038fbf46b75059a66735c9d75285a4aa386d44e38440acba4cc93a1be79ebcbde0879b3ef4a1fab9fa0b9ab2fd79b1e6a4e9f4dc97f1ae8ad4c3df7ab96899c9af3700ef29fd7ef6931cbbaf1ae400ccf6b1892454317"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0x8, "a3fa374174c840"}) (async, rerun: 32)
r18 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
ioctl$sock_SIOCADDRT(r18, 0x890c, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x2, @remote={0xac, 0x10, 0x3}}, @l2tp={0x2, 0x0, @empty, 0x1}, @generic={0x2, "bcbc5dada046e4d15ddee9502b10"}, 0xf0f4, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='syz_tun\x00'}) (async)
ioctl$FS_IOC_FIEMAP(r18, 0xc020660b, 0x0) (async)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000001400), 0x800, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000001440)={0x0, ""/256, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {r19}, {r19}, {}, {}, {r20}, {r19}, {0x0, r21}, {r19}, {0x0, r21}, {0x0, r21}, {}, {}, {r20}, {0x0, r21}, {r20}, {}, {0x0, r21}, {0x0, r21}, {}, {0x0, r21}, {}, {r20}, {}, {0x0, r21}, {r20}, {0x0, r21}, {}, {0x0, r21}, {}, {0x0, r21}, {}, {}, {}, {}, {r19, r21}, {0x0, r21}, {r19}, {r19}, {r19}, {0x0, r21}, {}, {}, {}, {0x0, r21}, {0x0, r21}, {}, {r19}, {}, {}, {r19}, {}, {0x0, r21}, {r19, r21}, {}, {r20, r21}, {}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {}, {}, {r19}, {}, {r20, r21}, {r20, r21}, {}, {}, {}, {}, {}, {}, {}, {0x0, r21}, {}, {0x0, r21}, {r19}, {r19}, {}, {0x0, r21}, {r19}, {0x0, r21}, {}, {0x0, r21}, {r19}, {}, {r20}, {r15}, {}, {}, {0x0, r21}, {}, {}, {0x0, r21}, {r19}, {}, {0x0, r21}, {}, {r20, r21}, {r20}, {r20}, {r20}, {}, {r20}, {0x0, r21}, {}, {r19}, {r19}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {}, {}, {}, {r19}, {}, {r19}, {r19}, {}, {}, {r20}, {}, {0x0, r21}, {}, {0x0, r21}, {0x0, r21}, {}, {r20}, {r19}, {}, {}, {0x0, r21}, {r20, r21}, {}, {}, {r20, r21}, {r19}, {r20}, {r20}, {r20, r21}, {r19, r21}, {r19}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r19, r21}, {}, {}, {}, {}, {}, {0x0, r21}, {}, {0x0, r21}, {r19, r21}, {}, {}, {}, {r20, r21}, {0x0, r21}, {0x0, r21}, {r20}, {r20}, {0x0, r21}, {0x0, r21}, {r20}, {}, {}, {r20}, {0x0, r21}, {}, {}, {0x0, r21}, {0x0, 0x0}, {0x0, r21}, {}, {r20, r21}, {}, {}, {}, {}, {}, {r19}, {r19, r21}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r20, r21}, {}, {r20}, {r20}, {r20}, {r19}, {}, {}, {r20}, {}, {0x0, r21}, {}, {0x0, r21}, {r20, r21}, {r20}, {r19, r21}, {}, {0x0, r21}, {}, {}, {0x0, r21}, {r19}, {r20}, {r19}, {0x0, r21}, {r19}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r20}, {}, {}, {}, {}, {}, {r20, r21}, {r20, r21}, {}, {0x0, r21}, {r19}, {}, {r19}, {}, {r19}, {r20}, {}, {r19}, {}, {r19, r21}, {}, {r19}, {r20, r21}, {}, {r20}, {}, {0x0, r21}, {r19}, {0x0, r21}, {0x0, r21}, {r19}, {r19}], 0x8, "a3fa374174c840"}) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000200)={0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r5, 0xd000943e, &(0x7f0000000400)={r10, r23, "261648060feef3e5f1c53d293c1a8154d9dd0f24796a5e5db43f8a6adcd07c4f7401d862dc00dc1380880d50869f11346a7894251ea59ce1e2641a061a1263149e0d2e5b5332ef3237661474fc323e15ca6935c4755a59b9ac13935e5aa74acf80f3e232e828fde244869167310ad32a7f8110b5abc80e4017a2fdbc7110a36bce5fc639736c8ae9af285aadf65e02b868e6ab943fea9a2a364cc6cf3c0e80ad9843fc59f68fa37d9f14ce0af727f0b9978b5db3c6939467414ae3cc354ffd46690df0ef6dfb6a5251d290b0884fb80bf4985770406bf5552c9f7a5ce82ecc21c8bf6633e65f244d112f130472bb5e8142d8021c800ba202aa6eb89312acc6d0", "6d7bb9bc231700be531390d8505523de2f060fd71ce5ca2d39b84810ebde9415e12df058944a26f3213acc2cca254ce5bb74a643cf9adeb92797c5ae03841dc93f63dcd3ff188a79a35c0329527abfb12d43221347b08c85f4141b9b74375f11d1543fe173e3d80834259ddeedbe503b1d208533cd7fd8f3d1fd73ca7e17c1aa70785ddfaf0aeff8a96f7b1ba1aee60cfad09217c8bede17cb0dadfa4457315fd0ecd1f7bc3c5fe5c1e1d372b6d16aea28fab256a70f0666e81d7af62fa2d9d0faacd6ac20264d92c85e31d858ca600dd0bcf4da5ed3bf2634e18da07d00389b34e722982a09d9d55905c4906da31f879798db6ef81a6071a98b4eba8888b99c70a390c955bd073e6c90a7970c2711732deb661bb8dae98c5a2132673b63990ad38f43f833b261f3abccdafc2740d84b871ad060fa434f3db464a98c2031f990381a045c892607976f06862baa2b9ec5cff0e2218088956e596763d64f68c2c6c11b3707050cedb5c10f9670745246848b3bb39c96b26e42e505a2ed53ef97b2171efd99b4568d2879700ea735f7abe6c815153ec11425f513bcd290baaedc41602cc0c44e2ed25314fe4cc3c4ad8cf5d42b468ba4d0cfbe40682ca2f3aab49cd351f8959b2ea16d97f3f0a476b0b28f7bc3ba16c4c2230903d9029da6b89199813d46de89862e6c1d92e3460963abccda1f814cce77cfa91267857229b19f787e263b580d0de96a68d07c075114e56c630338f70ba0a0d473bb8dee011a1701e12856b96d8a6b9a14a9da3d5bd4bb094b3e849924d22dbedcda98fcc5e6a60b31e73f1e71295754b06fc22acff834161043bc0706f7df9aa91bcc57ea3cb40c4089ad05388147e881e93fb32c7246f2cdd0f354edcf39276e091f824f096728b27b9348e7bda68f7cb1316c129fd45327be62cd33930fb4c03f1e112b52c0eb4aa4e914574c8dc85217e5250a7a5f098482400775dbb3c7683099c0fa24bf5d4a130db96e7cd803e4dd471a6143e5d1bd5884c5147322726a0bbe6fbc375a2308d9a36a21b3bbcd797ff4a34b8cc48b6a13540e9c689efa7acb8d289e3ac37cb8ab163e882e5d918be5da3c43939bc873307de2681373d287e3c7aba92be5e01939b0591e58326832a593e6b86127e7bdd503b48c2cb19f7ba249573e946feff16dd7afa2fea887c3a16b069fe46d3ea30c553738d29a00e0ff294bb28895a4b9a00d11c40e364b2a51b2d97efbb0e1f8a7a565df220ea10ab4507b16c67d1a8111c826064fc3e5f3480646c22855ee4283dc8d8c36fb5af3253e519e0b300d6d2b1aebf33a2b7eba476ac93dca1790db2cc66a9dedbae62fb5ee358dcd402125bc8a4514639175d6ffa00e1241a94a99feb0a46cddbebd0986ca9b09f9f6fdefbbf1391ba19c9be378b3f366671e23381d17657e46a9cf894b0fae5227ce25b82ad8a23d6ebcb2f8c68e51d52a3097a7ff37ba0e58ed9ef9b788cee6f8306e196cc519110a810bc578883d5c5cba61a3d350741c416235413543399f49fba82503b48c3bba99cf325fe953bae9604a0e72b9a62772a7baef481395b73e5deb65df656344223c03d15c067b5f98f4f8a8f29818b265e2a906b83fb3f396fc91094e6012f04bbc224be4f2ac4fd2d0c95906aaecf9340da0bf8c44cc2c693386d681a14eb7e38babcab6500d4ad22140502a3321e2d3d5d599869f5406f1d658198831ffebe4d53cd06f681ba8d4bf0df1191077154d8aff7ff581f0187a695cc62d479761136d3b6f3af3dd3bde4c1dbc528825cc2a565cdb028ade45275368c822326fb10c0ffbe76f701a28b23152a8f8324d7df13525e29287897695887babb4b8a637e75bd17b41d1ea12ccc9eec79e31da8d337ceb1784e74475b67fc23a463e7128d80fdbb536d98fc664d565bb791250f5d9b4149ac087878d7d6519f525b042d5850332a0c98557285307d11ce2c2ce77b7f4c4e69908b0a644780d32594bb770e4ce154f9a9ff8151a7eba670c02ed3fa1eb38c5953b3040bfc1c13630b64deba2bbd1412b92e3b09aa7d7932bb8da2051e36baaf4010395df77dbe15d3cf82f181fff264c5f1e50b6d2ce00beee1121f986dff021ea7fe126ee411eb93f17c7d8337e47853b44186d69acdfa3bbd3ce5c6e6061ae8c92e86bebba49d73d7c60f8a910a445ccc8a95db72f948e8ccf5c6cf33eb0d5a4fee769d3560f323e46b00f660c2483a09acb20e0217a5b582483f5a5655746dcdbe408cab9aab9d74c7c29cf6064ca774dac93dab8df52abbdb7d2a79926c4e42bb794898d90941c4fbfb28caddb29125db1bd150d182de0bf9ac223fdea29976c4f59c2203de2fcd3d8f8c3ba3c6fd7640d61a61ce183cd67f8d31a0f4a92d33e4110c2a3bd1b993ea8d9701e98aee8f619a109d033f0d7debf935caa1a55c04a220d860cb6f88efcfc5d55b5c8b16f609c8ad81fcd7a75ee5d12c225b8660053b44d48dc1d61d0de5cde1cd1c4e2ce3a51b1ef4847c9a6394bd478f20a8c5168ad4cf33f2d81f172b659083816b1bcd6640aab3be47df8205035cd4397439ad2b97fb5d0b8c58d78b432a8c3ae19f14cd3a676c56f20aa53943b0ee501a674b814357ca64fc1f3ba37f030149f4b2317b93026860b33dea477d286aa62efa9bd7400fca2db12c15dc9c6ce8e0897de0ddee8e73186c3e19a41f5d76f3f62b288f23a38c0c2d1d317a6f6939f3ebc14aa38194889be6ebc890655e4da3e24b34c1b8c24e0621ff4f63f08aecf4623219aa217757e1dd06c8f175ded0bde1f3575737fbbfff5e433ac63c3c6fd749face99e29dfa2ef78c605b4f1223c4ed06116a514970b781931e6d22b2812bf575e156d3207afe9204e10804817e266ff120ef913732678fe1792db06a6ba1e9d6f02035423866ae65c12c39ac5b32c17b552b5dce58d98217528396f35f38ff761eb898c4eb68ea6d7af713a1299e59998d273c2e7957eaf37712bc7b9556b3dea8c267ee15c490a94c117a55191c32bdd0c82a4ea705d49af3e9c21e22af02eb7521a2c2f903167e11ec9bc057f64ad95c676b23ff763c50992a9a801fcf2e0fd7ea8d25cb21c1bf5560c4b5bebe51b97f8b202d2f24396bb38b2d5b549a4b57260e0f54504320eddacc8e7a1d5942a4fd82f2ca4061239202b41a30bc834f07ce733898dd32cd5a4ce6f86c0b0270c0bfc42604a1c85eb4b9efe78ab5fab25356e774b30798e46812ab9ed3b72a59396a02530d5c5ca825ef7e9f166af904ef52cb002e3a71650dcd72538b1c00fdee892108961da7ff9e35870194f8d649c7851dc8dfbb3080e0fd33afb94ed5a904a1539d1686c175f84338e8e0bd67cb3d3e984620a2f5f25e98246a4bac3e2bda697d819bd0fdd3b7c4b1b1fde68437f0242162ee0cfed5669ff736964796e8a0170d2d0fce756bfdf96507280b49855fa686ded77ae170e189dcdb78d03a2679912b32579ab7410d52d463d60fb3609325028d989de25213b330b398018384d72e760dc982016f46ba6729676aa6c73382ec1165d2bc9f4d4612019124a2be7796f226b4a4fa5ffed4ac40225fe6d3bb644158bea098b417552f4e252e9835f7150fb9b2b9399833dc13267bc8296c62e38b79baff29536127554d7fc45cec6c369ac6b02d98c4afc3f9aeb36255fbcc886bcef2c515246fe984a92559d5ec5b21d66749974cd3af5e2ff620e5445b8a5b7484080518c6670047ca57072d58fc2cdfdf788832d77b7c489ec5ed86152bfa9ecfca027f5394d40e6e1d20b80f9d1b71efcbc78f0637ea26ea85df471cf768afd21868b8e2e6e51d0630b664d30286d2a5483f65e4e7f4465860df9408cf3bf909481c3b509d2ecd398cf23271416b5f51349e627d55fd755ed647047f09f8d138f6dca88f81235637815da570239aee0000dc1f0d3867e092116052b286522427e1e676a9b56fa9620ee0b1904336946e87d2d9f477a2828a92bf79ff5bf5246419f5ea2762f05a8d43d51ade69f5d645ca2c22cb66254195fa030364badf6f2393f2eaf30186bc55a9c5d316ab80be7060cb13c9ee5fd10f5f100c39334296997ed27bb4e64aecf3bd5b3e8db59cbe81d064bd4ea5d59f6e25401c0cabc72d0e09e9fd3094edcfd3bac6db749e4d0324ed62021d892bd59366f36a7f84aae451ab0c4870036b89e0396b784bbe5af5c658d9dea1362fce0dc3a8719211aaccf3484e31c47d1c6e81f4af0b6e724ccd94da45ffe3254ee0cb20013a229562de4d5e2363d90d5d341b967d2fb4861725d0f77c489688e63a7e42cae30516aa69c58af24cf097153359725b86cc43b1847bc2a927740c89c37f71b24154c555c42d0c6a34fdb7b8661a8c2644511dd1f2edf61b5520e1ca29c1e7ea9c4e5146174c2886cb60117826d2caacb18afbbcf623c89e42e9c7bdd6eeb590998e7aece96d21097f3b2f1d9df63df746034e42fc5942a86abf80f97168cbd6c7a1714106697109c82e660b231f22823c7843468ded2ba2aead049e8c833600c297fd0a1bf5e9f28661f71dc4faed3cdfc5916b122de8f7dff7ce2361bac58db7029732df0dcb719035a18dea2514e0f17dcee17a458b7b25ad30c5bb247f7ab42769011c87a7599994c723bcfdfbd800c74e0742aa04ed39abb33447c9fadd8a271d35e93e49b05f2f8ba5fc7b24a7ade58be95fb1f4f0d734f4dd6da439165456084cbadc97fe09b492d9c34071a42392b014a6f8bb6ee78aeb3d073c5180954e59ff0af9ca9eaad6543801bb2f9d6abfe94f5618283793f3c7f21a48331d6f47dd2fe4e81a3f47f849611fd5cf7720dcb50f5b61300afdf6dda19830b5b7e6a1f862a7064f3cdfcdafeb86c53dd6a521a74786d09593d52e43a7912d1235e6f747a26a21d01695b023c0f4264909176e28ab8a8cc10dcc74c1c81d241af966031837f4810064acb632bb271f15f41b7caf55b4bf7288c0461b40ec1f7520fdad34fbff843f88bbca8b00a965fb5aff52646c35f9e9a96722b0acb713e1664795722268fda65d5d3d174d1471257329487202fc42082861854f59a3b013a649bf9058eca80026b55441536f62433474c6a2c5d1851287e12f038394e351abd6b8f59e61f52c2f37e4d82f48adb981351b557fd00266033523cc9ea644760292716a5304e10a75382b190b5b9c93c9e9a2f961aba78131b354821ce0819810cbf632793c57cb64f8b5af33bc2456fa090473fb50ad21a46db197c9bd7ebfda24f677be93bf575103e6a67a8a5bd9d3b0e2b44dd632c022f06d6e0aafa9b6d297925b0218ab863038eb925fce5b1b50fcb456048147397b143dbfb423f2f5dda58cbdb5bf35c93aa736413e600e91a19930e3b2e91b26ee25b0590783df66bdf2fc6c80622ffc701"}) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000060600)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r22}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2, r10}], 0xb2, "9daadf054df44c"}) (async, rerun: 32)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (rerun: 32)
[ 3430.740782][T27996] loop1: detected capacity change from 0 to 512
[ 3430.744341][T27998] loop3: detected capacity change from 0 to 512
[ 3430.753607][T27998] EXT4-fs: Ignoring removed nobh option
[ 3430.753830][T27996] EXT4-fs: Ignoring removed nobh option
[ 3430.759317][T27998] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3430.764840][T27996] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3430.771261][T27998] EXT4-fs: Ignoring removed nobh option
[ 3430.777672][T27996] EXT4-fs: Ignoring removed nobh option
19:07:18 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 26)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:18 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)={0x0, ""/256, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {r2}, {r2}, {}, {}, {r3}, {r2}, {0x0, r4}, {r2}, {0x0, r4}, {0x0, r4}, {}, {}, {r3}, {0x0, r4}, {r3}, {}, {0x0, r4}, {0x0, r4}, {}, {0x0, r4}, {}, {r3}, {}, {0x0, r4}, {r3}, {0x0, r4}, {}, {0x0, r4}, {}, {0x0, r4}, {}, {}, {}, {}, {r2, r4}, {0x0, r4}, {r2}, {r2}, {r2}, {0x0, r4}, {}, {}, {}, {0x0, r4}, {0x0, r4}, {}, {r2}, {}, {}, {r2}, {}, {0x0, r4}, {r2, r4}, {}, {r3, r4}, {}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {}, {}, {r2}, {}, {r3, r4}, {r3, r4}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {r2}, {r2}, {}, {0x0, r4}, {r2}, {0x0, r4}, {}, {0x0, r4}, {r2}, {}, {r3}, {}, {}, {}, {0x0, r4}, {}, {}, {0x0, r4}, {r2}, {}, {0x0, r4}, {}, {r3, r4}, {r3}, {r3}, {r3}, {}, {r3}, {0x0, r4}, {}, {r2}, {r2}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {}, {}, {}, {r2}, {}, {r2}, {r2}, {}, {}, {r3}, {}, {0x0, r4}, {}, {0x0, r4}, {0x0, r4}, {}, {r3}, {r2}, {}, {}, {0x0, r4}, {r3, r4}, {}, {}, {r3, r4}, {r2}, {r3}, {r3}, {r3, r4}, {r2, r4}, {r2}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r2, r4}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {r2, r4}, {}, {}, {}, {r3, r4}, {0x0, r4}, {0x0, r4}, {r3}, {r3}, {0x0, r4}, {0x0, r4}, {r3}, {}, {}, {r3}, {0x0, r4}, {}, {}, {0x0, r4}, {}, {0x0, r4}, {}, {r3, r4}, {}, {}, {}, {}, {}, {r2}, {r2, r4}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r3, r4}, {}, {r3}, {r3}, {r3}, {r2}, {}, {}, {r3}, {}, {0x0, r4}, {}, {0x0, r4}, {r3, r4}, {r3}, {r2, r4}, {}, {0x0, r4}, {}, {}, {0x0, r4}, {r2}, {r3}, {r2}, {0x0, r4}, {r2}, {r3, r4}, {0x0, r4}, {}, {0x0, r4}, {r3}, {}, {}, {}, {}, {}, {r3, r4}, {r3, r4}, {}, {0x0, r4}, {r2}, {}, {r2}, {}, {r2}, {r3}, {}, {r2}, {}, {r2, r4}, {}, {r2}, {r3, r4}, {}, {r3}, {}, {0x0, r4}, {r2}, {0x0, r4}, {0x0, r4}, {r2}, {r2}], 0x8, "a3fa374174c840"}) (async)
r5 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000000)={0x0}) (async)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/9p', 0x280000, 0xb) (async)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r9 = perf_event_open(&(0x7f0000001940)={0x3, 0x80, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000080)}, 0x4000, 0xfffffffffffffffe, 0xc6, 0x2, 0x0, 0x4}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x8) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r9, 0x50009418, &(0x7f0000000400)={{r9}, r11, 0x14, @inherit={0x88, &(0x7f0000000180)=ANY=[@ANYRESHEX=r12]}, @devid}) (async)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r14, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') (async)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r14, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001840)=ANY=[@ANYRES32=r14, @ANYRES32=r13, @ANYRESOCT, @ANYRES32=r10, @ANYRES16=r11, @ANYRES64, @ANYRESHEX=r8], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x20040065) (async)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r7, 0xd000943e, &(0x7f0000001c40)={r10, 0x0, "d93356f533e0070d026a2b11e74703c2e70a0ad6d7d9c1d8feba30048b4686bb6ab47591f48ef78dbfe251ee9ec12d654b32e8f1c0084df1a0cbcc011e0937b7c8c65687019a17e0d05352560105c06d6db0225bb0a5cd0e2d0a50d516aaea707d9aedeeb2fbaaecd95b23829a752ece010ac6bbe70aaed2105ab8926342481e9a327f7ebc9db85fb348088fd581e77752415b2db9dffd7e076dfb73ff2f4bc6d4ce8eff4f6b5a7e39fa7b9d66acdc9a604a2d5f804e69aa63fa523d78f9d187d2bfee51bc4db1ab7eeced9cb0b39896073f3b47963a2853c0d13ca9f62eecdeb762b3a55b273ac7eecdb9db9e65ab91ee5d622781f68a88850ce57ab09d1527", "c21ab51e00e5778ab96256127e43c7edd21070bd76272641dcf6dc144ec2a449139ff9f8cdbea61178f60594355633e602c87492f12d2a19bb0a4ca46746b645168323274614ec4d7ba8b6ec2d688c5a64fed3cd3228dacd4a94544bd87820ebe9b0e4b5c15d933bfb93b5ba34481c48a4becfeb8898914b06374ed7b407455760513017b3414d6cff69dac6807e7134f61ec3a159444ad2169cc4145f59a8aba3d7d82b81f0998c0d6a012e16f27f45efc584dce1c849ab28e0658ac51c1bdd8439eab2ce7e489ddb0c115572d37da0ecf51d11849702238439b9a41eb8203f0f6d2253056da3f5bc5435d4788fc76d7a0409fa4ecdcac1fdd1e5784fe6d25e8d1e99d0e485bfd50dc33e56403016734b2f035ca193d9216f8159af56016f8d83c61a95a3803cd17d4d143200da917e061752f719614a2ea4224842bac56d20a9f0dd1930017ef8538f074e4fed1e18f8d7815b237d078059dad372c660bf818e4506e1d09d53ecb491981633e382f7c3c371bdb37c8d97c7421a7025e9bdad3d32b65caa6ae97fe9c764b323e7ef3717689e21b87f0e4f8b09a0918f47d4f8369136a471ac96a0d41c5c3182107c045c48a5e6598c406fa3b85572acb1e06ef8eb7071b63ceccc469d0f338bcfe3d6c48ee8bdc22837db001e5530f0a553fb5c89ae7dc5cca092f8052031f760134df9ef6aa15b736817f5ec9ffca9461dc7bce65e883449496828a9ae7fd99a1432dedc874434dfd8fc4d0695c529001e673098e1aeda8e8176d2221aefb6953cb723bdee6d5575bde5c8ab39f2ea628e36da2e511ae6e71b26cc0acdd930172794a2a07b669e3ce7f9a9f0a42f253780e132adf682409b07c0e3b0ed52b68d4e9191fe027c09f6df2fe290a6e6d9d82c9696bdbc3e7b5a8e068dcdd64fc658d0c076b1c5a88ad484a48a366bccf9d92d06ba3b8fe435a4cc8af841f6cefa1ba239f70a5f69cc4c79e135286735a9a3fc66b441fd6643ecc83c03587289bbc8fa852dc7d6f9094887f3039475c33bd1274327f4a59bfe10943744dbe4d6ae61da4a19202b07c10f9fb72fbd1a808b9f0bb725d11bec91f5007581f71bb6ef298c0c8c41c33f517ef571498d34739cf477986bc98e55c37c7cb3095f5c0899a6a00a5d4eaa6546ddb105af8bc739a8d7d54c244611f4daf86a7a39fe80b282b1cf093ae328a0e8b0a918f8b2821cc00376b5b33b7060ec5e11f5bce746e55f3babcb10360997151abc76423c5f4453261bd157ab93a6fd45c85c7cf7c3a6c16a5633ade9b4d5a0c6883228d50f9114337979b153caf6a908cdd7349184bbb917f125de3c96b3623d242564ccb4bc2fb99d307ffdec2f0720382e73ce3e9a182c9abf2926feb1e3d1838f7e1dc99873797637b8e3248164f2c871ba684898aa2a093fabc6155d1b0d601f41e46d731d835a10db50c59cb458b073d38cef9d9007a367ffcab77479d264a32ed769c768d09784f8fdb3797c3d4a3b0f58c1c04380cb3c265486517efa577dd25e8f4cadeca1fd940ccb6f32e770a90bd0bdbe99bb24ce3c8fe76c67430f6066d9fb2af99f788cef996b5dea3118d1c2a6325bb7d43554913a80a43fc45b5ffb52ac6fe57da3db64f1e4e42597908e995c2c16da8fdd3f8f4619e81bba2b9108b6eaae0850a13061ff049abdbced553df6af40a93cc81b192cba6933910276c8d8c0a9f23af824d2d4bed74e6afe08d5521e6a4a7d4a2f2e817af526e6501abf19b4187245c2317de6657a0b71d8115c556c8ff04339ece97e8bae56e89752a826354172d730c37a3bab4b02e797586137b3678fbfbd521a3ab991e82e39e69b3bc198408c6d58a8fd31fb60420e67fca16024906255c54ccff6bcc204314ed0841cfc916bc4f330ccf0856212329c58b7343dad8837bb1dbf138c7fd19e9f672550485ea4724aa0577c786267b89157818fea5485ac05ceb2d8bcdbdfa2615ef719ce4f2f6ca11e20904321bb7864be575a4616858801290e572bc1d79d401a6195d4edafdb0285a03af4e18634648f89686c5fd859dc138aa0ec4b66d5e507bf1370431ff17b578a8ca6c84587bf5d0fbd20e59d05095adc6bd4f20ae0404535967190654fa2dac128783aef42cc1282c07683c979701b31bb054094a401e76ce681c36abdea40b47435b723c0cbe42ce2ee5963fd0f0011ee0e89270dfc2415f4e2202cef3c50076ac0b2205cadb4dad6dac5db4c977ea7af14cde4d18d84c539d49d07990ea870505aaf8a75ebb7181cc6279baa6fb9462a0b92c2327380c52b52c10898130ce35bc7e42f44722b56c3e04f020c721457ccf54bc60be768c148f7bbec0aa403812c55fa261bb1ba20b75d4f1b6b93f6a4710e3e79384ac34da40833b7831c0df57e89123281a810d8202e90127e18916d0da237f1e69b3e8bb4610bd86549757fe88a1d6437978b391aca44797483b6d82fcc6a23a482110a7fa29d89796afb3fc0916b82997a9d724b70006ea5dee8f4aa433366804b82fc30c9c624f9db701fcc78c22de9e1f797ac8fbd8c85d617fa1ea7c7ba9989a4a4d6d4295287cfe3bee83c78872fe34e43803e606b5b1dbecafc90a6023b1bc769f34920880cc97de321ba85a5f62ee3f1552a17d7f3838c331fa64347dd1e12ec5a8f9e585f25ab65922cf32a1b93aa332cba117e5ab34dc57544f51e15e0aeedef036dbd5ab57046532d375a2e0888c9e6d85a11b15673fa3dee592b75eb36d61c49c8130e9b60e62ad42171159101f88b51906a73a1db2181fd5bb0d1e8ce60207ed3035c1e700ee66f0af0833e1cce7608e6b7de33fc4e3bc36abfc5968fa5086af9b11b92a3471c5188e28862da6c509528258aa279526a826808c3b4dc33463820dc702a7e23e88cca68cb10d5eb6990a220000c65100b18de9713f1a00a07f0afaf07dc61a4a0e6ec4e79f79862c4bc722e5ce2ab4e93da4759c87418e4b411a4af0d36dfe643377fe9cf4d9e87df761299f827fb38e9614f29a6dd9ac9721994d4c134380068d7c90413c14bf4dbb4f29b675f3799731b53002640a99f164de700bbaabab785276552cbcaba84c8b4dfb954d95c1f5a201209e8b3cec19d84e0f31f59c7c355ed79cf172d04539d43e47383c8e28af1bc9753e496562d4b4c59297d7f8437e9662d9f23fd3e91407081e07671763c03313616d7ecff65c531f4f15ce2b428a336ea857180b6460257856445113715555acac02d4bb07e74844dab429897f7dc7db4e9b1d38cfc62d74a9ff402978cc6207eb103099b894c74690769768c4e9b287c162f9e2abbd44b692333beb490700b0990d08b0217056245eb9957216ce0ff5de1d366e76355b57f498df62b8a2a769dff35524acf51a69a0b746946c7b1ab8f380a9e7446592fa519abd92e56a82f91638db76621c904077a6b4a1e1fd6eba382e3758329de77b8431e7975b6482c29a06d9233adcee83ceb82d1bd7ddae0c60838cba423ebb55bd377ab8ce76a983457ed29195ee23b9b43982e2e74b6e5e7b2e78fca83e75ccbb4ddcb45f97cdf84437fd1eb2d95ad2ddc95e6b7c96a3b8b641e60b6e53e1f42a548d0dcf217fc625f70a856d290cb6b9400a5f861e977cce0522f443bd005eec04d1eba19f4372d86d17f33ad7a36dba6bd65107dfbd01001ef1fd71191332c483b65c4c81205e842acbe443326cefd84b6d605d0e1f8ee91f3abf753ac2d88d08e12aa8cee48072196b0992d9c7692f0740c1a1317f4de68100a3db360f3c69b18da7a51df9042a229aba87b3608dfadf60c7dcf3c947e0b5b25192bde3b33635d1699b1fa1e456bf7fc5a373b8226c679fe5fb8eec715f9ee0c1a1223e08235137d0aa6df29096ce5d295163d7f8a1d08afacf5bf349d4819381ef513d5d703a3d0c8a19009e50df2912ee1d0cf5d865e9883ca20e131500d3a55b3e1746781b5f10611ea7c457317ec2153691e1362fe109432e091cb7a8c74fbf316753eee5de22fea1e80cbb077a85c8f882a2e6c40d156a37f21d750830f11741dfc16511834a114af31e6e8edef849d438524892af08e68fefc8a5ac26205468aab334296edec5b2bacb91bdda3296cd7f9d9ca68260a8709a332b9f422acfc05e61587f20c99e03495a5e271ab938928c9fb3012a428157a5ca6724154667dc7a02c126bab9deddb45254f965e3d1e8e2326cdbb7f8279b158ff19d2de5fafedbaccb4bca4888a2e8bc74a4b39db6bb9beecf69f5945bc526f62140b5919ee46e29935f63705542550982aff7f5ae7fa1a4f424dc1ef9e8d338cc98276bb0d5889127c00d34fcbf74a819fe340e8249c1e60e953726fe1f2b0857d3fbb100d09c5f28b0e8bf7fecb15e9b9a4a6d3dd2fb2b8d71c8b57e6cf0533b340422c43ec53de0c3785cad282046556216f3da7224ad8ab38cffd0c503a960548a3d5c3bd862a6c5907e3a665615cfb0218359511f64033e88e4fd5d2f78d0b4a22dffa71c5ba27e8233ffebf3729033828d02732e08dd3ec028a94b14496950249bd24bd55123795d66c3a1a629e533085878c4cc425e2e9717c7ee6c9d719fa8db1ea4c16f3b5df660b71c1b87996c96c0cfb257faa41c1d7b8a07e0df3d75588ed3c5f7f5a05d119ab254c95128cc0b4d550f726909042730742e9a35bf35019ab38222e7dad59e673eabdd39f84c5dcaef6907f4f8b7a5f8b3d930d4370abfd530c051e5473675d194f0bfc1d6a50d4d24d8d93e2fa3aba80b632685d02f1c29ce6b206b55ca7e42de7efb41326446f23fd1349da3ca4ba50ebb3b354729177221f1b8acc8d9d3fe1e88995aeadf16af73fe1d0e8287ced39c33830dbe970fd0c4c0a50e49d1617786d569ea804b4a6b26724a032fbf83ec6bf209688ad134a9ded234832a5078e1639c6982d848587e600a9e1de3d27243f6b37a5bc60b535cc12387f07bcd0d5cca82b9fe4b5bc24f988e426e05cdbe9ee1514f3726eb8756812e23b069c4d5ab7ec3524ef6583e81216055baf6caaf92e2581f30754e127319cf12339fb3bdf61e2870ff2f1518e37395c49fb392cdb5f2443bcec7162258c9bb05c330c3003eabac85a578faa87690ccbf214f3cdac196bbe6d1028c46ac2183026c9d931400fa507ca935c824ca996010248021e9783ba1b7c7d969c007c7b8625c6da10f3864736355237b3799bbe3e7c731f000d20d3980e13ed6902770104d35cf6b474eb04d921ea7f8f44da3bfec32701286efd47738951e947e0ea9eba03ac6980c31148c385edaa1c51f1c038fbf46b75059a66735c9d75285a4aa386d44e38440acba4cc93a1be79ebcbde0879b3ef4a1fab9fa0b9ab2fd79b1e6a4e9f4dc97f1ae8ad4c3df7ab96899c9af3700ef29fd7ef6931cbbaf1ae400ccf6b1892454317"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0x8, "a3fa374174c840"})
r18 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r18, 0x890c, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x2, @remote={0xac, 0x10, 0x3}}, @l2tp={0x2, 0x0, @empty, 0x1}, @generic={0x2, "bcbc5dada046e4d15ddee9502b10"}, 0xf0f4, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='syz_tun\x00'}) (async)
ioctl$FS_IOC_FIEMAP(r18, 0xc020660b, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000001400), 0x800, 0x0) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000001440)={0x0, ""/256, 0x0, 0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053680)={0x1, [{}, {}, {r19}, {r19}, {}, {}, {r20}, {r19}, {0x0, r21}, {r19}, {0x0, r21}, {0x0, r21}, {}, {}, {r20}, {0x0, r21}, {r20}, {}, {0x0, r21}, {0x0, r21}, {}, {0x0, r21}, {}, {r20}, {}, {0x0, r21}, {r20}, {0x0, r21}, {}, {0x0, r21}, {}, {0x0, r21}, {}, {}, {}, {}, {r19, r21}, {0x0, r21}, {r19}, {r19}, {r19}, {0x0, r21}, {}, {}, {}, {0x0, r21}, {0x0, r21}, {}, {r19}, {}, {}, {r19}, {}, {0x0, r21}, {r19, r21}, {}, {r20, r21}, {}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {}, {}, {r19}, {}, {r20, r21}, {r20, r21}, {}, {}, {}, {}, {}, {}, {}, {0x0, r21}, {}, {0x0, r21}, {r19}, {r19}, {}, {0x0, r21}, {r19}, {0x0, r21}, {}, {0x0, r21}, {r19}, {}, {r20}, {r15}, {}, {}, {0x0, r21}, {}, {}, {0x0, r21}, {r19}, {}, {0x0, r21}, {}, {r20, r21}, {r20}, {r20}, {r20}, {}, {r20}, {0x0, r21}, {}, {r19}, {r19}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {0x0, r21}, {}, {}, {}, {r19}, {}, {r19}, {r19}, {}, {}, {r20}, {}, {0x0, r21}, {}, {0x0, r21}, {0x0, r21}, {}, {r20}, {r19}, {}, {}, {0x0, r21}, {r20, r21}, {}, {}, {r20, r21}, {r19}, {r20}, {r20}, {r20, r21}, {r19, r21}, {r19}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r19, r21}, {}, {}, {}, {}, {}, {0x0, r21}, {}, {0x0, r21}, {r19, r21}, {}, {}, {}, {r20, r21}, {0x0, r21}, {0x0, r21}, {r20}, {r20}, {0x0, r21}, {0x0, r21}, {r20}, {}, {}, {r20}, {0x0, r21}, {}, {}, {0x0, r21}, {0x0, 0x0}, {0x0, r21}, {}, {r20, r21}, {}, {}, {}, {}, {}, {r19}, {r19, r21}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r20, r21}, {}, {r20}, {r20}, {r20}, {r19}, {}, {}, {r20}, {}, {0x0, r21}, {}, {0x0, r21}, {r20, r21}, {r20}, {r19, r21}, {}, {0x0, r21}, {}, {}, {0x0, r21}, {r19}, {r20}, {r19}, {0x0, r21}, {r19}, {r20, r21}, {0x0, r21}, {}, {0x0, r21}, {r20}, {}, {}, {}, {}, {}, {r20, r21}, {r20, r21}, {}, {0x0, r21}, {r19}, {}, {r19}, {}, {r19}, {r20}, {}, {r19}, {}, {r19, r21}, {}, {r19}, {r20, r21}, {}, {r20}, {}, {0x0, r21}, {r19}, {0x0, r21}, {0x0, r21}, {r19}, {r19}], 0x8, "a3fa374174c840"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000200)={0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r5, 0xd000943e, &(0x7f0000000400)={r10, r23, "261648060feef3e5f1c53d293c1a8154d9dd0f24796a5e5db43f8a6adcd07c4f7401d862dc00dc1380880d50869f11346a7894251ea59ce1e2641a061a1263149e0d2e5b5332ef3237661474fc323e15ca6935c4755a59b9ac13935e5aa74acf80f3e232e828fde244869167310ad32a7f8110b5abc80e4017a2fdbc7110a36bce5fc639736c8ae9af285aadf65e02b868e6ab943fea9a2a364cc6cf3c0e80ad9843fc59f68fa37d9f14ce0af727f0b9978b5db3c6939467414ae3cc354ffd46690df0ef6dfb6a5251d290b0884fb80bf4985770406bf5552c9f7a5ce82ecc21c8bf6633e65f244d112f130472bb5e8142d8021c800ba202aa6eb89312acc6d0", "6d7bb9bc231700be531390d8505523de2f060fd71ce5ca2d39b84810ebde9415e12df058944a26f3213acc2cca254ce5bb74a643cf9adeb92797c5ae03841dc93f63dcd3ff188a79a35c0329527abfb12d43221347b08c85f4141b9b74375f11d1543fe173e3d80834259ddeedbe503b1d208533cd7fd8f3d1fd73ca7e17c1aa70785ddfaf0aeff8a96f7b1ba1aee60cfad09217c8bede17cb0dadfa4457315fd0ecd1f7bc3c5fe5c1e1d372b6d16aea28fab256a70f0666e81d7af62fa2d9d0faacd6ac20264d92c85e31d858ca600dd0bcf4da5ed3bf2634e18da07d00389b34e722982a09d9d55905c4906da31f879798db6ef81a6071a98b4eba8888b99c70a390c955bd073e6c90a7970c2711732deb661bb8dae98c5a2132673b63990ad38f43f833b261f3abccdafc2740d84b871ad060fa434f3db464a98c2031f990381a045c892607976f06862baa2b9ec5cff0e2218088956e596763d64f68c2c6c11b3707050cedb5c10f9670745246848b3bb39c96b26e42e505a2ed53ef97b2171efd99b4568d2879700ea735f7abe6c815153ec11425f513bcd290baaedc41602cc0c44e2ed25314fe4cc3c4ad8cf5d42b468ba4d0cfbe40682ca2f3aab49cd351f8959b2ea16d97f3f0a476b0b28f7bc3ba16c4c2230903d9029da6b89199813d46de89862e6c1d92e3460963abccda1f814cce77cfa91267857229b19f787e263b580d0de96a68d07c075114e56c630338f70ba0a0d473bb8dee011a1701e12856b96d8a6b9a14a9da3d5bd4bb094b3e849924d22dbedcda98fcc5e6a60b31e73f1e71295754b06fc22acff834161043bc0706f7df9aa91bcc57ea3cb40c4089ad05388147e881e93fb32c7246f2cdd0f354edcf39276e091f824f096728b27b9348e7bda68f7cb1316c129fd45327be62cd33930fb4c03f1e112b52c0eb4aa4e914574c8dc85217e5250a7a5f098482400775dbb3c7683099c0fa24bf5d4a130db96e7cd803e4dd471a6143e5d1bd5884c5147322726a0bbe6fbc375a2308d9a36a21b3bbcd797ff4a34b8cc48b6a13540e9c689efa7acb8d289e3ac37cb8ab163e882e5d918be5da3c43939bc873307de2681373d287e3c7aba92be5e01939b0591e58326832a593e6b86127e7bdd503b48c2cb19f7ba249573e946feff16dd7afa2fea887c3a16b069fe46d3ea30c553738d29a00e0ff294bb28895a4b9a00d11c40e364b2a51b2d97efbb0e1f8a7a565df220ea10ab4507b16c67d1a8111c826064fc3e5f3480646c22855ee4283dc8d8c36fb5af3253e519e0b300d6d2b1aebf33a2b7eba476ac93dca1790db2cc66a9dedbae62fb5ee358dcd402125bc8a4514639175d6ffa00e1241a94a99feb0a46cddbebd0986ca9b09f9f6fdefbbf1391ba19c9be378b3f366671e23381d17657e46a9cf894b0fae5227ce25b82ad8a23d6ebcb2f8c68e51d52a3097a7ff37ba0e58ed9ef9b788cee6f8306e196cc519110a810bc578883d5c5cba61a3d350741c416235413543399f49fba82503b48c3bba99cf325fe953bae9604a0e72b9a62772a7baef481395b73e5deb65df656344223c03d15c067b5f98f4f8a8f29818b265e2a906b83fb3f396fc91094e6012f04bbc224be4f2ac4fd2d0c95906aaecf9340da0bf8c44cc2c693386d681a14eb7e38babcab6500d4ad22140502a3321e2d3d5d599869f5406f1d658198831ffebe4d53cd06f681ba8d4bf0df1191077154d8aff7ff581f0187a695cc62d479761136d3b6f3af3dd3bde4c1dbc528825cc2a565cdb028ade45275368c822326fb10c0ffbe76f701a28b23152a8f8324d7df13525e29287897695887babb4b8a637e75bd17b41d1ea12ccc9eec79e31da8d337ceb1784e74475b67fc23a463e7128d80fdbb536d98fc664d565bb791250f5d9b4149ac087878d7d6519f525b042d5850332a0c98557285307d11ce2c2ce77b7f4c4e69908b0a644780d32594bb770e4ce154f9a9ff8151a7eba670c02ed3fa1eb38c5953b3040bfc1c13630b64deba2bbd1412b92e3b09aa7d7932bb8da2051e36baaf4010395df77dbe15d3cf82f181fff264c5f1e50b6d2ce00beee1121f986dff021ea7fe126ee411eb93f17c7d8337e47853b44186d69acdfa3bbd3ce5c6e6061ae8c92e86bebba49d73d7c60f8a910a445ccc8a95db72f948e8ccf5c6cf33eb0d5a4fee769d3560f323e46b00f660c2483a09acb20e0217a5b582483f5a5655746dcdbe408cab9aab9d74c7c29cf6064ca774dac93dab8df52abbdb7d2a79926c4e42bb794898d90941c4fbfb28caddb29125db1bd150d182de0bf9ac223fdea29976c4f59c2203de2fcd3d8f8c3ba3c6fd7640d61a61ce183cd67f8d31a0f4a92d33e4110c2a3bd1b993ea8d9701e98aee8f619a109d033f0d7debf935caa1a55c04a220d860cb6f88efcfc5d55b5c8b16f609c8ad81fcd7a75ee5d12c225b8660053b44d48dc1d61d0de5cde1cd1c4e2ce3a51b1ef4847c9a6394bd478f20a8c5168ad4cf33f2d81f172b659083816b1bcd6640aab3be47df8205035cd4397439ad2b97fb5d0b8c58d78b432a8c3ae19f14cd3a676c56f20aa53943b0ee501a674b814357ca64fc1f3ba37f030149f4b2317b93026860b33dea477d286aa62efa9bd7400fca2db12c15dc9c6ce8e0897de0ddee8e73186c3e19a41f5d76f3f62b288f23a38c0c2d1d317a6f6939f3ebc14aa38194889be6ebc890655e4da3e24b34c1b8c24e0621ff4f63f08aecf4623219aa217757e1dd06c8f175ded0bde1f3575737fbbfff5e433ac63c3c6fd749face99e29dfa2ef78c605b4f1223c4ed06116a514970b781931e6d22b2812bf575e156d3207afe9204e10804817e266ff120ef913732678fe1792db06a6ba1e9d6f02035423866ae65c12c39ac5b32c17b552b5dce58d98217528396f35f38ff761eb898c4eb68ea6d7af713a1299e59998d273c2e7957eaf37712bc7b9556b3dea8c267ee15c490a94c117a55191c32bdd0c82a4ea705d49af3e9c21e22af02eb7521a2c2f903167e11ec9bc057f64ad95c676b23ff763c50992a9a801fcf2e0fd7ea8d25cb21c1bf5560c4b5bebe51b97f8b202d2f24396bb38b2d5b549a4b57260e0f54504320eddacc8e7a1d5942a4fd82f2ca4061239202b41a30bc834f07ce733898dd32cd5a4ce6f86c0b0270c0bfc42604a1c85eb4b9efe78ab5fab25356e774b30798e46812ab9ed3b72a59396a02530d5c5ca825ef7e9f166af904ef52cb002e3a71650dcd72538b1c00fdee892108961da7ff9e35870194f8d649c7851dc8dfbb3080e0fd33afb94ed5a904a1539d1686c175f84338e8e0bd67cb3d3e984620a2f5f25e98246a4bac3e2bda697d819bd0fdd3b7c4b1b1fde68437f0242162ee0cfed5669ff736964796e8a0170d2d0fce756bfdf96507280b49855fa686ded77ae170e189dcdb78d03a2679912b32579ab7410d52d463d60fb3609325028d989de25213b330b398018384d72e760dc982016f46ba6729676aa6c73382ec1165d2bc9f4d4612019124a2be7796f226b4a4fa5ffed4ac40225fe6d3bb644158bea098b417552f4e252e9835f7150fb9b2b9399833dc13267bc8296c62e38b79baff29536127554d7fc45cec6c369ac6b02d98c4afc3f9aeb36255fbcc886bcef2c515246fe984a92559d5ec5b21d66749974cd3af5e2ff620e5445b8a5b7484080518c6670047ca57072d58fc2cdfdf788832d77b7c489ec5ed86152bfa9ecfca027f5394d40e6e1d20b80f9d1b71efcbc78f0637ea26ea85df471cf768afd21868b8e2e6e51d0630b664d30286d2a5483f65e4e7f4465860df9408cf3bf909481c3b509d2ecd398cf23271416b5f51349e627d55fd755ed647047f09f8d138f6dca88f81235637815da570239aee0000dc1f0d3867e092116052b286522427e1e676a9b56fa9620ee0b1904336946e87d2d9f477a2828a92bf79ff5bf5246419f5ea2762f05a8d43d51ade69f5d645ca2c22cb66254195fa030364badf6f2393f2eaf30186bc55a9c5d316ab80be7060cb13c9ee5fd10f5f100c39334296997ed27bb4e64aecf3bd5b3e8db59cbe81d064bd4ea5d59f6e25401c0cabc72d0e09e9fd3094edcfd3bac6db749e4d0324ed62021d892bd59366f36a7f84aae451ab0c4870036b89e0396b784bbe5af5c658d9dea1362fce0dc3a8719211aaccf3484e31c47d1c6e81f4af0b6e724ccd94da45ffe3254ee0cb20013a229562de4d5e2363d90d5d341b967d2fb4861725d0f77c489688e63a7e42cae30516aa69c58af24cf097153359725b86cc43b1847bc2a927740c89c37f71b24154c555c42d0c6a34fdb7b8661a8c2644511dd1f2edf61b5520e1ca29c1e7ea9c4e5146174c2886cb60117826d2caacb18afbbcf623c89e42e9c7bdd6eeb590998e7aece96d21097f3b2f1d9df63df746034e42fc5942a86abf80f97168cbd6c7a1714106697109c82e660b231f22823c7843468ded2ba2aead049e8c833600c297fd0a1bf5e9f28661f71dc4faed3cdfc5916b122de8f7dff7ce2361bac58db7029732df0dcb719035a18dea2514e0f17dcee17a458b7b25ad30c5bb247f7ab42769011c87a7599994c723bcfdfbd800c74e0742aa04ed39abb33447c9fadd8a271d35e93e49b05f2f8ba5fc7b24a7ade58be95fb1f4f0d734f4dd6da439165456084cbadc97fe09b492d9c34071a42392b014a6f8bb6ee78aeb3d073c5180954e59ff0af9ca9eaad6543801bb2f9d6abfe94f5618283793f3c7f21a48331d6f47dd2fe4e81a3f47f849611fd5cf7720dcb50f5b61300afdf6dda19830b5b7e6a1f862a7064f3cdfcdafeb86c53dd6a521a74786d09593d52e43a7912d1235e6f747a26a21d01695b023c0f4264909176e28ab8a8cc10dcc74c1c81d241af966031837f4810064acb632bb271f15f41b7caf55b4bf7288c0461b40ec1f7520fdad34fbff843f88bbca8b00a965fb5aff52646c35f9e9a96722b0acb713e1664795722268fda65d5d3d174d1471257329487202fc42082861854f59a3b013a649bf9058eca80026b55441536f62433474c6a2c5d1851287e12f038394e351abd6b8f59e61f52c2f37e4d82f48adb981351b557fd00266033523cc9ea644760292716a5304e10a75382b190b5b9c93c9e9a2f961aba78131b354821ce0819810cbf632793c57cb64f8b5af33bc2456fa090473fb50ad21a46db197c9bd7ebfda24f677be93bf575103e6a67a8a5bd9d3b0e2b44dd632c022f06d6e0aafa9b6d297925b0218ab863038eb925fce5b1b50fcb456048147397b143dbfb423f2f5dda58cbdb5bf35c93aa736413e600e91a19930e3b2e91b26ee25b0590783df66bdf2fc6c80622ffc701"}) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000060600)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r22}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2, r10}], 0xb2, "9daadf054df44c"})
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3430.806468][T27998] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3430.823194][T27996] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3430.840852][T27996] EXT4-fs (loop1): 1 truncate cleaned up
[ 3430.848099][T27998] EXT4-fs (loop3): 1 truncate cleaned up
[ 3430.874831][T28008] FAULT_INJECTION: forcing a failure.
