EXT4-fs (loop0): orphan cleanup on readonly fs
EXT4-fs error (device loop0): ext4_free_blocks:4893: comm syz-executor105: Freeing blocks in system zone - Block = 16, count = 16
EXT4-fs (loop0): Remounting filesystem read-only
------------[ cut here ]------------
kernel BUG at fs/ext4/ext4.h:2849!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 7979 Comm: syz-executor105 Not tainted 4.14.286-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
task: ffff88809d9661c0 task.stack: ffff88809eb08000
RIP: 0010:ext4_get_group_info fs/ext4/ext4.h:2849 [inline]
RIP: 0010:ext4_free_blocks+0x1b26/0x2340 fs/ext4/mballoc.c:4860
RSP: 0018:ffff88809eb0f3d0 EFLAGS: 00010297
RAX: ffff88809d9661c0 RBX: 00000000ffffffff RCX: 0000000000000004
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880b312cb40
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000004
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004
R13: ffff8880b312cb00 R14: dffffc0000000000 R15: ffff88809597e400
FS:  0000555555c03300(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000558a02f91160 CR3: 00000000b2e57000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 ext4_clear_blocks+0x2b0/0x780 fs/ext4/indirect.c:877
 ext4_free_data+0x12d/0x340 fs/ext4/indirect.c:950
 ext4_ind_truncate+0x5d3/0x860 fs/ext4/indirect.c:1141
 ext4_truncate+0x673/0x1190 fs/ext4/inode.c:4500
 ext4_evict_inode+0x854/0x1530 fs/ext4/inode.c:304
 evict+0x2c8/0x700 fs/inode.c:555
 iput_final fs/inode.c:1524 [inline]
 iput+0x458/0x7e0 fs/inode.c:1551
 ext4_quota_enable fs/ext4/super.c:5749 [inline]
 ext4_enable_quotas+0x46a/0x6a0 fs/ext4/super.c:5772
 ext4_orphan_cleanup fs/ext4/super.c:2562 [inline]
 ext4_fill_super+0x7cb4/0xb3c0 fs/ext4/super.c:4474
 mount_bdev+0x2b3/0x360 fs/super.c:1134
 mount_fs+0x92/0x2a0 fs/super.c:1237
 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046
 vfs_kern_mount fs/namespace.c:1036 [inline]
 do_new_mount fs/namespace.c:2572 [inline]
 do_mount+0xe65/0x2a30 fs/namespace.c:2905
 SYSC_mount fs/namespace.c:3121 [inline]
 SyS_mount+0xa8/0x120 fs/namespace.c:3098
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7fa540f474fa
RSP: 002b:00007ffdb6dd2338 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007ffdb6dd2390 RCX: 00007fa540f474fa
RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007ffdb6dd2350
RBP: 00007ffdb6dd2350 R08: 00007ffdb6dd2390 R09: 0000000800000015
R10: 0000000000000081 R11: 0000000000000206 R12: 0000000000000004
R13: 0000000000000003 R14: 0000000000000003 R15: 0000000000000010
Code: 96 ff 48 c7 c2 60 4f 98 87 be 76 13 00 00 48 c7 c7 80 4d 98 87 c6 05 86 5a 34 08 01 e8 62 0e 43 05 e9 9a f7 ff ff e8 4a 78 96 ff <0f> 0b e8 43 78 96 ff 83 fb a1 8b ac 24 d0 00 00 00 0f 84 95 f8 
RIP: ext4_get_group_info fs/ext4/ext4.h:2849 [inline] RSP: ffff88809eb0f3d0
RIP: ext4_free_blocks+0x1b26/0x2340 fs/ext4/mballoc.c:4860 RSP: ffff88809eb0f3d0
---[ end trace e5b3e09c17d1932f ]---