[ 3430.874831][T28008] name failslab, interval 1, probability 0, space 0, times 0
[ 3430.887567][T28008] CPU: 1 PID: 28008 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3430.898034][T28008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3430.908100][T28008] Call Trace:
[ 3430.911425][T28008]
[ 3430.914352][T28008] dump_stack_lvl+0xda/0x130
[ 3430.919053][T28008] dump_stack+0x15/0x20
[ 3430.923211][T28008] should_fail_ex+0x21f/0x230
[ 3430.927902][T28008] __should_failslab+0x92/0xa0
[ 3430.932704][T28008] should_failslab+0x9/0x20
[ 3430.937344][T28008] slab_pre_alloc_hook+0x38/0x180
[ 3430.942431][T28008] __kmem_cache_alloc_node+0x46/0x250
[ 3430.948003][T28008] ? io_drain_req+0x1e1/0x4f0
[ 3430.952737][T28008] kmalloc_trace+0x2a/0xa0
[ 3430.957223][T28008] io_drain_req+0x1e1/0x4f0
[ 3430.961785][T28008] io_queue_sqe_fallback+0xd1/0xe0
[ 3430.967032][T28008] io_submit_sqes+0xbf8/0xfe0
19:07:18 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x2}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
syz_io_uring_setup(0x1dd3, &(0x7f0000000280)={0x0, 0x594e, 0x20, 0x3, 0x291, 0x0, r1}, &(0x7f000038b000/0x4000)=nil, &(0x7f00001ce000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000340))
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
mq_timedreceive(r2, &(0x7f0000000180)=""/214, 0xd6, 0xb, 0x0)
19:07:18 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x2}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
syz_io_uring_setup(0x1dd3, &(0x7f0000000280)={0x0, 0x594e, 0x20, 0x3, 0x291, 0x0, r1}, &(0x7f000038b000/0x4000)=nil, &(0x7f00001ce000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000340))
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
mq_timedreceive(r2, &(0x7f0000000180)=""/214, 0xd6, 0xb, 0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x2}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
pidfd_getfd(0xffffffffffffffff, r0, 0x0) (async)
syz_io_uring_setup(0x1dd3, &(0x7f0000000280)={0x0, 0x594e, 0x20, 0x3, 0x291, 0x0, r1}, &(0x7f000038b000/0x4000)=nil, &(0x7f00001ce000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000340)) (async)
dup(0xffffffffffffffff) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4) (async)
mq_timedreceive(r2, &(0x7f0000000180)=""/214, 0xd6, 0xb, 0x0) (async)
[ 3430.971785][T28008] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3430.977470][T28008] ? __fget_files+0x1c4/0x200
[ 3430.982190][T28008] ? mutex_lock+0xd/0x30
[ 3430.986478][T28008] ? fput+0x112/0x140
[ 3430.990474][T28008] ? ksys_write+0x178/0x1a0
[ 3430.995046][T28008] __x64_sys_io_uring_enter+0x78/0x90
[ 3431.000463][T28008] do_syscall_64+0x41/0xc0
[ 3431.004956][T28008] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3431.010913][T28008] RIP: 0033:0x7fbf4da9f169
19:07:18 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x2}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
syz_io_uring_setup(0x1dd3, &(0x7f0000000280)={0x0, 0x594e, 0x20, 0x3, 0x291, 0x0, r1}, &(0x7f000038b000/0x4000)=nil, &(0x7f00001ce000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000340))
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4) (async)
mq_timedreceive(r2, &(0x7f0000000180)=""/214, 0xd6, 0xb, 0x0)
[ 3431.015388][T28008] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3431.035069][T28008] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3431.043483][T28008] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3431.051593][T28008] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3431.059578][T28008] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3431.067655][T28008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3431.075640][T28008] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3431.083856][T28008]
19:07:18 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async, rerun: 32)
shutdown(0xffffffffffffffff, 0x0) (rerun: 32)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async, rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x3) (rerun: 64)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async, rerun: 32)
r3 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000000840)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async, rerun: 32)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (rerun: 32)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:18 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97478919M282gNIaiYjBiLgjIn7Ly0lLg0re7vrK0vRfK0vTSdRqb/6Z1NtdW1maLpoWf7cvr4ymEemnScs/bFi4cPHMVLU6ez6vjy+efW984cLFZ+bOTp2ePT17bvLEiePHJp5/bvLZrsSZxXVt+MP5w4deffvy69MnL7/z0zdJHne0xNEtIzHSLvS6x7vdWY/tbyonfT0cCFuS5XZ2uPrr+T8YlVg7eIPxyic9HRywq2q1Wm1P593LNeAWlkSvRwD0RvFFn13/FtsNmnrcFK6+2LgAyuK+nm+NPX1xPG/T33J9200jEXFy+e8vsy126T4EAECz77L5z9Pt5n9p3NvU7s58DWUoIu6KiAMRcXdEHIyIeyLqbe+LiPu32P9IS339/Ce9sq3ANimb/72Qr239e/6XFk2GKnltfz3+/uTUXHX2aP6ejEb/nqw+sUEf37/86+ed9jXP/7It67+YC+bjuNLXcoNuZmpxaicxN7v6ccRwX7v4k9WVgCQiDkXE8Db7mHvy68Od9v13/BvowjpT7auIJxrHfzla4i8kG69Pjt8W1dmj48VZsd7Pv1x6o1P/O4q/C7Ljv7ft+b8a/1DSvF67sPU+Lv3+Wcdrmu2e/wPJW/XyQP7aB1OLi+cnIgaS19a/Prn2t0W9aJ/FP3qkff4fiLV34oGIyE7iByPioYh4OB/7IxHxaEQc2SD+H1967N3tx7+7svhntnT8t16onPnh2079b+74N67ER/NXNvP5t9kB7uS9AwAAgP+LtP4MfJKOrZbTdGys8Qz/wdibVucXFp86Nf/+uZnGs/JD0Z8Wd7oGm+6HTuT3hov6ZEv9WH7f+IvK7fX62PR8dabXwUPJ7euQ/5k/Kr0eHbDr/F4Lykv+Q3nJfygv+Q/lJf+hvNrl/0c9GAdw4/n+h/KS/1Be8h/KS/5DKe3kd/0KZS5EelMMQ2GXCr3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiOfwIAAP//GQHmig==")
19:07:18 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv13ELLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJXuKNKFeqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVi4jRiLgjIn7L00lngVrrz/Wr52f/unp+NolG480/k2a5a1fPzxZFi+ftzDPjaUT6adLxD1sWz547OVOvz5/J85NLp96bXDx77pkTp2aOzx+fPz195MjhQ1PPPzf9bF/izOK6tu/Dhf17X3370uuzRy+989M3SR53dMTRL7WodQu96fF+VzZku9rSycgQG8KGVCIi665qc/yPRiVWOm80XvlkqI0DBqrRaDS29z59oQH8jyUx7BYAw1F80Gf3v8Vxk6Yet4QrL7ZugLK4r+dH68xIpHmZasf9bT/VIuLohb+/zI4Y0DoEAEC777L5z9Pd5n9p3NtW7s58D2UsIu6KiN0RcXdE7ImIeyKaZe+LiPs3WH+tI796/pNe3lRg65TN/17I97b+Pf8rZn8xVslzu5rxV5NjJ+rzB/PXZDyq27P81Bp1fP/yr5/3Otc+/8uOrP5iLpi34/JIxwLd3MzSzFZibnfl44h9I93iT5Z3ApKI2BsR+zZZx4knv97f61z1hvGvoQ/7TI2vIp5o9f+F6Ii/kKy9Pzl5W9TnD04WV8VqP/9y8Y1e9d+4/wcr6/8dXa//5fjHkvb92sWN13Hx98963tNs9vrflrzVTG/LH/tgZmnpzFTEtuS11Y9Przy3yBfls/jHD3Qf/7tj5ZV4ICKyi/jBiHgoIh7O2/5IRDwaEQfWiP/Hlx57d/PxD1YW/9yG+n/jicrJH77tVf/6+v9wMzWeP7Ke97/1NnArrx0AAAD8V6TN78An6cRyOk0nJlrf4d8TO9L6wuLSU8cW3j891/qu/FhU02Kla7RtPXQqXxsu8tMd+UP5uvEXldub+YnZhfrcsIOHktvZY/xn/qgMu3XAwPm9FpSX8Q/lZfxDeRn/UF7GP5RXt/H/0RDaAdx8Pv+hvIx/KC/jH8rL+IdS2srv+iXKnIj0lmiGxIASw35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I9/AgAA//8i7uZa")
[ 3431.226458][T28061] loop3: detected capacity change from 0 to 512
[ 3431.233650][T28061] EXT4-fs: Ignoring removed nobh option
[ 3431.239352][T28061] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3431.245931][T28061] EXT4-fs: Ignoring removed nobh option
[ 3431.254084][T28061] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3431.254527][T28063] loop1: detected capacity change from 0 to 512
[ 3431.269625][T28061] EXT4-fs (loop3): 1 truncate cleaned up
[ 3431.280830][T28063] EXT4-fs: Ignoring removed nobh option
[ 3431.286522][T28063] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3431.293016][T28063] EXT4-fs: Ignoring removed nobh option
[ 3431.302339][T28063] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3431.317879][T28063] EXT4-fs (loop1): 1 truncate cleaned up
19:07:18 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x5cf8, 0xe393, 0x1, &(0x7f0000000080)={[0xffff]}, 0x8) (async, rerun: 32)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (rerun: 32)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:18 executing program 0:
r0 = syz_io_uring_setup(0x77ce, &(0x7f0000000280)={0x0, 0x10, 0x1}, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:18 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000000840)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:18 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYjRiLgjIn7L00l7gWrzz/XlC7N/LV+YTaJef/PPpFHu2vKF2aJo8bxdeWY8jUg/Tdr+YdPiufOnZmq1+bN5fnLp9HuTi+fOP3Py9MyJ+RPzZ6aPHj1yeOr556af7UmcWVzX9n+4cGDfq29ffn322OV3fvomyeOOtjh6pRrVTqE3PN7rygZsd0s6GRpgQ9iUSkRk3TXcGP+jUYnVzhuNVz4ZaOOAvqrX6/Ud3U9frAP/Y0kMugXAYBQf9Nn9b3HcpKnHLeHqi80boCzu6/nRPDMUaV5muO3+tpeqEXHs4t9fZkf0aR0CAKDVd9n85+lO87807m0pd2e+hzIWEXdFxJ6IuDsi9kbEPRGNsvdFxP2brL/all87/0mvbCmwDcrmfy/ke1v/nv8Vs78Yq+S53Y34h5PjJ2vzh/LXZDyGd2T5qXXq+P7lXz/vdq51/pcdWf3FXDBvx5WhtgW6uZmlme3E3OrqxxH7hzrFn6zsBCQRsS8i9m+xjpNPfn2g27mRG8a/jh7sM9W/inii2f8Xoy3+QrL+/uTkbVGbPzRZXBVr/fzLpTe61X/j/u+vrP93drz+V+IfS1r3axc3X8el3z/rek+z1et/JHmrkR7JH/tgZmnp7FTESPLa2senV59b5IvyWfzjBzuP/z2x+ko8EBHZRfxgRDwUEQ/nbX8kIh6NiIPrxP/jS4+9u/X4+yuLf25T/b/5ROXUD992q39j/X+kkRrPH9nI+99GG7id1w4AAAD+K9LGd+CTdGIlnaYTE83v8O+NnWltYXHpqeML75+Za35XfiyG02Kla7RlPXQqXxsu8tNt+cP5uvEXldsb+YnZhdrcoIOHktvVZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//8CquZb")
[ 3431.452428][T28085] loop3: detected capacity change from 0 to 512
[ 3431.470859][T28085] EXT4-fs: Ignoring removed nobh option
[ 3431.476759][T28085] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3431.483238][T28085] EXT4-fs: Ignoring removed nobh option
[ 3431.491853][T28085] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3431.507080][T28085] EXT4-fs (loop3): 1 truncate cleaned up
19:07:19 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 27)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:19 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97478919M282gNIaiYjBiLgjIn7Ly0lLg7683fWVpem/Vpamk6jV3vwzqbe7trI0XTQt/m5fXhlNI9JPk5Z/2LBw4eKZqWp19nxeH188+974woWLz8ydnTo9e3r23OSJE8ePTTz/3OSzXYkzi+va8Ifzhw+9+vbl16dPXn7np2+SPO5oiaNbRmKkXeh1j3e7sx7b31RO+no4ELakEo387q/n/2BUYu3gDcYrn/R0cMCuqtVqtT2ddy/XgFtYEr0eAdAbxRd9dv1bbDdo6nFTuPpi4wIoi/t6vjX29MXxvE1/y/VtN41ExMnlv7/Mttil+xAAAM2+y+Y/T7eb/6Vxb1O7O/M1lKGIuCsiDkTE3RFxMCLuiai3vS8i7t9i/yMt9fXzn/TKtgLbpGz+90K+tvXv+V9aNBmq5LX99fj7k1Nz1dmj+XsyGv17svrEBn18//Kvn3fa1zz/y7as/2IumI/jSl/LDbqZqcWpncTc7OrHEcN97eJPVlcCkog4FBHD2+xj7smvD3fa99/xb6AL60y1ryKeaBz/5WiJv5BsvD45fltUZ4+OF2fFej//cumNTv3vKP4uyI7/3rbn/2r8Q0nzeu3C1vu49PtnHa9ptnv+DyRv1csD+WsfTC0unp+IGEheW//65NrfFvWifRb/6JH2+X8g1t6JByIiO4kfjIiHIuLhfOyPRMSjEXFkg/h/fOmxd7cf/+7K4p/Z0vHfeqFy5odvO/W/uePfuBIfzV/ZzOffZge4k/cOAAAA/i/S+jPwSTq2Wk7TsbHGM/wHY29anV9YfOrU/PvnZhrPyg9Ff1rc6Rpsuh86kd8bLuqTLfVj+X3jLyq31+tj0/PVmV4HDyW3r0P+Z/6o9Hp0wK7zey0oL/kP5SX/obzkP5SX/Ifyapf/H/VgHMCN5/sfykv+Q3nJfygv+Q+ltJPf9SuUuRDpTTEMhV0q9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+CQAA//8VGeaL")
19:07:19 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7nDeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vf4d8Xu9La/MLiUyfm3z872/yu/GgMp8VK10jLeuhkvjZc5Kfa8kfydeMvKrc38uMz87XZQQcPJbe7y/jP/FEZdOuAvvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/owG0A7j5fP5DeRn/UF7GP5SX8Q+ltJ3f9UuUORHpLdEMiT4lBv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///iV+Zc")
19:07:19 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r5, &(0x7f0000000000), &(0x7f00000002c0)=@udp6, 0x1}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB=' \x00'/20, @ANYRES32=0x0, @ANYBLOB="00140012800afe58d5c700010076786c0050db5c7f6731000004000280720a0a5e431d51f5dd427d6cbb9f29016729c7c12ccf53f6fe9adae4e6fd5e3ecc0d379e351e4fab7b85fbeed1976849531b321a31f166f6c282a1a3d3485a7858082cbfee78de017c1203535f7f2f9b525babad0bdd69aa58732cad135ffd82485396916c6496cc06f55665e9d22bd497b069", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3431.726403][T28100] loop3: detected capacity change from 0 to 512
[ 3431.733937][T28102] loop1: detected capacity change from 0 to 512
[ 3431.742990][T28102] EXT4-fs: Ignoring removed nobh option
[ 3431.748722][T28102] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3431.751935][T28100] EXT4-fs: Ignoring removed nobh option
[ 3431.755166][T28102] EXT4-fs: Ignoring removed nobh option
[ 3431.760765][T28100] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3431.772932][T28100] EXT4-fs: Ignoring removed nobh option
[ 3431.782378][T28105] FAULT_INJECTION: forcing a failure.
[ 3431.782378][T28105] name failslab, interval 1, probability 0, space 0, times 0
[ 3431.795035][T28105] CPU: 1 PID: 28105 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3431.805449][T28105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3431.815536][T28105] Call Trace:
[ 3431.818883][T28105]
[ 3431.821850][T28105] dump_stack_lvl+0xda/0x130
[ 3431.826480][T28105] dump_stack+0x15/0x20
[ 3431.830630][T28105] should_fail_ex+0x21f/0x230
[ 3431.835355][T28105] __should_failslab+0x92/0xa0
[ 3431.840201][T28105] should_failslab+0x9/0x20
[ 3431.844733][T28105] slab_pre_alloc_hook+0x38/0x180
[ 3431.849787][T28105] __kmem_cache_alloc_node+0x46/0x250
[ 3431.855958][T28105] ? io_drain_req+0x1e1/0x4f0
[ 3431.860662][T28105] kmalloc_trace+0x2a/0xa0
[ 3431.865166][T28105] io_drain_req+0x1e1/0x4f0
[ 3431.869720][T28105] io_queue_sqe_fallback+0xd1/0xe0
[ 3431.874838][T28105] io_submit_sqes+0xbf8/0xfe0
[ 3431.879781][T28105] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3431.885538][T28105] ? __fget_files+0x1c4/0x200
[ 3431.890317][T28105] ? mutex_lock+0xd/0x30
[ 3431.894569][T28105] ? fput+0x112/0x140
[ 3431.898629][T28105] ? ksys_write+0x178/0x1a0
[ 3431.903269][T28105] __x64_sys_io_uring_enter+0x78/0x90
[ 3431.908676][T28105] do_syscall_64+0x41/0xc0
[ 3431.913094][T28105] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3431.919160][T28105] RIP: 0033:0x7fbf4da9f169
[ 3431.923598][T28105] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3431.943612][T28105] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3431.952117][T28105] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3431.960324][T28105] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3431.968385][T28105] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3431.976412][T28105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3431.984433][T28105] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3431.992414][T28105]
[ 3431.999948][T28100] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3432.023073][T28102] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3432.039019][T28100] EXT4-fs (loop3): 1 truncate cleaned up
[ 3432.044759][T28102] EXT4-fs (loop1): 1 truncate cleaned up
19:07:19 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCap9oeJtf5orBqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiNgfEb/m6aSlwP683I2Vpek/V5amk6jV3vgjqZe7vrI0XRQt/m5fnhlNI9JPkpZ/2LBw8dLZqWp19kKeH1889+74wsVLT8+dmzoze2b2/OTJkyeOTzz37OQzXYkzi+v68AfzRw6/8taV16ZPXXn7x6+TPO5oiaNbRmKkXeh1j3W7sh470JRO+nrYELakEhFZd/XXx/9gVGKt8wbj5Y972jhgV9VqtdqezqeXa8D/WBK9bgHQG8UXfXb/Wxw3aepxS7j2QuMGKIv7Rn40zvTFibxMf8v9bTeNRMSp5b++yI7YpXUIAIBm32bzn6fazf/SuKep3B35HspQRNwZEQcj4q6IOBQRd0fUy94bEfdtsf6Rlvz6+U96dVuBbVI2/3s+39v65/wvLYoMVfLcgXr8/cnpuerssfw9GY3+PVl+YoM6vnvpl886nWue/2VHVn8xF8zbcbWvZYFuZmpxaicxN7v2UcRwX7v4k9WdgCQiDkfE8DbrmHviqyOdzv17/Bvowj5T7cuIxxv9vxwt8ReSjfcnx2+L6uyx8eKqWO+nny+/3qn+HcXfBVn/7217/a/GP5Q079cubL2Oy7992vGeZrvX/0DyZj09kL/2/tTi4oWJiIHk1fWvT679bZEvymfxjx5tP/4Pxto7cX9EZBfxAxHxYEQ8lLf94Yh4JCKObhD/Dy8++s72499dWfwzW+r/rScqZ7//plP9m+v/xp34aP7KZj7/NtvAnbx3AAAA8F+R1p+BT9Kx1XSajo01nuE/FHvT6vzC4pOn5987P9N4Vn4o+tNipWuwaT10Il8bLvKTLfnj+brx55Xb6/mx6fnqTK+Dh5Lb12H8Z36v9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/8MetAO4+Xz/Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6S3RDIldSvT6kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/g4AAP//9crmkw==")
19:07:19 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10nbt31LQikfLQUMBRHxkTRpgR64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImI/0fEr3k6aS9Qbf65sXxp5s/lSzNJ1Otv/JE0yl1fvjRTFC2etyfPjKUR6SdJ2z9sWrhw8cx0rTZ3Ps9PLJ59d2LhwsWnT5+dPjV3au7c1PHjx45OPvfs1DM9iTOL6/rBD+YPHXjlrSuvzZy48vaPXyd53NEWR69Uo9op9IbHel3ZgO1tSSdDA2wIm1KJiKy7hhvjfyQqsdp5I/HyxwNtHNBX9Xq9vrP76aU68B+WxKBbAAxG8UGf3f8Wxy2aetwWrr3QvAHK4r6RH80zQ5HmZYbb7m97qRoRJ5b++iI7ok/rEAAArb7N5j9PdZr/pXFPS7k78j2U0Yi4MyL2RcRdEbE/Iu6OaJS9NyLu22T91bb82vlPenVLgW1QNv97Pt/b+uf8r5j9xWglz+1txD+cnDxdmzuSvyZjMbwzy0+uU8d3L/3yWbdzrfO/7MjqL+aCeTuuDrUt0M1OL05vJ+ZW1z6KODjUKf5kZScgiYgDEXFwi3WcfuKrQ93O7bpp/OvowT5T/cuIx5v9vxRt8ReS9fcnJ3ZFbe7IRHFVrPXTz5df71b/zfu/v7L+393x+l+JfzRp3a9d2Hwdl3/7tOs9zVav/x3Jm430jvyx96cXF89PRuxIXl37+NTqc4t8UT6Lf+xw5/G/L1ZfifsjIruIH4iIByPiobztD0fEIxFxeJ34f3jx0Xe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzVSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+/bE7rc0vLD55cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/NF83/rzyv0Z+fGa+Njvo4KHk9nQZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//8IT5l0=")
[ 3432.124260][T28130] loop1: detected capacity change from 0 to 512
[ 3432.139044][T28132] loop3: detected capacity change from 0 to 512
[ 3432.145889][T28130] EXT4-fs: Ignoring removed nobh option
[ 3432.151657][T28130] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3432.158699][T28130] EXT4-fs: Ignoring removed nobh option
[ 3432.166397][T28132] EXT4-fs: Ignoring removed nobh option
[ 3432.172283][T28132] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3432.179107][T28132] EXT4-fs: Ignoring removed nobh option
[ 3432.192220][T28130] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3432.209622][T28132] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3432.238254][T28132] EXT4-fs (loop3): 1 truncate cleaned up
[ 3432.246894][T28130] EXT4-fs (loop1): 1 truncate cleaned up
19:07:19 executing program 0:
r0 = syz_io_uring_setup(0x77ce, &(0x7f0000000280)={0x0, 0x10, 0x1}, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:19 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt(r3, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r3, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)={0x470, 0x31, 0x10, 0x70bd28, 0x25dfdbfd, {0xf}, [@generic="5d776818bb36335daf9b326fe945323fc4cb4141121c3680c637c18b495fc2a86b664397135a9ee423243c687f4feef01a299dd36e61f9158a87dfde422d1cb0bf13152fadb8dcf03ef6a7cca296776b7eb6da3b6661a34484", @nested={0x41, 0x54, 0x0, 0x1, [@typed={0x14, 0x45, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, @typed={0x5, 0x39, 0x0, 0x0, @str='\x00'}, @generic="49f9a613fc2ef209da", @typed={0x8, 0x10, 0x0, 0x0, @fd=r3}, @typed={0x8, 0x6d, 0x0, 0x0, @fd}, @typed={0x8, 0x83, 0x0, 0x0, @ipv4=@loopback}]}, @generic="4f543cc39c6d32afb621004941fd85b68da17bf0a1988e865527ce3ac64b9174ce92d6ddf3ec1b7491944b16d0448147543615e208530b35e84894af5bba14f2c35ef9b31a217491a7fec133efbf53daa2aaba5641018b7914069bfcec7b4cfbd1e428d9582395e674252cc5f5f23169", @nested={0x2b5, 0x2a, 0x0, 0x1, [@generic="6f49602db158c939c82a358b8229d246ed5f94f2167425c3b2765faaed68bb892d6c9293c3841f7e1ba9f82619f3b6a8d6fa5d91b11ed06d5c71d880e2da6d8cb5a62a47c18c0308009662522e8b83123f9314f619ecbfde87d48bd0890271a30ccddf12485f78e1539b02488798d3c130a3b6b591beb17cc62bb15d266470a6cbf26f6cd3e13ad5ea767b67438195e710c53aa315d7c376b5beedd1039413f25ff51794cb3376a8b31e088ab5311f4bbac5be204708d9adb50d67df738b1eebefbbf18036d1dd1186257ba626e21f387fe1fa11f47f6d0ed3d0df56ae29eb5e343e301ddf5414d3d3c1e27137f86c3cc493e94279953e", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}, @generic="5ec83971fcd70170967749c93c3177f0d25e4dc58b6e65eea039f415a4b32abbf9da5cafe1c6a8945f8e6cc0651492f2afbc91e9e645f698dc9d168a234882ede580a005c5e7f02d24cdd8d3689f1d95b62b4553dfeb3d800d4ea19e42140ba065e8768ad7db54076c4e5e1b5b3ff4b4d0141778411c9acf55a6", @generic="2f7a68e335f68923d920c97902e9345e01e77182d1c382be2325be1357604bd9603f9c9be569b43d1d96b9f9bc49e7a9ec2adad735bcb6fdd4841d7eb2f83f2313dc339f36d1dc001b15c1ecc373c1ba090701d8ad600ff0314f4eb71bdb4182860156f86be8e4", @generic="99d0f5ad6259170a3f71bfb8cd39627c1857882aee95c4fd9a886b75f3f380c0161c49abb81ec138b829ba824e64c035fa23b199bd5ae32f3923c21ea19f2e191f44e23b7f8eb9bac5b8e655a9abb3aad16db7b101a7da3abfb7a5aec352fac8026170aa6f55d3ca8760dcf0e966f29849f75e950309f3224767fc18a4e8d101b1a6d10118feec01735cee15e31c6a9ed827ea6908148258e86b79eb12d5d2ceb89fc30374b2e81154d66fea9db46a9baccc81037f97b12f72f494115697b53c117ef1de34d6a9e9420e3ef136934f65f5"]}, @nested={0x14, 0x4d, 0x0, 0x1, [@typed={0x8, 0x31, 0x0, 0x0, @ipv4=@multicast1}, @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x7fffffff}]}, @typed={0x8, 0x87, 0x0, 0x0, @ipv4=@private=0xa010100}, @typed={0x8, 0x53, 0x0, 0x0, @uid}, @generic="5b30e574b692f42ed0d033c5e81ad8623a644976b4b5683285699db091592581f65cd1bd0d6d3418b5fc6200f0b232f4aae992ed2c3f0f41d8e46af64bd5f02a50d94d5334095a0e59835f794e294f9a4eecc167632fc14027d13481e3f4a6b5c2a4134dbfa1eb9ae6a5cc28a8fb4eb99df7a9"]}, 0x470}, 0x1, 0x0, 0x0, 0x20000000}, 0x2)
bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
syz_io_uring_setup(0x1030, &(0x7f0000000280)={0x0, 0xf82a, 0x2, 0x2, 0x129}, &(0x7f000004e000/0x3000)=nil, &(0x7f00003ce000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000300))
19:07:20 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TSjHeSmcezY8/OrAMorWpEDEXEbRHxS55O2gpU83I3Vpam/1hZmk6iXn/996RR7vrK0nRRtPi7/XlmNI1IP07a/mHTwsVLZ6dqtdkLeX588dw74wsXLz01d27qzOyZ2fOTJ0+eOD7x7DOTT/ckziyu6yPvzx85/PKbV16dPnXlrR++SvK4oy2OXqlGtVPoDY/2urI+O9CSTgb62BC2pBIRWXcNNsb/UFRirfOG4qWP+to4YFfV6/X63u6nl+vAf1gS/W4B0B/FF312/1scN2nqcUu49nzzBiiL+0Z+NM8MxIm8zGDb/W0vVSPi1PKfn2dH7NI6BABAq2+y+c+TneZ/adzdUu72fA9lOCLuiIiDEXFnRByKiLsiGmXviYh7t1h/tS2/fv6TXt1WYJuUzf+ey/e2/j7/S4siw5U8d6AR/2Byeq42eyx/T0ZjcG+Wn9igjm9f/PnTbuda53/ZkdVfzAXzdlwdaFugm5lanNpJzK2ufRgxMtAp/mR1JyCJiMMRMbLNOuYe//JIt3P/HP8GerDPVP8i4rFm/y9HW/yFZOP9yfH/RW322HhxVaz340+XX+tW/47i74Gs//d1vP5X4x9OWvdrF7Zex+VfP+l6T7Pd639P8kYjvSd/7b2pxcULExF7klfWvz659rdFviifxT96tPP4Pxhr78R9EZFdxPdHxAMR8WDe9oci4uGIOLpB/N+/8Mjb249/d2Xxz2yp/7eeqJz97utu9W+u/5t34qP5K5v5/NtsA3fy3gEAAMC/Rdp4Bj5Jx1bTaTo21nyG/1DsS2vzC4tPnJ5/9/xM81n54RhMi5WuoZb10Il8bbjIT7blj+frxp9V/t/Ij03P12b6HTyU3P4u4z/zW6XfrQN2nd9rQXkZ/1Bexj+Ul/EP5WX8Q3l1Gv8f9KEdwM3n+x/Ky/iH8jL+obyMfyilnfyuX6LMiUhviWZI7FKi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfFXAAAA//+nquan")
19:07:20 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r5, &(0x7f0000000000), &(0x7f00000002c0)=@udp6, 0x1}, 0x20) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r5, &(0x7f0000000000), &(0x7f00000002c0)=@udp6, 0x1}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB=' \x00'/20, @ANYRES32=0x0, @ANYBLOB="00140012800afe58d5c700010076786c0050db5c7f6731000004000280720a0a5e431d51f5dd427d6cbb9f29016729c7c12ccf53f6fe9adae4e6fd5e3ecc0d379e351e4fab7b85fbeed1976849531b321a31f166f6c282a1a3d3485a7858082cbfee78de017c1203535f7f2f9b525babad0bdd69aa58732cad135ffd82485396916c6496cc06f55665e9d22bd497b069", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0) (async)
socket(0x10, 0x80002, 0x0)
19:07:20 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 28)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3432.657494][T28148] loop1: detected capacity change from 0 to 512
[ 3432.668183][T28151] FAULT_INJECTION: forcing a failure.
[ 3432.668183][T28151] name failslab, interval 1, probability 0, space 0, times 0
[ 3432.680901][T28151] CPU: 0 PID: 28151 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3432.689634][T28148] EXT4-fs: Ignoring removed nobh option
[ 3432.691512][T28151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3432.691526][T28151] Call Trace:
[ 3432.691531][T28151]
[ 3432.691537][T28151] dump_stack_lvl+0xda/0x130
[ 3432.697940][T28148] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3432.707974][T28151] dump_stack+0x15/0x20
[ 3432.708003][T28151] should_fail_ex+0x21f/0x230
[ 3432.711331][T28148] EXT4-fs: Ignoring removed nobh option
[ 3432.714281][T28151] __should_failslab+0x92/0xa0
[ 3432.744756][T28151] should_failslab+0x9/0x20
[ 3432.749265][T28151] slab_pre_alloc_hook+0x38/0x180
[ 3432.754403][T28151] __kmem_cache_alloc_node+0x46/0x250
[ 3432.760270][T28151] ? io_drain_req+0x1e1/0x4f0
[ 3432.762907][T28148] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3432.765003][T28151] kmalloc_trace+0x2a/0xa0
[ 3432.783396][T28151] io_drain_req+0x1e1/0x4f0
[ 3432.788086][T28151] io_queue_sqe_fallback+0xd1/0xe0
[ 3432.793552][T28151] io_submit_sqes+0xbf8/0xfe0
[ 3432.798336][T28151] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3432.803898][T28151] ? __fget_files+0x1c4/0x200
[ 3432.808592][T28151] ? mutex_lock+0xd/0x30
[ 3432.812923][T28151] ? fput+0x112/0x140
[ 3432.813011][T28148] EXT4-fs (loop1): 1 truncate cleaned up
[ 3432.817351][T28151] ? ksys_write+0x178/0x1a0
[ 3432.827498][T28151] __x64_sys_io_uring_enter+0x78/0x90
[ 3432.832917][T28151] do_syscall_64+0x41/0xc0
[ 3432.837497][T28151] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3432.843525][T28151] RIP: 0033:0x7fbf4da9f169
[ 3432.848511][T28151] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3432.868248][T28151] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3432.876694][T28151] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3432.884669][T28151] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3432.892722][T28151] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
19:07:20 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7tn1LQikfLQUMBRHxkTRpgR64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImI/0fEr3k6aS9Qbf65sXxp5s/lSzNJ1Otv/JE0yl1fvjRTFC2etyfPjKUR6SdJ2z9sWrhw8cx0rTZ3Ps9PLJ59d2LhwsWnT5+dPjV3au7c1PHjx45OPvfs1DM9iTOL6/rBD+YPHXjlrSuvzZy48vaPXyd53NEWR69Uo9op9IbHel3ZgO1tSSdDA2wIm1KJiKy7hhvjfyQqsdp5I/HyxwNtHNBX9Xq9vrP76aU68B+WxKBbAAxG8UGf3f8Wxy2aetwWrr3QvAHK4r6RH80zQ5HmZYbb7m97qRoRJ5b++iI7ok/rEAAArb7N5j9PdZr/pXFPS7k78j2U0Yi4MyL2RcRdEbE/Iu6OaJS9NyLu22T91bb82vlPenVLgW1QNv97Pt/b+uf8r5j9xWglz+1txD+cnDxdmzuSvyZjMbwzy0+uU8d3L/3yWbdzrfO/7MjqL+aCeTuuDrUt0M1OL05vJ+ZW1z6KODjUKf5kZScgiYgDEXFwi3WcfuKrQ93O7bpp/OvowT5T/cuIx5v9vxRt8ReS9fcnJ/4XtbkjE8VVsdZPP19+vVv9N+///sr6f3fH638l/tGkdb92YfN1XP7t0673NFu9/nckbzbSO/LH3p9eXDw/GbEjeXXt41Orzy3yRfks/rHDncf/vlh9Je6PiOwifiAiHoyIh/K2PxwRj0TE4XXi/+HFR9/Zevz9lcU/u6n+33yicub7b7rVv7H+P9ZIjeWPbOT9b6MN3M5rBwAAAP8WaeM78Ek6vpJO0/Hx5nf498futDa/sPjkyfn3zs02vys/GsNpsdI10rIeOpmvDRf5qbb80Xzd+PPKrkZ+fGa+Njvo4KHk9nQZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//6HP5l4=")
[ 3432.900889][T28151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3432.908946][T28151] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3432.916971][T28151]
[ 3432.935619][T28171] loop3: detected capacity change from 0 to 512
[ 3432.942777][T28171] EXT4-fs: Ignoring removed nobh option
[ 3432.948417][T28171] EXT4-fs: Ignoring removed mblk_io_submit option
19:07:20 executing program 2:
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r5, &(0x7f0000000000), &(0x7f00000002c0)=@udp6, 0x1}, 0x20) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r5, &(0x7f0000000000), &(0x7f00000002c0)=@udp6, 0x1}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB=' \x00'/20, @ANYRES32=0x0, @ANYBLOB="00140012800afe58d5c700010076786c0050db5c7f6731000004000280720a0a5e431d51f5dd427d6cbb9f29016729c7c12ccf53f6fe9adae4e6fd5e3ecc0d379e351e4fab7b85fbeed1976849531b321a31f166f6c282a1a3d3485a7858082cbfee78de017c1203535f7f2f9b525babad0bdd69aa58732cad135ffd82485396916c6496cc06f55665e9d22bd497b069", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3432.957736][T28171] EXT4-fs: Ignoring removed nobh option
19:07:20 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgSN5uesrS9N/rSxNJ1GrvflnUi93bWVpuiha/N2+PDOaRqSfJi3/sGHhwsUzU9Xq7Pk8P7549r3xhQsXn5k7O3V69vTsuckTJ44fm3j+uclnuxJnFte14Q/nDx969e3Lr0+fvPzOT98kedzREke3jMRIu9DrHu92ZT22vymd9PWwIWxJJSKy7uqvj//BqMRa5w3GK5/0tHHArqrVarU9nU8v14BbWBK9bgHQG8UXfXb/Wxw3aOpxU7j6YuMGKIv7en40zvTF8bxMf8v9bTeNRMTJ5b+/zI7YpXUIAIBm32Xzn6fbzf/SuLep3J35HspQRNwVEQci4u6IOBgR90TUy94XEfdvsf6Rlvz6+U96ZVuBbVI2/3sh39v69/wvLYoMVfLc/nr8/cmpuers0fw9GY3+PVl+YoM6vn/51887nWue/2VHVn8xF8zbcaWvZYFuZmpxaicxN7v6ccRwX7v4k9WdgCQiDkXE8DbrmHvy68Odzv13/Bvowj5T7auIJxr9vxwt8ReSjfcnx2+L6uzR8eKqWO/nXy690an+HcXfBVn/7217/a/GP5Q079cubL2OS79/1vGeZrvX/0DyVj09kL/2wdTi4vmJiIHktfWvT679bZEvymfxjx5pP/4PxNo78UBEZBfxgxHxUEQ8nLf9kYh4NBp75J38+NJj724//t2VxT+zpf7feqJy5odvO9W/uf5v3ImP5q9s5vNvsw3cyXsHAAAA/xdp/Rn4JB1bTafp2FjjGf6DsTetzi8sPnVq/v1zM41n5YeiPy1Wugab1kMn8rXhIj/Zkj+Wrxt/Ubm9nh+bnq/O9Dp4KLl9HcZ/5o9Kr1sH7Dq/14LyMv6hvIx/KC/jH8rL+Ifyajf+P+pBO4Abz/c/lJfxD+Vl/EN5Gf9QSjv5Xb9EmROR3hTNkNilRK8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrjnwAAAP//m/Lmqg==")
[ 3432.994172][T28171] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3433.031060][T28171] EXT4-fs (loop3): 1 truncate cleaned up
19:07:20 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7XDeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vf4d8Xu9La/MLiUyfm3z872/yu/GgMp8VK10jLeuhkvjZc5Kfa8kfydeMvKrc38uMz87XZQQcPJbe7y/jP/FEZdOuAvvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/owG0A7j5fP5DeRn/UF7GP5SX8Q+ltJ3f9UuUORHpLdEMiT4lBv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA//+Bi+Zf")
19:07:20 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000aaf9890c4fff5e23b5b2ed095bc067ebe88dda52429dd71fa26cbea61a94ddc759b948f248583fe8973558872a9b09fab5cbaa5039e252f5254ba0038d30ec8ff2ab1bcb6d0bd87e1525fd39a6778edcacefdd7d14a96a1a8dca3521a7d51f58019f4a974dcc4cddb3222ad1dac22d992e9a90276b58c6615285c250fa14419fc832616322e036fc0f9f2b36ba96bc9c6b5b3a39400e99ff4f13895d1caa5431", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff, 0x0, 0x894}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3433.111487][T28197] loop1: detected capacity change from 0 to 512
[ 3433.113292][T28196] loop3: detected capacity change from 0 to 512
[ 3433.119509][T28197] EXT4-fs: Ignoring removed nobh option
[ 3433.129897][T28197] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3433.129912][T28197] EXT4-fs: Ignoring removed nobh option
[ 3433.132855][T28196] EXT4-fs: Ignoring removed nobh option
[ 3433.148141][T28196] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3433.154659][T28196] EXT4-fs: Ignoring removed nobh option
[ 3433.168162][T28197] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3433.184024][T28197] EXT4-fs (loop1): 1 truncate cleaned up
[ 3433.192658][T28196] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3433.208858][T28196] EXT4-fs (loop3): 1 truncate cleaned up
19:07:20 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo22YvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgaN5uRsrS9N/rixNJ1GrvfFHUi93fWVpuiha/N2+PDOaRqSfJC3/sGHh4qWzU9Xq7IU8P7547t3xhYuXnp47N3Vm9szs+cmTJ08cn3ju2clnuhJnFtf14Q/mDx965a0rr02fuvL2j18nedzREke3jMRIu9DrHut2ZT22vymd9PWwIWxJJSKy7uqvj//BqMRa5w3Gyx/3tHHArqrVarU9nU8v14D/sSR63QKgN4ov+uz+tzhu0tTjlnDthcYNUBb3jfxonOmLE3mZ/pb7224aiYhTy399kR2xS+sQAADNvs3mP0+1m/+lcW9TuTvzPZShiLgrIg5ExN0RcTAi7omol70vIu7fYv0jLfn185/06rYC26Rs/vd8vrf1z/lfWhQZquS5/fX4+5PTc9XZY/l7Mhr9e7L8xAZ1fPfSL591Otc8/8uOrP5iLpi342pfywLdzNTi1E5ibnbto4jhvnbxJ6s7AUlEHIqI4W3WMffEV4c7nfv3+DfQhX2m2pcRjzf6fzla4i8kG+9Pjt8W1dlj48VVsd5PP19+vVP9O4q/C7L+39v2+l+Nfyhp3q9d2Hodl3/7tOM9zXav/4HkzXp6IH/t/anFxQsTEQPJq+tfn1z72yJflM/iHz3SfvwfiLV34oGIyC7iByPioYh4OG/7IxHxaEQc2SD+H148+s72499dWfwzW+r/rScqZ7//plP9m+v/xp34aP7KZj7/NtvAnbx3AAAA8F+R1p+BT9Kx1XSajo01nuE/GHvT6vzC4pOn5987P9N4Vn4o+tNipWuwaT10Il8bLvKTLfnj+brx55Xb6/mx6fnqTK+Dh5Lb12H8Z36v9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/8MetAO4+Xz/Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6S3RDIldSvT6kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/g4AAP//mArmqw==")
19:07:20 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm73DeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vrcvtiV1qbX1h86sT8+2dnm9+VH43htFjpGmlZD53M14aL/FRb/ki+bvxF5fZGfnxmvjY76OCh5HZ3Gf+ZPyqDbh3Qd36vBeVl/EN5Gf9QXsY/lJfxD+XVafx/NIB2ADefz38oL+Mfysv4h/Iy/qGUtvO7fokyJyK9JZoh0afEoN+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuOfAAAA//9hR+Zg")
[ 3433.260030][T28211] loop1: detected capacity change from 0 to 512
[ 3433.269550][T28211] EXT4-fs: Ignoring removed nobh option
[ 3433.274333][T28214] loop3: detected capacity change from 0 to 512
[ 3433.275133][T28211] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3433.281977][T28214] EXT4-fs: Ignoring removed nobh option
[ 3433.287924][T28211] EXT4-fs: Ignoring removed nobh option
19:07:20 executing program 0:
r0 = syz_io_uring_setup(0x77ce, &(0x7f0000000280)={0x0, 0x10, 0x1}, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:20 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async)
setsockopt(r3, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r3, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)={0x470, 0x31, 0x10, 0x70bd28, 0x25dfdbfd, {0xf}, [@generic="5d776818bb36335daf9b326fe945323fc4cb4141121c3680c637c18b495fc2a86b664397135a9ee423243c687f4feef01a299dd36e61f9158a87dfde422d1cb0bf13152fadb8dcf03ef6a7cca296776b7eb6da3b6661a34484", @nested={0x41, 0x54, 0x0, 0x1, [@typed={0x14, 0x45, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, @typed={0x5, 0x39, 0x0, 0x0, @str='\x00'}, @generic="49f9a613fc2ef209da", @typed={0x8, 0x10, 0x0, 0x0, @fd=r3}, @typed={0x8, 0x6d, 0x0, 0x0, @fd}, @typed={0x8, 0x83, 0x0, 0x0, @ipv4=@loopback}]}, @generic="4f543cc39c6d32afb621004941fd85b68da17bf0a1988e865527ce3ac64b9174ce92d6ddf3ec1b7491944b16d0448147543615e208530b35e84894af5bba14f2c35ef9b31a217491a7fec133efbf53daa2aaba5641018b7914069bfcec7b4cfbd1e428d9582395e674252cc5f5f23169", @nested={0x2b5, 0x2a, 0x0, 0x1, [@generic="6f49602db158c939c82a358b8229d246ed5f94f2167425c3b2765faaed68bb892d6c9293c3841f7e1ba9f82619f3b6a8d6fa5d91b11ed06d5c71d880e2da6d8cb5a62a47c18c0308009662522e8b83123f9314f619ecbfde87d48bd0890271a30ccddf12485f78e1539b02488798d3c130a3b6b591beb17cc62bb15d266470a6cbf26f6cd3e13ad5ea767b67438195e710c53aa315d7c376b5beedd1039413f25ff51794cb3376a8b31e088ab5311f4bbac5be204708d9adb50d67df738b1eebefbbf18036d1dd1186257ba626e21f387fe1fa11f47f6d0ed3d0df56ae29eb5e343e301ddf5414d3d3c1e27137f86c3cc493e94279953e", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}, @generic="5ec83971fcd70170967749c93c3177f0d25e4dc58b6e65eea039f415a4b32abbf9da5cafe1c6a8945f8e6cc0651492f2afbc91e9e645f698dc9d168a234882ede580a005c5e7f02d24cdd8d3689f1d95b62b4553dfeb3d800d4ea19e42140ba065e8768ad7db54076c4e5e1b5b3ff4b4d0141778411c9acf55a6", @generic="2f7a68e335f68923d920c97902e9345e01e77182d1c382be2325be1357604bd9603f9c9be569b43d1d96b9f9bc49e7a9ec2adad735bcb6fdd4841d7eb2f83f2313dc339f36d1dc001b15c1ecc373c1ba090701d8ad600ff0314f4eb71bdb4182860156f86be8e4", @generic="99d0f5ad6259170a3f71bfb8cd39627c1857882aee95c4fd9a886b75f3f380c0161c49abb81ec138b829ba824e64c035fa23b199bd5ae32f3923c21ea19f2e191f44e23b7f8eb9bac5b8e655a9abb3aad16db7b101a7da3abfb7a5aec352fac8026170aa6f55d3ca8760dcf0e966f29849f75e950309f3224767fc18a4e8d101b1a6d10118feec01735cee15e31c6a9ed827ea6908148258e86b79eb12d5d2ceb89fc30374b2e81154d66fea9db46a9baccc81037f97b12f72f494115697b53c117ef1de34d6a9e9420e3ef136934f65f5"]}, @nested={0x14, 0x4d, 0x0, 0x1, [@typed={0x8, 0x31, 0x0, 0x0, @ipv4=@multicast1}, @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x7fffffff}]}, @typed={0x8, 0x87, 0x0, 0x0, @ipv4=@private=0xa010100}, @typed={0x8, 0x53, 0x0, 0x0, @uid}, @generic="5b30e574b692f42ed0d033c5e81ad8623a644976b4b5683285699db091592581f65cd1bd0d6d3418b5fc6200f0b232f4aae992ed2c3f0f41d8e46af64bd5f02a50d94d5334095a0e59835f794e294f9a4eecc167632fc14027d13481e3f4a6b5c2a4134dbfa1eb9ae6a5cc28a8fb4eb99df7a9"]}, 0x470}, 0x1, 0x0, 0x0, 0x20000000}, 0x2)
bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) (async)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
syz_io_uring_setup(0x1030, &(0x7f0000000280)={0x0, 0xf82a, 0x2, 0x2, 0x129}, &(0x7f000004e000/0x3000)=nil, &(0x7f00003ce000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000300))
[ 3433.291011][T28211] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3433.293504][T28214] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3433.299569][T28211] EXT4-fs (loop1): 1 truncate cleaned up
[ 3433.313383][T28214] EXT4-fs: Ignoring removed nobh option
[ 3433.317143][T28214] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3433.347448][T28214] EXT4-fs (loop3): 1 truncate cleaned up
19:07:20 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs/n5a6vLE3/ubI0nUSt9sYfSb3ctZWl6aJo8Xf78sxoGpF+krT8w4aFCxfPTFWrs+fz/Pji2XfHFy5cfGru7NTp2dOz5yZPnDh+bOLZZyaf7kqcWVzXhj+YP3zolbcuvzZ98vLbP36d5HFHSxzdMhIj7UKve7TblfXY/qZ00tfDhrAllYjIuqu/Pv4HoxJrnTcYL3/c08YBu6pWq9X2dD69XAP+x5LodQuA3ii+6LP73+K4QVOPm8LVFxo3QFnc1/OjcaYvjudl+lvub7tpJCJOLv/1RXbELq1DAAA0+zab/zzZbv6Xxt1N5W7P91CGIuKOiDgQEXdGxMGIuCuiXvaeiLh3i/WPtOTXz3/SK9sKbJOy+d9z+d7WP+d/aVFkqJLn9tfj709OzVVnj+bvyWj078nyExvU8d1Lv3zW6Vzz/C87svqLuWDejit9LQt0M1OLUzuJudnVjyKG+9rFn6zuBCQRcSgihrdZx9zjXx3udO7f499AF/aZal9GPNbo/+Voib+QbLw/OX5LVGePjhdXxXo//Xzp9U717yj+Lsj6f2/b6381/qGkeb92Yet1XPrt0473NNu9/geSN+vpgfy196cWF89PRAwkr65/fXLtb4t8UT6Lf/RI+/F/INbeifsiIruI74+IByLiwbztD0XEwxFxZIP4f3jxkXe2H//uyuKf2VL/bz1ROfP9N53q31z/N+7ER/NXNvP5t9kG7uS9AwAAgP+KtP4MfJKOrabTdGys8Qz/wdibVucXFp84Nf/euZnGs/JD0Z8WK12DTeuhE/nacJGfbMkfy9eNP6/cWs+PTc9XZ3odPJTcvg7jP/N7pdetA3ad32tBeRn/UF7GP5SX8Q/lZfxDebUb/x/2oB3Ajef7H8rL+IfyMv6hvIx/KKWd/K5fosyJSG+KZkjsUqLXn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8XcAAAD//yqq5sc=")
19:07:20 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP29+uDhFIeLQUMBRHxSJq0QA9cQCBxAAkJDuUYkrQqdRvUBIlWFQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsax0zzsurCfj7TqjHfcme/Ojj07EwdQWtWIGImIPRHxa55O2gtUm//cWL408+fypZkk6vU3/kga5a4vX5opihbv251nxtKI9JOk7T9sWrhw8cx0rTZ3Ps9PLJ59d2LhwsWnT5+dPjV3au7c1PHjx45OPvfs1DM9iTOL6/rBD+YPHXjlrSuvzZy48vaPXyd53NEWR69Uo9op9IbHel3ZgO1tSSdDA2wIm1KJiKy7hhvjfyQqsdp5I/HyxwNtHNBX9Xq9vrP76aU68B+WxKBbAAxG8UWfPf8Wxy2aetwWrr3QfADK4r6RH80zQ5HmZYbbnm97qRoRJ5b++iI7ok/rEAAArb7N5j9PdZr/pXFPS7k78j2U0Yi4MyL2RcRdEbE/Iu6OaJS9NyLu22T91bb82vlPenVLgW1QNv97Pt/b+uf8r5j9xWglz+1txD+cnDxdmzuSX5OxGN6Z5SfXqeO7l375rNu51vlfdmT1F3PBvB1Xh9oW6GanF6e3E3Orax9FHBzqFH+yshOQRMSBiDi4xTpOP/HVoW7n9tw0/nX0YJ+p/mXE483+X4q2+AvJ+vuTE/+L2tyRieKuWOunny+/3q3+m/d/f2X9v6vj/b8S/2jSul+7sPk6Lv/2addnmq3e/zuSNxvpHflr708vLp6fjNiRvLr29anV9xb5onwW/9jhzuN/X6xeifsjIruJH4iIByPiobztD0fEIxFxeJ34f3jx0Xe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzVSY/krG/n822gDt3PtAAAA4N8ibazBJen4SjpNx8ebf8O/P3altfmFxSdPzr93bra5Vjcaw2mx0jXSsh46ma8NF/mptvzRfN3488r/G/nxmfna7KCDh5Lb3WX8Z36vDLp1QN/5vRaUl/EP5WX8Q3kZ/1Bexj+UV6fx/+EA2gHcer7/obyMfygv4x/Ky/iHUtrO7/olypyI9LZohkSfEoP+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiNvwMAAP//QQPmYQ==")
[ 3433.425704][T28228] loop3: detected capacity change from 0 to 512
[ 3433.427335][T28227] loop1: detected capacity change from 0 to 512
[ 3433.441638][T28227] EXT4-fs: Ignoring removed nobh option
[ 3433.447269][T28227] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3433.452004][T28228] EXT4-fs: Ignoring removed nobh option
[ 3433.453752][T28227] EXT4-fs: Ignoring removed nobh option
[ 3433.459299][T28228] EXT4-fs: Ignoring removed mblk_io_submit option
19:07:21 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 29)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:21 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 32)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async, rerun: 32)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async, rerun: 32)
setsockopt(r3, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async)
sendto$inet6(r3, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)={0x470, 0x31, 0x10, 0x70bd28, 0x25dfdbfd, {0xf}, [@generic="5d776818bb36335daf9b326fe945323fc4cb4141121c3680c637c18b495fc2a86b664397135a9ee423243c687f4feef01a299dd36e61f9158a87dfde422d1cb0bf13152fadb8dcf03ef6a7cca296776b7eb6da3b6661a34484", @nested={0x41, 0x54, 0x0, 0x1, [@typed={0x14, 0x45, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, @typed={0x5, 0x39, 0x0, 0x0, @str='\x00'}, @generic="49f9a613fc2ef209da", @typed={0x8, 0x10, 0x0, 0x0, @fd=r3}, @typed={0x8, 0x6d, 0x0, 0x0, @fd}, @typed={0x8, 0x83, 0x0, 0x0, @ipv4=@loopback}]}, @generic="4f543cc39c6d32afb621004941fd85b68da17bf0a1988e865527ce3ac64b9174ce92d6ddf3ec1b7491944b16d0448147543615e208530b35e84894af5bba14f2c35ef9b31a217491a7fec133efbf53daa2aaba5641018b7914069bfcec7b4cfbd1e428d9582395e674252cc5f5f23169", @nested={0x2b5, 0x2a, 0x0, 0x1, [@generic="6f49602db158c939c82a358b8229d246ed5f94f2167425c3b2765faaed68bb892d6c9293c3841f7e1ba9f82619f3b6a8d6fa5d91b11ed06d5c71d880e2da6d8cb5a62a47c18c0308009662522e8b83123f9314f619ecbfde87d48bd0890271a30ccddf12485f78e1539b02488798d3c130a3b6b591beb17cc62bb15d266470a6cbf26f6cd3e13ad5ea767b67438195e710c53aa315d7c376b5beedd1039413f25ff51794cb3376a8b31e088ab5311f4bbac5be204708d9adb50d67df738b1eebefbbf18036d1dd1186257ba626e21f387fe1fa11f47f6d0ed3d0df56ae29eb5e343e301ddf5414d3d3c1e27137f86c3cc493e94279953e", @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}, @generic="5ec83971fcd70170967749c93c3177f0d25e4dc58b6e65eea039f415a4b32abbf9da5cafe1c6a8945f8e6cc0651492f2afbc91e9e645f698dc9d168a234882ede580a005c5e7f02d24cdd8d3689f1d95b62b4553dfeb3d800d4ea19e42140ba065e8768ad7db54076c4e5e1b5b3ff4b4d0141778411c9acf55a6", @generic="2f7a68e335f68923d920c97902e9345e01e77182d1c382be2325be1357604bd9603f9c9be569b43d1d96b9f9bc49e7a9ec2adad735bcb6fdd4841d7eb2f83f2313dc339f36d1dc001b15c1ecc373c1ba090701d8ad600ff0314f4eb71bdb4182860156f86be8e4", @generic="99d0f5ad6259170a3f71bfb8cd39627c1857882aee95c4fd9a886b75f3f380c0161c49abb81ec138b829ba824e64c035fa23b199bd5ae32f3923c21ea19f2e191f44e23b7f8eb9bac5b8e655a9abb3aad16db7b101a7da3abfb7a5aec352fac8026170aa6f55d3ca8760dcf0e966f29849f75e950309f3224767fc18a4e8d101b1a6d10118feec01735cee15e31c6a9ed827ea6908148258e86b79eb12d5d2ceb89fc30374b2e81154d66fea9db46a9baccc81037f97b12f72f494115697b53c117ef1de34d6a9e9420e3ef136934f65f5"]}, @nested={0x14, 0x4d, 0x0, 0x1, [@typed={0x8, 0x31, 0x0, 0x0, @ipv4=@multicast1}, @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x7fffffff}]}, @typed={0x8, 0x87, 0x0, 0x0, @ipv4=@private=0xa010100}, @typed={0x8, 0x53, 0x0, 0x0, @uid}, @generic="5b30e574b692f42ed0d033c5e81ad8623a644976b4b5683285699db091592581f65cd1bd0d6d3418b5fc6200f0b232f4aae992ed2c3f0f41d8e46af64bd5f02a50d94d5334095a0e59835f794e294f9a4eecc167632fc14027d13481e3f4a6b5c2a4134dbfa1eb9ae6a5cc28a8fb4eb99df7a9"]}, 0x470}, 0x1, 0x0, 0x0, 0x20000000}, 0x2)
bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) (async, rerun: 32)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async, rerun: 32)
syz_io_uring_setup(0x1030, &(0x7f0000000280)={0x0, 0xf82a, 0x2, 0x2, 0x129}, &(0x7f000004e000/0x3000)=nil, &(0x7f00003ce000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000300))
[ 3433.472046][T28228] EXT4-fs: Ignoring removed nobh option
[ 3433.484452][T28227] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3433.487104][T28228] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3433.504980][T28227] EXT4-fs (loop1): 1 truncate cleaned up
[ 3433.528406][T28228] EXT4-fs (loop3): 1 truncate cleaned up
[ 3433.543912][T28238] FAULT_INJECTION: forcing a failure.
[ 3433.543912][T28238] name failslab, interval 1, probability 0, space 0, times 0
[ 3433.556594][T28238] CPU: 1 PID: 28238 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3433.567117][T28238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
19:07:21 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt(r1, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r1, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r2, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYBLOB="030096002956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffac00000000000000004de4d7ba0000531e92b188a6afabdaef191c555249ce892d21a64ae35f6d069f766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8d7d5ae760a73d5e5ae1d5b7bfd869a1a69a361364c90165e6bdadf4d00f5da5a12ed79510ad0f8f4418e1951573f803150e68b4e98be99874cb3b1016168abdd4912522f84e1df289c913376db55ca764f511c7fbe01d34f96a4b240b1cf3ac99d218c04a0a28bef254692fc5e315e4e1cc036c607e20360c0e2b7a219a46d37a033817fed68d7ea08278e8e0282e78553bfb4625631db58a76e81507a961659fee0e3045948915eebe3c16dba3c077e86d10e74aa75d6ebfd7d07a1c3eaba5733f06e3c1bb69bf8992b4c66aa73768bfb2df64211ebda6105cc4dd904d457dde34912824be35a65e6a5077fd3050d1733a1e0583fa44ec28bd081792182533fbcb0c2426d1573a3294f774fd3f66a86d537292fced1d8a4f59583257f6c7e076333015cf508bb899bccd6d87cacc52736d0accaa3bf1fa660246144b64285050f519b9c784ea2e018ea5aa9b201fa01cadcd425f6f5585b9ea19b2d3c146460cc68f9f2c940945af1eaa75066f37c9acf83f02b469647b988e17575060846602c2fd08e7db56c650a317000000000000000000000000000000000000f1dac86ab2d5e3d536022a5d3b7ca833dc698d6b1e042ed191e5cc31c436926d28a1f986f243ae7b6e9698"], 0x9e)
ppoll(&(0x7f0000000280)=[{r1, 0x2}, {r0, 0xe164}, {r0, 0x6400}, {r0, 0xb400}, {r2, 0x1060}], 0x5, &(0x7f00000002c0), &(0x7f0000000300)={[0x9]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x5}, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = mq_open(&(0x7f0000000080)='!selinuxse,inux\x00', 0x40, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3433.577232][T28238] Call Trace:
[ 3433.580519][T28238]
[ 3433.583464][T28238] dump_stack_lvl+0xda/0x130
[ 3433.588064][T28238] dump_stack+0x15/0x20
[ 3433.592223][T28238] should_fail_ex+0x21f/0x230
[ 3433.597003][T28238] __should_failslab+0x92/0xa0
[ 3433.601803][T28238] should_failslab+0x9/0x20
[ 3433.606325][T28238] slab_pre_alloc_hook+0x38/0x180
[ 3433.611427][T28238] __kmem_cache_alloc_node+0x46/0x250
[ 3433.616827][T28238] ? io_drain_req+0x1e1/0x4f0
[ 3433.621687][T28238] kmalloc_trace+0x2a/0xa0
[ 3433.626215][T28238] io_drain_req+0x1e1/0x4f0
[ 3433.630753][T28238] io_queue_sqe_fallback+0xd1/0xe0
[ 3433.635888][T28238] io_submit_sqes+0xbf8/0xfe0
[ 3433.640624][T28238] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3433.646220][T28238] ? __fget_files+0x1c4/0x200
[ 3433.651158][T28238] ? mutex_lock+0xd/0x30
[ 3433.655429][T28238] ? fput+0x112/0x140
[ 3433.659427][T28238] ? ksys_write+0x178/0x1a0
[ 3433.663943][T28238] __x64_sys_io_uring_enter+0x78/0x90
[ 3433.669411][T28238] do_syscall_64+0x41/0xc0
[ 3433.673906][T28238] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3433.679797][T28238] RIP: 0033:0x7fbf4da9f169
[ 3433.684312][T28238] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3433.704403][T28238] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3433.712836][T28238] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3433.720801][T28238] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
19:07:21 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7PDeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vf4d8Xu9La/MLiUyfm3z872/yu/GgMp8VK10jLeuhkvjZc5Kfa8kfydeMvKrc38uMz87XZQQcPJbe7y/jP/FEZdOuAvvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/owG0A7j5fP5DeRn/UF7GP5SX8Q+ltJ3f9UuUORHpLdEMiT4lBv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA//8gv+Zi")
19:07:21 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgeW83PWVpem/Vpamk6jV3vwzqZe7trI0XRQt/m5fnhlNI9JPk5Z/2LBw4eKZqWp19nyeH188+974woWLz8ydnTo9e3r23OSJE8ePTTz/3OSzXYkzi+va8Ifzhw+9+vbl16dPXn7np2+SPO5oiaNbRmKkXeh1j3e7sh7b35RO+nrYELakEhFZd/XXx/9gVGKt8wbjlU962jhgV9VqtdqezqeXa8AtLIletwDojeKLPrv/LY4bNPW4KVx9sXEDlMV9PT8aZ/rieF6mv+X+tptGIuLk8t9fZkfs0joEAECz77L5z9Pt5n9p3NtU7s58D2UoIu6KiAMRcXdEHIyIeyLqZe+LiPu3WP9IS379/Ce9sq3ANimb/72Q7239e/6XFkWGKnlufz3+/uTUXHX2aP6ejEb/niw/sUEd37/86+edzjXP/7Ijq7+YC+btuNLXskA3M7U4tZOYm139OGK4r138yepOQBIRhyJieJt1zD359eFO5/47/g10YZ+p9lXEE43+X46W+AvJxvuT47dFdfboeHFVrPfzL5fe6FT/juLvgqz/97a9/lfjH0qa92sXtl7Hpd8/63hPs93rfyB5q54eyF/7YGpx8fxExEDy2vrXJ9f+tsgX5bP4R4+0H/8HYu2deCAisov4wYh4KCIeztv+SEQ8GhFHNoj/x5cee3f78e+uLP6ZLfX/1hOVMz9826n+zfV/4058NH9lM59/m23gTt47AAAA+L9I68/AJ+nYajpNx8Yaz/AfjL1pdX5h8alT8++fm2k8Kz8U/Wmx0jXYtB46ka8NF/nJlvyxfN34i8rt9fzY9Hx1ptfBQ8nt6zD+M39Uet06YNf5vRaUl/EP5WX8Q3kZ/1Bexj+UV7vx/1EP2gHceL7/obyMfygv4x/Ky/iHUtrJ7/olypyI9KZohsQuJXr9yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wQAAP//MJvnBw==")
[ 3433.728765][T28238] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3433.736793][T28238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3433.744809][T28238] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3433.752826][T28238]
[ 3433.816772][T28257] loop1: detected capacity change from 0 to 512
[ 3433.827643][T28255] loop3: detected capacity change from 0 to 512
[ 3433.834338][T28257] EXT4-fs: Ignoring removed nobh option
[ 3433.839973][T28257] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3433.845207][T28255] EXT4-fs: Ignoring removed nobh option
[ 3433.846430][T28257] EXT4-fs: Ignoring removed nobh option
[ 3433.857726][T28255] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3433.864305][T28255] EXT4-fs: Ignoring removed nobh option
[ 3433.874235][T28257] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3433.874793][T28255] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3433.892562][T28257] EXT4-fs (loop1): 1 truncate cleaned up
[ 3433.903867][T28255] EXT4-fs (loop3): 1 truncate cleaned up
19:07:21 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000aaf9890c4fff5e23b5b2ed095bc067ebe88dda52429dd71fa26cbea61a94ddc759b948f248583fe8973558872a9b09fab5cbaa5039e252f5254ba0038d30ec8ff2ab1bcb6d0bd87e1525fd39a6778edcacefdd7d14a96a1a8dca3521a7d51f58019f4a974dcc4cddb3222ad1dac22d992e9a90276b58c6615285c250fa14419fc832616322e036fc0f9f2b36ba96bc9c6b5b3a39400e99ff4f13895d1caa5431", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff, 0x0, 0x894}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0) (async)
socket(0x10, 0x80002, 0x0)
19:07:21 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt(r1, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79) (async)
sendto$inet6(r1, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
r2 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c)
setsockopt$packet_int(r2, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYBLOB="030096002956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffac00000000000000004de4d7ba0000531e92b188a6afabdaef191c555249ce892d21a64ae35f6d069f766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8d7d5ae760a73d5e5ae1d5b7bfd869a1a69a361364c90165e6bdadf4d00f5da5a12ed79510ad0f8f4418e1951573f803150e68b4e98be99874cb3b1016168abdd4912522f84e1df289c913376db55ca764f511c7fbe01d34f96a4b240b1cf3ac99d218c04a0a28bef254692fc5e315e4e1cc036c607e20360c0e2b7a219a46d37a033817fed68d7ea08278e8e0282e78553bfb4625631db58a76e81507a961659fee0e3045948915eebe3c16dba3c077e86d10e74aa75d6ebfd7d07a1c3eaba5733f06e3c1bb69bf8992b4c66aa73768bfb2df64211ebda6105cc4dd904d457dde34912824be35a65e6a5077fd3050d1733a1e0583fa44ec28bd081792182533fbcb0c2426d1573a3294f774fd3f66a86d537292fced1d8a4f59583257f6c7e076333015cf508bb899bccd6d87cacc52736d0accaa3bf1fa660246144b64285050f519b9c784ea2e018ea5aa9b201fa01cadcd425f6f5585b9ea19b2d3c146460cc68f9f2c940945af1eaa75066f37c9acf83f02b469647b988e17575060846602c2fd08e7db56c650a317000000000000000000000000000000000000f1dac86ab2d5e3d536022a5d3b7ca833dc698d6b1e042ed191e5cc31c436926d28a1f986f243ae7b6e9698"], 0x9e) (async)
ppoll(&(0x7f0000000280)=[{r1, 0x2}, {r0, 0xe164}, {r0, 0x6400}, {r0, 0xb400}, {r2, 0x1060}], 0x5, &(0x7f00000002c0), &(0x7f0000000300)={[0x9]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x5}, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = mq_open(&(0x7f0000000080)='!selinuxse,inux\x00', 0x40, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:21 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi1tQikfLQUMBRHxkTRpgR64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eLTp89On5o7NXdu6vjxY0cnn3t26pmexJnFdf3gB/OHDrzy1pXXZk5cefvHr5M87miLo1eqUe0UesNjva5swPa0pJOhATaETalERNZdw43xPxKVWO28kXj544E2Duirer1e39n99FId+A9LYtAtAAaj+KDP7n+L4xZNPW4L115o3gBlcd/Ij+aZoUjzMsNt97e9VI2IE0t/fZEd0ad1CACAVt9m85+nOs3/0rinpdzefA9lNCLujIh9EXFXROyPiLsjGmXvjYj7Nll/tS2/dv6TXt1SYBuUzf+ez/e2/jn/K2Z/MVrJc3sa8Q8nJ0/X5o7kr8lYDO/M8pPr1PHdS7981u1c6/wvO7L6i7lg3o6rQ20LdLPTi9PbibnVtY8iDg51ij9Z2QlIIuJARBzcYh2nn/jqULdze28a/zp6sM9U/zLi8Wb/L0Vb/IVk/f3Jif9Fbe7IRHFVrPXTz5df71b/zfu/v7L+39Xx+l+JfzRp3a9d2Hwdl3/7tOs9zVav/x3Jm430jvyx96cXF89PRuxIXl37+NTqc4t8UT6Lf+xw5/G/L1ZfifsjIruIH4iIByPiobztD0fEIxFxeJ34f3jx0Xe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzVSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+/bErrc0vLD55cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/NF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//wB75mM=")
[ 3434.028190][T28271] loop3: detected capacity change from 0 to 512
[ 3434.034732][T28271] EXT4-fs: Ignoring removed nobh option
[ 3434.040413][T28271] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.046896][T28271] EXT4-fs: Ignoring removed nobh option
[ 3434.056612][T28271] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3434.072336][T28271] EXT4-fs (loop3): 1 truncate cleaned up
19:07:21 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt(r1, 0x2c, 0x600000, &(0x7f0000000100)="b40fb15f9b8f09852897ffa538ace12d699e81c453b26bb0991b129401dd0576c67bb2acef58f14c9d8e5e66f2e3291091bd44667079fc4850a451b712c0fd2b6b747845b1dc689d7c15aa8d83bb571a01255a294fdf7c4a222d742cdd7012f063167e730170783557feadf9960368a790b1d3282204e9c89e", 0x79)
sendto$inet6(r1, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = socket(0x11, 0x2, 0x0)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0xf89, 0x8000, 0x1f12}, 0x1c) (async)
setsockopt$packet_int(r2, 0x107, 0x13, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYBLOB="030096002956ad4a3c2d8dae5b63eef755e492cd1dcd1fb816655e221d0929e4e1a86bffac00000000000000004de4d7ba0000531e92b188a6afabdaef191c555249ce892d21a64ae35f6d069f766ede90abedc9f38deb809632e32ed1a67995f8a60901f87187c8a29fd271d60e309bdaa77195c1698a3d83bae60d3164d065f68e39dfa4c49444a87c42e43567f014958d2d8d7d5ae760a73d5e5ae1d5b7bfd869a1a69a361364c90165e6bdadf4d00f5da5a12ed79510ad0f8f4418e1951573f803150e68b4e98be99874cb3b1016168abdd4912522f84e1df289c913376db55ca764f511c7fbe01d34f96a4b240b1cf3ac99d218c04a0a28bef254692fc5e315e4e1cc036c607e20360c0e2b7a219a46d37a033817fed68d7ea08278e8e0282e78553bfb4625631db58a76e81507a961659fee0e3045948915eebe3c16dba3c077e86d10e74aa75d6ebfd7d07a1c3eaba5733f06e3c1bb69bf8992b4c66aa73768bfb2df64211ebda6105cc4dd904d457dde34912824be35a65e6a5077fd3050d1733a1e0583fa44ec28bd081792182533fbcb0c2426d1573a3294f774fd3f66a86d537292fced1d8a4f59583257f6c7e076333015cf508bb899bccd6d87cacc52736d0accaa3bf1fa660246144b64285050f519b9c784ea2e018ea5aa9b201fa01cadcd425f6f5585b9ea19b2d3c146460cc68f9f2c940945af1eaa75066f37c9acf83f02b469647b988e17575060846602c2fd08e7db56c650a317000000000000000000000000000000000000f1dac86ab2d5e3d536022a5d3b7ca833dc698d6b1e042ed191e5cc31c436926d28a1f986f243ae7b6e9698"], 0x9e) (async)
ppoll(&(0x7f0000000280)=[{r1, 0x2}, {r0, 0xe164}, {r0, 0x6400}, {r0, 0xb400}, {r2, 0x1060}], 0x5, &(0x7f00000002c0), &(0x7f0000000300)={[0x9]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x5}, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r3 = mq_open(&(0x7f0000000080)='!selinuxse,inux\x00', 0x40, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:21 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgSt5uRsrS9N/rixNJ1GrvflHUi93fWVpuiha/N2+PDOaRqSfJi3/sGHhwsUzU9Xq7Pk8P7549r3xhQsXn5k7O3V69vTsuckTJ44fm3j+uclnuxJnFtf14Q/nDx969e3Lr0+fvPzOj98kedzREke3jMRIu9DrHu92ZT22vymd9PWwIWxJJSKy7uqvj//BqMRa5w3GK5/0tHHArqrVarU9nU8v14D/sSR63QKgN4ov+uz+tzhu0tTjlnDtxcYNUBb3jfxonOmL43mZ/pb7224aiYiTy399mR2xS+sQAADNrmTzn6fbzf/SuLep3J35HspQRNwVEQci4u6IOBgR90TUy94XEfdvsf6Rlvz6+U96dVuBbVI2/3sh39v65/wvLYoMVfLc/nr8/cmpuers0fw9GY3+PVl+YoM6vnv5l887nWue/2VHVn8xF8zbcbWvZYFuZmpxaicxN7v2ccRwX7v4k9WdgCQiDkXE8DbrmHvy68Odzv17/Bvowj5T7auIJxr9vxwt8ReSjfcnx2+L6uzR8eKqWO+nny+90an+HcXfBVn/7217/a/GP5Q079cubL2OS7991vGeZrvX/0DyVj09kL/2wdTi4vmJiIHktfWvT679bZEvymfxjx5pP/4PxNo78UBEZBfxgxHxUEQ8nLf9kYh4NCKObBD/Dy899u72499dWfwzW+r/rScqZ77/tlP9m+v/xp34aP7KZj7/NtvAnbx3AAAA8F+R1p+BT9Kx1XSajo01nuE/GHvT6vzC4lOn5t8/N9N4Vn4o+tNipWuwaT10Il8bLvKTLflj+brxF5Xb6/mx6fnqTK+Dh5Lb12H8Z36v9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/6MetAO4+Xz/Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6S3RDIldSvT6kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/g4AAP//NoznRw==")
19:07:21 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7khvGvowf7TPWvIp5o9v9StMVfSNbfn5y4LWpzhyeKq2Ktn3+59Ea3+m/c//2V9f+ujtf/SvyjSet+7cLm67j0+2dd72m2ev3vSN5qpHfkj30wvbh4bjJiR/La2senVp9b5IvyWfxjhzqP/72x+ko8EBHZRfxgRDwUEQ/nbX8kIh6NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA///gKOZk")
19:07:21 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000aaf9890c4fff5e23b5b2ed095bc067ebe88dda52429dd71fa26cbea61a94ddc759b948f248583fe8973558872a9b09fab5cbaa5039e252f5254ba0038d30ec8ff2ab1bcb6d0bd87e1525fd39a6778edcacefdd7d14a96a1a8dca3521a7d51f58019f4a974dcc4cddb3222ad1dac22d992e9a90276b58c6615285c250fa14419fc832616322e036fc0f9f2b36ba96bc9c6b5b3a39400e99ff4f13895d1caa5431", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff, 0x0, 0x894}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000aaf9890c4fff5e23b5b2ed095bc067ebe88dda52429dd71fa26cbea61a94ddc759b948f248583fe8973558872a9b09fab5cbaa5039e252f5254ba0038d30ec8ff2ab1bcb6d0bd87e1525fd39a6778edcacefdd7d14a96a1a8dca3521a7d51f58019f4a974dcc4cddb3222ad1dac22d992e9a90276b58c6615285c250fa14419fc832616322e036fc0f9f2b36ba96bc9c6b5b3a39400e99ff4f13895d1caa5431", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff, 0x0, 0x894}, 0x0)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10}) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0) (async)
socket(0x10, 0x80002, 0x0)
[ 3434.241434][T28291] loop3: detected capacity change from 0 to 512
[ 3434.242951][T28289] loop1: detected capacity change from 0 to 512
[ 3434.255766][T28291] EXT4-fs: Ignoring removed nobh option
[ 3434.261392][T28291] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.265364][T28289] EXT4-fs: Ignoring removed nobh option
[ 3434.267886][T28291] EXT4-fs: Ignoring removed nobh option
[ 3434.279486][T28289] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.285922][T28289] EXT4-fs: Ignoring removed nobh option
[ 3434.301208][T28291] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3434.318026][T28289] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3434.334071][T28289] EXT4-fs (loop1): 1 truncate cleaned up
[ 3434.339865][T28291] EXT4-fs (loop3): 1 truncate cleaned up
19:07:21 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 30)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:21 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0))
io_uring_enter(r0, 0x40af, 0x4, 0x0, &(0x7f0000000440)={[0xffffffffffff0000]}, 0x8)
r2 = syz_io_uring_setup(0x61f6, &(0x7f0000000280)={0x0, 0xb2df, 0x8, 0x1, 0x10000306}, &(0x7f0000272000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000340)=0x0)
clock_gettime(0x0, &(0x7f0000000380))
io_uring_enter(r2, 0x3749, 0x1b6a, 0x14, &(0x7f00000003c0)={[0x2]}, 0x8)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="040000653000"])
syz_io_uring_submit(r1, r3, &(0x7f0000000400)=@IORING_OP_WRITE={0x17, 0x2, 0x4000, @fd=r4, 0x76, &(0x7f0000000500)="9b4d19685f811a0f87eae7e7eca0801dcdbefcbe14402d3911b2944b4edf6fb58c8f8007800970adfb2eaed50a0d17329a74fc7729c0cb5fad2b7516204331f1da058b3e955f8abeb076c49c17c58d9643a536c22bc9200024401fe5ba3d59cf3ee4462149286bb3c3e257b560663d98", 0x70, 0x7}, 0x4cb23ff9)
io_uring_enter(r0, 0x4c, 0x15da, 0x58d3d3d2cdb6b24b, &(0x7f0000000080)={[0xff]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r7 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0)
syz_io_uring_submit(r9, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r8}}, 0x6)
socket$inet(0x2, 0xa, 0x6)
syz_io_uring_submit(r1, r6, &(0x7f0000000480)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)="450c17af842e07408de677dd1d0797a2da4e4e79f69c9054342f1b42603d653d2a6600241cedeab1e68ab073ee56e1323e84fe3a560178fe84211fc6f5041c4940e6791f8f667744d4cd04f94d19026d1fd01732dbe49061aeca7c12c99ea3fbcdc0b81b8bb8af48d6181b4510e9f97cede87c102adca5ef7d8d47c3c353061736fbc8ddfd0003d9dab5fd45e4ba53967571fca0c854a0604a80f30f957b1f4cebc10ae4", 0xa4, 0x21, 0x1, {0x0, r8}}, 0x3)
r11 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r11, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:21 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f00000002c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:21 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r3}}, 0x6)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000280)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x27, 0x0, @fd=r0, 0x0, 0x0, 0x40, 0x1, 0x0, {0x0, r3, r6}}, 0xfffffe00)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x50c500, 0x0)
19:07:21 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm70hvGvowf7TPWvIp5o9v9StMVfSNbfn5y4LWpzhyeKq2Ktn3+59Ea3+m/c//2V9f+ujtf/SvyjSet+7cLm67j0+2dd72m2ev3vSN5qpHfkj30wvbh4bjJiR/La2senVp9b5IvyWfxjhzqP/72x+ko8EBHZRfxgRDwUEQ/nbX8kIh6NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyX8sr8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//+/5OZl")
[ 3434.422298][T28326] FAULT_INJECTION: forcing a failure.
[ 3434.422298][T28326] name failslab, interval 1, probability 0, space 0, times 0
[ 3434.434971][T28326] CPU: 0 PID: 28326 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3434.445527][T28326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3434.455687][T28326] Call Trace:
[ 3434.459072][T28326]
[ 3434.462038][T28326] dump_stack_lvl+0xda/0x130
[ 3434.462797][T28329] loop1: detected capacity change from 0 to 512
[ 3434.466643][T28326] dump_stack+0x15/0x20
[ 3434.466668][T28326] should_fail_ex+0x21f/0x230
[ 3434.481725][T28326] __should_failslab+0x92/0xa0
[ 3434.486501][T28326] should_failslab+0x9/0x20
[ 3434.491008][T28326] slab_pre_alloc_hook+0x38/0x180
[ 3434.496078][T28326] __kmem_cache_alloc_node+0x46/0x250
[ 3434.501450][T28326] ? io_drain_req+0x1e1/0x4f0
[ 3434.506132][T28326] kmalloc_trace+0x2a/0xa0
[ 3434.510566][T28326] io_drain_req+0x1e1/0x4f0
[ 3434.515080][T28326] io_queue_sqe_fallback+0xd1/0xe0
[ 3434.520243][T28326] io_submit_sqes+0xbf8/0xfe0
[ 3434.524940][T28326] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3434.530625][T28326] ? __fget_files+0x1c4/0x200
[ 3434.535384][T28326] ? mutex_lock+0xd/0x30
[ 3434.539905][T28326] ? fput+0x112/0x140
[ 3434.543975][T28326] ? ksys_write+0x178/0x1a0
[ 3434.548505][T28326] __x64_sys_io_uring_enter+0x78/0x90
[ 3434.553892][T28326] do_syscall_64+0x41/0xc0
[ 3434.558329][T28326] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3434.564251][T28326] RIP: 0033:0x7fbf4da9f169
[ 3434.568691][T28326] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3434.588483][T28326] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3434.596893][T28326] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3434.604856][T28326] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3434.612820][T28326] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
19:07:21 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwWu9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIq7k6aSlwJW83I2Vpek/V5amk6jV3vwjqZe7vrI0XRQt/m5fnhlNI9JPk5Z/2LBw4eKZqWp19nyeH188+974woWLz8ydnTo9e3r23OSJE8ePTTz/3OSzXYkzi+v68Ifzhw+9+vbl16dPXn7np2+SPO5oiaNbRmKkXeh1j3e7sh7b35RO+nrYELakEhFZd/XXx/9gVGKt8wbjlU962jhgV9VqtdqezqeXa8D/WBK9bgHQG8UXfXb/Wxw3aepxS7j2YuMGKIv7Rn40zvTF8bxMf8v9bTeNRMTJ5b++zI7YpXUIAIBm32Xzn6fbzf/SuLep3J35HspQRNwVEQci4u6IOBgR90TUy94XEfdvsf6Rlvz6+U96dVuBbVI2/3sh39v65/wvLYoMVfLc/nr8/cmpuers0fw9GY3+PVl+YoM6vn/51887nWue/2VHVn8xF8zbcbWvZYFuZmpxaicxN7v2ccRwX7v4k9WdgCQiDkXE8DbrmHvy68Odzv17/Bvowj5T7auIJxr9vxwt8ReSjfcnx2+L6uzR8eKqWO/nXy690an+HcXfBVn/7217/a/GP5Q079cubL2OS7991vGeZrvX/0DyVj09kL/2wdTi4vmJiIHktfWvT679bZEvymfxjx5pP/4PxNo78UBEZBfxgxHxUEQ8nLf9kYh4NCKObBD/jy899u72499dWfwzW+r/rScqZ374tlP9m+v/xp34aP7KZj7/NtvAnbx3AAAA8F+R1p+BT9Kx1XSajo01nuE/GHvT6vzC4lOn5t8/N9N4Vn4o+tNipWuwaT10Il8bLvKTLflj+brxF5Xb6/mx6fnqTK+Dh5Lb12H8Z36v9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/6MetAO4+Xz/Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6S3RDIldSvT6kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/g4AAP//yR3nYw==")
[ 3434.620783][T28326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3434.628758][T28326] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3434.636728][T28326]
[ 3434.641976][T28329] EXT4-fs: Ignoring removed nobh option
[ 3434.647694][T28329] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.654224][T28329] EXT4-fs: Ignoring removed nobh option
[ 3434.671945][T28340] loop3: detected capacity change from 0 to 512
[ 3434.683169][T28340] EXT4-fs: Ignoring removed nobh option
[ 3434.688787][T28340] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.695216][T28340] EXT4-fs: Ignoring removed nobh option
[ 3434.703232][T28329] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3434.720825][T28340] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3434.737632][T28340] EXT4-fs (loop3): 1 truncate cleaned up
[ 3434.741102][T28329] EXT4-fs (loop1): 1 truncate cleaned up
19:07:22 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0laSkfLQUMBRHxkTRpgR64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eLTp89On5o7NXdu6vjxY0cnn3t26pmexJnFdf3gB/OHDrzy1pXXZk5cefvHr5M87miLo1eqUe0UesNjva5swPa0pJOhATaETalERNZdw43xPxKVWO28kXj544E2Duirer1e39n99FId+A9LYtAtAAaj+KDP7n+L4xZNPW4L115o3gBlcd/Ij+aZoUjzMsNt97e9VI2IE0t/fZEd0ad1CACAVt9m85+nOs3/0rinpdyd+R7KaETsjYh9EXFXROyPiLsjGmXvjYj7Nll/tS2/dv6TXt1SYBuUzf+ez/e2/jn/K2Z/MVrJc3sa8Q8nJ0/X5o7kr8lYDO/M8pPr1PHdS7981u1c6/wvO7L6i7lg3o6rQ20LdLPTi9PbibnVtY8iDg51ij9Z2QlIIuJARBzcYh2nn/jqULdze28a/zp6sM9U/zLi8Wb/L0Vb/IVk/f3Jif9Fbe7IRHFVrPXTz5df71b/zfu/v7L+39Xx+l+JfzRp3a9d2Hwdl3/7tOs9zVav/x3Jm430jvyx96cXF89PRuxIXl37+NTqc4t8UT6Lf+xw5/G/L1ZfifsjIruIH4iIByPiobztD0fEIxFxeJ34f3jx0Xe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzVSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+/bErrc0vLD55cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/NF/r+7zy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//5+g5mY=")
19:07:22 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgVpe7vrK0vRfK0vTSdRqb/6Z1MtdW1maLooWf7cvz4ymEemnScs/bFi4cPHMVLU6ez7Pjy+efW984cLFZ+bOTp2ePT17bvLEiePHJp5/bvLZrsSZxXVt+MP5w4deffvy69MnL7/z0zdJHne0xNEtIzHSLvS6x7tdWY/tb0onfT1sCFtSiYisu/rr438wKrHWeYPxyic9bRywq2q1Wm1P59PLNeAWlkSvWwD0RvFFn93/FscNmnrcFK6+2LgByuK+nh+NM31xPC/T33J/200jEXFy+e8vsyN2aR0CAKDZd9n85+l287807m0qd2e+hzIUEXdFxIGIuDsiDkbEPRH1svdFxP1brH+kJb9+/pNe2VZgm5TN/17I97b+Pf9LiyJDlTy3vx5/f3Jqrjp7NH9PRqN/T5af2KCO71/+9fNO55rnf9mR1V/MBfN2XOlrWaCbmVqc2knMza5+HDHc1y7+ZHUnIImIQxExvM065p78+nCnc/8d/wa6sM9U+yriiUb/L0dL/IVk4/3J8duiOnt0vLgq1vv5l0tvdKp/R/F3Qdb/e9te/6vxDyXN+7ULW6/j0u+fdbyn2e71P5C8VU8P5K99MLW4eH4iYiB5bf3rk2t/W+SL8ln8o0faj/8DsfZOPBAR2UX8YEQ8FBEP521/JCIejYgjG8T/40uPvbv9+HdXFv/Mlvp/64nKmR++7VT/5vq/cSc+mr+ymc+/zTZwJ+8dAAAA/F+k9Wfgk3RsNZ2mY2ONZ/gPxt60Or+w+NSp+ffPzTSelR+K/rRY6RpsWg+dyNeGi/xkS/5Yvm78ReX2en5ser460+vgoeT2dRj/mT8qvW4dsOv8XgvKy/iH8jL+obyMfygv4x/Kq934/6gH7QBuPN//UF7GP5SX8Q/lZfxDKe3kd/0SZU5EelM0Q2KXEr3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiOfwIAAP//QGXnhg==")
[ 3434.825403][T28363] loop3: detected capacity change from 0 to 512
[ 3434.826354][ T6589] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 3434.832068][T28363] EXT4-fs: Ignoring removed nobh option
[ 3434.846871][T28363] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.853391][T28363] EXT4-fs: Ignoring removed nobh option
[ 3434.863035][T28363] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3434.863725][T28365] loop1: detected capacity change from 0 to 512
[ 3434.877976][T28363] EXT4-fs (loop3): 1 truncate cleaned up
[ 3434.884705][T28365] EXT4-fs: Ignoring removed nobh option
[ 3434.894885][T28365] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.901368][T28365] EXT4-fs: Ignoring removed nobh option
[ 3434.908737][T28365] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:22 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7vDeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vf4d8Xu9La/MLiUyfm3z872/yu/GgMp8VK10jLeuhkvjZc5Kfa8kfydeMvKrc38uMz87XZQQcPJbe7y/jP/FEZdOuAvvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/owG0A7j5fP5DeRn/UF7GP5SX8Q+ltJ3f9UuUORHpLdEMiT4lBv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA//9/XOZn")
[ 3434.923205][T28365] EXT4-fs (loop1): 1 truncate cleaned up
19:07:22 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdDgUBBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJceyQh1OX7u8nrTLjHWfm8+zYszN2AKU1EhGDEXFHRPyWp5PWAknjz/WVpem/Vpamk6jV3vwzqZe7trI0XRQtnrcvz4ymEemnScs/bFi4cPHMVLU6ez7Pjy+efW984cLFZ+bOTp2ePT17bvLEiePHJp5/bvLZrsSZxXVt+MP5w4deffvy69MnL7/z0zdJHne0xNEtIzHSLvS6x7tdWY/tb0onfT1sCFtSiYisu/rr438wKrHWeYPxyic9bRywq2q1Wm1P59PLNeAWlkSvWwD0RvFBn93/FscNmnrcFK6+2LgByuK+nh+NM31xPC/T33J/200jEXFy+e8vsyN2aR0CAKDZd9n85+l287807m0qd2e+hzIUEXdFxIGIuDsiDkbEPRH1svdFxP1brH+kJb9+/pNe2VZgm5TN/17I97b+Pf9LiyJDlTy3vx5/f3Jqrjp7NH9NRqN/T5af2KCO71/+9fNO55rnf9mR1V/MBfN2XOlrWaCbmVqc2knMza5+HDHc1y7+ZHUnIImIQxExvM065p78+nCnc/8d/wa6sM9U+yriiUb/L0dL/IVk4/3J8duiOnt0vLgq1vv5l0tvdKp/R/F3Qdb/e9te/6vxDyXN+7ULW6/j0u+fdbyn2e71P5C8VU8P5I99MLW4eH4iYiB5bf3jk2vPLfJF+Sz+0SPtx/+BWHslHoiI7CJ+MCIeioiH87Y/EhGPRsSRDeL/8aXH3t1+/Lsri39mS/2/9UTlzA/fdqp/c/3fuBMfzR/ZzPvfZhu4k9cOAAAA/i/S+nfgk3RsNZ2mY2ON7/AfjL1pdX5h8alT8++fm2l8V34o+tNipWuwaT10Il8bLvKTLflj+brxF5Xb6/mx6fnqTK+Dh5Lb12H8Z/6o9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/6MetAO48Xz+Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6U3RDIldSvT6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/gkAAP//INDmiA==")
[ 3434.959338][T28369] loop3: detected capacity change from 0 to 512
[ 3434.965895][T28369] EXT4-fs: Ignoring removed nobh option
[ 3434.971528][T28369] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3434.977999][T28369] EXT4-fs: Ignoring removed nobh option
[ 3434.993456][T28369] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3435.008879][T28369] EXT4-fs (loop3): 1 truncate cleaned up
[ 3435.016611][T28372] loop1: detected capacity change from 0 to 512
[ 3435.023375][T28372] EXT4-fs: Ignoring removed nobh option
[ 3435.029050][T28372] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.035466][T28372] EXT4-fs: Ignoring removed nobh option
[ 3435.042944][T28372] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:22 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loS0fLQUMBRHxkTRpgR64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eLTp89On5o7NXdu6vjxY0cnn3t26pmexJnFdf3gB/OHDrzy1pXXZk5cefvHr5M87miLo1eqUe0UesNjva5swPa0pJOhATaETalERNZdw43xPxKVWO28kXj544E2Duirer1e39n99FId+A9LYtAtAAaj+KDP7n+L4xZNPW4L115o3gBlcd/Ij+aZoUjzMsNt97e9VI2IE0t/fZEd0ad1CACAVt9m85+nOs3/0rinpdyd+R7KaETcFRF7I2JfROyPiLsjGmXvjYj7Nll/tS2/dv6TXt1SYBuUzf+ez/e2/jn/K2Z/MVrJc3sa8Q8nJ0/X5o7kr8lYDO/M8pPr1PHdS7981u1c6/wvO7L6i7lg3o6rQ20LdLPTi9PbibnVtY8iDg51ij9Z2QlIIuJARBzcYh2nn/jqULdz+24a/zp6sM9U/zLi8Wb/L0Vb/IVk/f3Jif9Fbe7IRHFVrPXTz5df71b/zfu/v7L+39Xx+l+JfzRp3a9d2Hwdl3/7tOs9zVav/x3Jm430jvyx96cXF89PRuxIXl37+NTqc4t8UT6Lf+xw5/G/N1ZfifsjIruIH4iIByPiobztD0fEIxFxeJ34f3jx0Xe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzVSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+/bErrc0vLD55cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/NF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//18Y5mg=")
[ 3435.057400][T28372] EXT4-fs (loop1): 1 truncate cleaned up
[ 3435.078297][T28375] loop3: detected capacity change from 0 to 512
[ 3435.085464][T28375] EXT4-fs: Ignoring removed nobh option
[ 3435.091081][T28375] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.097502][T28375] EXT4-fs: Ignoring removed nobh option
19:07:22 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs8njXLXV5am/1xZmk6iVnvjj6Re7trK0nRRtPi7fXlmNI1IP0la/mHDwoWLZ6aq1dnzeX588ey74wsXLj41d3bq9Ozp2XOTJ04cPzbx7DOTT3clziyua8MfzB8+9Mpbl1+bPnn57R+/TvK4oyWObhmJkXah1z3a7cp6bH9TOunrYUPYkkpEZN3VXx//g1GJtc4bjJc/7mnjgF1Vq9VqezqfXq4B/2NJ9LoFQG8UX/TZ/W9x3KCpx03h6guNG6As7uv50TjTF8fzMv0t97fdNBIRJ5f/+iI7YpfWIQAAmn2bzX+ebDf/S+PupnK353soQxFxR0QciIg7I+JgRNwVUS97T0Tcu8X6R1ry6+c/6ZVtBbZJ2fzvuXxv65/zv7QoMlTJc/vr8fcnp+aqs0fz92Q0+vdk+YkN6vjupV8+63Suef6XHVn9xVwwb8eVvpYFupmpxamdxNzs6kcRw33t4k9WdwKSiDgUEcPbrGPu8a8Odzr37/FvoAv7TLUvIx5r9P9ytMRfSDbenxy/JaqzR8eLq2K9n36+9Hqn+ncUfxdk/b+37fW/Gv9Q0rxfu7D1Oi799mnHe5rtXv8DyZv19ED+2vtTi4vnJyIGklfXvz659rdFviifxT96pP34PxBr78R9EZFdxPdHxAMR8WDe9oci4uGIOLJB/D+8+Mg7249/d2Xxz2yp/7eeqJz5/ptO9W+u/xt34qP5K5v5/NtsA3fy3gEAAMB/RVp/Bj5Jx1bTaTo21niG/2DsTavzC4tPnJp/79xM41n5oehPi5Wuwab10Il8bbjIT7bkj+Xrxp9Xbq3nx6bnqzO9Dh5Kbl+H8Z/5vdLr1gG7zu+1oLyMfygv4x/Ky/iH8jL+obzajf8Pe9AO4Mbz/Q/lZfxDeRn/UF7GP5TSTn7XL1HmRKQ3RTMkdinR608mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vg7AAD//ybB5sg=")
[ 3435.105288][T28375] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3435.131623][T28375] EXT4-fs (loop3): 1 truncate cleaned up
[ 3435.135533][T28378] loop1: detected capacity change from 0 to 512
[ 3435.144150][T28378] EXT4-fs: Ignoring removed nobh option
[ 3435.149822][T28378] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.156315][T28378] EXT4-fs: Ignoring removed nobh option
[ 3435.163804][T28378] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3435.178726][T28378] EXT4-fs (loop1): 1 truncate cleaned up
19:07:22 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0))
io_uring_enter(r0, 0x40af, 0x4, 0x0, &(0x7f0000000440)={[0xffffffffffff0000]}, 0x8) (async)
r2 = syz_io_uring_setup(0x61f6, &(0x7f0000000280)={0x0, 0xb2df, 0x8, 0x1, 0x10000306}, &(0x7f0000272000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000340)=0x0)
clock_gettime(0x0, &(0x7f0000000380)) (async)
io_uring_enter(r2, 0x3749, 0x1b6a, 0x14, &(0x7f00000003c0)={[0x2]}, 0x8) (async)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="040000653000"]) (async)
syz_io_uring_submit(r1, r3, &(0x7f0000000400)=@IORING_OP_WRITE={0x17, 0x2, 0x4000, @fd=r4, 0x76, &(0x7f0000000500)="9b4d19685f811a0f87eae7e7eca0801dcdbefcbe14402d3911b2944b4edf6fb58c8f8007800970adfb2eaed50a0d17329a74fc7729c0cb5fad2b7516204331f1da058b3e955f8abeb076c49c17c58d9643a536c22bc9200024401fe5ba3d59cf3ee4462149286bb3c3e257b560663d98", 0x70, 0x7}, 0x4cb23ff9) (async)
io_uring_enter(r0, 0x4c, 0x15da, 0x58d3d3d2cdb6b24b, &(0x7f0000000080)={[0xff]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r7 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0)
syz_io_uring_submit(r9, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r8}}, 0x6) (async)
socket$inet(0x2, 0xa, 0x6)
syz_io_uring_submit(r1, r6, &(0x7f0000000480)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)="450c17af842e07408de677dd1d0797a2da4e4e79f69c9054342f1b42603d653d2a6600241cedeab1e68ab073ee56e1323e84fe3a560178fe84211fc6f5041c4940e6791f8f667744d4cd04f94d19026d1fd01732dbe49061aeca7c12c99ea3fbcdc0b81b8bb8af48d6181b4510e9f97cede87c102adca5ef7d8d47c3c353061736fbc8ddfd0003d9dab5fd45e4ba53967571fca0c854a0604a80f30f957b1f4cebc10ae4", 0xa4, 0x21, 0x1, {0x0, r8}}, 0x3) (async)
r11 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r11, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:22 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7fDeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vf4d8Xu9La/MLiUyfm3z872/yu/GgMp8VK10jLeuhkvjZc5Kfa8kfydeMvKrc38uMz87XZQQcPJbe7y/jP/FEZdOuAvvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/owG0A7j5fP5DeRn/UF7GP5SX8Q+ltJ3f9UuUORHpLdEMiT4lBv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA//8+1OZp")
19:07:22 executing program 2:
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
listen(r2, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f00000002c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f00000002c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:22 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) (async)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r3}}, 0x6)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000280)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x27, 0x0, @fd=r0, 0x0, 0x0, 0x40, 0x1, 0x0, {0x0, r3, r6}}, 0xfffffe00)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x50c500, 0x0)
19:07:22 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgeWkUe76ytL0XytL00nUam/+mdTLXVtZmi6KFn+3L8+MphHpp0nLP2xYuHDxzFS1Ons+z48vnn1vfOHCxWfmzk6dnj09e27yxInjxyaef27y2a7EmcV1bfjD+cOHXn378uvTJy+/89M3SR53tMTRLSMx0i70use7XVmP7W9KJ309bAhbUomIrLv66+N/MCqx1nmD8conPW0csKtqtVptT+fTyzXgFpZEr1sA9EbxRZ/d/xbHDZp63BSuvti4Acrivp4fjTN9cTwv099yf9tNIxFxcvnvL7MjdmkdAgCg2XfZ/OfpdvO/NO5tKndnvocyFBF3RcSBiLg7Ig5GxD0R9bL3RcT9W6x/pCW/fv6TXtlWYJuUzf9eyPe2/j3/S4siQ5U8t78ef39yaq46ezR/T0ajf0+Wn9igju9f/vXzTuea53/ZkdVfzAXzdlzpa1mgm5lanNpJzM2ufhwx3Ncu/mR1JyCJiEMRMbzNOuae/Ppwp3P/Hf8GurDPVPsq4olG/y9HS/yFZOP9yfHbojp7dLy4Ktb7+ZdLb3Sqf0fxd0HW/3vbXv+r8Q8lzfu1C1uv49Lvn3W8p9nu9T+QvFVPD+SvfTC1uHh+ImIgeW3965Nrf1vki/JZ/KNH2o//A7H2TjwQEdlF/GBEPBQRD+dtfyQiHo2IIxvE/+NLj727/fh3Vxb/zJb6f+uJypkfvu1U/+b6v3EnPpq/spnPv802cCfvHQAAAPxfpPVn4JN0bDWdpmNjjWf4D8betDq/sPjUqfn3z800npUfiv60WOkabFoPncjXhov8ZEv+WL5u/EXl9np+bHq+OtPr4KHk9nUY/5k/Kr1uHbDr/F4Lysv4h/Iy/qG8jH8oL+Mfyqvd+P+oB+0Abjzf/1Bexj+Ul/EP5WX8Qynt5Hf9EmVORHpTNENilxK9/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojn8CAAD//yyy5wg=")
19:07:22 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 31)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3435.284907][T28382] loop3: detected capacity change from 0 to 512
[ 3435.302042][T28388] loop1: detected capacity change from 0 to 512
[ 3435.309027][T28398] FAULT_INJECTION: forcing a failure.
[ 3435.309027][T28398] name failslab, interval 1, probability 0, space 0, times 0
[ 3435.321803][T28398] CPU: 1 PID: 28398 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3435.326184][T28382] EXT4-fs: Ignoring removed nobh option
[ 3435.332393][T28398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3435.332409][T28398] Call Trace:
[ 3435.332416][T28398]
[ 3435.332423][T28398] dump_stack_lvl+0xda/0x130
[ 3435.338015][T28382] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.348075][T28398] dump_stack+0x15/0x20
[ 3435.348100][T28398] should_fail_ex+0x21f/0x230
[ 3435.351408][T28382] EXT4-fs: Ignoring removed nobh option
[ 3435.354324][T28398] __should_failslab+0x92/0xa0
[ 3435.363107][T28388] EXT4-fs: Ignoring removed nobh option
[ 3435.365385][T28398] should_failslab+0x9/0x20
[ 3435.369562][T28388] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.374207][T28398] slab_pre_alloc_hook+0x38/0x180
[ 3435.379859][T28388] EXT4-fs: Ignoring removed nobh option
[ 3435.384469][T28398] __kmem_cache_alloc_node+0x46/0x250
[ 3435.417264][T28398] ? io_drain_req+0x1e1/0x4f0
[ 3435.422035][T28398] kmalloc_trace+0x2a/0xa0
[ 3435.426464][T28398] io_drain_req+0x1e1/0x4f0
[ 3435.431044][T28398] io_queue_sqe_fallback+0xd1/0xe0
[ 3435.436223][T28398] io_submit_sqes+0xbf8/0xfe0
[ 3435.441114][T28398] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3435.447800][T28398] ? __fget_files+0x1c4/0x200
[ 3435.452520][T28398] ? mutex_lock+0xd/0x30
[ 3435.456766][T28398] ? fput+0x112/0x140
[ 3435.460738][T28398] ? ksys_write+0x178/0x1a0
[ 3435.465301][T28398] __x64_sys_io_uring_enter+0x78/0x90
[ 3435.470676][T28398] do_syscall_64+0x41/0xc0
[ 3435.475449][T28398] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3435.481891][T28398] RIP: 0033:0x7fbf4da9f169
[ 3435.486298][T28398] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3435.506453][T28398] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3435.515134][T28398] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3435.523232][T28398] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
19:07:23 executing program 0:
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0))
io_uring_enter(r0, 0x40af, 0x4, 0x0, &(0x7f0000000440)={[0xffffffffffff0000]}, 0x8)
r2 = syz_io_uring_setup(0x61f6, &(0x7f0000000280)={0x0, 0xb2df, 0x8, 0x1, 0x10000306}, &(0x7f0000272000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000340)=0x0)
clock_gettime(0x0, &(0x7f0000000380))
io_uring_enter(r2, 0x3749, 0x1b6a, 0x14, &(0x7f00000003c0)={[0x2]}, 0x8)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="040000653000"]) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="040000653000"])
syz_io_uring_submit(r1, r3, &(0x7f0000000400)=@IORING_OP_WRITE={0x17, 0x2, 0x4000, @fd=r4, 0x76, &(0x7f0000000500)="9b4d19685f811a0f87eae7e7eca0801dcdbefcbe14402d3911b2944b4edf6fb58c8f8007800970adfb2eaed50a0d17329a74fc7729c0cb5fad2b7516204331f1da058b3e955f8abeb076c49c17c58d9643a536c22bc9200024401fe5ba3d59cf3ee4462149286bb3c3e257b560663d98", 0x70, 0x7}, 0x4cb23ff9)
io_uring_enter(r0, 0x4c, 0x15da, 0x58d3d3d2cdb6b24b, &(0x7f0000000080)={[0xff]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080), &(0x7f0000000180)) (async)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r7 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (async)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0)
syz_io_uring_submit(r9, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r8}}, 0x6)
socket$inet(0x2, 0xa, 0x6)
syz_io_uring_submit(r1, r6, &(0x7f0000000480)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)="450c17af842e07408de677dd1d0797a2da4e4e79f69c9054342f1b42603d653d2a6600241cedeab1e68ab073ee56e1323e84fe3a560178fe84211fc6f5041c4940e6791f8f667744d4cd04f94d19026d1fd01732dbe49061aeca7c12c99ea3fbcdc0b81b8bb8af48d6181b4510e9f97cede87c102adca5ef7d8d47c3c353061736fbc8ddfd0003d9dab5fd45e4ba53967571fca0c854a0604a80f30f957b1f4cebc10ae4", 0xa4, 0x21, 0x1, {0x0, r8}}, 0x3)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
r11 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r11, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r11, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3435.531210][T28398] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3435.539210][T28398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3435.547388][T28398] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3435.555357][T28398]
19:07:23 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) (async)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) (async)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r3}}, 0x6) (async)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000280)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x27, 0x0, @fd=r0, 0x0, 0x0, 0x40, 0x1, 0x0, {0x0, r3, r6}}, 0xfffffe00) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x50c500, 0x0)
[ 3435.619799][T28388] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3435.639865][T28382] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3435.657395][T28382] EXT4-fs (loop3): 1 truncate cleaned up
19:07:23 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f00000002c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async, rerun: 32)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10}) (rerun: 32)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async, rerun: 64)
clock_gettime(0x5, &(0x7f0000000800)) (rerun: 64)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:23 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0lobRASwFDQUR8JE1aoAcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E+PYaT7surC/n7TKjHecmcezY8/O2AGUVjUiRiLijoj4NU8n7QWqzT83li/N/Ll8aSaJev2NP5JGuevLl2aKosXzdueZsTQi/SRp+4dNCxcunpmu1ebO5/mJxbPvTixcuPj06bPTp+ZOzZ2bOn782NHJ556deqYncWZxXT/4wfyhA6+8deW1mRNX3v7x6ySPO9ri6JVqVDuF3vBYrysbsD0t6WRogA1hUyoRkXXXcGP8j0QlVjtvJF7+eKCNA/qqXq/Xd3Y/vVQH/sOSGHQLgMEoPuiz+9/iuEVTj9vCtReaN0BZ3Dfyo3lmKNK8zHDb/W0vVSPixNJfX2RH9GkdAgCg1bfZ/OepTvO/NO5pKXdnvocyGhF3RcTeiLg7IvZFxP6IRtl7I+K+TdZfbcuvnf+kV7cU2AZl87/n872tf87/itlfjFby3J5G/MPJydO1uSP5azIWwzuz/OQ6dXz30i+fdTvXOv/Ljqz+Yi6Yt+PqUNsC3ez04vR2Ym517aOIg0Od4k9WdgKSiDgQEQe3WMfpJ7461O3c/pvGv44e7DPVv4x4vNn/S9EWfyFZf39y4n9RmzsyUVwVa/308+XXu9V/8/7vr6z/d3W8/lfiH01a92sXNl/H5d8+7XpPs9Xrf0fyZiO9I3/s/enFxfOTETuSV9c+PrX63CJflM/iHzvcefzvjdVX4v6IyC7iByLiwYh4KG/7wxHxSEQcXif+H1589J2tx99fWfyzm+r/zScqZ77/plv9G+v/Y43UWP7IRt7/NtrA7bx2AAAA8G+RNr4Dn6TjK+k0HR9vfod/X+xKa/MLi0+enH/v3Gzzu/KjMZwWK10jLeuhk/nacJGfassfzdeNP6/8v5Efn5mvzQ46eCi53V3Gf+b3yqBbB/Sd32tBeRn/UF7GP5SX8Q/lZfxDeXUa/x8OoB3ArefzH8rL+IfyMv6hvIx/KKXt/K5fosyJSG+LZkj0KTHodyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDe+DsAAP//HpDmag==")
19:07:23 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgStJo9yNlaXpP1eWppOo1d78I6mXu76yNF0ULf5uX54ZTSPST5OWf9iwcOHimalqdfZ8nh9fPPve+MKFi8/MnZ06PXt69tzkiRPHj008/9zks12JM4vr+vCH84cPvfr25denT15+58dvkjzuaImjW0ZipF3odY93u7Ie29+UTvp62BC2pBIRWXf118f/YFRirfMG45VPeto4YFfVarXans6nl2vA/1gSvW4B0BvFF312/1scN2nqcUu49mLjBiiL+0Z+NM70xfG8TH/L/W03jUTEyeW/vsyO2KV1CACAZley+c/T7eZ/adzbVO7OfA9lKCLuiogDEXF3RByMiHsi6mXvi4j7t1j/SEt+/fwnvbqtwDYpm/+9kO9t/XP+lxZFhip5bn89/v7k1Fx19mj+noxG/54sP7FBHd+9/Mvnnc41z/+yI6u/mAvm7bja17JANzO1OLWTmJtd+zhiuK9d/MnqTkASEYciYnibdcw9+fXhTuf+Pf4NdGGfqfZVxBON/l+OlvgLycb7k+O3RXX26HhxVaz308+X3uhU/47i74Ks//e2vf5X4x9KmvdrF7Zex6XfPut4T7Pd638geaueHshf+2BqcfH8RMRA8tr61yfX/rbIF+Wz+EePtB//B2LtnXggIrKL+MGIeCgiHs7b/khEPBoRRzaI/4eXHnt3+/Hvriz+mS31/9YTlTPff9up/s31f+NOfDR/ZTOff5tt4E7eOwAAAPivSOvPwCfp2Go6TcfGGs/wH4y9aXV+YfGpU/Pvn5tpPCs/FP1psdI12LQeOpGvDRf5yZb8sXzd+IvK7fX82PR8dabXwUPJ7esw/jO/V3rdOmDX+b0WlJfxD+Vl/EN5Gf9QXsY/lFe78f9RD9oB3Hy+/6G8jH8oL+Mfysv4h1Laye/6JcqciPSWaIbELiV6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHX8HAAD//zKj50g=")
[ 3435.676328][T28388] EXT4-fs (loop1): 1 truncate cleaned up
[ 3435.747111][T28452] loop3: detected capacity change from 0 to 512
[ 3435.756016][T28454] loop1: detected capacity change from 0 to 512
[ 3435.764050][T28454] EXT4-fs: Ignoring removed nobh option
[ 3435.769659][T28454] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.776123][T28454] EXT4-fs: Ignoring removed nobh option
[ 3435.781991][T28452] EXT4-fs: Ignoring removed nobh option
[ 3435.787568][T28452] EXT4-fs: Ignoring removed mblk_io_submit option
19:07:23 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000aa000/0xe000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f00000ae000/0x2000)=nil, 0x2000, 0x2, 0x8010, r0, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0)
syz_io_uring_setup(0x73c9, &(0x7f00000002c0)={0x0, 0xe2c2, 0x0, 0x2, 0x377, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b3000/0x1000)=nil, &(0x7f0000000340), &(0x7f0000000380)=0x0)
syz_io_uring_submit(r3, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)='./file1\x00', 0x100, 0x10000, 0x23456}, 0x69c)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r4}}, 0x6)
syz_io_uring_submit(r3, r1, &(0x7f0000000280)=@IORING_OP_MKDIRAT={0x25, 0x5, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x42, 0x0, 0x1, {0x0, r4}}, 0x9)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3435.794056][T28452] EXT4-fs: Ignoring removed nobh option
[ 3435.815099][T28454] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3435.817062][T28452] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:23 executing program 2:
r0 = syz_io_uring_setup(0x1005ad, &(0x7f0000000100)={0x0, 0x0, 0x200, 0x0, 0x4000000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f00000002c0), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0dfdff0099003b92000031010000510000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3435.833466][T28454] EXT4-fs (loop1): 1 truncate cleaned up
[ 3435.854851][T28452] EXT4-fs (loop3): 1 truncate cleaned up
19:07:23 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loRRKSwFDQUR8JE1aoAcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E+PYaT7surC/n7TKjHecmcezY8/O2AGUVjUiRiLijoj4NU8n7QWqzT83li/N/Ll8aSaJev2NP5JGuevLl2aKosXzdueZsTQi/SRp+4dNCxcunpmu1ebO5/mJxbPvTixcuPj06bPTp+ZOzZ2bOn782NHJ556deqYncWZxXT/4wfyhA6+8deW1mRNX3v7x6ySPO9ri6JVqVDuF3vBYrysbsD0t6WRogA1hUyoRkXXXcGP8j0QlVjtvJF7+eKCNA/qqXq/Xd3Y/vVQH/sOSGHQLgMEoPuiz+9/iuEVTj9vCtReaN0BZ3Dfyo3lmKNK8zHDb/W0vVSPixNJfX2RH9GkdAgCg1bfZ/OepTvO/NO5tKXdnvocyGhF3RcTeiLg7IvZFxD0RjbL7I+K+TdZfbcuvnf+kV7cU2AZl87/n872tf87/itlfjFby3J5G/MPJydO1uSP5azIWwzuz/OQ6dXz30i+fdTvXOv/Ljqz+Yi6Yt+PqUNsC3ez04vR2Ym517aOIg0Od4k9WdgKSiDgQEQe3WMfpJ7461O3c/pvGv44e7DPVv4x4vNn/S9EWfyFZf39y4n9RmzsyUVwVa/308+XXu9V/8/7vr6z/d3W8/lfiH01a92sXNl/H5d8+7XpPs9Xrf0fyZiO9I3/s/enFxfOTETuSV9c+PrX63CJflM/iHzvcefzvjdVX4v6IyC7iByLiwYh4KG/7wxHxSEQcXif+H1589J2tx99fWfyzm+r/zScqZ77/plv9G+v/Y43UWP7IRt7/NtrA7bx2AAAA8G+RNr4Dn6TjK+k0HR9vfod/X+xKa/MLi0+enH/v3Gzzu/KjMZwWK10jLeuhk/nacJGfassfzdeNP6/8v5Efn5mvzQ46eCi53V3Gf+b3yqBbB/Sd32tBeRn/UF7GP5SX8Q/lZfxDeXUa/x8OoB3ArefzH8rL+IfyMv6hvIx/KKXt/K5fosyJSG+LZkj0KTHodyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDe+DsAAP//3fnmbA==")
19:07:23 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdDgUBBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJceyQh1OX7u8nrTLjHWfm8+zYszN2AKU1EhGDEXFHRPyWp5PWAmnjz/WVpem/Vpamk6jV3vwzqZe7trI0XRQtnrcvz4ymEemnScs/bFi4cPHMVLU6ez7Pjy+efW984cLFZ+bOTp2ePT17bvLEiePHJp5/bvLZrsSZxXVt+MP5w4deffvy69MnL7/z0zdJHne0xNEtIzHSLvS6x7tdWY/tb0onfT1sCFtSiYisu/rr438wKrHWeYPxyic9bRywq2q1Wm1P59PLNeAWlkSvWwD0RvFBn93/FscNmnrcFK6+2LgByuK+nh+NM31xPC/T33J/200jEXFy+e8vsyN2aR0CAKDZd9n85+l287807m0qd2e+hzIUEXdFxIGIuDsiDkbEPRH1svdFxP1brH+kJb9+/pNe2VZgm5TN/17I97b+Pf9LiyJDlTy3vx5/f3Jqrjp7NH9NRqN/T5af2KCO71/+9fNO55rnf9mR1V/MBfN2XOlrWaCbmVqc2knMza5+HDHc1y7+ZHUnIImIQxExvM065p78+nCnc/8d/wa6sM9U+yriiUb/L0dL/IVk4/3J8duiOnt0vLgq1vv5l0tvdKp/R/F3Qdb/e9te/6vxDyXN+7ULW6/j0u+fdbyn2e71P5C8VU8P5I99MLW4eH4iYiB5bf3jk2vPLfJF+Sz+0SPtx/+BWHslHoiI7CJ+MCIeioiH87Y/EhGPRsSRDeL/8aXH3t1+/Lsri39mS/2/9UTlzA/fdqp/c/3fuBMfzR/ZzPvfZhu4k9cOAAAA/i/S+nfgk3RsNZ2mY2ON7/AfjL1pdX5h8alT8++fm2l8V34o+tNipWuwaT10Il8bLvKTLflj+brxF5Xb6/mx6fnqTK+Dh5Lb12H8Z/6o9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/6MetAO48Xz+Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6U3RDIldSvT6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/gkAAP//HOfmiQ==")
[ 3435.933663][T28467] loop3: detected capacity change from 0 to 512
[ 3435.936672][T28469] loop1: detected capacity change from 0 to 512
[ 3435.940833][T28467] EXT4-fs: Ignoring removed nobh option
[ 3435.946640][T28469] EXT4-fs: Ignoring removed nobh option
[ 3435.951986][T28467] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.957548][T28469] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3435.957565][T28469] EXT4-fs: Ignoring removed nobh option
[ 3435.961485][T28469] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3435.964408][T28467] EXT4-fs: Ignoring removed nobh option
[ 3435.972313][T28469] EXT4-fs (loop1): 1 truncate cleaned up
[ 3435.978791][T28467] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3436.016892][T28467] EXT4-fs (loop3): 1 truncate cleaned up
19:07:23 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs+njXLXV5am/1xZmk6iVnvjj6Re7trK0nRRtPi7fXlmNI1IP0la/mHDwoWLZ6aq1dnzeX588ey74wsXLj41d3bq9Ozp2XOTJ04cPzbx7DOTT3clziyua8MfzB8+9Mpbl1+bPnn57R+/TvK4oyWObhmJkXah1z3a7cp6bH9TOunrYUPYkkpEZN3VXx//g1GJtc4bjJc/7mnjgF1Vq9VqezqfXq4B/2NJ9LoFQG8UX/TZ/W9x3KCpx03h6guNG6As7uv50TjTF8fzMv0t97fdNBIRJ5f/+iI7YpfWIQAAmn2bzX+ebDf/S+PupnK353soQxFxR0QciIg7I+JgRNwVUS97T0Tcu8X6R1ry6+c/6ZVtBbZJ2fzvuXxv65/zv7QoMlTJc/vr8fcnp+aqs0fz92Q0+vdk+YkN6vjupV8+63Suef6XHVn9xVwwb8eVvpYFupmpxamdxNzs6kcRw33t4k9WdwKSiDgUEcPbrGPu8a8Odzr37/FvoAv7TLUvIx5r9P9ytMRfSDbenxy/JaqzR8eLq2K9n36+9Hqn+ncUfxdk/b+37fW/Gv9Q0rxfu7D1Oi799mnHe5rtXv8DyZv19ED+2vtTi4vnJyIGklfXvz659rdFviifxT96pP34PxBr78R9EZFdxPdHxAMR8WDe9oci4uGIOLJB/D+8+Mg7249/d2Xxz2yp/7eeqJz5/ptO9W+u/xt34qP5K5v5/NtsA3fy3gEAAMB/RVp/Bj5Jx1bTaTo21niG/2DsTavzC4tPnJp/79xM41n5oehPi5Wuwab10Il8bbjIT7bkj+Xrxp9Xbq3nx6bnqzO9Dh5Kbl+H8Z/5vdLr1gG7zu+1oLyMfygv4x/Ky/iH8jL+obzajf8Pe9AO4Mbz/Q/lZfxDeRn/UF7GP5TSTn7XL1HmRKQ3RTMkdinR608mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vg7AAD//yLY5sk=")
19:07:23 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7/DeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vf4d8Xu9La/MLiUyfm3z872/yu/GgMp8VK10jLeuhkvjZc5Kfa8kfydeMvKrc38uMz87XZQQcPJbe7y/jP/FEZdOuAvvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/owG0A7j5fP5DeRn/UF7GP5SX8Q+ltJ3f9UuUORHpLdEMiT4lBv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA//+dceZu")
[ 3436.079068][T28476] loop1: detected capacity change from 0 to 512
[ 3436.085571][T28476] EXT4-fs: Ignoring removed nobh option
[ 3436.091214][T28476] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.097682][T28476] EXT4-fs: Ignoring removed nobh option
[ 3436.111560][T28476] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:23 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 32)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3436.114852][T28479] loop3: detected capacity change from 0 to 512
[ 3436.127010][T28476] EXT4-fs (loop1): 1 truncate cleaned up
[ 3436.133544][T28479] EXT4-fs: Ignoring removed nobh option
[ 3436.144395][T28479] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.150880][T28479] EXT4-fs: Ignoring removed nobh option
[ 3436.169456][T28482] FAULT_INJECTION: forcing a failure.
[ 3436.169456][T28482] name failslab, interval 1, probability 0, space 0, times 0
[ 3436.174085][T28479] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3436.182719][T28482] CPU: 1 PID: 28482 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3436.182743][T28482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3436.182755][T28482] Call Trace:
[ 3436.182761][T28482]
[ 3436.207714][T28479] EXT4-fs (loop3): 1 truncate cleaned up
[ 3436.217728][T28482] dump_stack_lvl+0xda/0x130
[ 3436.217754][T28482] dump_stack+0x15/0x20
[ 3436.217769][T28482] should_fail_ex+0x21f/0x230
[ 3436.243200][T28482] __should_failslab+0x92/0xa0
[ 3436.248001][T28482] should_failslab+0x9/0x20
[ 3436.252497][T28482] slab_pre_alloc_hook+0x38/0x180
[ 3436.257554][T28482] __kmem_cache_alloc_node+0x46/0x250
[ 3436.262979][T28482] ? io_drain_req+0x1e1/0x4f0
[ 3436.267664][T28482] kmalloc_trace+0x2a/0xa0
[ 3436.272287][T28482] io_drain_req+0x1e1/0x4f0
[ 3436.276834][T28482] io_queue_sqe_fallback+0xd1/0xe0
[ 3436.282037][T28482] io_submit_sqes+0xbf8/0xfe0
[ 3436.286807][T28482] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3436.292458][T28482] ? __fget_files+0x1c4/0x200
[ 3436.297182][T28482] ? mutex_lock+0xd/0x30
[ 3436.301445][T28482] ? fput+0x112/0x140
[ 3436.305487][T28482] ? ksys_write+0x178/0x1a0
[ 3436.310000][T28482] __x64_sys_io_uring_enter+0x78/0x90
[ 3436.315538][T28482] do_syscall_64+0x41/0xc0
[ 3436.319948][T28482] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3436.325867][T28482] RIP: 0033:0x7fbf4da9f169
[ 3436.330313][T28482] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3436.350066][T28482] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3436.358555][T28482] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3436.366573][T28482] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
19:07:23 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x175a, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:23 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgeW0Ue76ytL0XytL00nUam/+mdTLXVtZmi6KFn+3L8+MphHpp0nLP2xYuHDxzFS1Ons+z48vnn1vfOHCxWfmzk6dnj09e27yxInjxyaef27y2a7EmcV1bfjD+cOHXn378uvTJy+/89M3SR53tMTRLSMx0i70use7XVmP7W9KJ309bAhbUomIrLv66+N/MCqx1nmD8conPW0csKtqtVptT+fTyzXgFpZEr1sA9EbxRZ/d/xbHDZp63BSuvti4Acrivp4fjTN9cTwv099yf9tNIxFxcvnvL7MjdmkdAgCg2XfZ/OfpdvO/NO5tKndnvocyFBF3RcSBiLg7Ig5GxD0R9bL3RcT9W6x/pCW/fv6TXtlWYJuUzf9eyPe2/j3/S4siQ5U8t78ef39yaq46ezR/T0ajf0+Wn9igju9f/vXzTuea53/ZkdVfzAXzdlzpa1mgm5lanNpJzM2ufhwx3Ncu/mR1JyCJiEMRMbzNOuae/Ppwp3P/Hf8GurDPVPsq4olG/y9HS/yFZOP9yfHbojp7dLy4Ktb7+ZdLb3Sqf0fxd0HW/3vbXv+r8Q8lzfu1C1uv49Lvn3W8p9nu9T+QvFVPD+SvfTC1uHh+ImIgeW3965Nrf1vki/JZ/KNH2o//A7H2TjwQEdlF/GBEPBQRD+dtfyQiHo2IIxvE/+NLj727/fh3Vxb/zJb6f+uJypkfvu1U/+b6v3EnPpq/spnPv802cCfvHQAAAPxfpPVn4JN0bDWdpmNjjWf4D8betDq/sPjUqfn3z800npUfiv60WOkabFoPncjXhov8ZEv+WL5u/EXl9np+bHq+OtPr4KHk9nUY/5k/Kr1uHbDr/F4Lysv4h/Iy/qG8jH8oL+Mfyqvd+P+oB+0Abjzf/1Bexj+Ul/EP5WX8Qynt5Hf9EmVORHpTNENilxK9/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojn8CAAD//yjJ5wk=")
[ 3436.374646][T28482] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3436.382611][T28482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3436.390571][T28482] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3436.398576][T28482]
19:07:23 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdDAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlC7N/LV+YTaJef/PPpFHu2vKF2aJo8bzdeWY8jUg/Tdr+YdPiufOnZmq1+bN5fnLp9HuTi+fOP3Py9MyJ+RPzZ6aPHj1yeOr556af7UmcWVzXxj5cOLD/1bcvvz577PI7P32T5HFHWxy9Uo1qp9AbHu91ZQO2pyWdDA2wIWxKJSKy7hpujP+RqMRq543EK58MtHFAX9Xr9frO7qcv1oH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDh28e8vsyP6tA4BANDqu2z+83Sn+V8a97aUuzPfQxmNiLsiYm9E3B0R+yLinohG2fsi4v5N1l9ty6+d/6RXthTYBmXzvxfyva1/z/+K2V+MVvLcnkb8w8nxk7X5Q/lrMh7DO7P81Dp1fP/yr593O9c6/8uOrP5iLpi348pQ2wLd3MzSzHZibnX144ixoU7xJys7AUlE7I+IsS3WcfLJrw90Ozd2w/jX0YN9pvpXEU80+/9itMVfSNbfn5y8LWrzhyaLq2Ktn3+59Ea3+m/c//2V9f+ujtf/SvyjSet+7eLm67j0+2dd72m2ev3vSN5qpHfkj30ws7R0dipiR/La2senV59b5IvyWfzjBzuP/72x+ko8EBHZRfxgRDwUEQ/nbX8kIh6NiIPrxP/jS4+9u/X4+yuLf25T/b/5ROXUD992q39j/X+kkRrPH9nI+99GG7id1w4AAAD+K9LGd+CTdGIlnaYTE83v8O+LXWltYXHpqeML75+Za35XfjSG02Kla6RlPXQqXxsu8tNt+cP5uvEXldsb+YnZhdrcoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//99LeZv")
[ 3436.432194][T28488] loop1: detected capacity change from 0 to 512
[ 3436.438880][T28488] EXT4-fs: Ignoring removed nobh option
[ 3436.444964][T28488] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.451412][T28488] EXT4-fs: Ignoring removed nobh option
[ 3436.476778][T28488] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3436.495318][T28488] EXT4-fs (loop1): 1 truncate cleaned up
[ 3436.497787][T28501] loop3: detected capacity change from 0 to 512
[ 3436.507806][T28501] EXT4-fs: Ignoring removed nobh option
[ 3436.513434][T28501] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.519924][T28501] EXT4-fs: Ignoring removed nobh option
19:07:24 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgStpo9yNlaXpP1eWppOo1d78I6mXu76yNF0ULf5uX54ZTSPST5OWf9iwcOHimalqdfZ8nh9fPPve+MKFi8/MnZ06PXt69tzkiRPHj008/9zks12JM4vr+vCH84cPvfr25denT15+58dvkjzuaImjW0ZipF3odY93u7Ie29+UTvp62BC2pBIRWXf118f/YFRirfMG45VPeto4YFfVarXans6nl2vA/1gSvW4B0BvFF312/1scN2nqcUu49mLjBiiL+0Z+NM70xfG8TH/L/W03jUTEyeW/vsyO2KV1CACAZley+c/T7eZ/adzbVO7OfA9lKCLuiogDEXF3RByMiHsi6mXvi4j7t1j/SEt+/fwnvbqtwDYpm/+9kO9t/XP+lxZFhip5bn89/v7k1Fx19mj+noxG/54sP7FBHd+9/Mvnnc41z/+yI6u/mAvm7bja17JANzO1OLWTmJtd+zhiuK9d/MnqTkASEYciYnibdcw9+fXhTuf+Pf4NdGGfqfZVxBON/l+OlvgLycb7k+O3RXX26HhxVaz308+X3uhU/47i74Ks//e2vf5X4x9KmvdrF7Zex6XfPut4T7Pd638geaueHshf+2BqcfH8RMRA8tr61yfX/rbIF+Wz+EePtB//B2LtnXggIrKL+MGIeCgiHs7b/khEPBoRRzaI/4eXHnt3+/Hvriz+mS31/9YTlTPff9up/s31f+NOfDR/ZTOff5tt4E7eOwAAAPivSOvPwCfp2Go6TcfGGs/wH4y9aXV+YfGpU/Pvn5tpPCs/FP1psdI12LQeOpGvDRf5yZb8sXzd+IvK7fX82PR8dabXwUPJ7esw/jO/V3rdOmDX+b0WlJfxD+Vl/EN5Gf9QXsY/lFe78f9RD9oB3Hy+/6G8jH8oL+Mfysv4h1Laye/6JcqciPSWaIbELiV6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHX8HAAD//y6650k=")
[ 3436.531913][T28501] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3436.554591][T28501] EXT4-fs (loop3): 1 truncate cleaned up
[ 3436.561003][T28505] loop1: detected capacity change from 0 to 512
[ 3436.567515][T28505] EXT4-fs: Ignoring removed nobh option
[ 3436.573173][T28505] EXT4-fs: Ignoring removed mblk_io_submit option
19:07:24 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdu6BG8a/jh7sM9W/inii2f9L0RZ/IVl/f3LitqjNHZ4oroq1fv7l0hvd6r9x//dX1v+7Ol7/K/GPJq37tQubr+PS7591vafZ6vW/I3mrkd6RP/bB9OLiucmIHclrax+fWn1ukS/KZ/GPHeo8/vfG6iuRXafZRfxgRDwUEQ/nbX8kIh6NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//9c6eZw")
[ 3436.579624][T28505] EXT4-fs: Ignoring removed nobh option
[ 3436.587244][T28505] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3436.602589][T28505] EXT4-fs (loop1): 1 truncate cleaned up
[ 3436.626058][T28508] loop3: detected capacity change from 0 to 512
19:07:24 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000aa000/0xe000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f00000ae000/0x2000)=nil, 0x2000, 0x2, 0x8010, r0, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) (async)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) (async)
syz_io_uring_setup(0x73c9, &(0x7f00000002c0)={0x0, 0xe2c2, 0x0, 0x2, 0x377, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b3000/0x1000)=nil, &(0x7f0000000340), &(0x7f0000000380)=0x0)
syz_io_uring_submit(r3, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)='./file1\x00', 0x100, 0x10000, 0x23456}, 0x69c) (async)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r4}}, 0x6) (async)
syz_io_uring_submit(r3, r1, &(0x7f0000000280)=@IORING_OP_MKDIRAT={0x25, 0x5, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x42, 0x0, 0x1, {0x0, r4}}, 0x9) (async)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3436.632597][T28508] EXT4-fs: Ignoring removed nobh option
[ 3436.638237][T28508] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.644719][T28508] EXT4-fs: Ignoring removed nobh option
[ 3436.657908][T28508] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3436.676427][T28508] EXT4-fs (loop3): 1 truncate cleaned up
19:07:24 executing program 2:
syz_io_uring_setup(0x1005ad, &(0x7f0000000100)={0x0, 0x0, 0x200, 0x0, 0x4000000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f00000002c0), &(0x7f00000000c0)) (async)
r0 = syz_io_uring_setup(0x1005ad, &(0x7f0000000100)={0x0, 0x0, 0x200, 0x0, 0x4000000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f00000002c0), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0dfdff0099003b92000031010000510000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:24 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdDgUBBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJceyQh1OX7u8nrTLjHWfm8+zYszN2AKU1EhGDEXFHRPyWp5PWApXGn+srS9N/rSxNJ1GrvflnUi93bWVpuihaPG9fnhlNI9JPk5Z/2LBw4eKZqWp19nyeH188+974woWLz8ydnTo9e3r23OSJE8ePTTz/3OSzXYkzi+va8Ifzhw+9+vbl16dPXn7np2+SPO5oiaNbRmKkXeh1j3e7sh7b35RO+nrYELakEhFZd/XXx/9gVGKt8wbjlU962jhgV9VqtdqezqeXa8AtLIletwDojeKDPrv/LY4bNPW4KVx9sXEDlMV9PT8aZ/rieF6mv+X+tptGIuLk8t9fZkfs0joEAECz77L5z9Pt5n9p3NtU7s58D2UoIu6KiAMRcXdEHIyIeyLqZe+LiPu3WP9IS379/Ce9sq3ANimb/72Q7239e/6XFkWGKnlufz3+/uTUXHX2aP6ajEb/niw/sUEd37/86+edzjXP/7Ijq7+YC+btuNLXskA3M7U4tZOYm139OGK4r138yepOQBIRhyJieJt1zD359eFO5/47/g10YZ+p9lXEE43+X46W+AvJxvuT47dFdfboeHFVrPfzL5fe6FT/juLvgqz/97a9/lfjH0qa92sXtl7Hpd8/63hPs93rfyB5q54eyB/7YGpx8fxExEDy2vrHJ9eeW+SL8ln8o0faj/8DsfZKPBAR2UX8YEQ8FBEP521/JCIejYgjG8T/40uPvbv9+HdXFv/Mlvp/64nKmR++7VT/5vq/cSc+mj+ymfe/zTZwJ68dAAAA/F+k9e/AJ+nYajpNx8Ya3+E/GHvT6vzC4lOn5t8/N9P4rvxQ9KfFStdg03roRL42XOQnW/LH8nXjLyq31/Nj0/PVmV4HDyW3r8P4z/xR6XXrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXu3G/0c9aAdw4/n8h/Iy/qG8jH8oL+MfSmknv+uXKHMi0puiGRK7lOj1OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/BMAAP//GP7mig==")
19:07:24 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000aa000/0xe000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f00000ae000/0x2000)=nil, 0x2000, 0x2, 0x8010, r0, 0x0) (async)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) (async)
syz_io_uring_setup(0x73c9, &(0x7f00000002c0)={0x0, 0xe2c2, 0x0, 0x2, 0x377, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b3000/0x1000)=nil, &(0x7f0000000340), &(0x7f0000000380)=0x0)
syz_io_uring_submit(r3, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)='./file1\x00', 0x100, 0x10000, 0x23456}, 0x69c)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4000, @fd_index=0xa, 0x5, 0x7f, 0x4096, 0x0, 0x0, {0x3, r4}}, 0x6)
syz_io_uring_submit(r3, r1, &(0x7f0000000280)=@IORING_OP_MKDIRAT={0x25, 0x5, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x42, 0x0, 0x1, {0x0, r4}}, 0x9)
mq_timedreceive(r2, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:24 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdu6hG8a/jh7sM9W/inii2f9L0RZ/IVl/f3LitqjNHZ4oroq1fv7l0hvd6r9x//dX1v+7Ol7/K/GPJq37tQubr+PS7591vafZ6vW/I3mrkd6RP/bB9OLiucmIHclrax+fWn1ukS/KZ/GPHeo8/vfG6ivxQERkF/GD+TX7cN72RyLi0Yg4tE78P7702Ltbj7+/svhnN9X/m09UTv/wbbf6N9b/RxupsfyRjbz/bbSB23ntAAAA4L8ibXwHPknHV9JpOj7e/A7/vtiV1uYXFp86Mf/+2dnmd+VHYzgtVrpGWtZDJ/O14SI/1ZY/kq8bf1G5vZEfn5mvzQ46eCi53V3Gf+aPyqBbB/Sd32tBeRn/UF7GP5SX8Q/lZfxDeXUa/x8NoB3AzefzH8rL+IfyMv6hvIx/KKXt/K5fosyJSG+JZkj0KTHodyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDe+CcAAP///A7mcw==")
[ 3436.727063][T28517] loop1: detected capacity change from 0 to 512
[ 3436.734533][T28517] EXT4-fs: Ignoring removed nobh option
[ 3436.740186][T28517] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.746639][T28517] EXT4-fs: Ignoring removed nobh option
[ 3436.756545][T28517] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:24 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs9XGuWuryxN/7myNJ1ErfbGH0m93LWVpemiaPF3+/LMaBqRfpK0/MOGhQsXz0xVq7Pn8/z44tl3xxcuXHxq7uzU6dnTs+cmT5w4fmzi2Wcmn+5KnFlc14Y/mD986JW3Lr82ffLy2z9+neRxR0sc3TISI+1Cr3u025X12P6mdNLXw4awJZWIyLqrvz7+B6MSa503GC9/3NPGAbuqVqvV9nQ+vVwD/seS6HULgN4ovuiz+9/iuEFTj5vC1RcaN0BZ3Nfzo3GmL47nZfpb7m+7aSQiTi7/9UV2xC6tQwAANPs2m/882W7+l8bdTeVuz/dQhiLijog4EBF3RsTBiLgrol72noi4d4v1j7Tk189/0ivbCmyTsvnfc/ne1j/nf2lRZKiS5/bX4+9PTs1VZ4/m78lo9O/J8hMb1PHdS7981ulc8/wvO7L6i7lg3o4rfS0LdDNTi1M7ibnZ1Y8ihvvaxZ+s7gQkEXEoIoa3Wcfc418d7nTu3+PfQBf2mWpfRjzW6P/laIm/kGy8Pzl+S1Rnj44XV8V6P/186fVO9e8o/i7I+n9v2+t/Nf6hpHm/dmHrdVz67dOO9zTbvf4Hkjfr6YH8tfenFhfPT0QMJK+uf31y7W+LfFE+i3/0SPvxfyDW3on7IiK7iO+PiAci4sG87Q9FxMMRcWSD+H948ZF3th//7srin9lS/289UTnz/Ted6t9c/zfuxEfzVzbz+bfZBu7kvQMAAID/irT+DHySjq2m03RsrPEM/8HYm1bnFxafODX/3rmZxrPyQ9GfFitdg03roRP52nCRn2zJH8vXjT+v3FrPj03PV2d6HTyU3L4O4z/ze6XXrQN2nd9rQXkZ/1Bexj+Ul/EP5WX8Q3m1G/8f9qAdwI3n+x/Ky/iH8jL+obyMfyilnfyuX6LMiUhvimZI7FKi159MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fF3AAAA//8e7+bK")
[ 3436.764124][T28527] loop3: detected capacity change from 0 to 512
[ 3436.774431][T28517] EXT4-fs (loop1): 1 truncate cleaned up
[ 3436.778008][T28527] EXT4-fs: Ignoring removed nobh option
[ 3436.788961][T28527] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.795376][T28527] EXT4-fs: Ignoring removed nobh option
[ 3436.803885][T28527] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3436.818580][T28527] EXT4-fs (loop3): 1 truncate cleaned up
[ 3436.858378][T28530] loop1: detected capacity change from 0 to 512
[ 3436.865793][T28530] EXT4-fs: Ignoring removed nobh option
[ 3436.871523][T28530] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3436.877941][T28530] EXT4-fs: Ignoring removed nobh option
[ 3436.892352][T28530] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3436.906910][T28530] EXT4-fs (loop1): 1 truncate cleaned up
19:07:24 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 33)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3437.014817][T28534] FAULT_INJECTION: forcing a failure.
[ 3437.014817][T28534] name failslab, interval 1, probability 0, space 0, times 0
[ 3437.027638][T28534] CPU: 0 PID: 28534 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3437.038337][T28534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3437.048437][T28534] Call Trace:
[ 3437.051701][T28534]
[ 3437.054641][T28534] dump_stack_lvl+0xda/0x130
[ 3437.059262][T28534] dump_stack+0x15/0x20
[ 3437.063422][T28534] should_fail_ex+0x21f/0x230
[ 3437.068134][T28534] __should_failslab+0x92/0xa0
[ 3437.072894][T28534] should_failslab+0x9/0x20
[ 3437.077453][T28534] slab_pre_alloc_hook+0x38/0x180
[ 3437.082472][T28534] __kmem_cache_alloc_node+0x46/0x250
[ 3437.087906][T28534] ? io_drain_req+0x1e1/0x4f0
[ 3437.092590][T28534] kmalloc_trace+0x2a/0xa0
[ 3437.096999][T28534] io_drain_req+0x1e1/0x4f0
[ 3437.101500][T28534] io_queue_sqe_fallback+0xd1/0xe0
[ 3437.106674][T28534] io_submit_sqes+0xbf8/0xfe0
[ 3437.111400][T28534] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3437.116935][T28534] ? __fget_files+0x1c4/0x200
[ 3437.121609][T28534] ? mutex_lock+0xd/0x30
[ 3437.125846][T28534] ? fput+0x112/0x140
[ 3437.129823][T28534] ? ksys_write+0x178/0x1a0
[ 3437.134326][T28534] __x64_sys_io_uring_enter+0x78/0x90
[ 3437.139775][T28534] do_syscall_64+0x41/0xc0
[ 3437.144184][T28534] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3437.150092][T28534] RIP: 0033:0x7fbf4da9f169
[ 3437.154505][T28534] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3437.174168][T28534] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3437.182644][T28534] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3437.190705][T28534] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3437.198900][T28534] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3437.207761][T28534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
19:07:24 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x175a, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:24 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdu7hG8a/jh7sM9W/inii2f9L0RZ/IVl/f3LitqjNHZ4oroq1fv7l0hvd6r9x//dX1v+7Ol7/K/GPJq37tQubr+PS7591vafZ6vW/I3mrkd6RP/bB9OLiucmIHclrax+fWn1ukS/KZ/GPHeo8/vfG6ivxQERkF/GDEfFQft1mbX8kIh6NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA///byuZ0")
19:07:24 executing program 2:
r0 = syz_io_uring_setup(0x1005ad, &(0x7f0000000100)={0x0, 0x0, 0x200, 0x0, 0x4000000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f00000002c0), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0dfdff0099003b92000031010000510000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:24 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgeVKo9z1laXpv1aWppOo1d78M6mXu7ayNF0ULf5uX54ZTSPST5OWf9iwcOHimalqdfZ8nh9fPPve+MKFi8/MnZ06PXt69tzkiRPHj008/9zks12JM4vr2vCH84cPvfr25denT15+56dvkjzuaImjW0ZipF3odY93u7Ie29+UTvp62BC2pBIRWXf118f/YFRirfMG45VPeto4YFfVarXans6nl2vALSyJXrcA6I3iiz67/y2OGzT1uClcfbFxA5TFfT0/Gmf64nhepr/l/rabRiLi5PLfX2ZH7NI6BABAs++y+c/T7eZ/adzbVO7OfA9lKCLuiogDEXF3RByMiHsi6mXvi4j7t1j/SEt+/fwnvbKtwDYpm/+9kO9t/Xv+lxZFhip5bn89/v7k1Fx19mj+noxG/54sP7FBHd+//Ovnnc41z/+yI6u/mAvm7bjS17JANzO1OLWTmJtd/ThiuK9d/MnqTkASEYciYnibdcw9+fXhTuf+O/4NdGGfqfZVxBON/l+OlvgLycb7k+O3RXX26HhxVaz38y+X3uhU/47i74Ks//e2vf5X4x9KmvdrF7Zex6XfP+t4T7Pd638geaueHshf+2BqcfH8RMRA8tr61yfX/rbIF+Wz+EePtB//B2LtnXggIrKL+MGIeCgiHs7b/khEPBoRRzaI/8eXHnt3+/Hvriz+mS31/9YTlTM/fNup/s31f+NOfDR/ZTOff5tt4E7eOwAAAPi/SOvPwCfp2Go6TcfGGs/wH4y9aXV+YfGpU/Pvn5tpPCs/FP1psdI12LQeOpGvDRf5yZb8sXzd+IvK7fX82PR8dabXwUPJ7esw/jN/VHrdOmDX+b0WlJfxD+Vl/EN5Gf9QXsY/lFe78f9RD9oB3Hi+/6G8jH8oL+Mfysv4h1Laye/6JcqciPSmaIbELiV6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHf8EAAD//yTg5wo=")
[ 3437.215764][T28534] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3437.223746][T28534]
[ 3437.295198][T28547] loop1: detected capacity change from 0 to 512
[ 3437.303193][T28547] EXT4-fs: Ignoring removed nobh option
[ 3437.307718][T28548] loop3: detected capacity change from 0 to 512
[ 3437.308965][T28547] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3437.308981][T28547] EXT4-fs: Ignoring removed nobh option
[ 3437.316956][T28548] EXT4-fs: Ignoring removed nobh option
19:07:24 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f60000000000000000000020000000025448156bfd5b25ec377801b344b22c9738d232cb7d3038c0f876af89ac084fc7871dfca8c6a7fc06f3e2469aa12e16a826c94c0a5546d925a37a55fe849a53e3c0638fd9769d1d636e85c2f315a2a58c630215cbc199b92a459670cdeddaab063be9377e80b8db97b7b320194f645f8a6d6e2f5063dac48c2da109390deaf3cfb41509b6", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3437.330976][T28547] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3437.332928][T28548] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3437.348177][T28547] EXT4-fs (loop1): 1 truncate cleaned up
[ 3437.353391][T28548] EXT4-fs: Ignoring removed nobh option
[ 3437.373200][T28548] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:24 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgSuVRrkbK0vTf64sTSdRq735R1Ivd31labooWvzdvjwzmkaknyYt/7Bh4cLFM1PV6uz5PD++ePa98YULF5+ZOzt1evb07LnJEyeOH5t4/rnJZ7sSZxbX9eEP5w8fevXty69Pn7z8zo/fJHnc0RJHt4zESLvQ6x7vdmU9tr8pnfT1sCFsSSUisu7qr4//wajEWucNxiuf9LRxwK6q1Wq1PZ1PL9eA/7Eket0CoDeKL/rs/rc4btLU45Zw7cXGDVAW9438aJzpi+N5mf6W+9tuGomIk8t/fZkdsUvrEAAAza5k85+n283/0ri3qdyd+R7KUETcFREHIuLuiDgYEfdE1MveFxH3b7H+kZb8+vlPenVbgW1SNv97Id/b+uf8Ly2KDFXy3P56/P3Jqbnq7NH8PRmN/j1ZfmKDOr57+ZfPO51rnv9lR1Z/MRfM23G1r2WBbmZqcWonMTe79nHEcF+7+JPVnYAkIg5FxPA265h78uvDnc79e/wb6MI+U+2riCca/b8cLfEXko33J8dvi+rs0fHiqljvp58vvdGp/h3F3wVZ/+9te/2vxj+UNO/XLmy9jku/fdbxnma71/9A8lY9PZC/9sHU4uL5iYiB5LX1r0+u/W2RL8pn8Y8eaT/+D8TaO/FARGQX8YMR8VBEPJy3/ZGIeDQijmwQ/w8vPfbu9uPfXVn8M1vq/60nKme+/7ZT/Zvr/8ad+Gj+ymY+/zbbwJ28dwAAAPBfkdafgU/SsdV0mo6NNZ7hPxh70+r8wuJTp+bfPzfTeFZ+KPrTYqVrsGk9dCJfGy7yky35Y/m68ReV2+v5sen56kyvg4eS29dh/Gd+r/S6dcCu83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPl8/0N5Gf9QXsY/lJfxD6W0k9/1S5Q5Eekt0QyJXUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4OAAD//yrR50o=")
[ 3437.392180][T28548] EXT4-fs (loop3): 1 truncate cleaned up
[ 3437.432325][T28576] loop1: detected capacity change from 0 to 512
[ 3437.441298][T28576] EXT4-fs: Ignoring removed nobh option
[ 3437.446880][T28576] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3437.453370][T28576] EXT4-fs: Ignoring removed nobh option
[ 3437.464083][T28576] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:24 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdu6RG8a/jh7sM9W/inii2f9L0RZ/IVl/f3LitqjNHZ4oroq1fv7l0hvd6r9x//dX1v+7Ol7/K/GPJq37tQubr+PS7591vafZ6vW/I3mrkd6RP/bB9OLiucmIHclrax+fWn1ukS/KZ/GPHeo8/vfG6ivxQERkF/GDEfFQRDyctz27fh+NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//+bQuZ2")
[ 3437.484483][T28576] EXT4-fs (loop1): 1 truncate cleaned up
[ 3437.506070][T28582] loop3: detected capacity change from 0 to 512
[ 3437.512657][T28582] EXT4-fs: Ignoring removed nobh option
[ 3437.518292][T28582] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3437.524767][T28582] EXT4-fs: Ignoring removed nobh option
19:07:25 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwx5b+dt3vvuzHf3zbzdAEprJCIGI+KOiPgtLyetDfoaf66vLE3/tbI0nUSt9uafSb3dtZWl6aJp8bx9eWU0jUg/TVr+YcPChYtnpqrV2fN5fXzx7HvjCxcuPjN3dur07OnZc5MnThw/NvH8c5PPdiXOLK5rwx/OHz706tuXX58+efmdn75J8rijJY5uGYmRdqHXPd7tznpsf1M56evhQNiSSiO9o7+e/4NRibWDNxivfNLTwQG7qlar1fZ03r1cA25hSfR6BEBvFB/02fVvsd2gqcdN4eqLjQugLO7r+dbY0xfH8zb9Lde33TQSESeX//4y22KX7kMAADT7Lpv/PN1u/pfGvU3t7szXUIYi4q6IOBARd0fEwYi4J6Le9r6IuH+L/Y+01NfPf9Ir2wpsk7L53wv52ta/539p0WSoktf21+PvT07NVWeP5q/JaPTvyeoTG/Tx/cu/ft5pX/P8L9uy/ou5YD6OK30tN+hmphandhJzs6sfRwz3tYs/WV0JSCLiUEQMb7OPuSe/Ptxp33/Hv4EurDPVvop4onH8l6Ml/kKy8frk+G1RnT06XpwV6/38y6U3OvW/o/i7IDv+e9ue/6vxDyXN67ULW+/j0u+fdbym2e75P5C8VS8P5I99MLW4eH4iYiB5bf3jk2vPLepF+yz+0SPt8/9ArL0SD0REdhI/GBEPRcTD+dgfiYhHI+LIBvH/+NJj724//t2VxT+zpeO/9ULlzA/fdup/c8e/cSU+mj+ymfe/zQ5wJ68dAAAA/F+k9e/AJ+nYajlNx8Ya3+E/GHvT6vzC4lOn5t8/N9P4rvxQ9KfFna7BpvuhE/m94aI+2VI/lt83/qJye70+Nj1fnel18FBy+zrkf+aPSq9HB+w6v9eC8pL/UF7yH8pL/kN5yX8or3b5/1EPxgHceD7/obzkP5SX/Ifykv9QSjv5Xb9CmQuR3hTDUNilQq/fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrjnwAAAP//FRXmiw==")
19:07:25 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0xee01}}, './file0\x00'})
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x4400, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r4, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3437.534139][T28582] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3437.550774][T28582] EXT4-fs (loop3): 1 truncate cleaned up
[ 3437.584064][T28586] loop1: detected capacity change from 0 to 512
[ 3437.591433][T28586] EXT4-fs: Ignoring removed nobh option
[ 3437.597063][T28586] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3437.603597][T28586] EXT4-fs: Ignoring removed nobh option
[ 3437.618201][T28586] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:25 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGFhHxkTRpgR64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eLTp89On5o7NXdu6vjxY0cnn3t26pmexJnFdf3AB/MH97/y1pXXZk5cefvHr5M87miLo1eqUe0UesNjva5swPa0pJOhATaETalERNZdw43xPxKVWO28kXj544E2Duirer1e39n99FId+A9LYtAtAAaj+KDP7n+L4xZNPW4L115o3gBlcd/Ij+aZoUjzMsNt97e9VI2IE0t/fZEd0ad1CACAVt9m85+nOs3/0ri3pdyd+R7KaETcFRF7I+LuiNgXEfdENMreFxH3b7L+alt+7fwnvbqlwDYom/89n+9t/XP+V8z+YrSS5/Y04h9OTp6uzR3JX5OxGN6Z5SfXqeO7l375rNu51vlfdmT1F3PBvB1Xh9oW6GanF6e3E3Orax9FHBjqFH+yshOQRMT+iDiwxTpOP/HVwW7nDt80/nX0YJ+p/mXE483+X4q2+AvJ+vuTE/+L2tyRieKqWOunny+/3q3+m/d/f2X9v6vj9b8S/2jSul+7sPk6Lv/2add7mq1e/zuSNxvpHflj708vLp6fjNiRvLr28anV5xb5onwW/9ihzuN/b6y+Eg9ERHYRPxgRD0XEw3nbH4mIRyPi0Drx//Di4Xe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzVSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+fbErrc0vLD55cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/NF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//zp25nk=")
[ 3437.634023][T28586] EXT4-fs (loop1): 1 truncate cleaned up
[ 3437.650826][T28599] loop3: detected capacity change from 0 to 512
[ 3437.657479][T28599] EXT4-fs: Ignoring removed nobh option
[ 3437.663074][T28599] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3437.669510][T28599] EXT4-fs: Ignoring removed nobh option
19:07:25 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs/3NcpdX1ma/nNlaTqJWu2NP5J6uWsrS9NF0eLv9uWZ0TQi/SRp+YcNCxcunpmqVmfP5/nxxbPvji9cuPjU3Nmp07OnZ89Nnjhx/NjEs89MPt2VOLO4rg1/MH/40CtvXX5t+uTlt3/8OsnjjpY4umUkRtqFXvdotyvrsf1N6aSvhw1hSyoRkXVXf338D0Yl1jpvMF7+uKeNA3ZVrVar7el8erkG/I8l0esWAL1RfNFn97/FcYOmHjeFqy80boCyuK/nR+NMXxzPy/S33N9200hEnFz+64vsiF1ahwAAaPZtNv95st38L427m8rdnu+hDEXEHRFxICLujIiDEXFXRL3sPRFx7xbrH2nJr5//pFe2FdgmZfO/5/K9rX/O/9KiyFAlz+2vx9+fnJqrzh7N35PR6N+T5Sc2qOO7l375rNO55vlfdmT1F3PBvB1X+loW6GamFqd2EnOzqx9FDPe1iz9Z3QlIIuJQRAxvs465x7863Oncv8e/gS7sM9W+jHis0f/L0RJ/Idl4f3L8lqjOHh0vror1fvr50uud6t9R/F2Q9f/ettf/avxDSfN+7cLW67j026cd72m2e/0PJG/W0wP5a+9PLS6en4gYSF5d//rk2t8W+aJ8Fv/okfbj/0CsvRP3RUR2Ed8fEQ9ExIN52x+KiIcj4sgG8f/w4iPvbD/+3ZXFP7Ol/t96onLm+2861b+5/m/ciY/mr2zm82+zDdzJewcAAAD/FWn9GfgkHVtNp+nYWOMZ/oOxN63OLyw+cWr+vXMzjWflh6I/LVa6BpvWQyfyteEiP9mSP5avG39eubWeH5uer870OngouX0dxn/m90qvWwfsOr/XgvIy/qG8jH8oL+Mfysv4h/JqN/4/7EE7gBvP9z+Ul/EP5WX8Q3kZ/1BKO/ldv0SZE5HeFM2Q2KVErz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuuPvAAAA//8bBubL")
[ 3437.677369][T28599] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3437.691811][T28599] EXT4-fs (loop3): 1 truncate cleaned up
[ 3437.719739][T28602] loop1: detected capacity change from 0 to 512
[ 3437.726350][T28602] EXT4-fs: Ignoring removed nobh option
[ 3437.731954][T28602] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3437.738414][T28602] EXT4-fs: Ignoring removed nobh option
[ 3437.745853][T28602] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3437.761143][T28602] EXT4-fs (loop1): 1 truncate cleaned up
19:07:25 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 34)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3437.865966][T28605] FAULT_INJECTION: forcing a failure.
[ 3437.865966][T28605] name failslab, interval 1, probability 0, space 0, times 0
[ 3437.878669][T28605] CPU: 1 PID: 28605 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3437.889208][T28605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3437.899262][T28605] Call Trace:
[ 3437.902529][T28605]
[ 3437.905445][T28605] dump_stack_lvl+0xda/0x130
[ 3437.910041][T28605] dump_stack+0x15/0x20
[ 3437.914961][T28605] should_fail_ex+0x21f/0x230
[ 3437.919694][T28605] __should_failslab+0x92/0xa0
[ 3437.924446][T28605] should_failslab+0x9/0x20
[ 3437.928940][T28605] slab_pre_alloc_hook+0x38/0x180
[ 3437.933980][T28605] __kmem_cache_alloc_node+0x46/0x250
[ 3437.939341][T28605] ? io_drain_req+0x1e1/0x4f0
[ 3437.944011][T28605] kmalloc_trace+0x2a/0xa0
[ 3437.948460][T28605] io_drain_req+0x1e1/0x4f0
[ 3437.958247][T28605] io_queue_sqe_fallback+0xd1/0xe0
[ 3437.963390][T28605] io_submit_sqes+0xbf8/0xfe0
[ 3437.968060][T28605] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3437.973692][T28605] ? __fget_files+0x1c4/0x200
[ 3437.978370][T28605] ? mutex_lock+0xd/0x30
[ 3437.982621][T28605] ? fput+0x112/0x140
[ 3437.986585][T28605] ? ksys_write+0x178/0x1a0
[ 3437.991151][T28605] __x64_sys_io_uring_enter+0x78/0x90
[ 3437.996551][T28605] do_syscall_64+0x41/0xc0
[ 3438.000954][T28605] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3438.006877][T28605] RIP: 0033:0x7fbf4da9f169
[ 3438.011287][T28605] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3438.030977][T28605] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3438.039476][T28605] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3438.047478][T28605] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3438.055456][T28605] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3438.063501][T28605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3438.071460][T28605] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3438.079430][T28605]
19:07:25 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x175a, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_uring_enter(r0, 0x175a, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:25 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGUhHxkTRpgR64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eLTp89On5o7NXdu6vjxY0cnn3t26pmexJnFdf3AB/MH97/y1pXXZk5cefvHr5M87miLo1eqUe0UesPhXlc2YHta0snQABvCplQiIuuu4cb4H4lKrHbeSLz88UAbB/RVvV6v7+x+eqkO/IclMegWAINRfNBn97/FcYumHreFay80b4CyuG/kR/PMUKR5meG2+9teqkbEiaW/vsiO6NM6BABAq2+z+c9TneZ/adzbUu7OfA9lNCLuioi9EXF3ROyLiHsiGmXvi4j7N1l/tS2/dv6TXt1SYBuUzf+ez/e2/jn/K2Z/MVrJc3sa8Q8nJ0/X5o7kr8lYDO/M8pPr1PHdS7981u1c6/wvO7L6i7lg3o6rQ20LdLPTi9PbibnVtY8iDgx1ij9Z2QlIImJ/RBzYYh2nn/jqYLdzh28a/zp6sM9U/zLi8Wb/L0Vb/IVk/f3Jif9Fbe7IRHFVrPXTz5df71b/zfu/v7L+39Xx+l+JfzRp3a9d2Hwdl3/7tOs9zVav/x3Jm430jvyx96cXF89PRuxIXl37+NTqc4t8UT6Lf+xQ5/G/N1ZfiQciIruIH4yIhyLi4bztj0TEoxFxaJ34f3jxsXe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzVSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+fbErrc0vLD55cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/NF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//xoy5no=")
19:07:25 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgeW+RrnrK0vTf60sTSdRq735Z1Ivd21labooWvzdvjwzmkaknyYt/7Bh4cLFM1PV6uz5PD++ePa98YULF5+ZOzt1evb07LnJEyeOH5t4/rnJZ7sSZxbXteEP5w8fevXty69Pn7z8zk/fJHnc0RJHt4zESLvQ6x7vdmU9tr8pnfT1sCFsSSUisu7qr4//wajEWucNxiuf9LRxwK6q1Wq1PZ1PL9eAW1gSvW4B0BvFF312/1scN2jqcVO4+mLjBiiL+3p+NM70xfG8TH/L/W03jUTEyeW/v8yO2KV1CACAZt9l85+n283/0ri3qdyd+R7KUETcFREHIuLuiDgYEfdE1MveFxH3b7H+kZb8+vlPemVbgW1SNv97Id/b+vf8Ly2KDFXy3P56/P3Jqbnq7NH8PRmN/j1ZfmKDOr5/+dfPO51rnv9lR1Z/MRfM23Glr2WBbmZqcWonMTe7+nHEcF+7+JPVnYAkIg5FxPA265h78uvDnc79d/wb6MI+U+2riCca/b8cLfEXko33J8dvi+rs0fHiqljv518uvdGp/h3F3wVZ/+9te/2vxj+UNO/XLmy9jku/f9bxnma71/9A8lY9PZC/9sHU4uL5iYiB5LX1r0+u/W2RL8pn8Y8eaT/+D8TaO/FARGQX8YMR8VBEPJy3/ZGIeDQijmwQ/48vPfbu9uPfXVn8M1vq/60nKmd++LZT/Zvr/8ad+Gj+ymY+/zbbwJ28dwAAAPB/kdafgU/SsdV0mo6NNZ7hPxh70+r8wuJTp+bfPzfTeFZ+KPrTYqVrsGk9dCJfGy7yky35Y/m68ReV2+v5sen56kyvg4eS29dh/Gf+qPS6dcCu83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPF8/0N5Gf9QXsY/lJfxD6W0k9/1S5Q5EelN0QyJXUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//yD35ws=")
[ 3438.175941][T28621] loop1: detected capacity change from 0 to 512
[ 3438.182869][T28621] EXT4-fs: Ignoring removed nobh option
[ 3438.185132][T28618] loop3: detected capacity change from 0 to 512
[ 3438.188515][T28621] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3438.188532][T28621] EXT4-fs: Ignoring removed nobh option
[ 3438.203122][T28618] EXT4-fs: Ignoring removed nobh option
[ 3438.212502][T28618] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3438.218941][T28618] EXT4-fs: Ignoring removed nobh option
19:07:25 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f60000000000000000000020000000025448156bfd5b25ec377801b344b22c9738d232cb7d3038c0f876af89ac084fc7871dfca8c6a7fc06f3e2469aa12e16a826c94c0a5546d925a37a55fe849a53e3c0638fd9769d1d636e85c2f315a2a58c630215cbc199b92a459670cdeddaab063be9377e80b8db97b7b320194f645f8a6d6e2f5063dac48c2da109390deaf3cfb41509b6", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0) (async)
socket(0x10, 0x80002, 0x0)
[ 3438.227273][T28621] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3438.257852][T28621] EXT4-fs (loop1): 1 truncate cleaned up
[ 3438.259891][T28618] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:25 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgSt9jXI3Vpam/1xZmk6iVnvzj6Re7vrK0nRRtPi7fXlmNI1IP01a/mHDwoWLZ6aq1dnzeX588ex74wsXLj4zd3bq9Ozp2XOTJ04cPzbx/HOTz3Ylziyu68Mfzh8+9Orbl1+fPnn5nR+/SfK4oyWObhmJkXah1z3e7cp6bH9TOunrYUPYkkpEZN3VXx//g1GJtc4bjFc+6WnjgF1Vq9VqezqfXq4B/2NJ9LoFQG8UX/TZ/W9x3KSpxy3h2ouNG6As7hv50TjTF8fzMv0t97fdNBIRJ5f/+jI7YpfWIQAAml3J5j9Pt5v/pXFvU7k78z2UoYi4KyIORMTdEXEwIu6JqJe9LyLu32L9Iy359fOf9Oq2AtukbP73Qr639c/5X1oUGarkuf31+PuTU3PV2aP5ezIa/Xuy/MQGdXz38i+fdzrXPP/Ljqz+Yi6Yt+NqX8sC3czU4tROYm527eOI4b528SerOwFJRByKiOFt1jH35NeHO5379/g30IV9ptpXEU80+n85WuIvJBvvT47fFtXZo+PFVbHeTz9feqNT/TuKvwuy/t/b9vpfjX8oad6vXdh6HZd++6zjPc12r/+B5K16eiB/7YOpxcXzExEDyWvrX59c+9siX5TP4h890n78H4i1d+KBiMgu4gcj4qGIeDhv+yMR8WhEHNkg/h9eeuzd7ce/u7L4Z7bU/1tPVM58/22n+jfX/4078dH8lc18/m22gTt57wAAAOC/Iq0/A5+kY6vpNB0bazzDfzD2ptX5hcWnTs2/f26m8az8UPSnxUrXYNN66ES+NlzkJ1vyx/J14y8qt9fzY9Pz1ZleBw8lt6/D+M/8Xul164Bd5/daUF7GP5SX8Q/lZfxDeRn/UF7txv9HPWgHcPP5/ofyMv6hvIx/KC/jH0ppJ7/rlyhzItJbohkSu5To9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd/wdAAD//ybo50s=")
[ 3438.281198][T28618] EXT4-fs (loop3): 1 truncate cleaned up
19:07:25 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgghfSZMW6IELCCQOICHBoRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrl0sLJaO3dxDh2mg+7LuzvJ60y4x1n5vHs2LMzdgClVY2IkYi4LSJ+zdNJe4Fq88/15Yszfy5fnEmiXn/jj6RR7tryxZmiaPG83XlmLI1IP0na/mHTwvkLp6drtblzeX5i8cy7EwvnLzx96sz0ybmTc2enjh07emTyuWennulJnFlc1w58MH9w/ytvXX5t5vjlt3/8OsnjjrY4eqUa1U6hNzza68oGbE9LOhkaYEPYlEpEZN013Bj/I1GJ1c4biZc/HmjjgL6q1+v1nd1PL9WB/7AkBt0CYDCKD/rs/rc4btLU45Zw9YXmDVAW9/X8aJ4ZijQvM9x2f9tL1Yg4vvTXF9kRfVqHAABo9W02/3mq0/wvjbtbyt2e76GMRsQdEbE3Iu6MiH0RcVdEo+w9EXHvJuuvtuXXzn/SK1sKbIOy+d/z+d7WP+d/xewvRit5bk8j/uHkxKna3OH8NRmL4Z1ZfnKdOr576ZfPup1rnf9lR1Z/MRfM23FlqG2BbnZ6cXo7Mbe6+lHEgaFO8ScrOwFJROyPiANbrOPUE18d7Hbu8RvGv44e7DPVv4x4rNn/S9EWfyFZf39y4n9Rmzs8UVwVa/3086XXu9V/4/7vr6z/d3W8/lfiH01a92sXNl/Hpd8+7XpPs9Xrf0fyZiO9I3/s/enFxXOTETuSV9c+PrX63CJflM/iHzvUefzvjdVX4r6IyC7i+yPigYh4MG/7QxHxcEQcWif+H1585J2tx99fWfyzm+r/zScqp7//plv9G+v/o43UWP7IRt7/NtrA7bx2AAAA8G+RNr4Dn6TjK+k0HR9vfod/X+xKa/MLi0+emH/v7Gzzu/KjMZwWK10jLeuhk/nacJGfassfydeNP6/8v5Efn5mvzQ46eCi53V3Gf+b3yqBbB/Sd32tBeRn/UF7GP5SX8Q/lZfxDeXUa/x8OoB3AzefzH8rL+IfyMv6hvIx/KKXt/K5fosyJSG+JZkj0KTHodyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDe+DsAAP//mRPmfg==")
[ 3438.354313][T28653] loop1: detected capacity change from 0 to 512
[ 3438.358768][T28655] loop3: detected capacity change from 0 to 512
[ 3438.373796][T28655] EXT4-fs: Ignoring removed nobh option
[ 3438.378114][T28653] EXT4-fs: Ignoring removed nobh option
[ 3438.379420][T28655] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3438.384959][T28653] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3438.391396][T28655] EXT4-fs: Ignoring removed nobh option
19:07:25 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0xee01}}, './file0\x00'})
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x4400, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) (async)
r4 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r4, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:25 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="20080000f60000000000000000000020000000025448156bfd5b25ec377801b344b22c9738d232cb7d3038c0f876af89ac084fc7871dfca8c6a7fc06f3e2469aa12e16a826c94c0a5546d925a37a55fe849a53e3c0638fd9769d1d636e85c2f315a2a58c630215cbc199b92a459670cdeddaab063be9377e80b8db97b7b320194f645f8a6d6e2f5063dac48c2da109390deaf3cfb41509b6", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3438.403535][T28653] EXT4-fs: Ignoring removed nobh option
[ 3438.410690][T28653] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3438.425869][T28653] EXT4-fs (loop1): 1 truncate cleaned up
[ 3438.435515][T28655] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:25 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f00000003c0), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:26 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwWu9SKJJLq6eV2Z1J1s1uzI9NtzqfDwx5b+dt3vvOzNt9895sAKU1EhGDEXFHRFzJ00lrgf7GnxsrS9N/rixNJ1GrvflHUi93fWVpuihavG9fnhlNI9JPk5Z/2LBw4eKZqWp19nyeH188+974woWLz8ydnTo9e3r23OSJE8ePTTz/3OSzXYkzi+v68Ifzhw+9+vbl16dPXn7np2+SPO5oiaNbRmKkXeh1j3e7sh7b35RO+nrYELakEhF9jS4eV2IwKrF28gbjlU962jhgV9VqtdqezruXa8D/WBK9bgHQG8UXfXb/W2w3aehxS7j2YuMGKIv7Rr419vTF8bxMf8v9bTeNRMTJ5b++zLbYpXkIAIBm32Xjn6fbjf/SuLep3J35GspQRNwVEQci4u6IOBgR90TUy94XEfdvsf6Rlvz68U96dVuBbVI2/nshX9v65/gvLYoMVfLc/nr8/cmpuers0fyYjEb/niw/sUEd37/86+ed9jWP/7Itq78YC+btuNrXMkE3M7U4tZOYm137OGK4r138yepKQBIRhyJieJt1zD359eFO+/49/g10YZ2p9lXEE43zvxwt8ReSjdcnx2+L6uzR8eKqWO/nXy690an+HcXfBdn539v2+l+NfyhpXq9d2Hodl377rOM9zXav/4HkrXp6IH/tg6nFxfMTEQPJa+tfn1x7b5Evymfxjx5p3/8PxNqReCAisov4wYh4KCIeztv+SEQ8GhFHNoj/x5cee3f78e+uLP6ZLZ3/rScqZ374tlP9mzv/jTvx0fyVzXz+bbaBOzl2AAAA8F+R1p+BT9Kx1XSajo01nuE/GHvT6vzC4lOn5t8/N9N4Vn4o+tNipmuwaT50Ip8bLvKTLflj+bzxF5Xb6/mx6fnqTK+Dh5Lb16H/Z36v9Lp1wK7zey0oL/0fykv/h/LS/6G89H8or3b9/6MetAO4+Xz/Q3np/1Be+j+Ul/4PpbST3/VLlDkR6S3RDIldSvT6kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/g4AAP//ESzmjA==")
[ 3438.455827][T28655] EXT4-fs (loop3): 1 truncate cleaned up
19:07:26 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdm7qhvGvowf7TPWvIp5o9v9StMVfSNbfn5y4LWpzhyeKq2Ktn3+59Ea3+m/c//2V9f+ujtf/SvyjSet+7cLm67j0+2dd72m2ev3vSN5qpHfkj30wvbh4bjJiR/La2senVp9b5IvyWfxjhzqP/72x+ko8EBHZRfxgRDwUEQ/nbX8kIh6NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//92oOaH")
[ 3438.527952][T28686] loop1: detected capacity change from 0 to 512
[ 3438.535592][T28686] EXT4-fs: Ignoring removed nobh option
[ 3438.541218][T28686] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3438.547914][T28686] EXT4-fs: Ignoring removed nobh option
[ 3438.571878][T28690] loop3: detected capacity change from 0 to 512
[ 3438.576868][T28686] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3438.578491][T28690] EXT4-fs: Ignoring removed nobh option
[ 3438.594259][T28686] EXT4-fs (loop1): 1 truncate cleaned up
[ 3438.597730][T28690] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3438.597748][T28690] EXT4-fs: Ignoring removed nobh option
[ 3438.617322][T28690] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3438.632606][T28690] EXT4-fs (loop3): 1 truncate cleaned up
19:07:26 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 35)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3438.716163][T28696] FAULT_INJECTION: forcing a failure.
[ 3438.716163][T28696] name failslab, interval 1, probability 0, space 0, times 0
[ 3438.728829][T28696] CPU: 0 PID: 28696 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3438.739244][T28696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3438.749307][T28696] Call Trace:
[ 3438.752666][T28696]
[ 3438.755607][T28696] dump_stack_lvl+0xda/0x130
[ 3438.760240][T28696] dump_stack+0x15/0x20
[ 3438.764386][T28696] should_fail_ex+0x21f/0x230
[ 3438.769095][T28696] __should_failslab+0x92/0xa0
[ 3438.773937][T28696] should_failslab+0x9/0x20
[ 3438.778438][T28696] slab_pre_alloc_hook+0x38/0x180
[ 3438.783468][T28696] __kmem_cache_alloc_node+0x46/0x250
[ 3438.788875][T28696] ? io_drain_req+0x1e1/0x4f0
[ 3438.793564][T28696] kmalloc_trace+0x2a/0xa0
[ 3438.798011][T28696] io_drain_req+0x1e1/0x4f0
[ 3438.802590][T28696] io_queue_sqe_fallback+0xd1/0xe0
[ 3438.807754][T28696] io_submit_sqes+0xbf8/0xfe0
[ 3438.812481][T28696] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3438.818047][T28696] ? __fget_files+0x1c4/0x200
[ 3438.822809][T28696] ? mutex_lock+0xd/0x30
[ 3438.827062][T28696] ? fput+0x112/0x140
[ 3438.831058][T28696] ? ksys_write+0x178/0x1a0
[ 3438.835597][T28696] __x64_sys_io_uring_enter+0x78/0x90
[ 3438.840966][T28696] do_syscall_64+0x41/0xc0
[ 3438.845430][T28696] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3438.851411][T28696] RIP: 0033:0x7fbf4da9f169
[ 3438.855843][T28696] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3438.875452][T28696] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3438.883860][T28696] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3438.891841][T28696] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3438.899846][T28696] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3438.907809][T28696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3438.915860][T28696] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3438.923828][T28696]
19:07:26 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:26 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzGZbba2Jtf5orRqtYvBH0qRVe/CgouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU+CV71LoUgurZ5WZncmWTe7MT823ep8PjDw3s5L3vvum7f75r3ZAEprOCIGI+K2iPg1TydtBZ6vNstdX16c+nN5cSqJev2NP5JGuWvLi1NF0eLv9uaZkTQi/SRp+4dN8xcunpms1WbO5/mxhbPvjs1fuPjU7NnJ0zOnZ85NnDhx/Nj4s89MPN2TOLO4rh36YO7wwVfeuvza1MnLb//4dZLHHW1x9MpwDHcKveHRXlfWZ/ta0slAHxvCplQiIuuuamP8D0YlVjtvMF7+uK+NA3ZUvV6v7+5+eqkO/I8l0e8WAP1RfNFn97/FcYOmHjeFqy80b4CyuK/nR/PMQBzPy1Tb7m97aTgiTi799UV2xA6tQwAAtPo2m/882Wn+l8bdLeVuz/dQhiLijojYHxF3RsSBiLgrolH2noi4d5P1D7fl185/0itbCmyDsvnfc/ne1j/nf2lRZKiS5/Y14q8mp2ZrM0fz92Qkqruz/Pg6dXz30i+fdTvXOv/Ljqz+Yi6Yt+PKQNsC3fTkwuR2Ym519aOIQwOd4k9WdgKSiDgYEYe2WMfs418d7nbu3+NfRw/2mepfRjzW7P+laIu/kKy/Pzl2S9Rmjo4VV8VaP/186fVu9W8r/h7I+n9Px+t/Jf6hpHW/dn7zdVz67dOu9zRbvf53JW820rvy196fXFg4Px6xK3l17esTq39b5IvyWfwjRzqP//2x+k7cFxHZRXx/RDwQEQ/mbX8oIh6OiCPrxP/Di4+8s/X4d1YW//Sm+n/zicqZ77/pVv/G+r95Jz6Sv7KRz7+NNnA77x0AAAD8V6SNZ+CTdHQlnaajo81n+A/EnrQ2N7/wxKm5985NN5+VH4pqWqx0Dbash47na8NFfqItfyxfN/68cmsjPzo1V5vud/BQcnu7jP/M75V+tw7YcX6vBeVl/EN5Gf9QXsY/lJfxD+XVafx/2Id2ADee738oL+Mfysv4h/Iy/qGUtvO7fokyJyK9KZohsUOJfn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MbfAQAA//8XHebM")
19:07:26 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0lB64gEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eIzp89On5o7NXdu6vjxo0cmnzs29WxP4sziun7gg/mD+19568prMyeuvP3j10ked7TF0SvVqHYKveHxXlc2YHta0snQABvCplQiIuuu4cb4H4lKrHbeSLz88UAbB/RVvV6v7+x+eqkO/IclMegWAINRfNBn97/FcYumHreFay80b4CyuG/kR/PMUKR5meG2+9teqkbEiaW/vsiO6NM6BABAq2+z+c/TneZ/adzbUu7OfA9lNCLuioi9EXF3ROyLiHsiGmXvi4j7N1l/tS2/dv6TXt1SYBuUzf+ez/e2/jn/K2Z/MVrJc3sa8Q8nJ0/X5g7nr8lYDO/M8pPr1PHdS7981u1c6/wvO7L6i7lg3o6rQ20LdLPTi9PbibnVtY8iDgx1ij9Z2QlIImJ/RBzYYh2nn/zqYLdzx24a/zp6sM9U/zLiiWb/L0Vb/IVk/f3Jif9Fbe7wRHFVrPXTz5df71b/zfu/v7L+39Xx+l+JfzRp3a9d2Hwdl3/7tOs9zVav/x3Jm430jvyx96cXF89PRuxIXl37+NTqc4t8UT6Lf+xQ5/G/N1ZfiQciIruIH4yIhyLi4bztj0TEoxFxaJ34f3jxsXe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzZSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+fbErrc0vLD51cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/JF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD///WB5os=")
[ 3439.025068][T28703] loop1: detected capacity change from 0 to 512
[ 3439.033754][T28705] loop3: detected capacity change from 0 to 512
[ 3439.041791][T28705] EXT4-fs: Ignoring removed nobh option
[ 3439.047387][T28705] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.053870][T28705] EXT4-fs: Ignoring removed nobh option
[ 3439.060311][T28703] EXT4-fs: Ignoring removed nobh option
[ 3439.066053][T28703] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.072598][T28703] EXT4-fs: Ignoring removed nobh option
[ 3439.080181][T28705] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3439.080667][T28703] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3439.095568][T28705] EXT4-fs (loop3): 1 truncate cleaned up
[ 3439.110828][T28703] EXT4-fs (loop1): 1 truncate cleaned up
19:07:26 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9ICAQSB5CQ4FCOIUmrUrdBTZBoVUFAqBxRJe6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmIcO82HXRf295NWmfGOM/N4duzZGTuA0qpGxEhE3BYRv+bppL1Atfnn+vLFmT+XL84kUa+/8UfSKHdt+eJMUbR43u48M5ZGpJ8kbf+waeH8hdPTtdrcuTw/sXjm3YmF8xeeOnVm+uTcybmzU8eOHT0y+ewzU0/3JM4srmsHPpg/uP+Vty6/NnP88ts/fp3kcUdbHL1SjWqn0Bse7XVlA7anJZ0MDbAhbEolIrLuGm6M/5GoxGrnjcTLHw+0cUBf1ev1+s7up5fqwH9YEoNuATAYxQd9dv9bHDdp6nFLuPpC8wYoi/t6fjTPDEWalxluu7/tpWpEHF/664vsiD6tQwAAtPo2m/882Wn+l8bdLeVuz/dQRiPijojYGxF3RsS+iLgrolH2noi4d5P1V9vya+c/6ZUtBbZB2fzvuXxv65/zv2L2F6OVPLenEf9wcuJUbe5w/pqMxfDOLD+5Th3fvfTLZ93Otc7/siOrv5gL5u24MtS2QDc7vTi9nZhbXf0o4sBQp/iTlZ2AJCL2R8SBLdZx6vGvDnY79/wN419HD/aZ6l9GPNbs/6Voi7+QrL8/OfG/qM0dniiuirV++vnS693qv3H/91fW/7s6Xv8r8Y8mrfu1C5uv49Jvn3a9p9nq9b8jebOR3pE/9v704uK5yYgdyatrH59afW6RL8pn8Y8d6jz+98bqK3FfRGQX8f0R8UBEPJi3/aGIeDgiDq0T/w8vPvLO1uPvryz+2U31/+YTldPff9Ot/o31/9FGaix/ZCPvfxtt4HZeOwAAAPi3SBvfgU/S8ZV0mo6PN7/Dvy92pbX5hcUnTsy/d3a2+V350RhOi5WukZb10Ml8bbjIT7Xlj+Trxp9X/t/Ij8/M12YHHTyU3O4u4z/ze2XQrQP6zu+1oLyMfygv4x/Ky/iH8jL+obw6jf8PB9AO4Obz+Q/lZfxDeRn/UF7GP5TSdn7XL1HmRKS3RDMk+pQY9DsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAb/wdAAD//9MO5pQ=")
19:07:26 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn13H7vi0loZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TSjHeSmcezY8/OrAMorZGIGIyI2yLilzydtBVYrjbL3VhZmv5jZWk6iXr99d+TRrnrK0vTRdHi7/bnmdE0Iv04afuHTQsXL52dqtVmL+T58cVz74wvXLz01Ny5qTOzZ2bPT548eeL4xLPPTD7dkzizuK4Pvz9/5PDLb155dfrUlbd++CrJ4462OHplJEY6hd7waK8r67MDLelkoI8NYUsqEZF1V7Ux/gejEmudNxgvfdTXxgG7ql6v1/d2P71cB/7Dkuh3C4D+KL7os/vf4rhJU49bwrXnmzdAWdw38qN5ZiBO5GWqbfe3vTQSEaeW//w8O2KX1iEAAFp9k81/nuw0/0vj7pZyt+d7KEMRcUdEHIyIOyPiUETcFdEoe09E3LvF+kfa8uvnP+nVbQW2Sdn877l8b+vv87+0KDJUyXMHGvFXk9Nztdlj+XsyGtW9WX5igzq+ffHnT7uda53/ZUdWfzEXzNtxdaBtgW5manFqJzG3uvZhxPBAp/iT1Z2AJCIOR8TwNuuYe/zLI93O/XP8G+jBPlP9i4jHmv2/HG3xF5KN9yfH/xe12WPjxVWx3o8/XX6tW/07ir8Hsv7f1/H6X41/KGndr13Yeh2Xf/2k6z3Ndq//PckbjfSe/LX3phYXL0xE7EleWf/65NrfFvmifBb/6NHO4/9grL0T90VEdhHfHxEPRMSDedsfioiHI+LoBvF//8Ijb28//t2VxT+zpf7feqJy9ruvu9W/uf5v3omP5q9s5vNvsw3cyXsHAAAA/xZp4xn4JB1bTafp2FjzGf5DsS+tzS8sPnF6/t3zM81n5YeimhYrXYMt66ET+dpwkZ9syx/P140/q/y/kR+bnq/N9Dt4KLn9XcZ/5rdKv1sH7Dq/14LyMv6hvIx/KC/jH8rL+Ify6jT+P+hDO4Cbz/c/lJfxD+Vl/EN5Gf9QSjv5Xb9EmROR3hLNkNilRL8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHrjrwAAAP//HQ7nDA==")
[ 3439.191948][T28719] loop3: detected capacity change from 0 to 512
[ 3439.194336][T28720] loop1: detected capacity change from 0 to 512
[ 3439.198716][T28719] EXT4-fs: Ignoring removed nobh option
[ 3439.208508][T28720] EXT4-fs: Ignoring removed nobh option
[ 3439.212709][T28719] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.218216][T28720] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.224737][T28719] EXT4-fs: Ignoring removed nobh option
[ 3439.231177][T28720] EXT4-fs: Ignoring removed nobh option
19:07:26 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0xee01}}, './file0\x00'})
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x4400, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) (async)
r4 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r4, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3439.240640][T28719] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3439.244260][T28720] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3439.257451][T28719] EXT4-fs (loop3): 1 truncate cleaned up
[ 3439.272919][T28720] EXT4-fs (loop1): 1 truncate cleaned up
19:07:26 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA8cAIHEASQkOJRjSNKq1G1QEyRaVRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFo4Ga29mxjHTvNh14X9/aRVZrzjzDyeHXt2xg6gtKoRMRIRt0XEr3k6aS9Qbf65vnxx5s/lizNJ1Otv/JE0yl1bvjhTFC2etzvPjKUR6SdJ2z9sWjh/4fR0rTZ3Ls9PLJ55d2Lh/IWnTp2ZPjl3cu7s1LFjR49MPvvM1NM9iTOL69qBD+YP7n/lrcuvzRy//PaPXyd53NEWR69Uo9op9IZHe13ZgO1pSSdDA2wIm1KJiKy7hhvjfyQqsdp5I/HyxwNtHNBX9Xq9vrP76aU68B+WxKBbAAxG8UGf3f8Wx02aetwSrr7QvAHK4r6eH80zQ5HmZYbb7m97qRoRx5f++iI7ok/rEAAArb7N5j9Pdpr/pXF3S7nb8z2U0Yi4IyL2RsSdEbEvIu6KaJS9JyLu3WT91bb82vlPemVLgW1QNv97Lt/b+uf8r5j9xWglz+1pxD+cnDhVmzucvyZjMbwzy0+uU8d3L/3yWbdzrfO/7MjqL+aCeTuuDLUt0M1OL05vJ+ZWVz+KODDUKf5kZScgiYj9EXFgi3Wcevyrg93OPX/D+NfRg32m+pcRjzX7fyna4i8k6+9PTvwvanOHJ4qrYq2ffr70erf6b9z//ZX1/66O1/9K/KNJ637twubruPTbp13vabZ6/e9I3mykd+SPvT+9uHhuMmJH8urax6dWn1vki/JZ/GOHOo//vbH6StwXEdlFfH9EPBARD+ZtfygiHo6IQ+vE/8OLj7yz9fj7K4t/dlP9v/lE5fT333Srf2P9f7SRGssf2cj730YbuJ3XDgAAAP4t0sZ34JN0fCWdpuPjze/w74tdaW1+YfGJE/PvnZ1tfld+NIbTYqVrpGU9dDJfGy7yU235I/m68eeV/zfy4zPztdlBBw8lt7vL+M/8Xhl064C+83stKC/jH8rL+IfyMv6hvIx/KK9O4//DAbQDuPl8/kN5Gf9QXsY/lJfxD6W0nd/1S5Q5Eekt0QyJPiUG/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQG38HAAD//7LK5pU=")
19:07:26 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzGZbba2Jtf5orRqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPNWLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1HBGDEXFHRPyap5O2AleqzXI3lhen/lxenEqiXn/zj6RR7vry4lRRtPi7vXlmJI1IP03a/mHT/IWLZyZrtZnzeX5s4ex7Y/MXLj4ze3by9MzpmXMTJ04cPzb+/HMTz/Ykziyu64c+nDt88NW3L78+dfLyOz9+k+RxR1scvTIcw51Cb3i815X12b6WdDLQx4awKZWIyLqr2hj/g1GJ1c4bjFc+6WvjgB1Vr9fru7ufXqoD/2NJ9LsFQH8UX/TZ/W9x3KSpxy3h2ovNG6As7hv50TwzEMfzMtW2+9teGo6Ik0t/fZkdsUPrEAAAra5k85+nO83/0ri3pdyd+R7KUETcFRH7I+LuiDgQEfdENMreFxH3b7L+4bb82vlPenVLgW1QNv97Id/b+uf8Ly2KDFXy3L5G/NXk1Gxt5mj+noxEdXeWH1+nju9e/uXzbuda53/ZkdVfzAXzdlwdaFugm55cmNxOzK2ufRxxaKBT/MnKTkASEQcj4tAW65h98uvD3c79e/zr6ME+U/2riCea/b8UbfEXkvX3J8dui9rM0bHiqljrp58vvdGt/m3F3wNZ/+/peP2vxD+UtO7Xzm++jku/fdb1nmar1/+u5K1Gelf+2geTCwvnxyN2Ja+tfX1i9W+LfFE+i3/kSOfxvz9W34kHIiK7iB+MiIci4uG87Y9ExKMRcWSd+H946bF3tx7/zsrin95U/28+UTnz/bfd6t9Y/zfvxEfyVzby+bfRBm7nvQMAAID/irTxDHySjq6k03R0tPkM/4HYk9bm5heeOjX3/rnp5rPyQ1FNi5WuwZb10PF8bbjIT7Tlj+Xrxl9Ubm/kR6fmatP9Dh5Kbm+X8Z/5vdLv1gE7zu+1oLyMfygv4x/Ky/iH8jL+obw6jf+P+tAO4Obz/Q/lZfxDeRn/UF7GP5TSdn7XL1HmRKS3RDMkdijR708mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3vg7AAD//yL/50w=")
19:07:26 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f00000003c0), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3439.352739][T28733] loop3: detected capacity change from 0 to 512
[ 3439.372730][T28733] EXT4-fs: Ignoring removed nobh option
[ 3439.379153][T28733] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.385574][T28733] EXT4-fs: Ignoring removed nobh option
[ 3439.397751][T28737] loop1: detected capacity change from 0 to 512
[ 3439.405501][T28737] EXT4-fs: Ignoring removed nobh option
[ 3439.411134][T28737] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.411615][T28733] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3439.417542][T28737] EXT4-fs: Ignoring removed nobh option
[ 3439.421776][T28737] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:26 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f00000003c0), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3439.432053][T28733] EXT4-fs (loop3): 1 truncate cleaned up
[ 3439.437447][T28737] EXT4-fs (loop1): 1 truncate cleaned up
19:07:27 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdDgUBBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJceyQh1OX7u8nrTLjHWfm8+zYszN2AKU1EhGDEXFHRPyWp5PWAgONP9dXlqb/WlmaTqJWe/PPpF7u2srSdFG0eN6+PDOaRqSfJi3/sGHhwsUzU9Xq7Pk8P7549r3xhQsXn5k7O3V69vTsuckTJ44fm3j+uclnuxJnFte14Q/nDx969e3Lr0+fvPzOT98kedzREke3jMRIu9DrHu92ZT22vymd9PWwIWxJJSKy7uqvj//BqMRa5w3GK5/0tHHArqrVarU9nU8v14BbWBK9bgHQG8UHfXb/Wxw3aOpxU7j6YuMGKIv7en40zvTF8bxMf8v9bTeNRMTJ5b+/zI7YpXUIAIBm32Xzn6fbzf/SuLep3J35HspQRNwVEQci4u6IOBgR90TUy94XEfdvsf6Rlvz6+U96ZVuBbVI2/3sh39v69/wvLYoMVfLc/nr8/cmpuers0fw1GY3+PVl+YoM6vn/51887nWue/2VHVn8xF8zbcaWvZYFuZmpxaicxN7v6ccRwX7v4k9WdgCQiDkXE8DbrmHvy68Odzv13/Bvowj5T7auIJxr9vxwt8ReSjfcnx2+L6uzR8eKqWO/nXy690an+HcXfBVn/7217/a/GP5Q079cubL2OS79/1vGeZrvX/0DyVj09kD/2wdTi4vmJiIHktfWPT649t8gX5bP4R4+0H/8HYu2VeCAisov4wYh4KCIeztv+SEQ8GhFHNoj/x5cee3f78e+uLP6ZLfX/1hOVMz9826n+zfV/4058NH9kM+9/m23gTl47AAAA+L9I69+BT9Kx1XSajo01vsN/MPam1fmFxadOzb9/bqbxXfmh6E+Lla7BpvXQiXxtuMhPtuSP5evGX1Rur+fHpuerM70OHkpuX4fxn/mj0uvWAbvO77WgvIx/KC/jH8rL+IfyMv6hvNqN/4960A7gxvP5D+Vl/EN5Gf9QXsY/lNJOftcvUeZEpDdFMyR2KdHrdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+CcAAP//DUPmjQ==")
19:07:27 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 36)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3439.530607][T28747] loop1: detected capacity change from 0 to 512
[ 3439.533778][ T7252] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 3439.537207][T28747] EXT4-fs: Ignoring removed nobh option
[ 3439.552068][T28747] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.552104][T28747] EXT4-fs: Ignoring removed nobh option
[ 3439.565113][T28747] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3439.581204][T28747] EXT4-fs (loop1): 1 truncate cleaned up
19:07:27 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:27 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cqEDiABISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eIzp89On5o7NXdu6tixo0cmn39u6tmexJnFdf3AB/MH97/y1pXXZk5cefvHr5M87miLo1eqUe0UesPjva5swPa0pJOhATaETalERNZdw43xPxKVWO28kXj544E2Duirer1e39n99FId+A9LYtAtAAaj+KDP7n+L4xZNPW4L115s3gBlcd/Ij+aZoUjzMsNt97e9VI2IE0t/fZEd0ad1CACAVt9m85+nO83/0ri3pdyd+R7KaETcFRF7I+LuiNgXEfdENMreFxH3b7L+alt+7fwnvbqlwDYom/+9kO9t/XP+V8z+YrSS5/Y04h9OTp6uzR3OX5OxGN6Z5SfXqeO7l375rNu51vlfdmT1F3PBvB1Xh9oW6GanF6e3E3Orax9FHBjqFH+yshOQRMT+iDiwxTpOP/nVwW7njt80/nX0YJ+p/mXEE83+X4q2+AvJ+vuTE/+L2tzhieKqWOunny+/3q3+m/d/f2X9v6vj9b8S/2jSul+7sPk6Lv/2add7mq1e/zuSNxvpHflj708vLp6fjNiRvLr28anV5xb5onwW/9ihzuN/b6y+Eg9ERHYRPxgRD0XEw3nbH4mIRyPi0Drx/3D8sXe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzZSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+fbErrc0vLD51cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/JF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//3JC5pc=")
19:07:27 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff, 0x0, 0x10}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:27 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs8PNMpdX1ma/nNlaTqJWu2NP5J6uWsrS9NF0eLv9uWZ0TQi/SRp+YcNCxcunpmqVmfP5/nxxbPvji9cuPjU3Nmp07OnZ89Nnjhx/NjEs89MPt2VOLO4rg1/MH/40CtvXX5t+uTlt3/8OsnjjpY4umUkRtqFXvdotyvrsf1N6aSvhw1hSyoRkXVXf338D0Yl1jpvMF7+uKeNA3ZVrVar7el8erkG/I8l0esWAL1RfNFn97/FcYOmHjeFqy80boCyuK/nR+NMXxzPy/S33N9200hEnFz+64vsiF1ahwAAaPZtNv95st38L427m8rdnu+hDEXEHRFxICLujIiDEXFXRL3sPRFx7xbrH2nJr5//pFe2FdgmZfO/5/K9rX/O/9KiyFAlz+2vx9+fnJqrzh7N35PR6N+T5Sc2qOO7l375rNO55vlfdmT1F3PBvB1X+loW6GamFqd2EnOzqx9FDPe1iz9Z3QlIIuJQRAxvs465x7863Oncv8e/gS7sM9W+jHis0f/L0RJ/Idl4f3L8lqjOHh0vror1fvr50uud6t9R/F2Q9f/ettf/avxDSfN+7cLW67j026cd72m2e/0PJG/W0wP5a+9PLS6en4gYSF5d//rk2t8W+aJ8Fv/okfbj/0CsvRP3RUR2Ed8fEQ9ExIN52x+KiIcj4sgG8f/w4iPvbD/+3ZXFP7Ol/t96onLm+2861b+5/m/ciY/mr2zm82+zDdzJewcAAAD/FWn9GfgkHVtNp+nYWOMZ/oOxN63OLyw+cWr+vXMzjWflh6I/LVa6BpvWQyfyteEiP9mSP5avG39eubWeH5uer870OngouX0dxn/m90qvWwfsOr/XgvIy/qG8jH8oL+Mfysv4h/JqN/4/7EE7gBvP9z+Ul/EP5WX8Q3kZ/1BKO/ldv0SZE5HeFM2Q2KVErz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuuPvAAAA//8TNObN")
[ 3439.877223][T28767] loop1: detected capacity change from 0 to 512
[ 3439.880790][T28768] loop3: detected capacity change from 0 to 512
[ 3439.886790][T28767] EXT4-fs: Ignoring removed nobh option
[ 3439.896722][T28767] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.903304][T28767] EXT4-fs: Ignoring removed nobh option
[ 3439.909809][T28768] EXT4-fs: Ignoring removed nobh option
[ 3439.915433][T28768] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3439.921902][T28768] EXT4-fs: Ignoring removed nobh option
[ 3439.930975][T28767] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3439.945495][T28767] EXT4-fs (loop1): 1 truncate cleaned up
[ 3439.953871][T28768] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3439.968648][T28768] EXT4-fs (loop3): 1 truncate cleaned up
19:07:27 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP292spCaU8WgoYCiLikTRpgR648JI4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E+PYaR52XdjPR1plxjvOzNezY8/O2AGUVjUiRiLitoj4NU8n7QWqzT/Xly/O/Ll8cSaJev2NP5JGuWvLF2eKosXzdueZsTQi/SRp+4dNC+cvnJ6u1ebO5fmJxTPvTiycv/DUqTPTJ+dOzp2dOnbs6JHJZ5+ZeroncWZxXTvwwfzB/a+8dfm1meOX3/7x6ySPO9ri6JVqVDuF3vBorysbsD0t6WRogA1hUyoRkXXXcGP8j0QlVjtvJF7+eKCNA/qqXq/Xd3Y/vVQH/sOSGHQLgMEoPuiz+9/iuElTj1vC1eebN0BZ3Nfzo3lmKNK8zHDb/W0vVSPi+NJfX2RH9GkdAgCg1bfZ/OfJTvO/NO5uKXd7vocyGhF3RMTeiLgzIvZFxF0RjbL3RMS9m6y/2pZfO/9Jr2wpsA3K5n/P5Xtb/5z/FbO/GK3kuT2N+IeTE6dqc4fz12Qshndm+cl16vjupV8+63audf6XHVn9xVwwb8eVobYFutnpxentxNzq6kcRB4Y6xZ+s7AQkEbE/Ig5ssY5Tj391sNu5F28Y/zp6sM9U/zLisWb/L0Vb/IVk/f3Jif9Fbe7wRHFVrPXTz5de71b/jfu/v7L+39Xx+l+JfzRp3a9d2Hwdl377tOs9zVav/x3Jm430jvyx96cXF89NRuxIXl37+NTqc4t8UT6Lf+xQ5/G/N1ZfifsiIruI74+IByLiwbztD0XEwxFxaJ34f3jhkXe2Hn9/ZfHPbqr/N5+onP7+m271b6z/jzZSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+fbErrc0vLD5xYv69s7PN78qPxnBarHSNtKyHTuZrw0V+qi1/JF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAN5/Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0lmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//1H+5pg=")
[ 3440.028133][T28793] loop3: detected capacity change from 0 to 512
[ 3440.033402][ T6589] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 3440.034814][T28793] EXT4-fs: Ignoring removed nobh option
[ 3440.049565][T28793] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.056107][T28793] EXT4-fs: Ignoring removed nobh option
[ 3440.065227][T28793] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3440.079608][T28793] EXT4-fs (loop3): 1 truncate cleaned up
19:07:27 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnvQi6knwqncpFMml1dPK7M4k62Y35semWzufDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7L00lLgeWBRrnrK0vTf60sTSdRq735Z1Ivd21labooWvzdvjwzmkaknyYt/7Bh4cLFM1PV6uz5PD++ePa98YULF5+ZOzt1evb07LnJEyeOH5t4/rnJZ7sSZxbXteEP5w8fevXty69Pn7z8zk/fJHnc0RJHt4zESLvQ6x7vdmU9tr8pnfT1sCFsSSUisu7qr4//wajEWucNxiuf9LRxwK6q1Wq1PZ1PL9eAW1gSvW4B0BvFF312/1scN2jqcVO4+mLjBiiL+3p+NM70xfG8TH/L/W03jUTEyeW/v8yO2KV1CACAZt9l85+n283/0ri3qdyd+R7KUETcFREHIuLuiDgYEfdE1MveFxH3b7H+kZb8+vlPemVbgW1SNv97Id/b+vf8Ly2KDFXy3P56/P3Jqbnq7NH8PRmN/j1ZfmKDOr5/+dfPO51rnv9lR1Z/MRfM23Glr2WBbmZqcWonMTe7+nHEcF+7+JPVnYAkIg5FxPA265h78uvDnc79d/wb6MI+U+2riCca/b8cLfEXko33J8dvi+rs0fHiqljv518uvdGp/h3F3wVZ/+9te/2vxj+UNO/XLmy9jku/f9bxnma71/9A8lY9PZC/9sHU4uL5iYiB5LX1r0+u/W2RL8pn8Y8eaT/+D8TaO/FARGQX8YMR8VBEPJy3/ZGIeDQijmwQ/48vPfbu9uPfXVn8M1vq/60nKmd++LZT/Zvr/8ad+Gj+ymY+/zbbwJ28dwAAAPB/kdafgU/SsdV0mo6NNZ7hPxh70+r8wuJTp+bfPzfTeFZ+KPrTYqVrsGk9dCJfGy7yky35Y/m68ReV2+v5sen56kyvg4eS29dh/Gf+qPS6dcCu83stKC/jH8rL+IfyMv6hvIx/KK924/+jHrQDuPF8/0N5Gf9QXsY/lJfxD6W0k9/1S5Q5EelN0QyJXUr0+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//xkl5w0=")
19:07:27 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x14, &(0x7f00000047c0)=[{0x7, 0x1, 0x0, &(0x7f0000000740)=[{&(0x7f0000000080)=""/3, 0x3}, {&(0x7f0000000280)=""/195, 0xc3}, {&(0x7f0000000380)=""/187, 0xbb}, {&(0x7f0000000440)=""/160, 0xa0}, {&(0x7f0000000500)=""/203, 0xcb}, {&(0x7f0000000600)=""/43, 0x2b}, {&(0x7f0000000640)=""/203, 0xcb}], &(0x7f00000007c0)=[0x5, 0x1, 0x5, 0x90f, 0x6]}, {0x4, 0x1, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000800)=""/166, 0xa6}, {&(0x7f00000008c0)=""/244, 0xf4}, {&(0x7f00000009c0)=""/17, 0x11}, {&(0x7f0000000a00)=""/216, 0xd8}], &(0x7f0000000b40)=[0x4, 0x6, 0x400, 0x0]}, {0x4, 0x1, 0x0, &(0x7f0000001d00)=[{&(0x7f0000000b80)=""/93, 0x5d}, {&(0x7f0000000c00)=""/116, 0x74}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000001c80)=""/66, 0x42}], &(0x7f0000001d40)=[0x7fff, 0xc59a, 0x8, 0x100000001, 0x10000, 0x7fffffff, 0xc584, 0x100000000, 0x9]}, {0x6, 0x0, 0x0, &(0x7f0000003100)=[{&(0x7f0000001dc0)=""/117, 0x75}, {&(0x7f0000001e40)=""/82, 0x52}, {&(0x7f0000001ec0)=""/123, 0x7b}, {&(0x7f0000001f40)=""/170, 0xaa}, {&(0x7f0000002000)=""/202, 0xca}, {&(0x7f0000002100)=""/4096, 0x1000}], &(0x7f0000003180)=[0x1, 0x7, 0x9910, 0x0, 0x0, 0x8, 0x7f]}, {0x7, 0x1, 0x0, &(0x7f0000004580)=[{&(0x7f00000031c0)=""/4096, 0x1000}, {&(0x7f00000041c0)=""/234, 0xea}, {&(0x7f00000042c0)=""/123, 0x7b}, {&(0x7f0000004340)=""/189, 0xbd}, {&(0x7f0000004400)=""/174, 0xae}, {&(0x7f00000044c0)=""/6, 0x6}, {&(0x7f0000004500)=""/105, 0x69}], &(0x7f0000004600)=[0x1, 0x40, 0x800, 0x7ff, 0x1, 0xffffffffffffffff]}, {0x1, 0x1, 0x0, &(0x7f0000004740)=[{&(0x7f0000004640)=""/240, 0xf0}], &(0x7f0000004780)=[0x548, 0x1, 0x1, 0x3f, 0x6, 0xffffffffffff8001, 0x400, 0x10000]}], 0x6)
io_uring_enter(r0, 0x170e, 0x5538, 0x12, &(0x7f0000004a40)={[0x5]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
fsetxattr$security_selinux(r0, &(0x7f0000004880), &(0x7f00000048c0)='system_u:object_r:hwclock_exec_t:s0\x00', 0x24, 0x1)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004900), 0x131000, 0x0)
epoll_pwait2(r2, &(0x7f0000004940)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, &(0x7f00000049c0)={0x0, 0x989680}, &(0x7f0000004a00)={[0x3f]}, 0x8)
19:07:27 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxKBISHMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLi1zydtBeoNv/cWL408+fypZkk6vU3/kga5a4vX5opihbP251nxtKI9JOk7R82LVy4eGa6Vps7n+cnFs++O7Fw4eIzp89On5o7NXdu6tixo0cmn39u6tmexJnFdf3AB/MH97/61pXXZk5cefvHr5M87miLo1eqUe0UesPjva5swPa0pJOhATaETalERNZdw43xPxKVWO28kXjl44E2Duirer1e39n99FId+A9LYtAtAAaj+KDP7n+L4xZNPW4L115s3gBlcd/Ij+aZoUjzMsNt97e9VI2IE0t/fZEd0ad1CACAVt9m85+nO83/0ri3pdyd+R7KaETcFRF7I+LuiNgXEfdENMreFxH3b7L+alt+7fwnvbqlwDYom/+9kO9t/XP+V8z+YrSS5/Y04h9OTp6uzR3OX5OxGN6Z5SfXqeO7l3/5rNu51vlfdmT1F3PBvB1Xh9oW6GanF6e3E3Orax9FHBjqFH+yshOQRMT+iDiwxTpOP/nVwW7njt80/nX0YJ+p/mXEE83+X4q2+AvJ+vuTE/+L2tzhieKqWOunny+/3q3+m/d/f2X9v6vj9b8S/2jSul+7sPk6Lv/2add7mq1e/zuSNxvpHflj708vLp6fjNiRHF/7+NTqc4t8UT6Lf+xQ5/G/N1ZfiQciIruIH4yIhyLi4bztj0TEoxFxaJ34f3jpsXe2Hn9/ZfHPbqr/N5+onPn+m271b6z/jzZSY/kjG3n/22gDt/PaAQAAwL9F2vgOfJKOr6TTdHy8+R3+fbErrc0vLD51cv69c7PN78qPxnBarHSNtKyHTuZrw0V+qi1/JF83/rzy/0Z+fGa+Njvo4KHkdncZ/5nfK4NuHdB3fq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H84gHYAt57Pfygv4x/Ky/iH8jL+oZS287t+iTInIr0tmiHRp8Sg35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//y+L5qE=")
[ 3440.153784][T28797] loop1: detected capacity change from 0 to 512
[ 3440.166456][T28801] loop3: detected capacity change from 0 to 512
[ 3440.173859][T28797] EXT4-fs: Ignoring removed nobh option
[ 3440.179507][T28797] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.185933][T28797] EXT4-fs: Ignoring removed nobh option
[ 3440.193915][T28801] EXT4-fs: Ignoring removed nobh option
[ 3440.199609][T28801] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.206215][T28801] EXT4-fs: Ignoring removed nobh option
[ 3440.213687][T28797] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3440.214507][T28801] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3440.229674][T28797] EXT4-fs (loop1): 1 truncate cleaned up
[ 3440.242249][T28801] EXT4-fs (loop3): 1 truncate cleaned up
19:07:27 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdu7EDeNfRw/2mepfRTzR7P+laIu/kKy/PzlxW9TmDk8UV8VaP/9y6Y1u9d+4//sr6/9dHa//lfhHk9b92oXN13Hp98+63tNs9frfkbzVSO/IH/tgenHx3GTEjuS1tY9PrT63yBfls/jHDnUe/3tj9ZV4ICKyi/jBiHgoIh7O2/5IRDwaEYfWif/Hlx57d+vx91cW/+ym+n/zicrpH77tVv/G+v9oIzWWP7KR97+NNnA7rx0AAAD8V6SN78An6fhKOk3Hx5vf4d8Xu9La/MLiUyfm3z872/yu/GgMp8VK10jLeuhkvjZc5Kfa8kfydeMvKrc38uMz87XZQQcPJbe7y/jP/FEZdOuAvvN7LSgv4x/Ky/iH8jL+obyMfyivTuP/owG0A7j5fP5DeRn/UF7GP5SX8Q+ltJ3f9UuUORHpLdEMiT4lBv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oZ+a7")
19:07:27 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgSsDjXI3Vpam/1xZmk6iVnvzj6Re7vrK0nRRtPi7fXlmNI1IP01a/mHDwoWLZ6aq1dnzeX588ex74wsXLj4zd3bq9Ozp2XOTJ04cPzbx/HOTz3Ylziyu68Mfzh8+9Orbl1+fPnn5nR+/SfK4oyWObhmJkXah1z3e7cp6bH9TOunrYUPYkkpEZN3VXx//g1GJtc4bjFc+6WnjgF1Vq9VqezqfXq4B/2NJ9LoFQG8UX/TZ/W9x3KSpxy3h2ouNG6As7hv50TjTF8fzMv0t97fdNBIRJ5f/+jI7YpfWIQAAml3J5j9Pt5v/pXFvU7k78z2UoYi4KyIORMTdEXEwIu6JqJe9LyLu32L9Iy359fOf9Oq2AtukbP73Qr639c/5X1oUGarkuf31+PuTU3PV2aP5ezIa/Xuy/MQGdXz38i+fdzrXPP/Ljqz+Yi6Yt+NqX8sC3czU4tROYm527eOI4b528SerOwFJRByKiOFt1jH35NeHO5379/g30IV9ptpXEU80+n85WuIvJBvvT47fFtXZo+PFVbHeTz9feqNT/TuKvwuy/t/b9vpfjX8oad6vXdh6HZd++6zjPc12r/+B5K16eiB/7YOpxcXzExEDyWvrX59c+9siX5TP4h890n78H4i1d+KBiMgu4gcj4qGIeDhv+yMR8WhEHNkg/h9eeuzd7ce/u7L4Z7bU/1tPVM58/22n+jfX/4078dH8lc18/m22gTt57wAAAOC/Iq0/A5+kY6vpNB0bazzDfzD2ptX5hcWnTs2/f26m8az8UPSnxUrXYNN66ES+NlzkJ1vyx/J14y8qt9fzY9Pz1ZleBw8lt6/D+M/8Xul164Bd5/daUF7GP5SX8Q/lZfxDeRn/UF7txv9HPWgHcPP5/ofyMv6hvIx/KC/jH0ppJ7/rlyhzItJbohkSu5To9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd/wdAAD//x8W500=")
[ 3440.297113][T28814] loop3: detected capacity change from 0 to 512
[ 3440.303619][T28814] EXT4-fs: Ignoring removed nobh option
[ 3440.309221][T28814] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.316176][T28814] EXT4-fs: Ignoring removed nobh option
[ 3440.324335][T28814] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3440.332412][T28817] loop1: detected capacity change from 0 to 512
19:07:27 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/sdq52w/jX0YN9pvpXEU80+38p2uIvJOvvT07cFrW5wxPFVbHWz79ceqNb/Tfu//7K+n9Xx+t/Jf7RpHW/dmHzdVz6/bOu9zRbvf53JG810jvyxz6YXlw8NxmxI3lt7eNTq88t8kX5LP6xQ53H/95YfSUeiIjsIn4wIh6KiIfztj8SEY9GxKF14v/xpcfe3Xr8/ZXFP7up/t98onL6h2+71b+x/j/aSI3lj2zk/W+jDdzOawcAAAD/FWnjO/BJOr6STtPx8eZ3+PfFrrQ2v7D41In598/ONr8rPxrDabHSNdKyHjqZrw0X+am2/JF83fiLyu2N/PjMfG120MFDye3uMv4zf1QG3Tqg7/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/aADtAG4+n/9QXsY/lJfxD+Vl/EMpbed3/RJlTkR6SzRDok+JQb8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MY/AQAA//8mz+bB")
[ 3440.340046][T28814] EXT4-fs (loop3): 1 truncate cleaned up
[ 3440.345271][T28817] EXT4-fs: Ignoring removed nobh option
[ 3440.356183][T28817] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.362702][T28817] EXT4-fs: Ignoring removed nobh option
[ 3440.370530][T28817] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3440.385061][T28817] EXT4-fs (loop1): 1 truncate cleaned up
19:07:27 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 37)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3440.406807][T28820] loop3: detected capacity change from 0 to 512
[ 3440.413293][T28820] EXT4-fs: Ignoring removed nobh option
[ 3440.418896][T28820] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.425317][T28820] EXT4-fs: Ignoring removed nobh option
[ 3440.434900][T28820] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3440.449462][T28820] EXT4-fs (loop3): 1 truncate cleaned up
[ 3440.453446][T28823] FAULT_INJECTION: forcing a failure.
[ 3440.453446][T28823] name failslab, interval 1, probability 0, space 0, times 0
[ 3440.467794][T28823] CPU: 1 PID: 28823 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3440.478233][T28823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3440.488364][T28823] Call Trace:
[ 3440.492825][T28823]
[ 3440.495744][T28823] dump_stack_lvl+0xda/0x130
[ 3440.500330][T28823] dump_stack+0x15/0x20
[ 3440.504474][T28823] should_fail_ex+0x21f/0x230
[ 3440.509197][T28823] __should_failslab+0x92/0xa0
[ 3440.513997][T28823] should_failslab+0x9/0x20
[ 3440.518573][T28823] slab_pre_alloc_hook+0x38/0x180
[ 3440.523592][T28823] __kmem_cache_alloc_node+0x46/0x250
[ 3440.529045][T28823] ? io_drain_req+0x1e1/0x4f0
[ 3440.533777][T28823] kmalloc_trace+0x2a/0xa0
[ 3440.538205][T28823] io_drain_req+0x1e1/0x4f0
[ 3440.542876][T28823] io_queue_sqe_fallback+0xd1/0xe0
[ 3440.548205][T28823] io_submit_sqes+0xbf8/0xfe0
[ 3440.552897][T28823] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3440.558444][T28823] ? __fget_files+0x1c4/0x200
[ 3440.563123][T28823] ? mutex_lock+0xd/0x30
[ 3440.567448][T28823] ? fput+0x112/0x140
[ 3440.571420][T28823] ? ksys_write+0x178/0x1a0
[ 3440.575968][T28823] __x64_sys_io_uring_enter+0x78/0x90
[ 3440.581418][T28823] do_syscall_64+0x41/0xc0
[ 3440.585830][T28823] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3440.591855][T28823] RIP: 0033:0x7fbf4da9f169
[ 3440.596270][T28823] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3440.615933][T28823] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3440.624382][T28823] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3440.632337][T28823] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3440.640355][T28823] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3440.648357][T28823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3440.656354][T28823] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3440.664322][T28823]
19:07:28 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrvP4/VpKQimPhgKBgoh4JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E+PYIQ+nLuznI60y4x1n5uvZsWdn7ABKazQihiLitoj4JU8nrQUGG39urC7P/LG6PJNErfb670m93PXV5ZmiaPG8/XlmLI1IP05a/mHD4sVLZ6er1bkLeX5i6dw7E4sXLz01f276zNyZufNTJ0+eOD757DNTT3clziyu6yPvLxw5/PKbV16dOXXlrR++SvK4oyWObhmN0Xah1z3a7cp67EBTOunrYUPYlkpEZN3VXx//Q1GJ9c4bipc+6mnjgD1Vq9Vqg51Pr9SA/7Aket0CoDeKD/rs/rc4btLU45Zw7fnGDVAW9438aJzpixN5mf6W+9tuGo2IUyt/fp4dsUfrEAAAzb7J5j9Ptpv/pXF3U7nb8z2U4Yi4IyIORsSdEXEoIu6KqJe9JyLu3Wb9oy35jfOf9OqOAtuibP73XL639ff5X1oUGa7kuQP1+PuT0/PVuWP5azIW/YNZfnKTOr598edPO51rnv9lR1Z/MRfM23G1r2WBbnZ6aXo3MTe79mHESF+7+JO1nYAkIg5HxMgO65h//Msjnc79c/yb6MI+U+2LiMca/b8SLfEXks33Jyf+F9W5YxPFVbHRjz9dfq1T/buKvwuy/t/X9vpfi384ad6vXdx+HZd//aTjPc1Or/+B5I16eiB/7L3ppaULkxEDySsbH59af26RL8pn8Y8dbT/+D8b6K3FfRGQX8f0R8UBEPJi3/aGIeDgijm4S//cvPPL2zuPfW1n8s9vq/+0nKme/+7pT/Vvr/8ad+Fj+yFbe/7bawN28dgAAAPBvkda/A5+k42vpNB0fb3yH/1DsS6sLi0tPnF549/xs47vyw9GfFitdQ03roZP52nCRn2rJH8/XjT+r/L+eH59ZqM72Ongouf0dxn/mt0qvWwfsOb/XgvIy/qG8jH8oL+Mfysv4h/JqN/4/6EE7gJvP5z+Ul/EP5WX8Q3kZ/1BKu/ldv0SZE5HeEs2Q2KNEr9+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuuOvAAAA//8JWuaO")
19:07:28 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff, 0x0, 0x10}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async, rerun: 32)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:28 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQqdRvUBIlWFQSEyhFV4o44IvEXcIILAk5IXMsdVapQLi2cjNbeTYxjp/mw68L+ftIqM95xZh7Pjj07YwdQWtWIGImIOyLiSp5O2gtUm39uLF+c+XP54kwS9fqbfySNcteXL84URYvn7c4zY2lE+mnS9g+bFs5fOD1dq82dy/MTi2fem1g4f+GZU2emT86dnDs7dezY0SOTzz839WxP4sziun7gw/mD+199+/LrM8cvv/PTN0ked7TF0SvVqHYKveHxXlc2YHta0snQABvCplQiIuuu4cb4H4lKrHbeSLzyyUAbB/RVvV6v7+x+eqkO/IclMegWAINRfNBn97/FcYumHreFay82b4CyuG/kR/PMUKR5meG2+9teqkbE8aW/vsyO6NM6BABAq++y+c/TneZ/adzbUu7OfA9lNCLuioi9EXF3ROyLiHsiGmXvi4j7N1l/tS2/dv6TXt1SYBuUzf9eyPe2/jn/K2Z/MVrJc3sa8Q8nJ07V5g7nr8lYDO/M8pPr1PH9y79+3u1c6/wvO7L6i7lg3o6rQ20LdLPTi9PbibnVtY8jDgx1ij9Z2QlIImJ/RBzYYh2nnvz6YLdzVyo3i38dPdhnqn8V8USz/5eiLf5Csv7+5MT/ojZ3eKK4Ktb6+ZdLb3Sr/+b9319Z/+/qeP2vxD+atO7XLmy+jku/fdb1nmar1/+O5K1Gekf+2AfTi4vnJiN2JK+tfXxq9blFviifxT92qPP43xurr8QDEZFdxA9GxEMR8XDe9kci4tGIOLRO/D++9Ni7W4+/v7L4ZzfV/5tPVE7/8G23+jfW/0cbqbH8kY28/220gdt57QAAAODfIm18Bz5Jx1fSaTo+3vwO/77YldbmFxafOjH//tnZ5nflR2M4LVa6RlrWQyfzteEiP9WWP5KvG39R+X8jPz4zX5sddPBQcru7jP/M75VBtw7oO7/XgvIy/qG8jH8oL+Mfysv4h/LqNP4/GkA7gFvP5z+Ul/EP5WX8Q3kZ/1BK2/ldv0SZE5HeFs2Q6FNi0O9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfF3AAAA//+nX+c0")
19:07:28 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
[ 3440.746801][T28830] loop1: detected capacity change from 0 to 512
[ 3440.751111][T28836] loop3: detected capacity change from 0 to 512
[ 3440.759908][T28836] EXT4-fs: Ignoring removed nobh option
[ 3440.765485][T28836] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.771951][T28836] EXT4-fs: Ignoring removed nobh option
[ 3440.772146][T28830] EXT4-fs: Ignoring removed nobh option
[ 3440.783259][T28830] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3440.789753][T28830] EXT4-fs: Ignoring removed nobh option
19:07:28 executing program 0:
syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0xa709, 0x0, 0x0, 0x2b0}, &(0x7f00001e1000/0x2000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r2 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r2, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
syz_io_uring_setup(0x2, &(0x7f0000000280)={0x0, 0xcbe4, 0x1, 0x2, 0x26c}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000080)=0x0)
syz_io_uring_submit(r0, r3, &(0x7f0000000300)=@IORING_OP_NOP={0x0, 0x40}, 0x8)
r4 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r4, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:28 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff, 0x0, 0x10}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3440.811671][T28836] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3440.826733][T28830] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3440.841438][T28836] EXT4-fs (loop3): 1 truncate cleaned up
[ 3440.847209][T28830] EXT4-fs (loop1): 1 truncate cleaned up
19:07:28 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/senLoRvGvowf7TPWvIp5o9v9StMVfSNbfn5y4LWpzhyeKq2Ktn3+59Ea3+m/c//2V9f+ujtf/SvyjSet+7cLm67j0+2dd72m2ev3vSN5qpHfkj30wvbh4bjJiR/La2senVp9b5IvyWfxjhzqP/72x+ko8EBHZRfxgRDwUEQ/nbX8kIh6NiEPrxP/jS4+9u/X4+yuLf3ZT/b/5ROX0D992q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxqRPz75+dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvEXldsb+fGZ+drsoIOHktvdZfxn/qgMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/0QDaAdx8Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0lmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I1/AgAA//9DLuZZ")
19:07:28 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCaNttbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs8PNMpdX1ma/nNlaTqJWu2NP5J6uWsrS9NF0eLv9uWZ0TQi/SRp+YcNCxcunpmqVmfP5/nxxbPvji9cuPjU3Nmp07OnZ89Nnjhx/NjEs89MPt2VOLO4rg1/MH/40CtvXX5t+uTlt3/8OsnjjpY4umUkRtqFXvdotyvrsf1N6aSvhw1hSyoRkXVXf338D0Yl1jpvMF7+uKeNA3ZVrVarDXQ+vVwD/seS6HULgN4ovuiz+9/iuEFTj5vC1RcaN0BZ3Nfzo3GmL47nZfpb7m+7aSQiTi7/9UV2xC6tQwAANPs2m/882W7+l8bdTeVuz/dQhiLijog4EBF3RsTBiLgrol72noi4d4v1j7Tk189/0ivbCmyTsvnfc/ne1j/nf2lRZKiS5/bX4+9PTs1VZ4/m78lo9A9k+YkN6vjupV8+63Suef6XHVn9xVwwb8eVvpYFupmpxamdxNzs6kcRw33t4k9WdwKSiDgUEcPbrGPu8a8Odzr37/FvoAv7TLUvIx5r9P9ytMRfSDbenxy/JaqzR8eLq2K9n36+9Hqn+ncUfxdk/b+37fW/Gv9Q0rxfu7D1Oi799mnHe5rtXv97kjfr6T35a+9PLS6en4jYk7y6/vXJtb8t8kX5LP7RI+3H/4FYeyfui4jsIr4/Ih6IiAfztj8UEQ9HxJEN4v/hxUfe2X78uyuLf2ZL/b/1ROXM9990qn9z/d+4Ex/NX9nM599mG7iT9w4AAAD+K9L6M/BJOraaTtOxscYz/Adjb1qdX1h84tT8e+dmGs/KD0V/Wqx0DTath07ka8NFfrIlfyxfN/68cms9PzY9X53pdfBQcvs6jP/M75Vetw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVbvx/2IN2ADee738oL+Mfysv4h/Iy/qGUdvK7fokyJyK9KZohsUuJXn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMffAQAA//8PS+bO")
19:07:28 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x80}, &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000840)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c602000000000000007a000000080003002bb8afbd0de9e26c148269301309a0d6dcd11fee02b3e0a95178b0e8f603d0d68200383f12b4348418", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:28 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async, rerun: 32)
io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x14, &(0x7f00000047c0)=[{0x7, 0x1, 0x0, &(0x7f0000000740)=[{&(0x7f0000000080)=""/3, 0x3}, {&(0x7f0000000280)=""/195, 0xc3}, {&(0x7f0000000380)=""/187, 0xbb}, {&(0x7f0000000440)=""/160, 0xa0}, {&(0x7f0000000500)=""/203, 0xcb}, {&(0x7f0000000600)=""/43, 0x2b}, {&(0x7f0000000640)=""/203, 0xcb}], &(0x7f00000007c0)=[0x5, 0x1, 0x5, 0x90f, 0x6]}, {0x4, 0x1, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000800)=""/166, 0xa6}, {&(0x7f00000008c0)=""/244, 0xf4}, {&(0x7f00000009c0)=""/17, 0x11}, {&(0x7f0000000a00)=""/216, 0xd8}], &(0x7f0000000b40)=[0x4, 0x6, 0x400, 0x0]}, {0x4, 0x1, 0x0, &(0x7f0000001d00)=[{&(0x7f0000000b80)=""/93, 0x5d}, {&(0x7f0000000c00)=""/116, 0x74}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000001c80)=""/66, 0x42}], &(0x7f0000001d40)=[0x7fff, 0xc59a, 0x8, 0x100000001, 0x10000, 0x7fffffff, 0xc584, 0x100000000, 0x9]}, {0x6, 0x0, 0x0, &(0x7f0000003100)=[{&(0x7f0000001dc0)=""/117, 0x75}, {&(0x7f0000001e40)=""/82, 0x52}, {&(0x7f0000001ec0)=""/123, 0x7b}, {&(0x7f0000001f40)=""/170, 0xaa}, {&(0x7f0000002000)=""/202, 0xca}, {&(0x7f0000002100)=""/4096, 0x1000}], &(0x7f0000003180)=[0x1, 0x7, 0x9910, 0x0, 0x0, 0x8, 0x7f]}, {0x7, 0x1, 0x0, &(0x7f0000004580)=[{&(0x7f00000031c0)=""/4096, 0x1000}, {&(0x7f00000041c0)=""/234, 0xea}, {&(0x7f00000042c0)=""/123, 0x7b}, {&(0x7f0000004340)=""/189, 0xbd}, {&(0x7f0000004400)=""/174, 0xae}, {&(0x7f00000044c0)=""/6, 0x6}, {&(0x7f0000004500)=""/105, 0x69}], &(0x7f0000004600)=[0x1, 0x40, 0x800, 0x7ff, 0x1, 0xffffffffffffffff]}, {0x1, 0x1, 0x0, &(0x7f0000004740)=[{&(0x7f0000004640)=""/240, 0xf0}], &(0x7f0000004780)=[0x548, 0x1, 0x1, 0x3f, 0x6, 0xffffffffffff8001, 0x400, 0x10000]}], 0x6) (async, rerun: 32)
io_uring_enter(r0, 0x170e, 0x5538, 0x12, &(0x7f0000004a40)={[0x5]}, 0x8) (async, rerun: 64)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (rerun: 64)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async, rerun: 32)
fsetxattr$security_selinux(r0, &(0x7f0000004880), &(0x7f00000048c0)='system_u:object_r:hwclock_exec_t:s0\x00', 0x24, 0x1) (rerun: 32)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004900), 0x131000, 0x0)
epoll_pwait2(r2, &(0x7f0000004940)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, &(0x7f00000049c0)={0x0, 0x989680}, &(0x7f0000004a00)={[0x3f]}, 0x8)
[ 3441.012049][T28883] loop1: detected capacity change from 0 to 512
[ 3441.015325][T28884] loop3: detected capacity change from 0 to 512
[ 3441.025124][T28884] EXT4-fs: Ignoring removed nobh option
[ 3441.030644][T28883] EXT4-fs: Ignoring removed nobh option
[ 3441.030889][T28884] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.036413][T28883] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.042956][T28884] EXT4-fs: Ignoring removed nobh option
[ 3441.049490][T28883] EXT4-fs: Ignoring removed nobh option
19:07:28 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x14, &(0x7f00000047c0)=[{0x7, 0x1, 0x0, &(0x7f0000000740)=[{&(0x7f0000000080)=""/3, 0x3}, {&(0x7f0000000280)=""/195, 0xc3}, {&(0x7f0000000380)=""/187, 0xbb}, {&(0x7f0000000440)=""/160, 0xa0}, {&(0x7f0000000500)=""/203, 0xcb}, {&(0x7f0000000600)=""/43, 0x2b}, {&(0x7f0000000640)=""/203, 0xcb}], &(0x7f00000007c0)=[0x5, 0x1, 0x5, 0x90f, 0x6]}, {0x4, 0x1, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000800)=""/166, 0xa6}, {&(0x7f00000008c0)=""/244, 0xf4}, {&(0x7f00000009c0)=""/17, 0x11}, {&(0x7f0000000a00)=""/216, 0xd8}], &(0x7f0000000b40)=[0x4, 0x6, 0x400, 0x0]}, {0x4, 0x1, 0x0, &(0x7f0000001d00)=[{&(0x7f0000000b80)=""/93, 0x5d}, {&(0x7f0000000c00)=""/116, 0x74}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000001c80)=""/66, 0x42}], &(0x7f0000001d40)=[0x7fff, 0xc59a, 0x8, 0x100000001, 0x10000, 0x7fffffff, 0xc584, 0x100000000, 0x9]}, {0x6, 0x0, 0x0, &(0x7f0000003100)=[{&(0x7f0000001dc0)=""/117, 0x75}, {&(0x7f0000001e40)=""/82, 0x52}, {&(0x7f0000001ec0)=""/123, 0x7b}, {&(0x7f0000001f40)=""/170, 0xaa}, {&(0x7f0000002000)=""/202, 0xca}, {&(0x7f0000002100)=""/4096, 0x1000}], &(0x7f0000003180)=[0x1, 0x7, 0x9910, 0x0, 0x0, 0x8, 0x7f]}, {0x7, 0x1, 0x0, &(0x7f0000004580)=[{&(0x7f00000031c0)=""/4096, 0x1000}, {&(0x7f00000041c0)=""/234, 0xea}, {&(0x7f00000042c0)=""/123, 0x7b}, {&(0x7f0000004340)=""/189, 0xbd}, {&(0x7f0000004400)=""/174, 0xae}, {&(0x7f00000044c0)=""/6, 0x6}, {&(0x7f0000004500)=""/105, 0x69}], &(0x7f0000004600)=[0x1, 0x40, 0x800, 0x7ff, 0x1, 0xffffffffffffffff]}, {0x1, 0x1, 0x0, &(0x7f0000004740)=[{&(0x7f0000004640)=""/240, 0xf0}], &(0x7f0000004780)=[0x548, 0x1, 0x1, 0x3f, 0x6, 0xffffffffffff8001, 0x400, 0x10000]}], 0x6)
io_uring_enter(r0, 0x170e, 0x5538, 0x12, &(0x7f0000004a40)={[0x5]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
fsetxattr$security_selinux(r0, &(0x7f0000004880), &(0x7f00000048c0)='system_u:object_r:hwclock_exec_t:s0\x00', 0x24, 0x1) (async)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004900), 0x131000, 0x0)
epoll_pwait2(r2, &(0x7f0000004940)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, &(0x7f00000049c0)={0x0, 0x989680}, &(0x7f0000004a00)={[0x3f]}, 0x8)
[ 3441.080860][T28884] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3441.103782][T28883] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3441.119566][T28884] EXT4-fs (loop3): 1 truncate cleaned up
[ 3441.131210][T28883] EXT4-fs (loop1): 1 truncate cleaned up
19:07:28 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 38)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:28 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000100000018000000eb1c1833e19eba784bdc256015e9a739adcdfad432cb95273ddec6807f1700debdb9c1502fc138cebda03a21aff85e7554fdda52539a6e415e1a55d1a04167008a74f0e991b154682374eedeaa87de97504ee1cf799a36bb62ba702b327a27923e0b37046d538124e9d2f030b5cae2d1e9b0d44f9f2264654791c184039fab9e228dedb1883017e8211b4f89c608946d986407b9d65eeac090798c24b4bd4f270016fbca1d1ea2be35ec830b02cf583e9fb0f1cee2d138a88a011d82b367d354a7ab7caf1b34b20b3cf92d2c22d6969042ea4d6a4fc0233ca640eb8dcaecf1e87ef0d88e2353b719bf7b4fc0b19c47bba4c4eab3d4e6c86eb7368da6db69c44a8db075cb1d09bed0f6cd262a2d24fdaa08671f95f6a5f65179b8bf42ebc435c6795d7deb70f4b9746b875f33bd49c2b7a7cb520302b9", @ANYRES32, @ANYBLOB='\x00\x000\x00'/13])
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:28 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2ruJcew0D7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7L00l7gWrzz/XlizN/LV+cSaJef/PPpFHu2vLFmaJo8bzdeWYsjUg/Tdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXDnw4f3D/q29ffn3m+OV3fvomyeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4ZaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnD1xeYNUBb39fxonhmKNC8z3HZ/20vViDi+9PeX2RF9WocAAGj1XTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9IrWwpsg7L53wv53ta/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vn/518+7nWud/2VHVn8xF8zbcWWobYFudnpxejsxt7r6ccSBoU7xJys7AUlE7I+IA1us49STXx/serJ6o/jX0YN9pvpXEU80+38p2uIvJOvvT07cFrW5wxPFVbHWz79ceqNb/Tfu//7K+n9Xx+t/Jf7RpHW/dmHzdVz6/bOu9zRbvf53JG810jvyxz6YXlw8NxmxI3lt7eNTq88t8kX5LP6xQ53H/95YfSUeiIjsIn4wIh6KiIfztj8SEY9GxKF14v/xpcfe3Xr8/ZXFP7up/t98onL6h2+71b+x/j/aSI3lj2zk/W+jDdzOawcAAAD/FWnjO/BJOr6STtPx8eZ3+PfFrrQ2v7D41In598/ONr8rPxrDabHSNdKyHjqZrw0X+am2/JF83fiLyu2N/PjMfG120MFDye3uMv4zf1QG3Tqg7/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/aADtAG4+n/9QXsY/lJfxD+Vl/EMpbed3/RJlTkR6SzRDok+JQb8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MY/AQAA//+7ZuZ1")
19:07:28 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrvP4/VpKQimPhgKBgoh4JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E+PYIQ+nLuznI600451k5uvZsWdn1gGU1mhEDEXEbRHxS55OWgqsDDbK3VhdnvljdXkmiVrt9d+Ternrq8szRdHi7/bnmbE0Iv04afmHDYsXL52drlbnLuT5iaVz70wsXrz01Py56TNzZ+bOT508eeL45LPPTD3dlTizuK6PvL9w5PDLb155debUlbd++CrJ446WOLplNEbbhV73aLcr67EDTemkr4cNYVsqEZF1V399/A9FJdY7byhe+qinjQP2VK1Wqw12Pr1SA/7Dkuh1C4DeKL7os/vf4rhJU49bwrXnGzdAWdw38qNxpi9O5GX6W+5vu2k0Ik6t/Pl5dsQerUMAADT7Jpv/PNlu/pfG3U3lbs/3UIYj4o6IOBgRd0bEoYi4K6Je9p6IuHeb9Y+25DfOf9KrOwpsi7L533P53tbf539pUWS4kucO1OPvT07PV+eO5e/JWPQPZvnJTer49sWfP+10rnn+lx1Z/cVcMG/H1b6WBbrZ6aXp3cTc7NqHESN97eJP1nYCkog4HBEjO6xj/vEvj3Q698/xb6IL+0y1LyIea/T/SrTEX0g235+c+F9U545NFFfFRj/+dPm1TvXvKv4uyPp/X9vrfy3+4aR5v3Zx+3Vc/vWTjvc0O73+B5I36umB/LX3ppeWLkxGDCSvbHx9av1vi3xRPot/7Gj78X8w1t+J+yIiu4jvj4gHIuLBvO0PRcTDEXF0k/i/f+GRt3ce/97K4p/dVv9vP1E5+93XnerfWv837sTH8le28vm31Qbu5r0DAACAf4u0/gx8ko6vpdN0fLzxDP+h2JdWFxaXnji98O752caz8sPRnxYrXUNN66GT+dpwkZ9qyR/P140/q/y/nh+fWajO9jp4KLn9HcZ/5rdKr1sH7Dm/14LyMv6hvIx/KC/jH8rL+Ifyajf+P+hBO4Cbz/c/lJfxD+Vl/EN5Gf9QSrv5Xb9EmROR3hLNkNijRK8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrjrwAAAP//FTznDg==")
[ 3441.309826][T28920] loop3: detected capacity change from 0 to 512
[ 3441.314294][T28923] loop1: detected capacity change from 0 to 512
[ 3441.316850][T28920] EXT4-fs: Ignoring removed nobh option
[ 3441.328064][T28920] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.334516][T28920] EXT4-fs: Ignoring removed nobh option
[ 3441.340528][T28924] FAULT_INJECTION: forcing a failure.
[ 3441.340528][T28924] name failslab, interval 1, probability 0, space 0, times 0
[ 3441.350843][T28923] EXT4-fs: Ignoring removed nobh option
[ 3441.353148][T28924] CPU: 0 PID: 28924 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3441.358735][T28923] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.369047][T28924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3441.375582][T28923] EXT4-fs: Ignoring removed nobh option
[ 3441.385589][T28924] Call Trace:
[ 3441.385596][T28924]
[ 3441.397434][T28924] dump_stack_lvl+0xda/0x130
[ 3441.398992][T28920] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3441.402028][T28924] dump_stack+0x15/0x20
[ 3441.420287][T28924] should_fail_ex+0x21f/0x230
[ 3441.425015][T28924] __should_failslab+0x92/0xa0
[ 3441.429789][T28924] should_failslab+0x9/0x20
[ 3441.434303][T28924] slab_pre_alloc_hook+0x38/0x180
[ 3441.435524][T28920] EXT4-fs (loop3): 1 truncate cleaned up
[ 3441.439363][T28924] __kmem_cache_alloc_node+0x46/0x250
[ 3441.439384][T28924] ? io_drain_req+0x1e1/0x4f0
[ 3441.455097][T28924] kmalloc_trace+0x2a/0xa0
[ 3441.459606][T28924] io_drain_req+0x1e1/0x4f0
[ 3441.464142][T28924] io_queue_sqe_fallback+0xd1/0xe0
[ 3441.469309][T28924] io_submit_sqes+0xbf8/0xfe0
[ 3441.474062][T28924] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3441.479610][T28924] ? __fget_files+0x1c4/0x200
[ 3441.484293][T28924] ? mutex_lock+0xd/0x30
[ 3441.489007][T28924] ? fput+0x112/0x140
[ 3441.492990][T28924] ? ksys_write+0x178/0x1a0
[ 3441.497509][T28924] __x64_sys_io_uring_enter+0x78/0x90
[ 3441.502881][T28924] do_syscall_64+0x41/0xc0
[ 3441.507295][T28924] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3441.513188][T28924] RIP: 0033:0x7fbf4da9f169
[ 3441.517686][T28924] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3441.537480][T28924] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3441.547019][T28924] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3441.554986][T28924] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3441.563312][T28924] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3441.571274][T28924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3441.579234][T28924] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3441.587227][T28924]
19:07:29 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolVFA0LliCpxRxyR+As4wQUBJySucEeVKpRLCyejtXcT49ghD7su7O8nrTLjHWfm8+zYszN2AKVVjYiRiLgjIn7N00l7gWrzz43lizN/Ll+cSaJef/OPpFHu+vLFmaJo8bzdeWYsjUg/Sdr+YdPC+Qunp2u1uXN5fmLxzHsTC+cvPHPqzPTJuZNzZ6eOHTt6ZPL556ae7UmcWVzXD3w4f3D/q29feX3m+JV3fvw6yeOOtjh6pRrVTqE3PN7rygZsT0s6GRpgQ9iUSkRk3TXcGP8jUYnVzhuJVz4eaOOAvqrX6/Wd3U8v1YH/sSQG3QJgMIoP+uz+tzhu0tTjlnDtxeYNUBb3jfxonhmKNC8z3HZ/20vViDi+9NcX2RF9WocAAGj1bTb/ebrT/C+Ne1vK3ZnvoYxGxF0RsTci7o6IfRFxT0Sj7H0Rcf8m66+25dfOf9KrWwpsg7L53wv53tY/53/F7C9GK3luTyP+4eTEqdrc4fw1GYvhnVl+cp06vnv5l8+6nWud/2VHVn8xF8zbcXWobYFudnpxejsxt7r2UcSBoU7xJys7AUlE7I+IA1us49STXx3sdq5er19aP/519GCfqf5lxBPN/l+KtvgLyfr7kxO3RW3u8ERxVaz108+X3+hW/7/3f39l/b+r4/W/Ev9o0rpfu7D5Oi7/9mnXe5qtXv87krca6R35Yx9MLy6em4zYkby29vGp1ecW+aJ8Fv/Yoc7jf2+svhIPRER2ET8YEQ9FxMN52x+JiEcj4tA68f/w0mPvbj3+/srin91U/28+UTn9/Tfd6t9Y/x9tpMbyRzby/rfRBm7ntQMAAID/irTxHfgkHV9Jp+n4ePM7/PtiV1qbX1h86sT8+2dnm9+VH43htFjpGmlZD53M14aL/FRb/ki+bvx55fZGfnxmvjY76OCh5HZ3Gf+Z3yuDbh3Qd36vBeVl/EN5Gf9QXsY/lJfxD+XVafxfGkA7gJvP5z+Ul/EP5WX8Q3kZ/1BK2/ldv0SZE5HeEs2Q6FNi0O9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfF3AAAA//9MSOnR")
[ 3441.598389][T28923] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3441.613735][T28923] EXT4-fs (loop1): 1 truncate cleaned up
19:07:29 executing program 0:
syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0xa709, 0x0, 0x0, 0x2b0}, &(0x7f00001e1000/0x2000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4) (async)
r2 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r2, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0) (async)
syz_io_uring_setup(0x2, &(0x7f0000000280)={0x0, 0xcbe4, 0x1, 0x2, 0x26c}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000080)=0x0)
syz_io_uring_submit(r0, r3, &(0x7f0000000300)=@IORING_OP_NOP={0x0, 0x40}, 0x8)
r4 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r4, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:29 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCaNttbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgSsDjXI3Vpam/1xZmk6iVnvzj6Re7vrK0nRRtPi7fXlmNI1IP01a/mHDwoWLZ6aq1dnzeX588ex74wsXLj4zd3bq9Ozp2XOTJ04cPzbx/HOTz3Ylziyu68Mfzh8+9Orbl1+fPnn5nR+/SfK4oyWObhmJkXah1z3e7cp6bH9TOunrYUPYkkpEZN3VXx//g1GJtc4bjFc+6WnjgF1Vq9VqA51PL9eA/7Eket0CoDeKL/rs/rc4btLU45Zw7cXGDVAW9438aJzpi+N5mf6W+9tuGomIk8t/fZkdsUvrEAAAza5k85+n283/0ri3qdyd+R7KUETcFREHIuLuiDgYEfdE1MveFxH3b7H+kZb8+vlPenVbgW1SNv97Id/b+uf8Ly2KDFXy3P56/P3Jqbnq7NH8PRmN/oEsP7FBHd+9/Mvnnc41z/+yI6u/mAvm7bja17JANzO1OLWTmJtd+zhiuK9d/MnqTkASEYciYnibdcw9+fXhTuf+Pf4NdGGfqfZVxBON/l+OlvgLycb7k+O3RXX26HhxVaz308+X3uhU/47i74Ks//e2vf5X4x9KmvdrF7Zex6XfPut4T7Pd639P8lY9vSd/7YOpxcXzExF7ktfWvz659rdFviifxT96pP34PxBr78QDEZFdxA9GxEMR8XDe9kci4tGIOLJB/D+89Ni7249/d2Xxz2yp/7eeqJz5/ttO9W+u/xt34qP5K5v5/NtsA3fy3gEAAMB/RVp/Bj5Jx1bTaTo21niG/2DsTavzC4tPnZp//9xM41n5oehPi5Wuwab10Il8bbjIT7bkj+Xrxl9Ubq/nx6bnqzO9Dh5Kbl+H8Z/5vdLr1gG7zu+1oLyMfygv4x/Ky/iH8jL+obzajf+PetAO4Obz/Q/lZfxDeRn/UF7GP5TSTn7XL1HmRKS3RDMkdinR608mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vg7AAD//xst504=")
19:07:29 executing program 0:
syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0xa709, 0x0, 0x0, 0x2b0}, &(0x7f00001e1000/0x2000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4) (async)
r2 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r2, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
syz_io_uring_setup(0x2, &(0x7f0000000280)={0x0, 0xcbe4, 0x1, 0x2, 0x26c}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000080)=0x0)
syz_io_uring_submit(r0, r3, &(0x7f0000000300)=@IORING_OP_NOP={0x0, 0x40}, 0x8)
r4 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r4, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3441.680289][T28948] loop3: detected capacity change from 0 to 512
[ 3441.686856][T28948] EXT4-fs: Ignoring removed nobh option
[ 3441.692521][T28948] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.699000][T28948] EXT4-fs: Ignoring removed nobh option
[ 3441.707591][T28948] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3441.728866][T28948] EXT4-fs (loop3): 1 truncate cleaned up
[ 3441.734232][T28956] loop1: detected capacity change from 0 to 512
[ 3441.741826][T28956] EXT4-fs: Ignoring removed nobh option
[ 3441.747425][T28956] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.753917][T28956] EXT4-fs: Ignoring removed nobh option
[ 3441.762799][T28956] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:29 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kLLSWhlEdLAUNBRDySJi3QAxcQSBxAQoJDOYYkrUrdBjVBolUFAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhQtGa+8mxrFDHnZd2N9PWmXGO87M59mxZ2fsAEqrGhEjEXFbRPySp5P2AtXmn+vLF2f+WL44k0S9/vrvSaPcteWLM0XR4nm788xYGpF+nLT9w6aF8xdOT9dqc+fy/MTimXcmFs5feOrUmemTcyfnzk4dO3b0yOSzz0w93ZM4s7iuHXh//uD+l9+8/OrM8ctv/fBVkscdbXH0SjWqnUJveLTXlQ3YnpZ0MjTAhrAplYjIumu4Mf5HohKrnTcSL3000MYBfVWv1+s7u59eqgP/Y0kMugXAYBQf9Nn9b3HcoKnHTeHq880boCzu6/nRPDMUaV5muO3+tpeqEXF86c/PsyP6tA4BANDqm2z+82Sn+V8ad7eUuz3fQxmNiDsiYm9E3BkR+yLirohG2Xsi4t5N1l9ty6+d/6RXthTYBmXzv+fyva1/zv+K2V+MVvLcnkb8w8mJU7W5w/lrMhbDO7P85Dp1fPviz592O9c6/8uOrP5iLpi348pQ2wLd7PTi9HZibnX1w4gDQ53iT1Z2ApKI2B8RB7ZYx6nHvzzY7dxf9Xp9/fjX0YN9pvoXEY81+38p2uIvJOvvT07cErW5wxPFVbHWjz9deq1b/f/e//2V9f+ujtf/SvyjSet+7cLm67j06ydd72m2ev3vSN5opHfkj703vbh4bjJiR/LK2senVp9b5IvyWfxjhzqP/72x+krcFxHZRXx/RDwQEQ/mbX8oIh6OiEPrxP/9C4+8vfX4+yuLf3ZT/b/5ROX0d193q39j/X+0kRrLH9nI+99GG7id1w4AAAD+K9LGd+CTdHwlnabj483v8O+LXWltfmHxiRPz756dbX5XfjSG02Kla6RlPXQyXxsu8lNt+SP5uvFnlVsb+fGZ+drsoIOHktvdZfxnfqsMunVA3/m9FpSX8Q/lZfxDeRn/UF7GP5RXp/H/wQDaAdx4Pv+hvIx/KC/jH8rL+IdS2s7v+iXKnIj0pmiGRJ8Sg35nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I2/AwAA//9IHOpQ")
[ 3441.777198][T28956] EXT4-fs (loop1): 1 truncate cleaned up
[ 3441.798422][T28962] loop3: detected capacity change from 0 to 512
[ 3441.804876][T28962] EXT4-fs: Ignoring removed nobh option
[ 3441.810632][T28962] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.817568][T28962] EXT4-fs: Ignoring removed nobh option
19:07:29 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x80}, &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async, rerun: 32)
listen(r2, 0x0) (async, rerun: 32)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async, rerun: 32)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000840)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c602000000000000007a000000080003002bb8afbd0de9e26c148269301309a0d6dcd11fee02b3e0a95178b0e8f603d0d68200383f12b4348418", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async, rerun: 32)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async, rerun: 32)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async, rerun: 32)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async, rerun: 32)
clock_gettime(0x5, &(0x7f0000000800)) (async, rerun: 64)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async, rerun: 64)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:29 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10laWkpCKY+GAoGCiHgkTVqgBy4gkDiAhASHcgxJWoW6DWqCRKsIAkLliCpxRxyR+As4wQUBJySucEeVKpRLCyejtXcT49ghD6cu7O8nrTLjHWfm8+zYszN2AKU1EhGDEXF7RPyap5PWAnsbf26sLE3/ubI0nUSt9sYfSb3c9ZWl6aJo8bz9eWY0jUg/SVr+YcPCxUtnp6rV2Qt5fnzx3LvjCxcvPT13burM7JnZ85MnT544PvHcs5PPdCXOLK7rwx/MHzn8yltXXps+deXtH79O8rijJY5uGYmRdqHXPdbtynrsQFM66ethQ9iSSkRk3dVfH/+DUYm1zhuMlz/uaeOAXVWr1Wp7Op9ergH/Y0n0ugVAbxQf9Nn9b3HcpKnHLeHaC40boCzuG/nRONMXJ/Iy/S33t900EhGnlv/6Ijtil9YhAACafZvNf55qN/9L456mcnfkeyhDEXFnRByMiLsi4lBE3B1RL3tvRNy3xfpHWvLr5z/p1W0FtknZ/O/5fG/rn/O/tCgyVMlzB+rx9yen56qzx/LXZDT692T5iQ3q+O6lXz7rdK55/pcdWf3FXDBvx9W+lgW6manFqZ3E3OzaRxHDfe3iT1Z3ApKIOBwRw9usY+6Jr450Ovfv8W+gC/tMtS8jHm/0/3K0xF9INt6fHN8b1dlj48VVsd5PP19+vVP9O4q/C7L+39f2+l+Nfyhp3q9d2Hodl3/7tOM9zXav/4HkzXp6IH/s/anFxQsTEQPJq+sfn1x7bpEvymfxjx5tP/4PxtorcX9EZBfxAxHxYEQ8lLf94Yh4JCKObhD/Dy8++s72499dWfwzW+r/rScqZ7//plP9m+v/xp34aP7IZt7/NtvAnbx2AAAA8F+R1r8Dn6Rjq+k0HRtrfIf/UOxLq/MLi0+enn/v/Ezju/JD0Z8WK12DTeuhE/nacJGfbMkfz9eNP6/cVs+PTc9XZ3odPJTc/g7jP/N7pdetA3ad32tBeRn/UF7GP5SX8Q/lZfxDebUb/x/2oB3AzefzH8rL+IfyMv6hvIx/KKWd/K5fosyJSG+JZkjsUqLX70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8XcAAAD//wVx5o8=")
[ 3441.825936][T28962] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3441.842008][T28962] EXT4-fs (loop3): 1 truncate cleaned up
[ 3441.867288][T28967] loop1: detected capacity change from 0 to 512
[ 3441.874125][T28967] EXT4-fs: Ignoring removed nobh option
19:07:29 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQqdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz7surC/n7TKjHecmcezY8/O2AGUVjUiRiLitoj4JU8n7QWqzT83VpZm/lhZmkmiXn/996RR7vrK0kxRtHje3jwzlkakHydt/7Bp4eKls9O12tyFPD+xeO6diYWLl546c2769NzpufNTJ04cPzb57DNTT/ckziyu64fenz988OU3r7w6c/LKWz98leRxR1scvVKNaqfQGx7tdWUDtq8lnQwNsCFsSSUisu4aboz/kajEWueNxEsfDbRxQF/V6/X67u6nl+vAf1gSg24BMBjFB312/1scN2nqcUu49nzzBiiL+0Z+NM8MRZqXGW67v+2lakScXP7z8+yIPq1DAAC0+iab/zzZaf6Xxt0t5W7P91BGI+KOiNgfEXdGxIGIuCuiUfaeiLh3i/VX2/Lr5z/p1W0FtknZ/O+5fG/r7/O/YvYXo5U8t68R/3By6kxt7mj+mozF8O4sP7lBHd+++POn3c61zv+yI6u/mAvm7bg61LZANzu9OL2TmFtd+zDi0FCn+JPVnYAkIg5GxKFt1nHm8S8PdzuX3YNsHP8GerDPVP8i4rFm/y9HW/yFZOP9yYn/RW3u6ERxVaz340+XX+tW/z/3f39l/b+n4/W/Gv9o0rpfu7D1Oi7/+knXe5rtXv+7kjca6V35Y+9NLy5emIzYlbyy/vGptecW+aJ8Fv/Ykc7jf3+svRL3RUR2Ed8fEQ9ExIN52x+KiIcj4sgG8X//wiNvbz/+/srin91S/289UTn73dfd6t9c/x9vpMbyRzbz/rfZBu7ktQMAAIB/i7TxHfgkHV9Np+n4ePM7/AdiT1qbX1h84tT8u+dnm9+VH43htFjpGmlZD53M14aL/FRb/li+bvxZ5f+N/PjMfG120MFDye3tMv4zv1UG3Tqg7/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/YADtAG4+n/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6SzRDok+JQb8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MZfAQAA//8n2OpR")
[ 3441.879742][T28967] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.886255][T28967] EXT4-fs: Ignoring removed nobh option
[ 3441.911357][T28967] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3441.924860][T28981] loop3: detected capacity change from 0 to 512
[ 3441.926487][T28967] EXT4-fs (loop1): 1 truncate cleaned up
[ 3441.932175][T28981] EXT4-fs: Ignoring removed nobh option
[ 3441.942991][T28981] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3441.949504][T28981] EXT4-fs: Ignoring removed nobh option
[ 3441.956770][T28981] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3441.971211][T28981] EXT4-fs (loop3): 1 truncate cleaned up
19:07:29 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 39)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:29 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x80}, &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000840)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c602000000000000007a000000080003002bb8afbd0de9e26c148269301309a0d6dcd11fee02b3e0a95178b0e8f603d0d68200383f12b4348418", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async, rerun: 64)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:29 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10nat31LQikfDQUCBRHxkTRpgR44AAKJA0hIcCjHkKRVqNugJki0iiAgVI6oEnfEEYm/gBNcEHBC4gp3VKlCubRwMlp7NzGOHfLh1IX9/aSVZryTzDyeHXt2Zh1AaY1ExGBE/D8ifsnTSUuB5/Y2yt1YWZr+Y2VpOola7fXfk3q56ytL00XR4u/255nRNCL9OGn5hw0LFy+dnapWZy/k+fHFc++ML1y89OTcuakzs2dmz0+ePHni+MQzT08+1ZU4s7iuD78/f+Twy29eeXX61JW3fvgqyeOOlji6ZSRG2oVe90i3K+uxA03ppK+HDWFLKhGRdVd/ffwPRiXWOm8wXvqop40DdlWtVqvt6Xx6uQb8hyXR6xYAvVF80Wf3v8Vxk6Yet4RrzzdugLK4b+RH40xfnMjL9Lfc33bTSEScWv7z8+yIXVqHAABo9k02/3mi3fwvjbuayt2W76EMRcTtEXEwIu6IiEMRcWdEvezdEXHPFusfacmvn/+kV7cV2CZl879n872tv8//0qLIUCXPHajH35+cnqvOHsvfk9Ho35PlJzao49sXf/6007nm+V92ZPUXc8G8HVf7WhboZqYWp3YSc7NrH0YM97WLP1ndCUgi4nBEDG+zjrnHvjzS6dw/x7+BLuwz1b6IeLTR/8vREn8h2Xh/cnxvVGePjRdXxXo//nT5tU717yj+Lsj6f1/b6381/qGkeb92Yet1XP71k473NNu9/geSN+rpgfy196YWFy9MRAwkr6x/fXLtb4t8UT6Lf/Ro+/F/MNbeiXsjIruI74uI+yPigbztD0bEQxFxdIP4v3/h4be3H//uyuKf2VL/bz1ROfvd153q31z/N+7ER/NXNvP5t9kG7uS9AwAAgH+LtP4MfJKOrabTdGys8Qz/odiXVucXFh8/Pf/u+ZnGs/JD0Z8WK12DTeuhE/nacJGfbMkfz9eNP6v8r54fm56vzvQ6eCi5/R3Gf+a3Sq9bB+w6v9eC8jL+obyMfygv4x/Ky/iH8mo3/j/oQTuAm8/3P5SX8Q/lZfxDeRn/UEo7+V2/RJkTkd4SzZDYpUSvP5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6468AAAD//wti5s8=")
19:07:29 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQxIndWF/P2mVGe84M49nx56dsQMorWpEDEXEbRHxS55O2gtUm39urCxN/7GyNJ1Evf7670mj3PWVpemiaPG8/XlmNI1IP07a/mHTwsVLZ6dqtdkLeX588dw74wsXLz01d27qzOyZ2fOTJ0+eOD7x7DOTT+9InFlc10fenz9y+OU3r7w6ferKWz98leRxR1scO6Ua1U6hNzy605X12YGWdDLQx4awJZWIyLprsDH+h6ISa503FC991NfGAbuqXq/X93Y/vVwH/sOS6HcLgP4oPuiz+9/iuElTj1vCteebN0BZ3Dfyo3lmINK8zGDb/e1OqkbEqeU/P8+O2KV1CACAVt9k858nO83/0ri7pdzt+R7KcETcEREHI+LOiDgUEXdFNMreExH3brH+alt+/fwnvbqtwDYpm/89l+9t/X3+V8z+YriS5w404h9MTs/VZo/lr8loDO7N8hMb1PHtiz9/2u1c6/wvO7L6i7lg3o6rA20LdDNTi1O9xNzq2ocRIwOd4k9WdwKSiDgcESPbrGPu8S+PdDv3z/FvpPeNpvoXEY81+3852uIvJBvvT47/L2qzx8aLq2K9H3+6/Fq3+nuLv3dZ/+/reP2vxj+ctO7XLmy9jsu/ftL1nma71/+e5I1Gek/+2HtTi4sXJiL2JK+sf3xy7blFviifxT96tPP4Pxhrr8R9EZFdxPdHxAMR8WDe9oci4uGIOLpB/N+/8Mjb249/d2Xxz2yp/7eeqJz97utu9W+u/080UqP5I5t5/9tsA3t57QAAAODfIm18Bz5Jx1bTaTo21vwO/6HYl9bmFxafOD3/7vmZ5nflh2MwLVa6hlrWQyfyteEiP9mWP56vG39W+X8jPzY9X5vpd/BQcvu7jP/Mb5V+tw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVafx/0Id2ADefz38oL+Mfysv4h/Iy/qGUevldv0SZE5HeEs2Q2KVEv9+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdsZfAQAA//+7guZ1")
19:07:29 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000100000018000000eb1c1833e19eba784bdc256015e9a739adcdfad432cb95273ddec6807f1700debdb9c1502fc138cebda03a21aff85e7554fdda52539a6e415e1a55d1a04167008a74f0e991b154682374eedeaa87de97504ee1cf799a36bb62ba702b327a27923e0b37046d538124e9d2f030b5cae2d1e9b0d44f9f2264654791c184039fab9e228dedb1883017e8211b4f89c608946d986407b9d65eeac090798c24b4bd4f270016fbca1d1ea2be35ec830b02cf583e9fb0f1cee2d138a88a011d82b367d354a7ab7caf1b34b20b3cf92d2c22d6969042ea4d6a4fc0233ca640eb8dcaecf1e87ef0d88e2353b719bf7b4fc0b19c47bba4c4eab3d4e6c86eb7368da6db69c44a8db075cb1d09bed0f6cd262a2d24fdaa08671f95f6a5f65179b8bf42ebc435c6795d7deb70f4b9746b875f33bd49c2b7a7cb520302b9", @ANYRES32, @ANYBLOB='\x00\x000\x00'/13])
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000100000018000000eb1c1833e19eba784bdc256015e9a739adcdfad432cb95273ddec6807f1700debdb9c1502fc138cebda03a21aff85e7554fdda52539a6e415e1a55d1a04167008a74f0e991b154682374eedeaa87de97504ee1cf799a36bb62ba702b327a27923e0b37046d538124e9d2f030b5cae2d1e9b0d44f9f2264654791c184039fab9e228dedb1883017e8211b4f89c608946d986407b9d65eeac090798c24b4bd4f270016fbca1d1ea2be35ec830b02cf583e9fb0f1cee2d138a88a011d82b367d354a7ab7caf1b34b20b3cf92d2c22d6969042ea4d6a4fc0233ca640eb8dcaecf1e87ef0d88e2353b719bf7b4fc0b19c47bba4c4eab3d4e6c86eb7368da6db69c44a8db075cb1d09bed0f6cd262a2d24fdaa08671f95f6a5f65179b8bf42ebc435c6795d7deb70f4b9746b875f33bd49c2b7a7cb520302b9", @ANYRES32, @ANYBLOB='\x00\x000\x00'/13]) (async)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (async)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
[ 3442.156754][T28985] loop1: detected capacity change from 0 to 512
[ 3442.172616][T28990] loop3: detected capacity change from 0 to 512
[ 3442.176227][T28993] FAULT_INJECTION: forcing a failure.
[ 3442.176227][T28993] name failslab, interval 1, probability 0, space 0, times 0
[ 3442.182544][T28985] EXT4-fs: Ignoring removed nobh option
[ 3442.191571][T28993] CPU: 1 PID: 28993 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3442.197164][T28985] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3442.207535][T28993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3442.207548][T28993] Call Trace:
[ 3442.207553][T28993]
[ 3442.207559][T28993] dump_stack_lvl+0xda/0x130
[ 3442.214013][T28985] EXT4-fs: Ignoring removed nobh option
[ 3442.224021][T28993] dump_stack+0x15/0x20
[ 3442.224040][T28993] should_fail_ex+0x21f/0x230
[ 3442.243620][T28990] EXT4-fs: Ignoring removed nobh option
[ 3442.244460][T28993] __should_failslab+0x92/0xa0
[ 3442.249612][T28990] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3442.255112][T28993] should_failslab+0x9/0x20
[ 3442.259925][T28990] EXT4-fs: Ignoring removed nobh option
[ 3442.266233][T28993] slab_pre_alloc_hook+0x38/0x180
[ 3442.281430][T28993] __kmem_cache_alloc_node+0x46/0x250
[ 3442.286986][T28993] ? io_drain_req+0x1e1/0x4f0
[ 3442.291705][T28993] kmalloc_trace+0x2a/0xa0
[ 3442.293173][T28985] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3442.296146][T28993] io_drain_req+0x1e1/0x4f0
[ 3442.312190][T28985] EXT4-fs (loop1): 1 truncate cleaned up
[ 3442.314721][T28993] io_queue_sqe_fallback+0xd1/0xe0
[ 3442.325602][T28993] io_submit_sqes+0xbf8/0xfe0
[ 3442.330286][T28993] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3442.336090][T28993] ? __fget_files+0x1c4/0x200
[ 3442.341092][T28993] ? mutex_lock+0xd/0x30
[ 3442.345348][T28993] ? fput+0x112/0x140
[ 3442.349324][T28993] ? ksys_write+0x178/0x1a0
[ 3442.353829][T28993] __x64_sys_io_uring_enter+0x78/0x90
[ 3442.359210][T28993] do_syscall_64+0x41/0xc0
[ 3442.363627][T28993] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3442.369591][T28993] RIP: 0033:0x7fbf4da9f169
[ 3442.374782][T28993] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3442.394464][T28993] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
19:07:29 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000840)=@buf="ca7cf6e02c2c9fb1e46ea2b08fd019ffeac37233f2e3ef6c46e7f52630a8d8354825a202910204fd8d5cceb57d913dc23512e6f8fcb6d716e9252b2e80a61ef7f0cb7fa71fe36a8640e13a566ff1c8eeb2bce664accc896356bed8b16b616de674c8d309f1e6ac0e688615e3c1679e6b8dc4264e1b11dcbe73a392edb0c8a0121fb6af97388494412d7105debb5c13b007e8f923cd62db9a402e0ae99305f1f9c92a94e73e733a854ea474ec56c65feb5a20ae3985a3e0568fb04ce57c87b07ddc75dd04c16a1033983d8f2b542195b982cc4633dada5ed75429ad346404cd3461b762622904268abc30c366abdb", 0x1}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="200800703663a6c6946fcf8668e78daf147400f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3442.402944][T28993] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3442.410913][T28993] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3442.418949][T28993] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3442.427003][T28993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3442.434992][T28993] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3442.442968][T28993]
19:07:30 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCZpba2Jtf5orBqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLg9In7N00lLgeW9jXI3Vpam/1xZmk6iVnvjj6Re7vrK0nRRtPi7/XlmNI1IP0la/mHDwsVLZ6eq1dkLeX588dy74wsXLz09d27qzOyZ2fOTJ0+eOD7x3LOTz3Qlziyu68MfzB85/MpbV16bPnXl7R+/TvK4oyWObhmJkXah1z3W7cp67EBTOunrYUPYkkpEZN3VXx//g1GJtc4bjJc/7mnjgF1Vq9VqezqfXq4B/2NJ9LoFQG8UX/TZ/W9x3KSpxy3h2guNG6As7hv50TjTFyfyMv0t97fdNBIRp5b/+iI7YpfWIQAAmn2bzX+eajf/S+OepnJ35HsoQxFxZ0QcjIi7IuJQRNwdUS97b0Tct8X6R1ry6+c/6dVtBbZJ2fzv+Xxv65/zv7QoMlTJcwfq8fcnp+eqs8fy92Q0+vdk+YkN6vjupV8+63Suef6XHVn9xVwwb8fVvpYFupmpxamdxNzs2kcRw33t4k9WdwKSiDgcEcPbrGPuia+OdDr37/FvoAv7TLUvIx5v9P9ytMRfSDbenxzfG9XZY+PFVbHeTz9ffr1T/TuKvwuy/t/X9vpfjX8oad6vXdh6HZd/+7TjPc12r/+B5M16eiB/7f2pxcULExEDyavrX59c+9siX5TP4h892n78H4y1d+L+iMgu4gci4sGIeChv+8MR8UhEHN0g/h9efPSd7ce/u7L4Z7bU/1tPVM5+/02n+jfX/4078dH8lc18/m22gTt57wAAAOC/Iq0/A5+kY6vpNB0bazzDfyj2pdX5hcUnT8+/d36m8az8UPSnxUrXYNN66ES+NlzkJ1vyx/N1488rt9XzY9Pz1ZleBw8lt7/D+M/8Xul164Bd5/daUF7GP5SX8Q/lZfxDeRn/UF7txv+HPWgHcPP5/ofyMv6hvIx/KC/jH0ppJ7/rlyhzItJbohkSu5To9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd/wdAAD//xFT5w8=")
[ 3442.470848][T28990] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3442.497238][T28990] EXT4-fs (loop3): 1 truncate cleaned up
19:07:30 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:30 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000100000018000000eb1c1833e19eba784bdc256015e9a739adcdfad432cb95273ddec6807f1700debdb9c1502fc138cebda03a21aff85e7554fdda52539a6e415e1a55d1a04167008a74f0e991b154682374eedeaa87de97504ee1cf799a36bb62ba702b327a27923e0b37046d538124e9d2f030b5cae2d1e9b0d44f9f2264654791c184039fab9e228dedb1883017e8211b4f89c608946d986407b9d65eeac090798c24b4bd4f270016fbca1d1ea2be35ec830b02cf583e9fb0f1cee2d138a88a011d82b367d354a7ab7caf1b34b20b3cf92d2c22d6969042ea4d6a4fc0233ca640eb8dcaecf1e87ef0d88e2353b719bf7b4fc0b19c47bba4c4eab3d4e6c86eb7368da6db69c44a8db075cb1d09bed0f6cd262a2d24fdaa08671f95f6a5f65179b8bf42ebc435c6795d7deb70f4b9746b875f33bd49c2b7a7cb520302b9", @ANYRES32, @ANYBLOB='\x00\x000\x00'/13]) (async, rerun: 64)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) (rerun: 64)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:30 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma/mNlaTqJev3135NGuesrS9NF0eJ9+/PMaBqRfpy0/cOmhYuXzk7VarMX8vz44rl3xhcuXnpq7tzUmdkzs+cnT548cXzi2Wcmn+5JnFlc10fenz9y+OU3r7w6ferKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4tfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mp+dqs8fyYzIag3uz/MQGdXz74s+fdtvXOv/Ltqz+Yi6Yt+PqQNsC3czU4tROYm517cOIkYFO8SerdwKSiDgcESPbrGPu8S+PdNv3z/FvINn5Yah/EfFYs/+Xoy3+1Wo2vj85/r+ozR4bL86K9X786fJr3erfUfw9kPX/vo7n/2r8w0nr/dqFrddx+ddPul7TbPf835O80UjvyV97b2px8cJExJ7klfWvT669t8gX5bP4R492Hv8HY+1I3BcR2Ul8f0Q8EBEP5m1/KCIejoijG8T//QuPvL39+HdXFv/Mlvp/64nK2e++7lb/5vr/RCM1mr+ymc+/zTZwJ8cOAAAA/i3SxjPwSTq2mk7TsbHmM/yHYl9am19YfOL0/LvnZ5rPyg/HYFqsdA21rIdO5GvDRX6yLX88Xzf+rPL/Rn5ser420+/goeT2dxn/md8q/W4dsOv8XgvKy/iH8jL+obyMfygv4x/Kq9P4/6AP7QBuPt//UF7GP5SX8Q/lZfxDKe3kd/0SZU5Eeks0Q2KXEv3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiNvwIAAP//yxPm0w==")
[ 3442.560924][T29027] loop1: detected capacity change from 0 to 512
[ 3442.567527][T29027] EXT4-fs: Ignoring removed nobh option
[ 3442.573186][T29027] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3442.579771][T29027] EXT4-fs: Ignoring removed nobh option
[ 3442.621619][T29027] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3442.641417][T29027] EXT4-fs (loop1): 1 truncate cleaned up
[ 3442.661095][T29044] loop3: detected capacity change from 0 to 512
[ 3442.669328][T29044] EXT4-fs: Ignoring removed nobh option
[ 3442.674965][T29044] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3442.681436][T29044] EXT4-fs: Ignoring removed nobh option
[ 3442.700115][T29044] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:30 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10nat31LQikfDQUCBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4FQuCDghcYU7qlShXFo4Ga29mxjHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYjAi/h8Rv+TppKXA1b2NcjdXlqb/WFmaTqJWe+P3pF7uxsrSdFG0+Lv9eWY0jUg/SVr+YcPCxUtnp6rV2Qt5fnzx3LvjCxcvPT13burM7JnZ85MnT544PvHcs5PPdCXOLK4bwx/MHzn8yltXXps+deXtH75O8rijJY5uGYmRdqHXPdbtynrsQFM66ethQ9iSSkRk3dVfH/+DUYm1zhuMlz/uaeOAXVWr1Wp7Op9ergH/YUn0ugVAbxRf9Nn9b3HcoqnHbeH6C40boCzum/nRONMXJ/Iy/S33t900EhGnlv/8Ijtil9YhAACaXc3mP0+1m/+lcU9TuTvyPZShiLgzIg5GxF0RcSgi7o6ol703Iu7bYv0jLfn185/02rYC26Rs/vd8vrf19/lfWhQZquS5A/X4+5PTc9XZY/l7Mhr9e7L8xAZ1fPvSz591Otc8/8uOrP5iLpi341pfywLdzNTi1E5ibnb9o4jhvnbxJ6s7AUlEHI6I4W3WMffEV0c6nfvn+DfQhX2m2pcRjzf6fzla4i8kG+9Pju+N6uyx8eKqWO/Hny6/3qn+HcXfBVn/72t7/a/GP5Q079cubL2Oy79+2vGeZrvX/0DyZj09kL/2/tTi4oWJiIHk1fWvT679bZEvymfxjx5tP/4Pxto7cX9EZBfxAxHxYEQ8lLf94Yh4JCKObhD/9y8++s72499dWfwzW+r/rScqZ7/7plP9m+v/xp34aP7KZj7/NtvAnbx3AAAA8G+R1p+BT9Kx1XSajo01nuE/FPvS6vzC4pOn5987P9N4Vn4o+tNipWuwaT10Il8bLvKTLfnj+brx55X/1fNj0/PVmV4HDyW3v8P4z/xW6XXrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXu3G/4c9aAdw6/n+h/Iy/qG8jH8oL+MfSmknv+uXKHMi0tuiGRK7lOj1JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/BUAAP//F0TnTw==")
[ 3442.727613][T29044] EXT4-fs (loop3): 1 truncate cleaned up
[ 3442.744794][T29064] loop1: detected capacity change from 0 to 512
[ 3442.751384][T29064] EXT4-fs: Ignoring removed nobh option
[ 3442.756981][T29064] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3442.763496][T29064] EXT4-fs: Ignoring removed nobh option
19:07:30 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn+0Vl2tYvBH0qRVe/CiKHhQEPRQj2mSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxjy3s7bvPedN2/3zZvZAEqrGhFDEXFHRPyap5P2AtXmnxvLi1N/Li9OJVGvv/lH0ih3fXlxqihavG9vnhlJI9JPkrZ/2DR/8dLZyVpt5kKeH1s49+7Y/MVLz8yemzwzc2bm/MSJE8ePjT//3MSzPYkzi+v6oQ/mDh989e0rr0+dvHLqx6+TPO5oi6NXqlHtFHrD472urM/2taSTgT42hE2pRETWXYON8T8UlVjtvKF45eO+Ng7YUfV6vb67++6lOvA/lkS/WwD0R/FFn13/FttNmnrcEq692LwAyuK+kW/NPQOR5mUG265ve6kaESeX/voi22KH1iEAAFp9m81/nu40/0vj3pZyd+b3UIYj4q6I2B8Rd0fEgYi4J6JR9r6IuH+T9Vfb8mvnP+nVLQW2Qdn874X83tY/53/F7C+GK3luXyP+weT0bG3maH5MRmJwd5YfX6eO717+5bNu+1rnf9mW1V/MBfN2XB1oW6CbnlyY3E7Mra59FHFooFP8ycqdgCQiDkbEoS3WMfvkV4e77fv3+NeRnNpii1bVv4x4otn/S9EW/0o169+fHLstajNHx4qzYq2ffr78Rrf6txV/D2T9v6fj+b8S/3DSer92fvN1XP7t067XNFs9/3clbzXSu/LX3p9cWLgwHrEreW3t6xOr7y3yRfks/pEjncf//lg9Eg9ERHYSPxgRD0XEw3nbH4mIRyPiyDrx//DSY+9sPf6dlcU/van+33yicvb7b7rVv7H+P95IjeSvbOTzb6MN3M6xAwAAgP+KtPEMfJKOrqTTdHS0+Qz/gdiT1ubmF546Pffe+enms/LDMZgWK11DLeuh4/nacJGfaMsfy9eNP6/c3siPTs3VpvsdPJTc3i7jP/N7pd+tA3ac32tBeRn/UF7GP5SX8Q/lZfxDeXUa/x/2oR3Azef7H8rL+IfyMv6hvIx/KKXt/K5fosyJSG+JZkjsUKLfn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC98XcAAAD//6qR5tQ=")
[ 3442.771428][T29064] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3442.786360][T29064] EXT4-fs (loop1): 1 truncate cleaned up
[ 3442.814144][T29067] loop3: detected capacity change from 0 to 512
[ 3442.820655][T29067] EXT4-fs: Ignoring removed nobh option
[ 3442.826302][T29067] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3442.832761][T29067] EXT4-fs: Ignoring removed nobh option
[ 3442.840889][T29067] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3442.861740][T29067] EXT4-fs (loop3): 1 truncate cleaned up
19:07:30 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10lKW0pCKY+GAoGCiHgkTVqgBy4gkDiAhASHcgxJWoW6DWqCRKsIAkLliCpxRxyR+As4wQUBJySucEeVKpRLCyejtXcT49ghD6cu7O8nrTLjHWfm8+zYszN2AKU1EhGDEXF7RPyap5PWAnsbf26sLE3/ubI0nUSt9sYfSb3c9ZWl6aJo8bz9eWY0jUg/SVr+YcPCxUtnp6rV2Qt5fnzx3LvjCxcvPT13burM7JnZ85MnT544PvHcs5PPdCXOLK7rwx/MHzn8yltXXps+deXtH79O8rijJY5uGYmRdqHXPdbtynrsQFM66ethQ9iSSkRk3dVfH/+DUYm1zhuMlz/uaeOAXVWr1Wp7Op9ergH/Y0n0ugVAbxQf9Nn9b3HcpKnHLeHaC40boCzuG/nRONMXJ/Iy/S33t900EhGnlv/6Ijtil9YhAACafZvNf55qN/9L456mcnfkeyhDEXFnRByMiLsi4lBE3B1RL3tvRNy3xfpHWvLr5z/p1W0FtknZ/O/5fG/rn/O/tCgyVMlzB+rx9yen56qzx/LXZDT692T5iQ3q+O6lXz7rdK55/pcdWf3FXDBvx9W+lgW6manFqZ3E3OzaRxHDfe3iT1Z3ApKIOBwRw9usY+6Jr450Ovfv8W+gC/tMtS8jHm/0/3K0xF9INt6fHL8tqrPHxourYr2ffr78eqf6dxR/F2T9v6/t9b8a/1DSvF+7sPU6Lv/2acd7mu1e/wPJm/X0QP7Y+1OLixcmIgaSV9c/Prn23CJflM/iHz3afvwfjLVX4v6IyC7iByLiwYh4KG/7wxHxSEQc3SD+H1589J3tx7+7svhnttT/W09Uzn7/Taf6N9f/jTvx0fyRzbz/bbaBO3ntAAAA4L8irX8HPknHVtNpOjbW+A7/odiXVucXFp88Pf/e+ZnGd+WHoj8tVroGm9ZDJ/K14SI/2ZI/nq8bf17ZW8+PTc9XZ3odPJTc/g7jP/N7pdetA3ad32tBeRn/UF7GP5SX8Q/lZfxDebUb/x/2oB3AzefzH8rL+IfyMv6hvIx/KKWd/K5fosyJSG+JZkjsUqLX70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8XcAAAD//wGI5pA=")
19:07:30 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma/mNlaTqJev3135NGuesrS9NF0eJ9+/PMaBqRfpy0/cOmhYuXzk7VarMX8vz44rl3xhcuXnpq7tzUmdkzs+cnT548cXzi2Wcmn+5JnFlc10fenz9y+OU3r7w6ferKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4tfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mp+dqs8fyYzIag3uz/MQGdXz74s+fdtvXOv/Ltqz+Yi6Yt+PqQNsC3czU4tROYm517cOIkYFO8SerdwKSiDgcESPbrGPu8S+PdNv3z/FvINn5VLn+RcRjzf5fjrb4V6vZ+P7k+P+iNntsvDgr1vvxp8uvdat/R/H3QNb/+zqe/6vxDyet92sXtl7H5V8/6dpR2z3/9yRvNNJ78tfem1pcvDARsSd5Zf3rk2vvLfJF+Sz+0aOdx//BWDsS90VEdhLfHxEPRMSDedsfioiHI+LoBvF//8Ijb28//t2VxT+zpf7feqJy9ruvu9W/uf4/0UiN5q9s5vNvsw3cybEDAACAf4u08Qx8ko6tptN0bKz5DP+h2JfW5hcWnzg9/+75meaz8sMxmBYrXUMt66ET+dpwkZ9syx/P140/q/y/kR+bnq/N9Dt4KLn9XcZ/5rdKv1sH7Dq/14LyMv6hvIx/KC/jH8rL+Ify6jT+P+hDO4Cbz/c/lJfxD+Vl/EN5Gf9QSjv5Xb9EmROR3hLNkNilRL8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHrjrwAAAP//ig/m1Q==")
19:07:30 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 40)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3443.023119][T29070] loop1: detected capacity change from 0 to 512
[ 3443.026325][T29073] FAULT_INJECTION: forcing a failure.
[ 3443.026325][T29073] name failslab, interval 1, probability 0, space 0, times 0
[ 3443.040055][T29074] loop3: detected capacity change from 0 to 512
[ 3443.042060][T29073] CPU: 1 PID: 29073 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3443.048726][T29070] EXT4-fs: Ignoring removed nobh option
[ 3443.058746][T29073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3443.058760][T29073] Call Trace:
[ 3443.058766][T29073]
[ 3443.058772][T29073] dump_stack_lvl+0xda/0x130
[ 3443.058796][T29073] dump_stack+0x15/0x20
[ 3443.058810][T29073] should_fail_ex+0x21f/0x230
[ 3443.064378][T29070] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3443.074372][T29073] __should_failslab+0x92/0xa0
[ 3443.074397][T29073] should_failslab+0x9/0x20
[ 3443.074413][T29073] slab_pre_alloc_hook+0x38/0x180
[ 3443.077682][T29070] EXT4-fs: Ignoring removed nobh option
[ 3443.081204][T29073] __kmem_cache_alloc_node+0x46/0x250
[ 3443.081230][T29073] ? io_drain_req+0x1e1/0x4f0
[ 3443.081254][T29073] kmalloc_trace+0x2a/0xa0
[ 3443.081329][T29073] io_drain_req+0x1e1/0x4f0
[ 3443.087866][T29074] EXT4-fs: Ignoring removed nobh option
[ 3443.090065][T29073] io_queue_sqe_fallback+0xd1/0xe0
[ 3443.090090][T29073] io_submit_sqes+0xbf8/0xfe0
[ 3443.094771][T29074] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3443.101154][T29073] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3443.101191][T29073] ? __fget_files+0x1c4/0x200
[ 3443.105966][T29074] EXT4-fs: Ignoring removed nobh option
[ 3443.110483][T29073] ? mutex_lock+0xd/0x30
[ 3443.121012][T29070] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3443.121814][T29073] ? fput+0x112/0x140
[ 3443.121836][T29073] ? ksys_write+0x178/0x1a0
[ 3443.127779][T29070] EXT4-fs (loop1): 1 truncate cleaned up
[ 3443.132185][T29073] __x64_sys_io_uring_enter+0x78/0x90
[ 3443.217352][T29073] do_syscall_64+0x41/0xc0
[ 3443.221766][T29073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3443.227727][T29073] RIP: 0033:0x7fbf4da9f169
[ 3443.232176][T29073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3443.251886][T29073] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3443.260399][T29073] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3443.268360][T29073] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3443.276323][T29073] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3443.284430][T29073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3443.292517][T29073] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3443.300522][T29073]
[ 3443.307561][T29074] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:30 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000840)=@buf="ca7cf6e02c2c9fb1e46ea2b08fd019ffeac37233f2e3ef6c46e7f52630a8d8354825a202910204fd8d5cceb57d913dc23512e6f8fcb6d716e9252b2e80a61ef7f0cb7fa71fe36a8640e13a566ff1c8eeb2bce664accc896356bed8b16b616de674c8d309f1e6ac0e688615e3c1679e6b8dc4264e1b11dcbe73a392edb0c8a0121fb6af97388494412d7105debb5c13b007e8f923cd62db9a402e0ae99305f1f9c92a94e73e733a854ea474ec56c65feb5a20ae3985a3e0568fb04ce57c87b07ddc75dd04c16a1033983d8f2b542195b982cc4633dada5ed75429ad346404cd3461b762622904268abc30c366abdb", 0x1}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="200800703663a6c6946fcf8668e78daf147400f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
19:07:30 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6tn1LQikfDQUCBRHxkTRpgR44AAKJA0hIcCjHkKRVqNugJki0iiAgVI6oEnfEEYm/gBNcEHBC4gp3VKlCubRwMlp7NzGOHfLh1IX9/aSVZryTzDyeHXt2Zh1AaY1ExGBE/D8ifsnTSUuB5/Y2yt1YWZr+Y2VpOola7fXfk3q56ytL00XR4u/255nRNCL9OGn5hw0LFy+dnapWZy/k+fHFc++ML1y89OTcuakzs2dmz0+ePHni+MQzT08+1ZU4s7iuD78/f+Twy29eeXX61JW3fvgqyeOOlji6ZSRG2oVe90i3K+uxA03ppK+HDWFLKhGRdVd/ffwPRiXWOm8wXvqop40DdlWtVqvt6Xx6uQb8hyXR6xYAvVF80Wf3v8Vxk6Yet4RrzzdugLK4b+RH40xfnMjL9Lfc33bTSEScWv7z8+yIXVqHAABo9k02/3mi3fwvjbuayt2W76EMRcTtEXEwIu6IiEMRcWdEvezdEXHPFusfacmvn/+kV7cV2CZl879n872tv8//0qLIUCXPHajH35+cnqvOHsvfk9Ho35PlJzao49sXf/6007nm+V92ZPUXc8G8HVf7WhboZqYWp3YSc7NrH0YM97WLP1ndCUgi4nBEDG+zjrnHvjzS6dw/x7+BLuwz1b6IeLTR/8vREn8h2Xh/cvx/UZ09Nl5cFev9+NPl1zrVv6P4uyDr/31tr//V+IeS5v3aha3XcfnXTzre02z3+h9I3qinB/LX3ptaXLwwETGQvLL+9cm1vy3yRfks/tGj7cf/wVh7J+6NiOwivi8i7o+IB/K2PxgRD0XE0Q3i//6Fh9/efvy7K4t/Zkv9v/VE5ex3X3eqf3P937gTH81f2czn32YbuJP3DgAAAP4t0voz8Ek6tppO07GxxjP8h2JfWp1fWHz89Py752caz8oPRX9arHQNNq2HTuRrw0V+siV/PF83/qyyt54fm56vzvQ6eCi5/R3Gf+a3Sq9bB+w6v9eC8jL+obyMfygv4x/Ky/iH8mo3/j/oQTuAm8/3P5SX8Q/lZfxDeRn/UEo7+V2/RJkTkd4SzZDYpUSvP5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6468AAAD//wd55tA=")
[ 3443.323226][T29074] EXT4-fs (loop3): 1 truncate cleaned up
19:07:30 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapttbEWn80Vl2tYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1N1s1uTLKbbu18PjDkvZ23ee87b97umzezARRWOSKGI+KOiPgtTyetBcr1P9dXl2f+Wl2eSaJaffPPpFbu2uryTKNo43378sxYGpF+mrT8w7rFCxfPTFcqc+fz/MTS2fcmFi9cfGb+7PTpudNz56ZOnDh+bPL556ae7UmcWVzXRj9cOHzo1bcvvz5z8vI7P32T5HFHSxy9Uo5yu9BrHu91ZX22vymdDPSxIWxLKSKy7hqsjf/hKMV65w3HK5/0tXHArqpWq9U9nXevVIFbWBL9bgHQH40v+uz6t7HdoKnHTeHqi/ULoCzu6/lW3zMQaV5msOX6tpfKEXFy5e8vsy12aR0CAKDZd9n85+l287807m0qd2d+D2UkIu6KiAMRcXdEHIyIeyJqZe+LiPu3WX+5Jb9x/pNe2VFgW5TN/17I7239e/7XmP3FSCnP7a/FP5icmq/MHc2PyVgM7snyk5vU8f3Lv37eaV/z/C/bsvobc8G8HVcGWhboZqeXpruJudnVjyNGB9rFn6zdCUgi4lBEjO6wjvknvz7cad9/x7+JZHaHLVpX/SriiXr/r0RL/GvVbH5/cuK2qMwdnWicFRv9/MulNzrV31X8PZD1/9625/9a/CNJ8/3axe3Xcen3zzpe0+z0/B9K3qqlh/LXPpheWjo/GTGUvLbx9an19zbyjfJZ/GNH2o//A7F+JB6IiOwkfjAiHoqIh/O2PxIRj0bEkU3i//Glx97defy7K4t/dlv9v/1E6cwP33aqf2v9f7yWGstf2crn31Yb2M2xAwAAgP+LtPYMfJKOr6XTdHy8/gz/wdibVhYWl546tfD+udn6s/IjMZg2VrqGm9ZDJ/O14UZ+qiV/LF83/qJ0ey0/PrNQ6X71DujGvg7jP/NHqd+tA3ad32tBcRn/UFzGPxSX8Q/FZfxDcbUb/x/1oR3Ajef7H4rL+IfiMv6huIx/KKRuftcvUeREpDdFMyR2KdHvTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDe+CcAAP//aY3m1g==")
[ 3443.369950][T29095] loop1: detected capacity change from 0 to 512
[ 3443.376567][T29095] EXT4-fs: Ignoring removed nobh option
[ 3443.382181][T29095] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3443.388694][T29095] EXT4-fs: Ignoring removed nobh option
19:07:30 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000840)=@buf="ca7cf6e02c2c9fb1e46ea2b08fd019ffeac37233f2e3ef6c46e7f52630a8d8354825a202910204fd8d5cceb57d913dc23512e6f8fcb6d716e9252b2e80a61ef7f0cb7fa71fe36a8640e13a566ff1c8eeb2bce664accc896356bed8b16b616de674c8d309f1e6ac0e688615e3c1679e6b8dc4264e1b11dcbe73a392edb0c8a0121fb6af97388494412d7105debb5c13b007e8f923cd62db9a402e0ae99305f1f9c92a94e73e733a854ea474ec56c65feb5a20ae3985a3e0568fb04ce57c87b07ddc75dd04c16a1033983d8f2b542195b982cc4633dada5ed75429ad346404cd3461b762622904268abc30c366abdb", 0x1}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="200800703663a6c6946fcf8668e78daf147400f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3443.415468][T29095] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3443.434026][T29098] loop3: detected capacity change from 0 to 512
[ 3443.442190][T29098] EXT4-fs: Ignoring removed nobh option
[ 3443.447787][T29098] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3443.454272][T29098] EXT4-fs: Ignoring removed nobh option
19:07:30 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:30 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000)=ANY=[], 0x6db6e571)
io_uring_register$IORING_REGISTER_FILES2(r2, 0xd, &(0x7f00000007c0)={0x5, 0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000380)=""/132, 0x84}, {&(0x7f0000000280)=""/49, 0x31}, {&(0x7f0000000440)=""/241, 0xf1}, {&(0x7f0000000540)=""/210, 0xd2}, {&(0x7f0000000640)=""/184, 0xb8}], &(0x7f0000000780)=[0x1, 0x3f]}, 0x20)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r5 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0)
syz_io_uring_submit(r3, r1, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x5fef55437f382899, 0x0, @fd_index=0x7, 0x0, 0x0, 0x5, 0x2}, 0x8)
r6 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r6, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3443.460395][T29095] EXT4-fs (loop1): 1 truncate cleaned up
19:07:31 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCapba2Jtf5orBqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLg9In7N00lLgeW9jXI3Vpam/1xZmk6iVnvjj6Re7vrK0nRRtPi7/XlmNI1IP0la/mHDwsVLZ6eq1dkLeX588dy74wsXLz09d27qzOyZ2fOTJ0+eOD7x3LOTz3Qlziyu68MfzB85/MpbV16bPnXl7R+/TvK4oyWObhmJkXah1z3W7cp67EBTOunrYUPYkkpEZN3VXx//g1GJtc4bjJc/7mnjgF1Vq9VqezqfXq4B/2NJ9LoFQG8UX/TZ/W9x3KSpxy3h2guNG6As7hv50TjTFyfyMv0t97fdNBIRp5b/+iI7YpfWIQAAmn2bzX+eajf/S+OepnJ35HsoQxFxZ0QcjIi7IuJQRNwdUS97b0Tct8X6R1ry6+c/6dVtBbZJ2fzv+Xxv65/zv7QoMlTJcwfq8fcnp+eqs8fy92Q0+vdk+YkN6vjupV8+63Suef6XHVn9xVwwb8fVvpYFupmpxamdxNzs2kcRw33t4k9WdwKSiDgcEcPbrGPuia+OdDr37/FvoAv7TLUvIx5v9P9ytMRfSDbenxy/Laqzx8aLq2K9n36+/Hqn+ncUfxdk/b+v7fW/Gv9Q0rxfu7D1Oi7/9mnHe5rtXv8DyZv19ED+2vtTi4sXJiIGklfXvz659rdFviifxT96tP34Pxhr78T9EZFdxA9ExIMR8VDe9ocj4pGIOLpB/D+8+Og7249/d2Xxz2yp/7eeqJz9/ptO9W+u/xt34qP5K5v5/NtsA3fy3gEAAMB/RVp/Bj5Jx1bTaTo21niG/1DsS6vzC4tPnp5/7/xM41n5oehPi5Wuwab10Il8bbjIT7bkj+frxp9X9tbzY9Pz1ZleBw8lt7/D+M/8Xul164Bd5/daUF7GP5SX8Q/lZfxDeRn/UF7txv+HPWgHcPP5/ofyMv6hvIx/KC/jH0ppJ7/rlyhzItJbohkSu5To9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd/wdAAD//w1q5xA=")
19:07:31 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff4, 0xa3, &(0x7f0000000840)=""/163, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x5)
socket(0x10, 0x80002, 0x0)
[ 3443.560528][T29098] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3443.592558][T29098] EXT4-fs (loop3): 1 truncate cleaned up
[ 3443.593632][T29128] loop1: detected capacity change from 0 to 512
19:07:31 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKLSWhlEdDAUNBRDySJi3QAxcQSBxAQoJDOYbErULdBjVBolUEAaFyRJW4I45I/AWc4IKAExJXuKNKFcqlhZPR2uvEOHbIw6lL9/eTVpnxjjPz7ezYs7PrAAqrHBHDEXFHRPyWp5P2AuXGn+srSzN/rSzNJFGrvflnUi93bWVpplm0+b59eWYsjUg/Tdr+YcPChYtnpqvVyvk8P7F49r2JhQsXn5k7O326crpyburEiePHJp9/burZnsSZxXVt9MP5w4deffvy6zMnL7/z0zdJHne0xdEr5Sh3Cr3u8V5X1mf7W9LJQB8bwpaUIiLrrsH6+B+OUqx13nC88klfGwfsqlqtVtvTffdyDbiFJdHvFgD90fyiz65/m9sNmnrcFK6+2LgAyuK+nm+NPQOR5mUG265ve6kcESeX//4y22KX1iEAAFp9l81/nu40/0vj3pZyd+b3UEYi4q6IOBARd0fEwYi4J6Je9r6IuH+L9Zfb8uvnP+mVbQW2Sdn874X83ta/53/N2V+MlPLc/nr8g8mpuWrlaH5MxmJwT5af3KCO71/+9fNu+1rnf9mW1d+cC+btuDLQtkA3O704vZOYW139OGJ0oFP8yeqdgCQiDkXE6DbrmHvy68Pd9v13/BtIKtts0ZraVxFPNPp/OdriX61m4/uTE7dFtXJ0onlWrPfzL5fe6Fb/juLvgaz/93Y8/1fjH0la79cubL2OS79/1vWaZrvn/1DyVj09lL/2wfTi4vnJiKHktfWvT629t5lvls/iHzvSefwfiLUj8UBEZCfxgxHxUEQ8nLf9kYh4NCKObBD/jy899u72499dWfyzW+r/rSdKZ374tlv9m+v/4/XUWP7KZj7/NtvAnRw7AAAA+L9I68/AJ+n4ajpNx8cbz/AfjL1pdX5h8alT8++fm208Kz8Sg2lzpWu4ZT10Ml8bbuan2vLH8nXjL0q31/PjM/PV2X4HDwW3r8v4z/xR6nfrgF3n91pQXMY/FJfxD8Vl/ENxGf9QXJ3G/0d9aAdw4/n+h+Iy/qG4jH8oLuMfCmknv+uXKHIi0puiGRK7lOj3JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBv/BMAAP//SQvm1w==")
[ 3443.629818][T29128] EXT4-fs: Ignoring removed nobh option
[ 3443.635540][T29128] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3443.642159][T29128] EXT4-fs: Ignoring removed nobh option
[ 3443.653838][T29128] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3443.699677][T29128] EXT4-fs (loop1): 1 truncate cleaned up
[ 3443.705389][T29142] loop3: detected capacity change from 0 to 512
[ 3443.705581][T29142] EXT4-fs: Ignoring removed nobh option
[ 3443.717246][T29142] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3443.723752][T29142] EXT4-fs: Ignoring removed nobh option
[ 3443.752904][T29142] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3443.767258][T29142] EXT4-fs (loop3): 1 truncate cleaned up
[ 3443.779351][T29128] ==================================================================
[ 3443.787562][T29128] BUG: KCSAN: data-race in inotify_handle_inode_event / inotify_remove_from_idr
[ 3443.796592][T29128]
[ 3443.798916][T29128] write to 0xffff88810459be08 of 4 bytes by task 6589 on cpu 0:
[ 3443.806550][T29128] inotify_remove_from_idr+0x106/0x310
[ 3443.812014][T29128] inotify_ignored_and_remove_idr+0x34/0x60
[ 3443.817907][T29128] inotify_freeing_mark+0x1d/0x30
[ 3443.822934][T29128] fsnotify_destroy_mark+0x17a/0x190
[ 3443.828236][T29128] __se_sys_inotify_rm_watch+0xf7/0x170
[ 3443.834040][T29128] __x64_sys_inotify_rm_watch+0x31/0x40
[ 3443.839622][T29128] do_syscall_64+0x41/0xc0
[ 3443.844044][T29128] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3443.849947][T29128]
[ 3443.852269][T29128] read to 0xffff88810459be08 of 4 bytes by task 29128 on cpu 1:
[ 3443.859897][T29128] inotify_handle_inode_event+0x17e/0x2c0
[ 3443.865635][T29128] fsnotify_handle_inode_event+0x19b/0x1f0
[ 3443.865663][T29128] fsnotify+0x101c/0x1150
[ 3443.865684][T29128] __fsnotify_parent+0x307/0x480
[ 3443.865705][T29128] __fput+0x4b0/0x570
[ 3443.865719][T29128] ____fput+0x15/0x20
[ 3443.888694][T29128] task_work_run+0x123/0x160
[ 3443.894420][T29128] exit_to_user_mode_loop+0xd1/0xe0
19:07:31 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 41)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3443.899630][T29128] exit_to_user_mode_prepare+0x6c/0xb0
[ 3443.905114][T29128] syscall_exit_to_user_mode+0x26/0x140
[ 3443.910670][T29128] do_syscall_64+0x4d/0xc0
[ 3443.915083][T29128] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3443.920997][T29128]
[ 3443.921002][T29128] value changed: 0x0000f5de -> 0xffffffff
[ 3443.921012][T29128]
[ 3443.921014][T29128] Reported by Kernel Concurrency Sanitizer on:
[ 3443.921020][T29128] CPU: 1 PID: 29128 Comm: syz-executor.1 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3443.921038][T29128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3443.921048][T29128] ==================================================================
[ 3443.937143][T29148] FAULT_INJECTION: forcing a failure.
[ 3443.937143][T29148] name failslab, interval 1, probability 0, space 0, times 0
[ 3443.984323][T29148] CPU: 0 PID: 29148 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3443.994754][T29148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3444.004990][T29148] Call Trace:
[ 3444.008262][T29148]
[ 3444.011200][T29148] dump_stack_lvl+0xda/0x130
[ 3444.015805][T29148] dump_stack+0x15/0x20
[ 3444.019960][T29148] should_fail_ex+0x21f/0x230
[ 3444.024636][T29148] __should_failslab+0x92/0xa0
[ 3444.029451][T29148] should_failslab+0x9/0x20
[ 3444.033972][T29148] slab_pre_alloc_hook+0x38/0x180
[ 3444.039170][T29148] __kmem_cache_alloc_node+0x46/0x250
[ 3444.044586][T29148] ? io_drain_req+0x1e1/0x4f0
[ 3444.049278][T29148] kmalloc_trace+0x2a/0xa0
[ 3444.053709][T29148] io_drain_req+0x1e1/0x4f0
[ 3444.058228][T29148] io_queue_sqe_fallback+0xd1/0xe0
[ 3444.063347][T29148] io_submit_sqes+0xbf8/0xfe0
[ 3444.068036][T29148] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3444.073658][T29148] ? __fget_files+0x1c4/0x200
[ 3444.078414][T29148] ? mutex_lock+0xd/0x30
[ 3444.082744][T29148] ? fput+0x112/0x140
[ 3444.086736][T29148] ? ksys_write+0x178/0x1a0
[ 3444.091280][T29148] __x64_sys_io_uring_enter+0x78/0x90
[ 3444.096652][T29148] do_syscall_64+0x41/0xc0
[ 3444.101105][T29148] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3444.107003][T29148] RIP: 0033:0x7fbf4da9f169
[ 3444.111500][T29148] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3444.131373][T29148] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3444.139777][T29148] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
19:07:31 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6tn1LQikfDQUCBRHxkTRpgR64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4FQuCDghcYU7qlShXFo4Ga29mxjHDvlw6sL+ftJKM95JZh7Pjj07sw6gtEYiYjAi/h8Rv+TppKXA1b2NcjdXlqb/WFmaTqJWe+P3pF7uxsrSdFG0+Lv9eWY0jUg/SVr+YcPCxUtnp6rV2Qt5fnzx3LvjCxcvPT13burM7JnZ85MnT544PvHcs5PPdCXOLK4bwx/MHzn8yltXXps+deXtH75O8rijJY5uGYmRdqHXPdbtynrsQFM66ethQ9iSSkRk3dVfH/+DUYm1zhuMlz/uaeOAXVWr1Wp7Op9ergH/YUn0ugVAbxRf9Nn9b3HcoqnHbeH6C40boCzum/nRONMXJ/Iy/S33t900EhGnlv/8Ijtil9YhAACaXc3mP0+1m/+lcU9TuTvyPZShiLgzIg5GxF0RcSgi7o6ol703Iu7bYv0jLfn185/02rYC26Rs/vd8vrf19/lfWhQZquS5A/X4+5PTc9XZY/l7Mhr9e7L8xAZ1fPvSz591Otc8/8uOrP5iLpi341pfywLdzNTi1E5ibnb9o4jhvnbxJ6s7AUlEHI6I4W3WMffEV0c6nfvn+DfQhX2m2pcRjzf6fzla4i8kG+9Pjv8vqrPHxourYr0ff7r8eqf6dxR/F2T9v6/t9b8a/1DSvF+7sPU6Lv/6acd7mu1e/wPJm/X0QP7a+1OLixcmIgaSV9e/Prn2t0W+KJ/FP3q0/fg/GGvvxP0RkV3ED0TEgxHxUN72hyPikYg4ukH837/46Dvbj393ZfHPbKn/t56onP3um071b67/G3fio/krm/n822wDd/LeAQAAwL9FWn8GPknHVtNpOjbWeIb/UOxLq/MLi0+enn/v/EzjWfmh6E+Lla7BpvXQiXxtuMhPtuSP5+vGn1f21vNj0/PVmV4HDyW3v8P4z/xW6XXrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXu3G/4c9aAdw6/n+h/Iy/qG8jH8oL+MfSmknv+uXKHMi0tuiGRK7lOj1JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/BUAAP//E1vnUA==")
19:07:31 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP292spCaU8WgoYCiLikTRpgR64gEDiABISHMox5FGFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3E+PYIQ+nLuznI60y4x1n5ruzY8/OrgMorWpEDEXEbRHxS55O2gtUm39urCxN/bGyNJVEvf7670mj3PWVpamiaPG+/XlmJI1IP07a/mHTwsVLZydrtZkLeX5s8dw7YwsXLz01d27yzMyZmfMTp06dPDH+7DMTT/ckziyu60fenz96+OU3r7w6dfrKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4vfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8ms3O1meP5MRmJwb1ZfnyDOr598edPu+1rnf9lW1Z/MRfM23F1oG2BbnpycXInMbe69mHEkYFO8SerdwKSiDgcEUe2Wcfc418e7bbvn+PfQDK7zRatqX8R8Viz/5ejLf7Vaja+Pzn2v6jNHB8rzor1fvzp8mvd6t9R/D2Q9f++juf/avzDSev92oWt13H510+6XtNs9/zfk7zRSO/JX3tvcnHxwnjEnuSV9a9PrL23yBfls/hHjnUe/wdj7UjcFxHZSXx/RDwQEQ/mbX8oIh6OiGMbxP/9C4+8vf34d1cW//SW+n/ricrZ777uVv/m+v9kIzWSv7KZz7/NNnAnxw4AAAD+LdLGM/BJOrqaTtPR0eYz/IdiX1qbX1h8Ynb+3fPTzWflh2MwLVa6hlrWQ8fzteEiP9GWP5GvG39W+X8jPzo1X5vud/BQcvu7jP/Mb5V+tw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVafx/0Id2ADef738oL+Mfysv4h/Iy/qGUdvK7fokyJyK9JZohsUuJfn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MZfAQAA//8oiebY")
[ 3444.147787][T29148] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3444.155747][T29148] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3444.163786][T29148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3444.171766][T29148] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3444.179739][T29148]
[ 3444.212680][T29160] loop1: detected capacity change from 0 to 512
[ 3444.226063][T29161] loop3: detected capacity change from 0 to 512
[ 3444.233281][T29160] EXT4-fs: Ignoring removed nobh option
[ 3444.236249][T29161] EXT4-fs: Ignoring removed nobh option
[ 3444.238900][T29160] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3444.244396][T29161] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3444.250821][T29160] EXT4-fs: Ignoring removed nobh option
[ 3444.257207][T29161] EXT4-fs: Ignoring removed nobh option
[ 3444.270629][T29160] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3444.286363][T29160] EXT4-fs (loop1): 1 truncate cleaned up
[ 3444.293315][T29161] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:31 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:31 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000)=ANY=[], 0x6db6e571) (async)
io_uring_register$IORING_REGISTER_FILES2(r2, 0xd, &(0x7f00000007c0)={0x5, 0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000380)=""/132, 0x84}, {&(0x7f0000000280)=""/49, 0x31}, {&(0x7f0000000440)=""/241, 0xf1}, {&(0x7f0000000540)=""/210, 0xd2}, {&(0x7f0000000640)=""/184, 0xb8}], &(0x7f0000000780)=[0x1, 0x3f]}, 0x20) (async)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4) (async)
r5 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0) (async)
syz_io_uring_submit(r3, r1, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x5fef55437f382899, 0x0, @fd_index=0x7, 0x0, 0x0, 0x5, 0x2}, 0x8) (async)
r6 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r6, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3444.309057][T29161] EXT4-fs (loop3): 1 truncate cleaned up
19:07:31 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vikloZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGU1mhEDEXEbRHxS55OWgsMNv7cWF2e+WN1eSaJWu3135N6ueuryzNF0eJ5+/PMWBqRfpy0/MOGxYuXzk5Xq3MX8vzE0rl3JhYvXnpq/tz0mbkzc+enTp48cXzy2Wemnu5KnFlc10feXzhy+OU3r7w6c+rKWz98leRxR0sc3TIao+1Cr3u025X12IGmdNLXw4awLZWIyLqrvz7+h6IS6503FC991NPGAXuqVqvV9nU+vVID/sOS6HULgN4oPuiz+9/iuElTj1vCtecbN0BZ3Dfyo3GmL07kZfpb7m+7aTQiTq38+Xl2xB6tQwAANPsmm/882W7+l8bdTeVuz/dQhiPijog4GBF3RsShiLgrol72noi4d5v1j7bkN85/0qs7CmyLsvnfc/ne1t/nf2lRZLiS5w7U4+9PTs9X547lr8lY9O/L8pOb1PHtiz9/2ulc8/wvO7L6i7lg3o6rfS0LdLPTS9O7ibnZtQ8jRvraxZ+s7QQkEXE4IkZ2WMf8418e6XTun+PfRBf2mWpfRDzW6P+VaIm/kGy+Pznxv6jOHZsoroqNfvzp8mud6t9V/F2Q9f9g2+t/Lf7hpHm/dnH7dVz+9ZOO9zQ7vf4Hkjfq6YH8sfeml5YuTEYMJK9sfHxq/blFviifxT92tP34Pxjrr8R9EZFdxPdHxAMR8WDe9oci4uGIOLpJ/N+/8MjbO49/b2Xxz26r/7efqJz97utO9W+t/xt34mP5I1t5/9tqA3fz2gEAAMC/RVr/DnySjq+l03R8vPEd/kMxmFYXFpeeOL3w7vnZxnflh6M/LVa6hprWQyfzteEiP9WSP56vG39W+X89Pz6zUJ3tdfBQcvs7jP/Mb5Vetw7Yc36vBeVl/EN5Gf9QXsY/lJfxD+XVbvx/0IN2ADefz38oL+Mfysv4h/Iy/qGUdvO7fokyJyK9JZohsUeJXr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMdfAQAA///9kOaR")
19:07:31 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkjQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma+mNlaSqJev3135NGuesrS1NF0eJ9+/PMSBqRfpy0/cOmhYuXzk7WajMX8vzY4rl3xhYuXnpq7tzk7MzszPmJU6dOnhh/9pmJp3sSZxbX9SPvzx89/PKbV16dOn3lrR++SvK4oy2OXqlGtVPoDY/2urI+O9CSTgb62BC2pBIRWXcNNsb/UFRirfOG4qWP+to4YFfV6/X63u67l+vAf1gS/W4B0B/FF312/VtsN2nqcUu49nzzAiiL+0a+NfcMRJqXGWy7vu2lakScXv7z82yLXVqHAABo9U02/3my0/wvjbtbyt2e30MZjog7IuJgRNwZEYci4q6IRtl7IuLeLdZfbcuvn/+kV7cV2CZl87/n8ntbf5//FbO/GK7kuQON+AeTM3O1meP5MRmJwb1ZfnyDOr598edPu+1rnf9lW1Z/MRfM23F1oG2BbnpycXInMbe69mHEkYFO8SerdwKSiDgcEUe2Wcfc418e7bbvn+PfQDK7zRatqX8R8Viz/5ejLf7Vaja+Pzn2v6jNHB8rzor1fvzp8mvd6t9R/D2Q9f++juf/avzDSev92oWt13H510+6XtNs9/zfk7zRSO/JX3tvcnHxwnjEnuSV9a9PrL23yBfls/hHjnUe/wdj7UjcFxHZSXx/RDwQEQ/mbX8oIh6OiGMbxP/9C4+8vf34d1cW//SW+n/ricrZ777uVv/m+v9kIzWSv7KZz7/NNnAnxw4AAAD+LdLGM/BJOrqaTtPR0eYz/IdiX1qbX1h84sz8u+enm8/KD8dgWqx0DbWsh47na8NFfqItfyJfN/6s8v9GfnRqvjbd7+Ch5PZ3Gf+Z3yr9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/oA/tAG4+3/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6SzRDYpcS/f5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I2/AgAA//8IB+bZ")
[ 3444.394301][T29183] loop1: detected capacity change from 0 to 512
[ 3444.400137][ T6589] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 3444.413479][T29183] EXT4-fs: Ignoring removed nobh option
[ 3444.419185][T29183] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3444.426058][T29183] EXT4-fs: Ignoring removed nobh option
[ 3444.435199][T29185] loop3: detected capacity change from 0 to 512
19:07:31 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff4, 0xa3, &(0x7f0000000840)=""/163, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x5) (async)
socket(0x10, 0x80002, 0x0)
[ 3444.450131][T29185] EXT4-fs: Ignoring removed nobh option
[ 3444.455822][T29185] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3444.462309][T29185] EXT4-fs: Ignoring removed nobh option
[ 3444.484477][T29183] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
19:07:32 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0)=0x0)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000)=ANY=[], 0x6db6e571) (async)
io_uring_register$IORING_REGISTER_FILES2(r2, 0xd, &(0x7f00000007c0)={0x5, 0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000380)=""/132, 0x84}, {&(0x7f0000000280)=""/49, 0x31}, {&(0x7f0000000440)=""/241, 0xf1}, {&(0x7f0000000540)=""/210, 0xd2}, {&(0x7f0000000640)=""/184, 0xb8}], &(0x7f0000000780)=[0x1, 0x3f]}, 0x20)
syz_io_uring_setup(0x186, &(0x7f00000002c0), &(0x7f0000148000/0x1000)=nil, &(0x7f00005f1000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f00000000c0)=0x307e, 0x0, 0x4)
r5 = socket$inet(0x2, 0x6, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @empty}}, 0x0) (async)
syz_io_uring_submit(r3, r1, &(0x7f0000000080)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x5fef55437f382899, 0x0, @fd_index=0x7, 0x0, 0x0, 0x5, 0x2}, 0x8)
r6 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r6, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
19:07:32 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatptbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs8PNMpdX1ma/nNlaTqJWu2NP5J6uWsrS9NF0eLv9uWZ0TQi/SRp+YcNCxcunpmqVmfP5/nxxbPvji9cuPjU3Nmp07OnZ89Nnjhx/NjEs89MPt2VOLO4rg1/MH/40CtvXX5t+uTlt3/8OsnjjpY4umUkRtqFXvdotyvrsf1N6aSvhw1hSyoRkXVXf338D0Yl1jpvMF7+uKeNA3ZVrVar7e18erkG/I8l0esWAL1RfNFn97/FcYOmHjeFqy80boCyuK/nR+NMXxzPy/S33N9200hEnFz+64vsiF1ahwAAaPZtNv95st38L427m8rdnu+hDEXEHRFxICLujIiDEXFXRL3sPRFx7xbrH2nJr5//pFe2FdgmZfO/5/K9rX/O/9KiyFAlz+2vx9+fnJqrzh7N35PR6N+b5Sc2qOO7l375rNO55vlfdmT1F3PBvB1X+loW6GamFqd2EnOzqx9FDPe1iz9Z3QlIIuJQRAxvs465x7863Oncv8e/gS7sM9W+jHis0f/L0RJ/Idl4f3L8lqjOHh0vror1fvr50uud6t9R/F2Q9f9A2+t/Nf6hpHm/dmHrdVz67dOO9zTbvf73JG/W03vy196fWlw8PxGxJ3l1/euTa39b5IvyWfyjR9qP/wOx9k7cFxHZRXx/RDwQEQ/mbX8oIh6OiCMbxP/Di4+8s/34d1cW/8yW+n/ricqZ77/pVP/m+r9xJz6av7KZz7/NNnAn7x0AAAD8V6T1Z+CTdGw1naZjY41n+A/GQFqdX1h84tT8e+dmGs/KD0V/Wqx0DTath07ka8NFfrIlfyxfN/68cms9PzY9X53pdfBQcvs6jP/M75Vetw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVbvx/2IN2ADee738oL+Mfysv4h/Iy/qGUdvK7fokyJyK9KZohsUuJXn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMffAQAA//8DkObR")
19:07:32 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async, rerun: 64)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff4, 0xa3, &(0x7f0000000840)=""/163, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0) (async)
fallocate(r7, 0x30, 0x9, 0x5) (async)
socket(0x10, 0x80002, 0x0)
[ 3444.499435][T29183] EXT4-fs (loop1): 1 truncate cleaned up
[ 3444.500551][T29185] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3444.524292][T29185] EXT4-fs (loop3): 1 truncate cleaned up
[ 3444.567619][T29205] loop1: detected capacity change from 0 to 512
[ 3444.574360][T29205] EXT4-fs: Ignoring removed nobh option
[ 3444.580004][T29205] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3444.586513][T29205] EXT4-fs: Ignoring removed nobh option
19:07:32 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x2)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='xen_cpu_set_ldt\x00', r6}, 0x6d)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3444.605272][T29205] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3444.631787][T29205] EXT4-fs (loop1): 1 truncate cleaned up
19:07:32 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 42)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:32 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn+0Vl2tYvBH0qRVe/CiKHhQEPRQjzFJa+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwx5b+dt3vvOm7f75s1sAKVVjYihiLgtIn7N00l7gWrzz/Xlxak/lxenkqjXX/8jaZS7trw4VRQt3rc3z4ykEeknSds/bJq/cPHMZK02cz7Pjy2cfXds/sLFp2bPTp6eOT1zbuLEiePHxp99ZuLpnsSZxXXt0Adzhw++/OblV6dOXn7rx6+TPO5oi6NXqlHtFHrDo72urM/2taSTgT42hE2pRETWXYON8T8UlVjtvKF46eO+Ng7YUfV6vb67++6lOvA/lkS/WwD0R/FFn13/FtsNmnrcFK4+37wAyuK+nm/NPQOR5mUG265ve6kaESeX/voi22KH1iEAAFp9m81/nuw0/0vj7pZyt+f3UIYj4o6I2B8Rd0bEgYi4K6JR9p6IuHeT9Vfb8mvnP+mVLQW2Qdn877n83tY/53/F7C+GK3luXyP+weTUbG3maH5MRmJwd5YfX6eO71785bNu+1rnf9mW1V/MBfN2XBloW6CbnlyY3E7Mra5+FHFooFP8ycqdgCQiDkbEoS3WMfv4V4e77fv3+NeRvL3FFq2qfxnxWLP/l6It/pVq1r8/OXZL1GaOjhVnxVo//XzptW71byv+Hsj6f0/H838l/uGk9X7t/ObruPTbp12vabZ6/u9K3mikd+WvvT+5sHB+PGJX8sra1ydW31vki/JZ/CNHOo///bF6JO6LiOwkvj8iHoiIB/O2PxQRD0fEkXXi/+GFR97Zevw7K4t/elP9v/lE5cz333Srf2P9f7yRGslf2cjn30YbuJ1jBwAAAP8VaeMZ+CQdXUmn6eho8xn+A7Enrc3NLzxxau69c9PNZ+WHYzAtVrqGWtZDx/O14SI/0ZY/lq8bf165tZEfnZqrTfc7eCi5vV3Gf+b3Sr9bB+w4v9eC8jL+obyMfygv4x/Ky/iH8uo0/j/sQzuAG8/3P5SX8Q/lZfxDeRn/UErb+V2/RJkTkd4UzZDYoUS/P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//+d25to=")
19:07:32 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vikloZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TSjHeSmcezY8/OrAMordGIGIqI2yLilzydtBRYGWyUu7G6PPPH6vJMErXa678n9XLXV5dniqLF3+3PM2NpRPpx0vIPGxYvXjo7Xa3OXcjzE0vn3plYvHjpqflz02fmzsydnzp58sTxyWefmXq6K3FmcV0feX/hyOGX37zy6sypK2/98FWSxx0tcXTLaIy2C73u0W5X1mMHmtJJXw8bwrZUIiLrrv76+B+KSqx33lC89FFPGwfsqVqtVtvX+fRKDfgPS6LXLQB6o/iiz+5/i+MmTT1uCdeeb9wAZXHfyI/Gmb44kZfpb7m/7abRiDi18ufn2RF7tA4BANDsm2z+82S7+V8adzeVuz3fQxmOiDsi4mBE3BkRhyLiroh62Xsi4t5t1j/akt84/0mv7iiwLcrmf8/le1t/n/+lRZHhSp47UI+/Pzk9X507lr8nY9G/L8tPblLHty/+/Gmnc83zv+zI6i/mgnk7rva1LNDNTi9N7ybmZtc+jBjpaxd/srYTkETE4YgY2WEd849/eaTTuX+OfxNd2GeqfRHxWKP/V6Il/kKy+f7kxP+iOndsorgqNvrxp8uvdap/V/F3Qdb/g22v/7X4h5Pm/drF7ddx+ddPOt7T7PT6H0jeqKcH8tfem15aujAZMZC8svH1qfW/LfJF+Sz+saPtx//BWH8n7ouI7CK+PyIeiIgH87Y/FBEPR8TRTeL//oVH3t55/Hsri392W/2//UTl7Hdfd6p/a/3fuBMfy1/ZyuffVhu4m/cOAAAA/i3S+jPwSTq+lk7T8fHGM/yHYjCtLiwuPXF64d3zs41n5YejPy1Wuoaa1kMn87XhIj/Vkj+erxt/Vvl/PT8+s1Cd7XXwUHL7O4z/zG+VXrcO2HN+rwXlZfxDeRn/UF7GP5SX8Q/l1W78f9CDdgA3n+9/KC/jH8rL+IfyMv6hlHbzu36JMicivSWaIbFHiV5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHXwEAAP//CYHnEQ==")
[ 3444.781231][T29229] loop1: detected capacity change from 0 to 512
[ 3444.789503][T29228] loop3: detected capacity change from 0 to 512
[ 3444.799738][T29228] EXT4-fs: Ignoring removed nobh option
[ 3444.805774][T29228] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3444.812311][T29228] EXT4-fs: Ignoring removed nobh option
[ 3444.820045][T29229] EXT4-fs: Ignoring removed nobh option
[ 3444.825628][T29229] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3444.832132][T29229] EXT4-fs: Ignoring removed nobh option
[ 3444.841827][T29232] FAULT_INJECTION: forcing a failure.
[ 3444.841827][T29232] name failslab, interval 1, probability 0, space 0, times 0
[ 3444.854487][T29232] CPU: 0 PID: 29232 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3444.864989][T29232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3444.875042][T29232] Call Trace:
[ 3444.878408][T29232]
[ 3444.881365][T29232] dump_stack_lvl+0xda/0x130
[ 3444.885964][T29232] dump_stack+0x15/0x20
[ 3444.890121][T29232] should_fail_ex+0x21f/0x230
[ 3444.894845][T29232] __should_failslab+0x92/0xa0
[ 3444.899615][T29232] should_failslab+0x9/0x20
[ 3444.904177][T29232] slab_pre_alloc_hook+0x38/0x180
[ 3444.909213][T29232] __kmem_cache_alloc_node+0x46/0x250
[ 3444.914635][T29232] ? io_drain_req+0x1e1/0x4f0
[ 3444.919463][T29232] kmalloc_trace+0x2a/0xa0
[ 3444.923914][T29232] io_drain_req+0x1e1/0x4f0
[ 3444.928432][T29232] io_queue_sqe_fallback+0xd1/0xe0
[ 3444.933542][T29232] io_submit_sqes+0xbf8/0xfe0
[ 3444.936321][T29228] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3444.938260][T29232] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3444.953271][T29228] EXT4-fs (loop3): 1 truncate cleaned up
[ 3444.957956][T29232] ? __fget_files+0x1c4/0x200
[ 3444.957987][T29232] ? mutex_lock+0xd/0x30
[ 3444.972842][T29232] ? fput+0x112/0x140
[ 3444.976863][T29232] ? ksys_write+0x178/0x1a0
[ 3444.981417][T29232] __x64_sys_io_uring_enter+0x78/0x90
[ 3444.986841][T29232] do_syscall_64+0x41/0xc0
[ 3444.991418][T29232] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3444.997324][T29232] RIP: 0033:0x7fbf4da9f169
[ 3445.001884][T29232] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3445.021504][T29232] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3445.029910][T29232] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3445.037884][T29232] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3445.045865][T29232] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3445.053833][T29232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3445.061845][T29232] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3445.069978][T29232]
[ 3445.076541][T29229] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3445.092266][T29229] EXT4-fs (loop1): 1 truncate cleaned up
19:07:32 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma/mNlaTqJev3135NGuesrS9NF0eJ9+/PMaBqRfpy0/cOmhYuXzk7VarMX8vz44rl3xhcuXnpq7tzUmdkzs+cnT548cXzi2Wcmn+5JnFlc10fenz9y+OU3r7w6ferKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4tfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mp+dqs8fyYzIag3uz/MQGdXz74s+fdtvXOv/Ltqz+Yi6Yt+PqQNsC3czU4tROYm517cOIkYFO8SerdwKSiDgcESPbrGPu8S+PdNv3z/FvIJnbZovW1L+IeKzZ/8vRFv9qNRvfnxz/X9Rmj40XZ8V6P/50+bVu9e8o/h7I+n9fx/N/Nf7hpPV+7cLW67j86yddr2m2e/7vSd5opPfkr703tbh4YSJiT/LK+tcn195b5IvyWfyjRzuP/4OxdiTui4jsJL4/Ih6IiAfztj8UEQ9HxNEN4v/+hUfe3n78uyuLf2ZL/b/1ROXsd193q39z/X+ikRrNX9nM599mG7iTYwcAAAD/FmnjGfgkHVtNp+nYWPMZ/kOxL63NLyw+cXr+3fMzzWflh2MwLVa6hlrWQyfyteEiP9mWP56vG39W+X8jPzY9X5vpd/BQcvu7jP/Mb5V+tw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVafx/0Id2ADef738oL+Mfysv4h/Iy/qGUdvK7fokyJyK9JZohsUuJfn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MZfAQAA///G9Obb")
19:07:32 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatptbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgSsDjXI3Vpam/1xZmk6iVnvzj6Re7vrK0nRRtPi7fXlmNI1IP01a/mHDwoWLZ6aq1dnzeX588ex74wsXLj4zd3bq9Ozp2XOTJ04cPzbx/HOTz3Ylziyu68Mfzh8+9Orbl1+fPnn5nR+/SfK4oyWObhmJkXah1z3e7cp6bH9TOunrYUPYkkpEZN3VXx//g1GJtc4bjFc+6WnjgF1Vq9VqezufXq4B/2NJ9LoFQG8UX/TZ/W9x3KSpxy3h2ouNG6As7hv50TjTF8fzMv0t97fdNBIRJ5f/+jI7YpfWIQAAml3J5j9Pt5v/pXFvU7k78z2UoYi4KyIORMTdEXEwIu6JqJe9LyLu32L9Iy359fOf9Oq2AtukbP73Qr639c/5X1oUGarkuf31+PuTU3PV2aP5ezIa/Xuz/MQGdXz38i+fdzrXPP/Ljqz+Yi6Yt+NqX8sC3czU4tROYm527eOI4b528SerOwFJRByKiOFt1jH35NeHO5379/g30IV9ptpXEU80+n85WuIvJBvvT47fFtXZo+PFVbHeTz9feqNT/TuKvwuy/h9oe/2vxj+UNO/XLmy9jku/fdbxnma71/+e5K16ek/+2gdTi4vnJyL2JK+tf31y7W+LfFE+i3/0SPvxfyDW3okHIiK7iB+MiIci4uG87Y9ExKMRcWSD+H946bF3tx//7srin9lS/289UTnz/bed6t9c/zfuxEfzVzbz+bfZBu7kvQMAAID/irT+DHySjq2m03RsrPEM/8EYSKvzC4tPnZp//9xM41n5oehPi5Wuwab10Il8bbjIT7bkj+Xrxl9Ubq/nx6bnqzO9Dh5Kbl+H8Z/5vdLr1gG7zu+1oLyMfygv4x/Ky/iH8jL+obzajf+PetAO4Obz/Q/lZfxDeRn/UF7GP5TSTn7XL1HmRKS3RDMkdinR608mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vg7AAD//w9y51E=")
19:07:32 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x13)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000280)={0x200, 0x0, &(0x7f0000000080)=[r2, r1]}, 0x2)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3445.203321][T29256] loop1: detected capacity change from 0 to 512
[ 3445.209595][T29253] loop3: detected capacity change from 0 to 512
[ 3445.211780][T29256] EXT4-fs: Ignoring removed nobh option
[ 3445.216899][T29253] EXT4-fs: Ignoring removed nobh option
[ 3445.222250][T29256] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.222289][T29256] EXT4-fs: Ignoring removed nobh option
[ 3445.227891][T29253] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.246376][T29253] EXT4-fs: Ignoring removed nobh option
[ 3445.255057][T29256] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3445.270941][T29256] EXT4-fs (loop1): 1 truncate cleaned up
[ 3445.278968][T29253] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3445.293448][T29253] EXT4-fs (loop3): 1 truncate cleaned up
19:07:32 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6cOrC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cXF6c+mN5cSqJev3135NGuRvLi1NF0eJ9+/PMSBqRfpy0/cOm+UuXz03WajMX8/zYwvl3xuYvXX5q9vzk2ZmzMxcmTp06eWL82Wcmnu5JnFlcN468P3f08MtvXn116vTVt374KsnjjrY4eqUa1U6hNzza68r67EBLOhnoY0PYlEpEZN012Bj/Q1GJ1c4bipc+6mvjgB1Vr9fre7vvXqoD/2FJ9LsFQH8UX/TZ9W+x3aKpx65w/fnmBVAW9818a+4ZiDQvM9h2fdtL1Yg4vfTn59kWO7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9m6y/2pZfO/9Jr20psA3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mZ2ZrM8fzYzISg3uz/Pg6dXz74s+fdtvXOv/Ltqz+Yi6Yt+PaQNsC3fTkwuR2Ym51/cOIIwOd4k9W7gQkEXE4Io5ssY7Zx7882m3fP8e/juTtLbZoVf2LiMea/b8UbfGvVLP+/cmx/0Vt5vhYcVas9eNPV17rVv+24u+BrP/3dTz/V+IfTlrv185vvo4rv37S9Zpmq+f/nuSNRnpP/tp7kwsLF8cj9iSvrH19YvW9Rb4on8U/cqzz+D8Yq0fivojITuL7I+KBiHgwb/tDEfFwRBxbJ/7vX3ik64m6G/p/elP9v/lE5dx3X3erf2P9f7KRGslf2cjn30YbuJ1jBwAAAP8WaeMZ+CQdXUmn6eho8xn+Q7Evrc3NLzxxZu7dC9PNZ+WHYzAtVrqGWtZDx/O14SI/0ZY/ka8bf1b5fyM/OjVXm+538FBy+7uM/8xvlX63Dthxfq8F5WX8Q3kZ/1Bexj+Ul/EP5dVp/H/Qh3YAt57vfygv4x/Ky/iH8jL+oZS287t+iTInIt0VzZDYoUS/P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB6468AAAD//6Zy5tw=")
19:07:32 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vg0loZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGU1mhEDEXEbRHxS55OWgsMNv7cWF2e+WN1eSaJWu3135N6ueuryzNF0eJ5g3lmLI1IP05a/mHD4sVLZ6er1bkLeX5i6dw7E4sXLz01f276zNyZufNTJ0+eOD757DNTT3clziyu6yPvLxw5/PKbV16dOXXlrR++SvK4oyWObhmN0Xah1z3a7cp67EBTOunrYUPYlkpEZN3VXx//Q1GJ9c4bipc+6mnjgD1Vq9Vq+zqfXqkB/2FJ9LoFQG8UH/TZ/W9x3KSpxy3h2vONG6As7hv50TjTFyfyMv0t97fdNBoRp1b+/Dw7Yo/WIQAAmn2TzX+ebDf/S+PupnK353sowxFxR0QcjIg7I+JQRNwVUS97T0Tcu836R1vyG+c/6dUdBbZF2fzvuXxv6+/zv7QoMlzJcwfq8fcnp+erc8fy12Qs+vdl+clN6vj2xZ8/7XSuef6XHVn9xVwwb8fVvpYFutnppendxNzs2ocRI33t4k/WdgKSiDgcESM7rGP+8S+PdDr3z/Fvogv7TLUvIh5r9P9KtMRfSDbfn5z4X1Tnjk0UV8VGP/50+bVO9e8q/i7I+n9/2+t/Lf7hpHm/dnH7dVz+9ZOO9zQ7vf4Hkjfq6YH8sfeml5YuTEYMJK9sfHxq/blFviifxT92tP34Pxjrr8R9EZFdxPdHxAMR8WDe9oci4uGIOLpJ/N+/8MjbO49/b2Xxz26r/7efqJz97utO9W+t/xt34mP5I1t5/9tqA3fz2gEAAMC/RVr/DnySjq+l03R8vPEd/kOxP60uLC49cXrh3fOzje/KD0d/Wqx0DTWth07ma8NFfqolfzxfN/6s8v96fnxmoTrb6+Ch5AY7jP/Mb5Vetw7Yc36vBeVl/EN5Gf9QXsY/lJfxD+XVbvx/0IN2ADefz38oL+Mfysv4h/Iy/qGUdvO7fokyJyK9JZohsUeJXr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMdfAQAA///5p+aS")
19:07:32 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0))
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
syz_io_uring_setup(0x313c, &(0x7f0000000280)={0x0, 0xa996, 0x10, 0x0, 0x52, 0x0, r2}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00001ae000/0x1000)=nil, &(0x7f0000000300), &(0x7f0000000340))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080), 0x100)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3445.372859][T29271] loop3: detected capacity change from 0 to 512
[ 3445.379031][T29272] loop1: detected capacity change from 0 to 512
[ 3445.389358][T29272] EXT4-fs: Ignoring removed nobh option
[ 3445.390199][T29271] EXT4-fs: Ignoring removed nobh option
[ 3445.394952][T29272] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.400536][T29271] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.407032][T29272] EXT4-fs: Ignoring removed nobh option
19:07:32 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x2) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='xen_cpu_set_ldt\x00', r6}, 0x6d)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3445.413555][T29271] EXT4-fs: Ignoring removed nobh option
[ 3445.430361][T29272] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3445.445767][T29271] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3445.445821][T29272] EXT4-fs (loop1): 1 truncate cleaned up
[ 3445.466747][T29271] EXT4-fs (loop3): 1 truncate cleaned up
19:07:33 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKcRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma+mNlaSqJev3135NGuesrS1NF0eJ9+/PMSBqRfpy0/cOmhYuX5iZrtZkLeX5s8dw7YwsXLz01e27y7MzZmfMTp06dPDH+7DMTT/ckziyu60fenz96+OU3r7w6dfrKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4vfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mZ2ZrM8fzYzISg3uz/PgGdXz74s+fdtvXOv/Ltqz+Yi6Yt+PqQNsC3fTk4uROYm517cOIIwOd4k9W7wQkEXE4Io5ss47Zx7882m3fP8e/gWRumy1aU/8i4rFm/y9HW/yr1Wx8f3Lsf1GbOT5WnBXr/fjT5de61b+j+Hsg6/99Hc//1fiHk9b7tQtbr+Pyr590vabZ7vm/J3mjkd6Tv/be5OLihfGIPckr61+fWHtvkS/KZ/GPHOs8/g/G2pG4LyKyk/j+iHggIh7M2/5QRDwcEcc2iP/7Fx55e/vx764s/ukt9f/WE5W5777uVv/m+v9kIzWSv7KZz7/NNnAnxw4AAAD+LdLGM/BJOrqaTtPR0eYz/IdiX1qbX1h84sz8u+enm8/KD8dgWqx0DbWsh47na8NFfqItfyJfN/6s8v9GfnRqvjbd7+Ch5PZ3Gf+Z3yr9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/oA/tAG4+3/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6SzRDYpcS/f5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I2/AgAA//+F8Obd")
19:07:33 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatNtbEWn80Vo1WMfgjadKqPXhQUfCgIOihHmOSlthtI00EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxh4b+cl7333zdt9895sAKU1EhGDEXFbRPyap5OWAs8PNMpdX1ma/nNlaTqJWu2NP5J6uWsrS9NF0eLvBvLMaBqRfpK0/MOGhQsXz0xVq7Pn8/z44tl3xxcuXHxq7uzU6dnTs+cmT5w4fmzi2Wcmn+5KnFlc14Y/mD986JW3Lr82ffLy2z9+neRxR0sc3TISI+1Cr3u025X12P6mdNLXw4awJZWIyLqrvz7+B6MSa503GC9/3NPGAbuqVqvV9nY+vVwD/seS6HULgN4ovuiz+9/iuEFTj5vC1RcaN0BZ3Nfzo3GmL47nZfpb7m+7aSQiTi7/9UV2xC6tQwAANPs2m/882W7+l8bdTeVuz/dQhiLijog4EBF3RsTBiLgrol72noi4d4v1j7Tk189/0ivbCmyTsvnfc/ne1j/nf2lRZKiS5/bX4+9PTs1VZ4/m78lo9O/N8hMb1PHdS7981ulc8/wvO7L6i7lg3o4rfS0LdDNTi1M7ibnZ1Y8ihvvaxZ+s7gQkEXEoIoa3Wcfc418d7nTu3+PfQBf2mWpfRjzW6P/laIm/kGy8Pzl+S1Rnj44XV8V6P/186fVO9e8o/i7I+n9f2+t/Nf6hpHm/dmHrdVz67dOO9zTbvf73JG/W03vy196fWlw8PxGxJ3l1/euTa39b5IvyWfyjR9qP/wOx9k7cFxHZRXx/RDwQEQ/mbX8oIh6OiCMbxP/Di4+8s/34d1cW/8yW+n/ricqZ77/pVP/m+r9xJz6av7KZz7/NNnAn7x0AAAD8V6T1Z+CTdGw1naZjY41n+A/GvrQ6v7D4xKn5987NNJ6VH4r+tFjpGmxaD53I14aL/GRL/li+bvx55dZ6fmx6vjrT6+Ch5AY6jP/M75Vetw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVbvx/2IN2ADee738oL+Mfysv4h/Iy/qGUdvK7fokyJyK9KZohsUuJXn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMffAQAA////mObS")
[ 3445.570484][T29294] loop3: detected capacity change from 0 to 512
[ 3445.577850][T29295] loop1: detected capacity change from 0 to 512
[ 3445.579754][T29294] EXT4-fs: Ignoring removed nobh option
[ 3445.589408][T29295] EXT4-fs: Ignoring removed nobh option
[ 3445.589803][T29294] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.595330][T29295] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.601729][T29294] EXT4-fs: Ignoring removed nobh option
[ 3445.608195][T29295] EXT4-fs: Ignoring removed nobh option
19:07:33 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 43)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:33 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
shutdown(0xffffffffffffffff, 0x0) (async)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x2) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='xen_cpu_set_ldt\x00', r6}, 0x6d) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r7, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r7, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r7, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r7, 0x30, 0x9, 0x10000) (async)
socket(0x10, 0x80002, 0x0)
[ 3445.622376][T29294] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3445.623000][T29295] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3445.636946][T29294] EXT4-fs (loop3): 1 truncate cleaned up
[ 3445.654338][T29295] EXT4-fs (loop1): 1 truncate cleaned up
[ 3445.680716][T29302] FAULT_INJECTION: forcing a failure.
[ 3445.680716][T29302] name failslab, interval 1, probability 0, space 0, times 0
[ 3445.693559][T29302] CPU: 1 PID: 29302 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3445.704000][T29302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3445.714119][T29302] Call Trace:
[ 3445.717422][T29302]
[ 3445.720352][T29302] dump_stack_lvl+0xda/0x130
[ 3445.724985][T29302] dump_stack+0x15/0x20
19:07:33 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vg0loZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TSjHeSmcezY8/OrAMordGIGIqI2yLilzydtBRYGWyUu7G6PPPH6vJMErXa678n9XLXV5dniqLF3w3mmbE0Iv04afmHDYsXL52drlbnLuT5iaVz70wsXrz01Py56TNzZ+bOT508eeL45LPPTD3dlTizuK6PvL9w5PDLb155debUlbd++CrJ446WOLplNEbbhV73aLcr67EDTemkr4cNYVsqEZF1V399/A9FJdY7byhe+qinjQP2VK1Wq+3rfHqlBvyHJdHrFgC9UXzRZ/e/xXGTph63hGvPN26Asrhv5EfjTF+cyMv0t9zfdtNoRJxa+fPz7Ig9WocAAGj2TTb/ebLd/C+Nu5vK3Z7voQxHxB0RcTAi7oyIQxFxV0S97D0Rce826x9tyW+c/6RXdxTYFmXzv+fyva2/z//SoshwJc8dqMffn5yer84dy9+Tsejfl+UnN6nj2xd//rTTueb5X3Zk9RdzwbwdV/taFuhmp5emdxNzs2sfRoz0tYs/WdsJSCLicESM7LCO+ce/PNLp3D/Hv4ku7DPVvoh4rNH/K9ESfyHZfH9y4n9RnTs2UVwVG/340+XXOtW/q/i7IOv//W2v/7X4h5Pm/drF7ddx+ddPOt7T7PT6H0jeqKcH8tfem15aujAZMZC8svH1qfW/LfJF+Sz+saPtx//BWH8n7ouI7CK+PyIeiIgH87Y/FBEPR8TRTeL//oVH3t55/Hsri392W/2//UTl7Hdfd6p/a/3fuBMfy1/ZyuffVhu4m/cOAAAA/i3S+jPwSTq+lk7T8fHGM/yHYn9aXVhceuL0wrvnZxvPyg9Hf1qsdA01rYdO5mvDRX6qJX88Xzf+rPL/en58ZqE62+vgoeQGO4z/zG+VXrcO2HN+rwXlZfxDeRn/UF7GP5SX8Q/l1W78f9CDdgA3n+9/KC/jH8rL+IfyMv6hlHbzu36JMicivSWaIbFHiV5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHXwEAAP//BZjnEg==")
[ 3445.729201][T29302] should_fail_ex+0x21f/0x230
[ 3445.733887][T29302] __should_failslab+0x92/0xa0
[ 3445.738735][T29302] should_failslab+0x9/0x20
[ 3445.743360][T29302] slab_pre_alloc_hook+0x38/0x180
[ 3445.743505][T29302] __kmem_cache_alloc_node+0x46/0x250
[ 3445.743523][T29302] ? io_drain_req+0x1e1/0x4f0
[ 3445.743551][T29302] kmalloc_trace+0x2a/0xa0
19:07:33 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma/mNlaTqJev3135NGuesrS9NF0eJ9+/PMaBqRfpy0/cOmhYuXzk7VarMX8vz44rl3xhcuXnpq7tzUmdkzs+cnT548cXzi2Wcmn+5JnFlc10fenz9y+OU3r7w6ferKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4tfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mp+dqs8fyYzIag3uz/MQGdXz74s+fdtvXOv/Ltqz+Yi6Yt+PqQNsC3czU4tROYm517cOIkYFO8SerdwKSiDgcESPbrGPu8S+PdNv3z/FvIKlts0Vr6l9EPNbs/+Voi3+1mo3vT47/L2qzx8aLs2K9H3+6/Fq3+ncUfw9k/b+v4/m/Gv9w0nq/dmHrdVz+9ZOu1zTbPf/3JG800nvy196bWly8MBGxJ3ll/euTa+8t8kX5LP7Ro53H/8FYOxL3RUR2Et8fEQ9ExIN52x+KiIcj4ugG8X//wiNvbz/+3ZXFP7Ol/t96onL2u6+71b+5/j/RSI3mr2zm82+zDdzJsQMAAIB/i7TxDHySjq2m03RsrPkM/6HYl9bmFxafOD3/7vmZ5rPywzGYFitdQy3roRP52nCRn2zLH8/XjT+r/L+RH5uer830O3gouf1dxn/mt0q/WwfsOr/XgvIy/qG8jH8oL+Mfysv4h/LqNP4/6EM7gJvP9z+Ul/EP5WX8Q3kZ/1BKO/ldv0SZE5HeEs2Q2KVEvz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuOvAAAA//9lbube")
[ 3445.743582][T29302] io_drain_req+0x1e1/0x4f0
19:07:33 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatNtbEWn80Vo1WMfgjadKqPXhRFDwoCHqox5ikJXbbSBPBlqBRpB6l4F08Cv4FnupF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiLgjIn7N00lLgSsDjXI3Vpam/1xZmk6iVnvzj6Re7vrK0nRRtPi7gTwzmkaknyYt/7Bh4cLFM1PV6uz5PD++ePa98YULF5+ZOzt1evb07LnJEyeOH5t4/rnJZ7sSZxbX9eEP5w8fevXty69Pn7z8zo/fJHnc0RJHt4zESLvQ6x7vdmU9tr8pnfT1sCFsSSUisu7qr4//wajEWucNxiuf9LRxwK6q1Wq1vZ1PL9eA/7Eket0CoDeKL/rs/rc4btLU45Zw7cXGDVAW9438aJzpi+N5mf6W+9tuGomIk8t/fZkdsUvrEAAAza5k85+n283/0ri3qdyd+R7KUETcFREHIuLuiDgYEfdE1MveFxH3b7H+kZb8+vlPenVbgW1SNv97Id/b+uf8Ly2KDFXy3P56/P3Jqbnq7NH8PRmN/r1ZfmKDOr57+ZfPO51rnv9lR1Z/MRfM23G1r2WBbmZqcWonMTe79nHEcF+7+JPVnYAkIg5FxPA265h78uvDnc79e/wb6MI+U+2riCca/b8cLfEXko33J8dvi+rs0fHiqljvp58vvdGp/h3F3wVZ/+9re/2vxj+UNO/XLmy9jku/fdbxnma71/+e5K16ek/+2gdTi4vnJyL2JK+tf31y7W+LfFE+i3/0SPvxfyDW3okHIiK7iB+MiIci4uG87Y9ExKMRcWSD+H946bF3tx//7srin9lS/289UTnz/bed6t9c/zfuxEfzVzbz+bfZBu7kvQMAAID/irT+DHySjq2m03RsrPEM/8HYl1bnFxafOjX//rmZxrPyQ9GfFitdg03roRP52nCRn2zJH8vXjb+o3F7Pj03PV2d6HTyU3ECH8Z/5vdLr1gG7zu+1oLyMfygv4x/Ky/iH8jL+obzajf+PetAO4Obz/Q/lZfxDeRn/UF7GP5TSTn7XL1HmRKS3RDMkdinR608mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vg7AAD//wuJ51I=")
[ 3445.743656][T29302] io_queue_sqe_fallback+0xd1/0xe0
[ 3445.743672][T29302] io_submit_sqes+0xbf8/0xfe0
[ 3445.743697][T29302] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3445.743727][T29302] ? __fget_files+0x1c4/0x200
[ 3445.743786][T29302] ? mutex_lock+0xd/0x30
[ 3445.743807][T29302] ? fput+0x112/0x140
[ 3445.743822][T29302] ? ksys_write+0x178/0x1a0
[ 3445.743843][T29302] __x64_sys_io_uring_enter+0x78/0x90
[ 3445.743949][T29302] do_syscall_64+0x41/0xc0
[ 3445.743968][T29302] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3445.743998][T29302] RIP: 0033:0x7fbf4da9f169
[ 3445.744013][T29302] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3445.744104][T29302] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3445.744123][T29302] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3445.744136][T29302] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3445.744195][T29302] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3445.744249][T29302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3445.744261][T29302] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3445.744274][T29302]
[ 3445.799668][T29321] loop1: detected capacity change from 0 to 512
[ 3445.799989][T29321] EXT4-fs: Ignoring removed nobh option
[ 3445.800008][T29321] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.800022][T29321] EXT4-fs: Ignoring removed nobh option
[ 3445.803442][T29321] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3445.803683][T29321] EXT4-fs (loop1): 1 truncate cleaned up
19:07:33 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = socket$netlink(0x10, 0x3, 0x13)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000280)={0x200, 0x0, &(0x7f0000000080)=[r2, r1]}, 0x2)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3445.807011][T29325] loop3: detected capacity change from 0 to 512
[ 3445.807258][T29325] EXT4-fs: Ignoring removed nobh option
[ 3445.807275][T29325] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3445.807302][T29325] EXT4-fs: Ignoring removed nobh option
[ 3445.830078][T29325] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3445.850857][T29325] EXT4-fs (loop3): 1 truncate cleaned up
[ 3445.872042][T29328] loop1: detected capacity change from 0 to 512
19:07:33 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r6, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r4, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r6, @ANYBLOB="00c62bbd7000fddbdf257a000000ec00030300b8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYRES64], &(0x7f00000000c0)='GPL\x00', 0xfffffff7, 0x9f, &(0x7f0000000980)=""/159, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES8=r5, @ANYRES32=0x0, @ANYBLOB="ffd50000000004006ce0836ee907000000fa04000280000000dfd9328273abb3014a488bb098317f65890c54f764bfcb16ecb9925c5d68ecc53ff9136b235a799bab29e6c18b2ee9913c57ae0ce1f5c828f5d20d", @ANYRES32=r8, @ANYRESOCT=r7, @ANYRESDEC=r2, @ANYRESOCT, @ANYRES64=r7, @ANYRES32=r1], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r9 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r9, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r9, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r9, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r9, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:33 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRrUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma+mNlaSqJev3135NGuesrS1NF0eJ9+/PMSBqRfpy0/cOmhYuXzk3WajMX8vzY4tw7YwsXLz01Ozd5dubszPmJU6dOnhh/9pmJp3sSZxbX9SPvzx89/PKbV16dOn3lrR++SvK4oy2OXqlGtVPoDY/2urI+O9CSTgb62BC2pBIRWXcNNsb/UFRirfOG4qWP+to4YFfV6/X63u67l+vAf1gS/W4B0B/FF312/VtsN2nqcUu49nzzAiiL+0a+NfcMRJqXGWy7vu2lakScXv7z82yLXVqHAABo9U02/3my0/wvjbtbyt2e30MZjog7IuJgRNwZEYci4q6IRtl7IuLeLdZfbcuvn/+kV7cV2CZl87/n8ntbf5//FbO/GK7kuQON+AeTM7O1meP5MRmJwb1ZfnyDOr598edPu+1rnf9lW1Z/MRfM23F1oG2BbnpycXInMbe69mHEkYFO8SerdwKSiDgcEUe2Wcfs418e7bbvn+PfQDK3zRatqX8R8Viz/5ejLf7Vaja+Pzn2v6jNHB8rzor1fvzp8mvd6t9R/D2Q9f++juf/avzDSev92oWt13H510+6XtNs9/zfk7zRSO/JX3tvcnHxwnjEnuSV9a9PrL23yBfls/hHjnUe/wdj7UjcFxHZSXx/RDwQEQ/mbX8oIh6OiGMbxP/9C4+8vf34d1cW//SW+n/ricq5777uVv/m+v9kIzWSv7KZz7/NNnAnxw4AAAD+LdLGM/BJOrqaTtPR0eYz/IdiX1qbX1h84sz8u+enm8/KD8dgWqx0DbWsh47na8NFfqItfyJfN/6s8v9GfnRqvjbd7+Ch5PZ3Gf+Z3yr9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/oA/tAG4+3/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6SzRDYpcS/f5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I2/AgAA//9E7Obf")
[ 3446.056769][T29328] EXT4-fs: Ignoring removed nobh option
[ 3446.062380][T29328] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.069055][T29328] EXT4-fs: Ignoring removed nobh option
[ 3446.110561][T29348] loop3: detected capacity change from 0 to 512
[ 3446.117230][T29348] EXT4-fs: Ignoring removed nobh option
[ 3446.122935][T29348] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.129401][T29348] EXT4-fs: Ignoring removed nobh option
[ 3446.153502][T29328] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3446.169816][T29328] EXT4-fs (loop1): 1 truncate cleaned up
[ 3446.176860][T29348] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3446.193934][T29348] EXT4-fs (loop3): 1 truncate cleaned up
19:07:33 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPlgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRPUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma+mNlaSqJev3135NGuesrS1NF0eJ9+/PMSBqRfpy0/cOmhYuXzk3WajMX8vzY4vl3xhYuXnpq9vzk2ZmzM3MTp06dPDH+7DMTT/ckziyu60fenz96+OU3r7w6dfrKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4vfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mZ2ZrM8fzYzISg3uz/PgGdXz74s+fdtvXOv/Ltqz+Yi6Yt+PqQNsC3fTk4uROYm517cOIIwOd4k9W7wQkEXE4Io5ss47Zx7882m3fP8e/gWRumy1aU/8i4rFm/y9HW/yr1Wx8f3Lsf1GbOT5WnBXr/fjT5de61b+j+Hsg6/99Hc//1fiHk9b7tQtbr+Pyr590vabZ7vm/J3mjkd6Tv/be5OLihfGIPckr61+fWHtvkS/KZ/GPHOs8/g/G2pG4LyKyk/j+iHggIh7M2/5QRDwcEcc2iP/7Fx55e/vx764s/ukt9f/WE5Vz333drf7N9f/JRmokf2Uzn3+bbeBOjh0AAAD8W6SNZ+CTdHQ1naajo81n+A/FvrQ2v7D4xJn5d+emm8/KD8dgWqx0DbWsh47na8NFfqItfyJfN/6s8v9GfnRqvjbd7+Ch5PZ3Gf+Z3yr9bh2w6/xeC8rL+IfyMv6hvIx/KC/jH8qr0/j/oA/tAG4+3/9QXsY/lJfxD+Vl/EMp7eR3/RJlTkR6SzRDYpcS/f5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I2/AgAA//8kaubg")
19:07:33 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKfZBQyqOhQKAgIh5JkxbogQsIJA4gIcGhHEOSVqFug5og0SqCgFA5okrcEUck/gJOcEHACYkr3FGlCuXSwslo7d3EOHbIw6kL+/tJq8x4x5n5PDv27IwdQGmNRMRgROyPiF/zdNJaYH/jz42Vpek/V5amk6jV3vgjqZe7vrI0XRQtnrcvz4ymEeknScs/bFi4eOnsVLU6eyHPjy+ee3d84eKlp+fOTZ2ZPTN7fvLkyRPHJ557dvKZrsSZxXV9+IP5I4dfeevKa9Onrrz949dJHne0xNEtIzHSLvS6x7pdWY8daEonfT1sCFtSiYisu/rr438wKrHWeYPx8sc9bRywq2q1Wm1P59PLNeB/LIletwDojeKDPrv/LY6bNPW4JVx7oXEDlMV9Iz8aZ/riRF6mv+X+tptGIuLU8l9fZEfs0joEAECzb7P5z1Pt5n9p3NNU7o58D2UoIu6MiIMRcVdEHIqIuyPqZe+NiPu2WP9IS379/Ce9uq3ANimb/z2f7239c/6XFkWGKnnuQD3+/uT0XHX2WP6ajEb/niw/sUEd3730y2edzjXP/7Ijq7+YC+btuNrXskA3M7U4tZOYm137KGK4r138yepOQBIRhyNieJt1zD3x1ZFO5/49/g10YZ+p9mXE443+X46W+AvJxvuT47dFdfbYeHFVrPfTz5df71T/juLvgqz/97a9/lfjH0qa92sXtl7H5d8+7XhPs93rfyB5s54eyB97f2px8cJExEDy6vrHJ9eeW+SL8ln8o0fbj/+DsfZK3B8R2UX8QEQ8GBEP5W1/OCIeiYijG8T/w4uPvrP9+HdXFv/Mlvp/64nK2e+/6VT/5vq/cSc+mj+ymfe/zTZwJ68dAAAA/Fek9e/AJ+nYajpNx8Ya3+E/FHvT6vzC4pOn5987P9P4rvxQ9KfFStdg03roRL42XOQnW/LH83Xjzyu31/Nj0/PVmV4HDyW3r8P4z/xe6XXrgF3n91pQXsY/lJfxD+Vl/EN5Gf9QXu3G/4c9aAdw8/n8h/Iy/qG8jH8oL+MfSmknv+uXKHMi0luiGRK7lOj1OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/B0AAP//9b7mkw==")
19:07:33 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0))
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4) (async)
syz_io_uring_setup(0x313c, &(0x7f0000000280)={0x0, 0xa996, 0x10, 0x0, 0x52, 0x0, r2}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00001ae000/0x1000)=nil, &(0x7f0000000300), &(0x7f0000000340)) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080), 0x100)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3446.302443][T29368] loop1: detected capacity change from 0 to 512
[ 3446.312678][T29367] loop3: detected capacity change from 0 to 512
[ 3446.319280][T29368] EXT4-fs: Ignoring removed nobh option
[ 3446.325018][T29368] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.331536][T29368] EXT4-fs: Ignoring removed nobh option
[ 3446.338508][T29367] EXT4-fs: Ignoring removed nobh option
[ 3446.344142][T29367] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.350659][T29367] EXT4-fs: Ignoring removed nobh option
[ 3446.359230][T29368] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3446.360989][T29367] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3446.383374][T29368] EXT4-fs (loop1): 1 truncate cleaned up
[ 3446.388260][T29367] EXT4-fs (loop3): 1 truncate cleaned up
19:07:33 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP09+uDhFIeDQUCBRHxSJq0QA8cAIHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFo4Ga29mxjHDnk4dWE/H2mlGe8kM1/Pjj07sw6gtEYiYjAi9kfEL3k6aSnw3P5GuRsrS9N/rCxNJ1Grvf57Ui93fWVpuiha/N2+PDOaRqQfJy3/sGHh4qWzU9Xq7IU8P7547p3xhYuXnpw7N3Vm9szs+cmTJ08cn3jm6cmnuhJnFtf14ffnjxx++c0rr06fuvLWD18ledzREke3jMRIu9DrHul2ZT12oCmd9PWwIWxJJSKy7uqvj//BqMRa5w3GSx/1tHHArqrVarU9nU8v14D/sCR63QKgN4ov+uz+tzhu0tTjlnDt+cYNUBb3jfxonOmLE3mZ/pb7224aiYhTy39+nh2xS+sQAADNvsnmP0+0m/+lcVdTudvyPZShiLg9Ig5GxB0RcSgi7oyol707Iu7ZYv0jLfn185/06rYC26Rs/vdsvrf19/lfWhQZquS5A/X4+5PTc9XZY/l7Mhr9e7L8xAZ1fPviz592Otc8/8uOrP5iLpi342pfywLdzNTi1E5ibnbtw4jhvnbxJ6s7AUlEHI6I4W3WMffYl0c6nfvn+DfQhX2m2hcRjzb6fzla4i8kG+9Pjv8vqrPHxourYr0ff7r8Wqf6dxR/F2T9v7ft9b8a/1DSvF+7sPU6Lv/6Scd7mu1e/wPJG/X0QP7ae1OLixcmIgaSV9a/Prn2t0W+KJ/FP3q0/fg/GGvvxL0RkV3E90XE/RHxQN72ByPioYg4ukH837/w8Nvbj393ZfHPbKn/t56onP3u6071b67/G3fio/krm/n822wDd/LeAQAAwL9FWn8GPknHVtNpOjbWeIb/UOxNq/MLi4+fnn/3/EzjWfmh6E+Lla7BpvXQiXxtuMhPtuSP5+vGn1X+X8+PTc9XZ3odPJTcvg7jP/NbpdetA3ad32tBeRn/UF7GP5SX8Q/lZfxDebUb/x/0oB3Azef7H8rL+IfyMv6hvIx/KKWd/K5fosyJSG+JZkjsUqLXn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8VcAAAD///uv5tM=")
19:07:34 executing program 4:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (fail_nth: 44)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r5, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800afe58d5c700010076786c0050dbb9230000000004000280", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(0xffffffffffffffff, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:34 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n7vi0loZSPhgKGgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmWdnx56dXQdQWtWIGIqI2yLilzydtBeoNv/cWFma/mNlaTqJev3135NGuesrS9NF0eJ9+/PMaBqRfpy0/cOmhYuXzk7VarMX8vz44rl3xhcuXnpq7tzUmdkzs+cnT548cXzi2Wcmn+5JnFlc10fenz9y+OU3r7w6ferKWz98leRxR1scvVKNaqfQGx7tdWV9dqAlnQz0sSFsSSUisu4abIz/oajEWucNxUsf9bVxwK6q1+v1vd13L9eB/7Ak+t0CoD+KL/rs+rfYbtLU45Zw7fnmBVAW9418a+4ZiDQvM9h2fdtL1Yg4tfzn59kWu7QOAQDQ6pts/vNkp/lfGne3lLs9v4cyHBF3RMTBiLgzIg5FxF0RjbL3RMS9W6y/2pZfP/9Jr24rsE3K5n/P5fe2/j7/K2Z/MVzJcwca8Q8mp+dqs8fyYzIag3uz/MQGdXz74s+fdtvXOv/Ltqz+Yi6Yt+PqQNsC3czU4tROYm517cOIkYFO8SerdwKSiDgcESPbrGPu8S+PdNv3z/FvIJnfZovW1L+IeKzZ/8vRFv9qNRvfnxz/X9Rmj40XZ8V6P/50+bVu9e8o/h7I+n9fx/N/Nf7hpPV+7cLW67j86yddr2m2e/7vSd5opPfkr703tbh4YSJiT/LK+tcn195b5IvyWfyjRzuP/4OxdiTui4jsJL4/Ih6IiAfztj8UEQ9HxNEN4v/+hUfe3n78uyuLf2ZL/b/1ROXsd193q39z/X+ikRrNX9nM599mG7iTYwcAAAD/FmnjGfgkHVtNp+nYWPMZ/kOxL63NLyw+cXr+3fMzzWflh2MwLVa6hlrWQyfyteEiP9mWP56vG39W+X8jPzY9X5vpd/BQcvu7jP/Mb5V+tw7YdX6vBeVl/EN5Gf9QXsY/lJfxD+XVafx/0Id2ADef738oL+Mfysv4h/Iy/qGUdvK7fokyJyK9JZohsUuJfn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MZfAQAA//8D6Obh")
[ 3446.464106][T29381] loop1: detected capacity change from 0 to 512
[ 3446.470578][T29381] EXT4-fs: Ignoring removed nobh option
[ 3446.476225][T29381] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.482843][T29381] EXT4-fs: Ignoring removed nobh option
[ 3446.490718][T29381] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3446.505697][T29381] EXT4-fs (loop1): 1 truncate cleaned up
[ 3446.529976][T29385] FAULT_INJECTION: forcing a failure.
[ 3446.529976][T29385] name failslab, interval 1, probability 0, space 0, times 0
[ 3446.533925][T29386] loop3: detected capacity change from 0 to 512
[ 3446.542937][T29385] CPU: 1 PID: 29385 Comm: syz-executor.4 Not tainted 6.3.0-rc7-syzkaller-00152-g2af3e53a4dc0 #0
[ 3446.551031][T29386] EXT4-fs: Ignoring removed nobh option
[ 3446.559677][T29385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[ 3446.559693][T29385] Call Trace:
[ 3446.559699][T29385]
[ 3446.559705][T29385] dump_stack_lvl+0xda/0x130
[ 3446.559727][T29385] dump_stack+0x15/0x20
[ 3446.559742][T29385] should_fail_ex+0x21f/0x230
[ 3446.565300][T29386] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.575335][T29385] __should_failslab+0x92/0xa0
[ 3446.575359][T29385] should_failslab+0x9/0x20
[ 3446.575375][T29385] slab_pre_alloc_hook+0x38/0x180
[ 3446.578685][T29386] EXT4-fs: Ignoring removed nobh option
[ 3446.581556][T29385] __kmem_cache_alloc_node+0x46/0x250
[ 3446.589119][T29386] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3446.590289][T29385] ? io_drain_req+0x1e1/0x4f0
[ 3446.595229][T29386] EXT4-fs (loop3): 1 truncate cleaned up
[ 3446.601336][T29385] kmalloc_trace+0x2a/0xa0
[ 3446.601367][T29385] io_drain_req+0x1e1/0x4f0
[ 3446.659980][T29385] io_queue_sqe_fallback+0xd1/0xe0
[ 3446.665089][T29385] io_submit_sqes+0xbf8/0xfe0
[ 3446.669791][T29385] __se_sys_io_uring_enter+0x1e5/0x1b70
[ 3446.675354][T29385] ? __fget_files+0x1c4/0x200
[ 3446.680028][T29385] ? mutex_lock+0xd/0x30
[ 3446.684291][T29385] ? fput+0x112/0x140
[ 3446.688284][T29385] ? ksys_write+0x178/0x1a0
[ 3446.692854][T29385] __x64_sys_io_uring_enter+0x78/0x90
[ 3446.698244][T29385] do_syscall_64+0x41/0xc0
[ 3446.702753][T29385] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 3446.708744][T29385] RIP: 0033:0x7fbf4da9f169
[ 3446.713169][T29385] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 3446.733238][T29385] RSP: 002b:00007fbf4ce12168 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3446.741680][T29385] RAX: ffffffffffffffda RBX: 00007fbf4dbbef80 RCX: 00007fbf4da9f169
[ 3446.749669][T29385] RDX: 0000000000000000 RSI: 00000000000040b3 RDI: 0000000000000003
[ 3446.757651][T29385] RBP: 00007fbf4ce121d0 R08: 0000000020000000 R09: 0000000000000008
[ 3446.765649][T29385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
19:07:34 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCap9oeJtf5orBqtYvBH0qRVe/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwy8t/OS97775u2+eW82gNIaiYjBiNgfEb/m6aSlwPL+RrkbK0vTf64sTSdRq73xR1Ivd31labooWvzdvjwzmkaknyQt/7Bh4eKls1PV6uyFPD++eO7d8YWLl56eOzd1ZvbM7PnJkydPHJ947tnJZ7oSZxbX9eEP5o8cfuWtK69Nn7ry9o9fJ3nc0RJHt4zESLvQ6x7rdmU9dqApnfT1sCFsSSUisu7qr4//wajEWucNxssf97RxwK6q1Wq1PZ1PL9eA/7Eket0CoDeKL/rs/rc4btLU45Zw7YXGDVAW9438aJzpixN5mf6W+9tuGomIU8t/fZEdsUvrEAAAzb7N5j9PtZv/pXFPU7k78j2UoYi4MyIORsRdEXEoIu6OqJe9NyLu22L9Iy359fOf9Oq2AtukbP73fL639c/5X1oUGarkuQP1+PuT03PV2WP5ezIa/Xuy/MQGdXz30i+fdTrXPP/Ljqz+Yi6Yt+NqX8sC3czU4tROYm527aOI4b528SerOwFJRByOiOFt1jH3xFdHOp379/g30IV9ptqXEY83+n85WuIvJBvvT47fFtXZY+PFVbHeTz9ffr1T/TuKvwuy/t/b9vpfjX8oad6vXdh6HZd/+7TjPc12r/+B5M16eiB/7f2pxcULExEDyavrX59c+9siX5TP4h892n78H4y1d+L+iMgu4gci4sGIeChv+8MR8UhEHN0g/h9efPSd7ce/u7L4Z7bU/1tPVM5+/02n+jfX/4078dH8lc18/m22gTt57wAAAOC/Iq0/A5+kY6vpNB0bazzDfyj2ptX5hcUnT8+/d36m8az8UPSnxUrXYNN66ES+NlzkJ1vyx/N1488rt9fzY9Pz1ZleBw8lt6/D+M/8Xul164Bd5/daUF7GP5SX8Q/lZfxDeRn/UF7txv+HPWgHcPP5/ofyMv6hvIx/KC/jH0ppJ7/rlyhzItJbohkSu5To9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd/wdAAD//wGv5xM=")
[ 3446.773626][T29385] R13: 00007ffe2b8f917f R14: 00007fbf4ce12300 R15: 0000000000022000
[ 3446.781605][T29385]
19:07:34 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn+0Vl2tYvBH0qRVe/CiKHhQEPRQjzFJS+y2KU0EW4JGkXqUgnfxKPgXeNKLqCfBq96lUCSXVk8rszuTrJvdmB+bbnU+Hxjy3s7bvPedN2/3zZvZAEqrGhFDEXFHRPyap5P2AtXmnxvLi1N/Li9OJVGvv/lH0ih3fXlxqihavG9vnhlJI9JPkrZ/2DR/8dKZyVpt5kKeH1s4e35s/uKlZ2bPTp6eOT1zbuLEiePHxp9/buLZnsSZxXX90Adzhw+++vaV16dOXnnnx6+TPO5oi6NXqlHtFHrD472urM/2taSTgT42hE2pRETWXYON8T8UlVjtvKF45eO+Ng7YUfV6vb67++6lOvA/lkS/WwD0R/FFn13/FttNmnrcEq692LwAyuK+kW/NPQOR5mUG265ve6kaESeX/voi22KH1iEAAFp9m81/nu40/0vj3pZyd+b3UIYj4q6I2B8Rd0fEgYi4J6JR9r6IuH+T9Vfb8mvnP+nVLQW2Qdn874X83tY/53/F7C+GK3luXyP+weTUbG3maH5MRmJwd5YfX6eO717+5bNu+1rnf9mW1V/MBfN2XB1oW6CbnlyY3E7Mra59FHFooFP8ycqdgCQiDkbEoS3WMfvkV4e77fv3+NeRnN9ii1bVv4x4otn/S9EW/0o169+fHLstajNHx4qzYq2ffr78Rrf6txV/D2T9v6fj+b8S/3DSer92fvN1XP7t067XNFs9/3clbzXSu/LX3p9cWLgwHrEreW3t6xOr7y3yRfks/pEjncf//lg9Eg9ERHYSPxgRD0XEw3nbH4mIRyPiyDrx//DSY+9uPf6dlcU/van+33yicub7b7rVv7H+P95IjeSvbOTzb6MN3M6xAwAAgP+KtPEMfJKOrqTTdHS0+Qz/gdiT1ubmF546Nffeuenms/LDMZgWK11DLeuh4/nacJGfaMsfy9eNP6/c3siPTs3VpvsdPJTc3i7jP/N7pd+tA3ac32tBeRn/UF7GP5SX8Q/lZfxDeXUa/x/2oR3Azef7H8rL+IfyMv6hvIx/KKXt/K5fosyJSG+JZkjsUKLfn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC98XcAAAD//+NX5uI=")
[ 3446.810920][T29398] loop1: detected capacity change from 0 to 512
[ 3446.817508][T29398] EXT4-fs: Ignoring removed nobh option
[ 3446.823269][T29398] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.830182][T29398] EXT4-fs: Ignoring removed nobh option
19:07:34 executing program 0:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x13) (async)
r2 = socket$netlink(0x10, 0x3, 0x13)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000280)={0x200, 0x0, &(0x7f0000000080)=[r2, r1]}, 0x2)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3446.848132][T29398] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3446.851084][T29401] loop3: detected capacity change from 0 to 512
[ 3446.866252][T29398] EXT4-fs (loop1): 1 truncate cleaned up
[ 3446.869265][T29401] EXT4-fs: Ignoring removed nobh option
[ 3446.874243][T29398] EXT4-fs mount: 368 callbacks suppressed
[ 3446.874256][T29398] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3446.875106][T29398] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:34 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8) (async)
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r6, &(0x7f0000000100)}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r6, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r4, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r6, @ANYBLOB="00c62bbd7000fddbdf257a000000ec00030300b8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYRES64], &(0x7f00000000c0)='GPL\x00', 0xfffffff7, 0x9f, &(0x7f0000000980)=""/159, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10) (async)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES8=r5, @ANYRES32=0x0, @ANYBLOB="ffd50000000004006ce0836ee907000000fa04000280000000dfd9328273abb3014a488bb098317f65890c54f764bfcb16ecb9925c5d68ecc53ff9136b235a799bab29e6c18b2ee9913c57ae0ce1f5c828f5d20d", @ANYRES32=r8, @ANYRESOCT=r7, @ANYRESDEC=r2, @ANYRESOCT, @ANYRES64=r7, @ANYRES32=r1], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r9 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r9, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r9, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000800))
ioctl$FS_IOC_SETVERSION(r9, 0x40047602, &(0x7f0000000000)=0xe93)
mq_timedreceive(r9, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r9, 0x30, 0x9, 0x10000) (async)
fallocate(r9, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
[ 3446.880030][T29401] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3446.880046][T29401] EXT4-fs: Ignoring removed nobh option
[ 3446.883481][T29401] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
19:07:34 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP09+uDhFIeDQUCBRHxSJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcCoXBJyQuMIdVapQLi2cjNbeTYxjhzycurCfj7TSjHeSma9nx56dWQdQWiMRMRgR+yPilzydtBS4ur9R7ubK0vQfK0vTSdRqb/ye1MvdWFmaLooWf7cvz4ymEeknScs/bFi4eOnsVLU6eyHPjy+ee3d84eKlp+fOTZ2ZPTN7fvLkyRPHJ557dvKZrsSZxXVj+IP5I4dfeevKa9Onrrz9w9dJHne0xNEtIzHSLvS6x7pdWY8daEonfT1sCFtSiYisu/rr438wKrHWeYPx8sc9bRywq2q1Wm1P59PLNeA/LIletwDojeKLPrv/LY5bNPW4LVx/oXEDlMV9Mz8aZ/riRF6mv+X+tptGIuLU8p9fZEfs0joEAECzq9n856l287807mkqd0e+hzIUEXdGxMGIuCsiDkXE3RH1svdGxH1brH+kJb9+/pNe21Zgm5TN/57P97b+Pv9LiyJDlTx3oB5/f3J6rjp7LH9PRqN/T5af2KCOb1/6+bNO55rnf9mR1V/MBfN2XOtrWaCbmVqc2knMza5/FDHc1y7+ZHUnIImIwxExvM065p746kinc/8c/wa6sM9U+zLi8Ub/L0dL/IVk4/3J8f9FdfbYeHFVrPfjT5df71T/juLvgqz/97a9/lfjH0qa92sXtl7H5V8/7XhPs93rfyB5s54eyF97f2px8cJExEDy6vrXJ9f+tsgX5bP4R4+2H/8HY+2duD8isov4gYh4MCIeytv+cEQ8EhFHN4j/+xcffWf78e+uLP6ZLfX/1hOVs99906n+zfV/4058NH9lM59/m23gTt47AAAA+LdI68/AJ+nYajpNx8Yaz/Afir1pdX5h8cnT8++dn2k8Kz8U/Wmx0jXYtB46ka8NF/nJlvzxfN3488r/6/mx6fnqTK+Dh5Lb12H8Z36r9Lp1wK7zey0oL+Mfysv4h/Iy/qG8jH8or3bj/8MetAO49Xz/Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6W3RDIldSvT6kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7/goAAP//B6DnUw==")
[ 3446.955310][T29401] EXT4-fs (loop3): 1 truncate cleaned up
[ 3446.961192][T29401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3446.975899][T29401] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 3447.022057][T29429] loop1: detected capacity change from 0 to 512
[ 3447.029952][T29429] EXT4-fs: Ignoring removed nobh option
[ 3447.035664][T29429] EXT4-fs: Ignoring removed mblk_io_submit option
[ 3447.042137][T29429] EXT4-fs: Ignoring removed nobh option
19:07:34 executing program 3:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs289rHFUcAPDvzCatttbEWn+0Vl2tYvBH0qRVe/CiKHhQEPRQjzFJS+y20SaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1J1s1uzI9NtzqfDwx5b+dt3vvOm7f75s1sAKVVjYihiLgtIn7N00l7gWrzz/Xlxak/lxenkqjXX/8jaZS7trw4VRQt3rc3z4ykEeknSds/bJq/cPHMZK02cz7Pjy2cfWds/sLFp2bPTp6eOT1zbuLEiePHxp99ZuLpnsSZxXXt0Adzhw++/OblV6dOXn7rx6+TPO5oi6NXqlHtFHrDo72urM/2taSTgT42hE2pRETWXYON8T8UlVjtvKF46eO+Ng7YUfV6vb67++6lOvA/lkS/WwD0R/FFn13/FtsNmnrcFK4+37wAyuK+nm/NPQOR5mUG265ve6kaESeX/voi22KH1iEAAFp9m81/nuw0/0vj7pZyt+f3UIYj4o6I2B8Rd0bEgYi4K6JR9p6IuHeT9Vfb8mvnP+mVLQW2Qdn877n83tY/53/F7C+GK3luXyP+weTUbG3maH5MRmJwd5YfX6eO71785bNu+1rnf9mW1V/MBfN2XBloW6CbnlyY3E7Mra5+FHFooFP8ycqdgCQiDkbEoS3WMfv4V4e77fv3+NeRvLvFFq2qfxnxWLP/l6It/pVq1r8/OXZL1GaOjhVnxVo//XzptW71byv+Hsj6f0/H838l/uGk9X7t/ObruPTbp12vabZ6/u9K3mikd+WvvT+5sHB+PGJX8sra1ydW31vki/JZ/CNHOo///bF6JO6LiOwkvj8iHoiIB/O2PxQRD0fEkXXi/+GFR97eevw7K4t/elP9v/lE5cz333Srf2P9f7yRGslf2cjn30YbuJ1jBwAAAP8VaeMZ+CQdXUmn6eho8xn+A7Enrc3NLzxxau69c9PNZ+WHYzAtVrqGWtZDx/O14SI/0ZY/lq8bf165tZEfnZqrTfc7eCi5vV3Gf+b3Sr9bB+w4v9eC8jL+obyMfygv4x/Ky/iH8uo0/j/sQzuAG8/3P5SX8Q/lZfxDeRn/UErb+V2/RJkTkd4UzZDYoUS/P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+8AAAD//8LV5uM=")
[ 3447.065646][T29429] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor.1: Allocating blocks 36-37 which overlap fs metadata
[ 3447.086463][T29429] EXT4-fs (loop1): 1 truncate cleaned up
[ 3447.087345][T29432] loop3: detected capacity change from 0 to 512
[ 3447.092189][T29429] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3447.100343][T29432] EXT4-fs: Ignoring removed nobh option
[ 3447.116218][T29432] EXT4-fs: Ignoring removed mblk_io_submit option
19:07:34 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c) (async)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c) (async)
listen(r3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0) (async)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c) (async)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r6, &(0x7f0000000100)}, 0x20) (async)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r4, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000600)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8571b68a04d9a3f77257d33bdac3a22573", @ANYRES16=r6, @ANYBLOB="00c62bbd7000fddbdf257a000000ec00030300b8afbd0de9", @ANYRES32=0x0, @ANYBLOB="0df6940099003b92000031000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYRES64], &(0x7f00000000c0)='GPL\x00', 0xfffffff7, 0x9f, &(0x7f0000000980)=""/159, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES8=r5, @ANYRES32=0x0, @ANYBLOB="ffd50000000004006ce0836ee907000000fa04000280000000dfd9328273abb3014a488bb098317f65890c54f764bfcb16ecb9925c5d68ecc53ff9136b235a799bab29e6c18b2ee9913c57ae0ce1f5c828f5d20d", @ANYRES32=r8, @ANYRESOCT=r7, @ANYRESDEC=r2, @ANYRESOCT, @ANYRES64=r7, @ANYRES32=r1], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) (async)
r9 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0) (async)
mq_timedreceive(r9, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
clock_gettime(0x5, &(0x7f0000000800)) (async)
ioctl$FS_IOC_SETVERSION(r9, 0x40047602, &(0x7f0000000000)=0xe93) (async)
mq_timedreceive(r9, &(0x7f0000000780)=""/126, 0x7e, 0x8, 0x0)
fallocate(r9, 0x30, 0x9, 0x10000)
socket(0x10, 0x80002, 0x0)
19:07:34 executing program 5:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f00000000c0))
dup(0xffffffffffffffff) (async)
r2 = dup(0xffffffffffffffff)
renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', r2, &(0x7f0000000380)='./file0\x00', 0x90729aeae511d3f4)
syz_io_uring_setup(0x313c, &(0x7f0000000280)={0x0, 0xa996, 0x10, 0x0, 0x52, 0x0, r2}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00001ae000/0x1000)=nil, &(0x7f0000000300), &(0x7f0000000340))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080), 0x100) (async)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080), 0x100)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0) (async)
mq_timedreceive(r3, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
[ 3447.122766][T29432] EXT4-fs: Ignoring removed nobh option
[ 3447.130855][T29429] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:34 executing program 1:
open(&(0x7f0000000040)='./file0\x00', 0x161842, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000001300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@noblock_validity}, {@nobh}, {@mblk_io_submit}, {@nobh}]}, 0xff, 0x421, &(0x7f0000000900)="$eJzs281vG0UbAPBn10n6vi0hoZSPhgKBgoj4SJq0QA9cQCBxAAkJDuUYkrQKdRvUBIlWEQSEyhFV4o44IvEXcIILAk5IXOGOKlUolxZORmvvJsaxQz6curC/n7TKjHecmcezY8/O2AGU1mhEDEXEbRHxS55OWgsMNv7cWF2e+WN1eSaJWu3135N6ueuryzNF0eJ5B/LMWBqRfpy0/MOGxYuXzk5Xq3MX8vzE0rl3JhYvXnpq/tz0mbkzc+enTp48cXzy2Wemnu5KnFlc10feXzhy+OU3r7w6c+rKWz98leRxR0sc3TIao+1Cr3u025X12GBTOunrYUPYlkpEZN3VXx//Q1GJ9c4bipc+6mnjgD1Vq9Vq+zqfXqkB/2FJ9LoFQG8UH/TZ/W9x3KSpxy3h2vONG6As7hv50TjTFyfyMv0t97fdNBoRp1b+/Dw7Yo/WIQAAmn2TzX+ebDf/S+PupnK353sowxFxR0QcjIg7I+JQRNwVUS97T0Tcu836R1vyG+c/6dUdBbZF2fzvuXxv6+/zv7QoMlzJc4P1+PuT0/PVuWP5azIW/fuy/OQmdXz74s+fdjrXPP/Ljqz+Yi6Yt+NqX8sC3ez00vRuYm527cOIkb528SdrOwFJRByOiJEd1jH/+JdHOp375/g30YV9ptoXEY81+n8lWuIvJJvvT078L6pzxyaKq2KjH3+6/Fqn+ncVfxdk/b+/7fW/Fv9w0rxfu7j9Oi7/+knHe5qdXv8DyRv19ED+2HvTS0sXJiMGklc2Pj61/twiX5TP4h872n78H4z1V+K+iMgu4vsj4oGIeDBv+0MR8XBEHN0k/u9feOTtnce/t7L4Z7fV/9tPVM5+93Wn+rfW/4078bH8ka28/221gbt57QAAAODfIq1/Bz5Jx9fSaTo+3vgO/6HYn1YXFpeeOL3w7vnZxnflh6M/LVa6hprWQyfzteEiP9WSP56vG39W+X89Pz6zUJ3tdfBQcgc6jP/Mb5Vetw7Yc36vBeVl/EN5Gf9QXsY/lJfxD+XVbvx/0IN2ADefz38oL+Mfysv4h/Iy/qGUdvO7fokyJyK9JZohsUeJXr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMdfAQAA///x1eaU")
[ 3447.172383][T29432] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor.3: Allocating blocks 36-37 which overlap fs metadata
[ 3447.188094][T29432] EXT4-fs (loop3): 1 truncate cleaned up
[ 3447.193834][T29432] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 3447.206727][T29432] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
19:07:34 executing program 2:
r0 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000/0x13000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000040), &(0x7f00000000c0))
io_uring_enter(r0, 0x40b3, 0x0, 0x0, &(0x7f0000000000)={[0x1211]}, 0x8)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200c0004, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r5, &(0x7f0000000000), &(0x7f0000000700)=@buf="bc", 0x1}, 0x1c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r3, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000002a00)=ANY=[@ANYBLOB="0016078098b30607ccf54f5c1e450023e7fd5e57d275eaecc42d9dc4cf83d83d7878900039d3e7e56356b40f252c2aa881ef63a8432bf3497334be21f0d83d322f16162532295e5c1801dcdab3e5a98d7ceb8579b68a04d9a3f77257d33bdac3a22573", @ANYRES32, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYBLOB="e81951e05151c3dbce18bc58d1770627182b23f61e3f7f3ff43f13bae295622cfcdca3bc3721a233bf2b0e41fd31aee4971b3bcfabbac5b9bf45d9db39244eb74480c12f80d25faaf09bb802dc1ac4ce254588f11d092a45e544954f8c4eaf6d0c4ee16d7dca47e0bf6bc9656211436d22b1a4f1d2dd1e53814e64ce7840a65ad5f0a892b577be0c69c1b2aa8a5270145117ba750958a71779a851da6c2191a520f8003e3237c17c8f32ebd9328d2c1d2da0e987ba2f1bec579125f97c5cb1cf3c083fbc5ec878155ce9349275f4517ea211ba9df904bd599a69ea08e2763fea8bfab3297fb0cd6ac44e555b6429f11024ec11c7ccd5e98dd82912605edd269c1868fcb838d9d89090ab2808ddda2c721b4fa3d98ffc631ad8f0dc439f8b3d7e6cf03bd4fcacc94bacfdfe3d7c974e9df037f2d04c7fc7e1e14f9f4b6b61f6a4e9a5cc35a53a7268b0c92a55797248c8f066196625c1afc55a91014a50f7d8d69f112a845a4a097d93550477bed3495258214889adaa6c6db52546b5b19d86afa0c330c56603166ed89dab4bd7ac6b0ca037abe6a28af6c24e285b950a60b66183acec59fd8d18faabe7b5cc1573b1bdcd6950423c9c11f6430f0f123c2713a80ea55d264cad4b16458e3b39f02f2dc53a14af32b0ae892b792a269ee0716845b57f48fbfa6a18d4061ca8622c2d5bce4e61ff2537b6df50440378cf9390f0cce2f8436e1fec32ca0da9a5ea1472dee6f010ee52cc53d1fd44a2392004e8e75f6afc22e9bf70e2dbca60c03d3faa241bacb1a80f2dddfec10a0ad3ff9b5c1cedcbc8c6fef755c06130cd3a806b4c758529fedad52a81ae2d4b1fd1190d4b4431e241466bb8e99d7ede17e9d3c2561ef102c30849c3da89febca70fe70c20ff462ffbdd80ab50dd2b98c46643e660821ecbdb92dc7f2cbdd5b4b278e5702663af8d62672cb90134e65d062b38afce2edba60b9e0a6328d3fe3e4137411ac4e0bd0cafd6ce0d847dd1620d7471247f95355ab29630036a01cc64a95db37a968902b5e2a664a96ebaf2ec2cd4b0f05085ba5d70f45154a282917d57f71484bed37cc74f9f325df8336f8230ddab5dbfad1e6ccb80fe9e3ad98a5b33a32146c5411bee30cc4c1b44682de77934af1555668a70249a1bee7cc97d45b568a2b37f95af155fdb28bffa48c30f606637288c6c40d9dc9092d4e0e2988b432e995d91e98ded26b713ae03123fd97327aff33abd5f80861ad6671c04766eba5b895e00d58be23d9804f58d2536fbbae48c7e5bbdef7d22cc2aff7332bf7b3710d1a5dd056bc397113816f1946d9fdf07f157b8ee5315a7c98dee69c78f775f517c2f88a5cdedd190f8556da5675343b8f514641738df553984787af133f6a8c3260fab2f35f98b78fd3419d9d96a0ff43460e5a22a3a61c949ee9f31091b48c1de10a6b2096749caf2df6c9d2e7932230d88357ca0e51792dccf6fef767f91421ad27068bcc3caf1ccabe9501e18976c9351748b7c2f9e627cfba470e2570d1715207d9b1c09b92094860651cf9aed1895d00f4de411158512df9f4a8cc68830fac718584f391d4baf7e07aaef42302d420c3c78d99ddb7883667f0157e113942c97db99275ba36fda464af7ced62ef79a34831c813c8a4dc5e2f44e3041ceb97fe89b4888b84320c37fbfd5628cb6b77b1d1a622f6a9e6c3cb9c51fdf8d70f8153d9ce9d0955c1281768be7a5a7613214d24e79a891f51a53d3df6b620e632ac51614ab4734bdd5e4d456a68af85cecaa8791c9fb108c68f829f1ef8e8be2f5655ac394308ca18d824b23858f0f468170ad3f82591505542d1bb26bdc6fb0733ed269f3884fbce59f614c405184f303679a67a6c36f59fbf537acb5b5c7754be72ada76415ed6020bebb6965c0e2bbe0865a538f88cfe0b74370898ce2791029c53a38c1433b047e20a120fcdbca3338dba7537c51ab91be9ea57910622e55274084d576709692893c8ceace8d016c2aa82fe660a4cf5bf5e5610c73c843ed1ab19c93332e118b30dc02ab75e90a806e20c55db226549d6f5a4625860a5ba50150d06a7505622b11b3fcc04f953b420ec4ffafb6a56af32799e7a01555f02ea9115a8d95be629fa10e1f815661cf3f0a920d304296900e8d557061521c1082d91878cfd8c9322c47eeabd5e8e6e92d44c1e4917aad7552e7beb12b3fdef61c2b0f9520c702aa5fea99ac019bf1f27a688a3e9a2d3de89405e1a538036f9471a1212c99ca04ee7572f0e11861fc5bca9abcdcd05b0a2281ff1ab1dbfb2a5cf0acfaf18afa04256f0eae1d53711004b9e8bd1d044712cc58d1651f9888e5fffbd06fe2231fa900c86c7d23b75aa9e8f79a3e894ca87056ce6243838b104f6e82ce3281e1a70c36c8a4565a7e0612a9cd4a1bb67ad4447672a92ac0bb77de7c0a2cefa65a41540b1f854fc4f519b91d3fd5c5186e0442bcea5189b4023e60de8e1b7c8e922570ec68a78c39549d784569d1e15312a16e633efdc042f295735d672d944695cbc6c8ac468952d69a2d879844baceabc672a005e7e440a9debff67a811e80819ac06e9d7a507d3b75a5e217695ff73fb9e6544f9d188052228224aedbc9d4e31d690b46d14b4c0dd7892e6f1a1a3dbc5ad2cb7df8020fda01102ba22046e61fd925230aa6a1431accff82640b70e3271c4a597830b9d4cb1a6c2748971f4c558942d1265ee63924b0c826266576ea4e6a0548b01bd7488f13d1fe977a37e5ed6295d0778d1dacf95bf30b5f092896017a76ecee0c24efd7607f32d382744477ce0f58f4934a4bcd873211a4e5c43322abfce5b9ae3ac8e567480e34706a9a9edeaae54626ee74729f4fdcf9263b62ef36e4dcd25e0898bd2cd165502b7e748630c2f9a41af07bb8ebaff3cb87e2e208cc105437f68caee8d0f5d288f9152533a1289dc1b9d4b4903f0a01f53f70ce472705c3862751f0828165d49b38b3ed9cfe1c76054daca9e6c3f1b13f30d90a1779bd7798ac51bc9e29f80c078782ea06858cff135c93d7f8c0ea4d706404d860bd4e781ab967dc72e9b31bbd7390a1ba29b6aa4411eccb60bd1ce69fc2d5b9798371d6d707f41e3c845549c7578210b443488abba10cffaa8b6f9c9944470830f78517df823ef9a813a8e3a849faa380059fd5fb9c197850f765292b80af788b8a8a582a59b2e2d4a3873df214c7f752cbacb55236c1f2238f404fa872f9a7330f25694789aa6984c20dc29b2ba81d09fb7dbd8138a8869edfd6aeaf7bd1e958daa73592cedbabe39757ba20ab3e3d335cc73fe977cb81c8a1fe25a84e118329866e12ff4b6de6f3010d981d71be12f3c8037e6b1260b69e0ad6dfa67c8bc68f0b515b63c580af3f6a2168eec3777ec5ee4259be120f2856cba19040b2463eb0893582e6f7ad4da6a8b754ce9ef48673212bdbf26b26934228dbda750d7ad05b908df6375c923efdf2e1bbb259a7b8c6e29eb8a8224401f5b5b2b453e1953e7b971ec682bdb0d6f0bab701bcd03a66d1562a9fce80d549b6a7961cff292d21bfda6f1816b560e492cd1eadc03adcf501de6ba0a71092e793acc9bd9378ff165168146cd1397f5105f58dd7b9d058e709d8dface6653693b577dd5cdbb3b1b98770d86bc9b6187fe70e02aa3123b059b758239bd8ed1a993325b90c9ff4de50e9303280de2440a0e900b0329612e8a051c47ba439ddcfe08632de06ce48d4ad49e894e5cc73ab2dd37f7026fb24f1120741f4f5666441498adf5dece0d1b5703ae6427a504ab0e8094c9e2a8965d789dfd926f74cbbac3d7cb0babc944f6d4bbd78f4b1f3546bb924a7fd671328eb07ce78068343e3f68902ffa410ec9b53bf32745a275509eee22bedc1ba3be6cbabc3f89622131695a9a7eb082775c1b89b141fde3549265d483379b343809fdad74b7674a329f380d1a1bfa3ae7095e4468873a542a8ab3ecf6be8e681052599a369a9e2c01dde2929dc7592171c00e899ee9ee0bf2f155eeeb76e6b75a6c66741cf2756d3f7e33e79775c273e3ad0ac4be431b05df59bcfff4cba53ab1167ec312c95e584b7a0267420295058a59fba2baf772dc33de44744b2840579326665ee98c796261e64fa39fdaa1e1f92dd1e49ecbe7787c4421024e0e2898e882f0ef8cd02162bf21bdc799a07623678aae8f1004dec2642aaa29f4e8a58c82e52525103c0e76fc4640af9c40b87a3e39eff7a131fc37a58d48335e3245882e4640a299d84de1839543235addd7e026c72158c34f97b7d29c0644c525f3fc6c67a582bcc4ffbd0a07fc99f610f5428510b602677c97cbc0fcc327ec4836b5608185eab39173c5d64fcad24851ead3a62aa64053a7860658dceb529e483875ef75667b9f0092eaf3ff46f15864d7b5aaec3f8171c2e3f6d8958c7c1368609e76907d5be1a4fd2677e9873639c0667f714107e3d9930f2c6ce36f12c79ae011a290e86c3f48f24143874880cbc8fe0d13cf42fed6f71335fdc36e4e14800544f435336c5a2005a4074deeb434a99ef2973667ff8290f82e45042bcb58a4a3a0849514b4ac58bf22604029b28d22c811711030fac39a8b6a3d37f81ee69342272c8e4a106cc081539de9a1e0e1541014954a9d4450fd00f3e62fa4c4b724bf8077843fbf5555be0c828c60dd10d1d1bd40623b61594b0f1ff250c38fe476e7667514c032eae7e5cb0900645357e68a457e16bd7812f833e815753eec91246c8d9213e4627fdc0aa838c23785d04ecbb0d20afe18bd9de3e77d58d4c929f39910bfa79ab339d90d169611a2a6980ea347a8d4d5e5e31cf928b12bd67df5c82977d1cadc3e7d78c011094e750dda20bc52d1b11a86562d53e532987533f6b280587a79435ef14b6552b330aa05c3d7f3e8f2fffaf1af7626e4fdc34de280dae3500815f97ac8e0e943a9476b6eceeea92ef98037cfac1f34f201a4b574dbcd795c37d86e19863dfcec518dda97f988753c55fe73e8db5439fd97bfebf0ee09ecf89686392a147160bf14a3f63d642e48260a261450c3341823362db654c6b55d54a265874c9d68c10c6533ff5fcf9cf0269f650c6264e61f8a595134c2859c6fb98bbfb8575160dab77e599899ca69059355b36ba7b11793dc443e06fdabc44a3717778cbadcbd5aedef79f2cbda1e361f2075aa0230d0a5ce1259398fefcec304c92dbf887756e1d0787bfe1ecfdf9ccfa1770a2fe6047e19edf4a013551296abc7372db986e91747e5798acd98ce672a45b9fbb521d4423ee840adbe6e23766979705adc96ad9d9dce85fa86a2e75a55910ff9d30dd80d5526185a3208afff4cbee2ed76189e60777a4a24803cdada8c2b7ad644119972f9b0bfdcef18ffcc6a72886ace09e0f8404b857420998dfc832efe86bbbb0da0a5c4406f4fe108ceccbc1fdac0a98256786460e043768fc6cf64d2604be628d3ff435d52e6f312c41db5ea757823e63abd73fa32151695b10503290309555153c0e6231d50bd8ae97c189573c1fd70231669a41c16ce7c818b9a53d8e606ebdc4d3eb208d641c284ac34e1a794e9159caecf76ad90767914421a87a6d281ab3ff645b6688f433c6d2ee386d98a0cf0acb7db257a716121c368b6c54feb566ad1949fb942b3c132df26d2e06c348f2febd94f8be645cc116b1e3e4e553df88fd64ec9a402ef4fcb5e2b1f6d4d774bcdea16a49c253453c401d1fdd96844a36c839310ef7e1b33bc3254056fd8c79076ec262a5ac5a0c60be7bf696d7a1a4530c5f6049868f4fb7ddd049928784f9ca451", @ANYRES32=0x0], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRES64=r3, @ANYRES8, @ANYRES64], &(0x7f00000002c0)='syzkaller\x00', 0xfffffff7, 0x9e, &(0x7f0000001880)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="20080000f6000000000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="ff7f0000f800000000140012800afe58d5c700010076786cd5e36831dbd2d4575d571f5d", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r7 = mq_open(&(0