program:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x3)

[  113.045411][ T5307] Bluetooth: hci0: command tx timeout
[  113.149171][ T5330] loop0: detected capacity change from 0 to 64
[  113.258617][ T5331] ------------[ cut here ]------------
[  113.261122][ T5331] !buffer_uptodate(bh)
[  113.261134][ T5331] WARNING: fs/buffer.c:1180 at mark_buffer_dirty+0x299/0x440, CPU#0: syz.0.0/5331
[  113.268186][ T5331] Modules linked in:
[  113.270887][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  113.275028][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  113.279076][ T5331] RIP: 0010:mark_buffer_dirty+0x299/0x440
[  113.281483][ T5331] Code: 4c 89 f7 e8 79 fd d9 ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 60 fb ff e8 6f 32 6e ff eb 8c e8 68 32 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 5a 32 6e ff 90 0f 0b 90 e9 cf fd ff ff
[  113.290121][ T5331] RSP: 0018:ffffc9000e1a7608 EFLAGS: 00010293
[  113.293021][ T5331] RAX: ffffffff82577e18 RBX: ffff88801f40a910 RCX: ffff888012a2c980
[  113.296707][ T5331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  113.300306][ T5331] RBP: ffff888043c3c001 R08: ffff88801f40a917 R09: 1ffff11003e81522
[  113.303824][ T5331] R10: dffffc0000000000 R11: ffffed1003e81523 R12: ffff88801fccd000
[  113.308605][ T5331] R13: ffff88801a87c9f8 R14: ffff88801f40a910 R15: 0000000000000010
[  113.312744][ T5331] FS:  00007f003c5de6c0(0000) GS:ffff88808ca55000(0000) knlGS:0000000000000000
[  113.316715][ T5331] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  113.319698][ T5331] CR2: 0000200000001000 CR3: 0000000012ae0000 CR4: 0000000000352ef0
[  113.324137][ T5331] Call Trace:
[  113.325959][ T5331]  <TASK>
[  113.327292][ T5331]  bfs_get_block+0x5da/0xae0
[  113.329301][ T5331]  __block_write_begin_int+0x6c6/0x1910
[  113.331711][ T5331]  ? __pfx_bfs_get_block+0x10/0x10
[  113.333893][ T5331]  ? __pfx___block_write_begin_int+0x10/0x10
[  113.336671][ T5331]  ? __pfx_bfs_get_block+0x10/0x10
[  113.339796][ T5331]  block_write_begin+0x8d/0x120
[  113.342487][ T5331]  ? bfs_write_begin+0x1e/0xd0
[  113.345294][ T5331]  bfs_write_begin+0x35/0xd0
[  113.347598][ T5331]  generic_perform_write+0x2e2/0x8f0
[  113.350032][ T5331]  ? __pfx_generic_perform_write+0x10/0x10
[  113.352590][ T5331]  ? file_update_time_flags+0x219/0x4a0
[  113.355347][ T5331]  ? __generic_file_write_iter+0xf9/0x230
[  113.358275][ T5331]  ? generic_file_write_iter+0x136/0x680
[  113.360971][ T5331]  generic_file_write_iter+0x14a/0x680
[  113.364004][ T5331]  ? __pfx_generic_file_write_iter+0x10/0x10
[  113.367415][ T5331]  ? add_lock_to_list+0xc7/0x100
[  113.369928][ T5331]  ? lockdep_unlock+0x5d/0xd0
[  113.372095][ T5331]  ? __lock_acquire+0x146e/0x2cf0
[  113.374457][ T5331]  vfs_write+0x61d/0xb90
[  113.376859][ T5331]  ? __pfx_vfs_write+0x10/0x10
[  113.379360][ T5331]  ? __fget_files+0x2a/0x420
[  113.381894][ T5331]  ksys_write+0x150/0x270
[  113.384052][ T5331]  ? __pfx_ksys_write+0x10/0x10
[  113.386471][ T5331]  do_syscall_64+0x14d/0xf80
[  113.388755][ T5331]  ? trace_irq_disable+0x3b/0x150
[  113.391181][ T5331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.395093][ T5331]  ? clear_bhb_loop+0x40/0x90
[  113.398001][ T5331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.400543][ T5331] RIP: 0033:0x7f003b79c799
[  113.402530][ T5331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  113.410503][ T5331] RSP: 002b:00007f003c5ddfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.416045][ T5331] RAX: ffffffffffffffda RBX: 00007f003ba16090 RCX: 00007f003b79c799
[  113.420216][ T5331] RDX: 000000000000fecc RSI: 0000200000000100 RDI: 0000000000000005
[  113.423912][ T5331] RBP: 00007f003b832c99 R08: 0000000000000000 R09: 0000000000000000
[  113.427736][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.431457][ T5331] R13: 00007f003ba16128 R14: 00007f003ba16090 R15: 00007ffe9fc5ed58
[  113.435276][ T5331]  </TASK>
[  113.436786][ T5331] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  113.439723][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  113.442785][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  113.446959][ T5331] Call Trace:
[  113.448277][ T5331]  <TASK>
[  113.449414][ T5331]  vpanic+0x56c/0xa60
[  113.450936][ T5331]  ? __pfx__printk+0x10/0x10
[  113.452683][ T5331]  ? __pfx_vpanic+0x10/0x10
[  113.454381][ T5331]  ? is_bpf_text_address+0x292/0x2b0
[  113.456964][ T5331]  ? is_bpf_text_address+0x26/0x2b0
[  113.459933][ T5331]  panic+0xc5/0xd0
[  113.462169][ T5331]  ? __pfx_panic+0x10/0x10
[  113.464746][ T5331]  __warn+0x315/0x4f0
[  113.467022][ T5331]  ? mark_buffer_dirty+0x299/0x440
[  113.469176][ T5331]  ? mark_buffer_dirty+0x299/0x440
[  113.471110][ T5331]  __report_bug+0x29a/0x540
[  113.472693][ T5331]  ? filemap_get_entry+0xca/0x320
[  113.474335][ T5331]  ? mark_buffer_dirty+0x299/0x440
[  113.476010][ T5331]  ? __pfx___report_bug+0x10/0x10
[  113.477702][ T5331]  ? __pfx_folio_mark_accessed+0x10/0x10
[  113.479549][ T5331]  ? trace_kmem_cache_alloc+0x29/0xf0
[  113.481416][ T5331]  ? mark_buffer_dirty+0x299/0x440
[  113.483241][ T5331]  report_bug+0x16a/0x220
[  113.484770][ T5331]  ? mark_buffer_dirty+0x299/0x440
[  113.486643][ T5331]  ? mark_buffer_dirty+0x29b/0x440
[  113.488753][ T5331]  handle_bug+0x9c/0x200
[  113.491080][ T5331]  exc_invalid_op+0x1a/0x50
[  113.492869][ T5331]  asm_exc_invalid_op+0x1a/0x20
[  113.494641][ T5331] RIP: 0010:mark_buffer_dirty+0x299/0x440
[  113.496897][ T5331] Code: 4c 89 f7 e8 79 fd d9 ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 60 fb ff e8 6f 32 6e ff eb 8c e8 68 32 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 5a 32 6e ff 90 0f 0b 90 e9 cf fd ff ff
[  113.506403][ T5331] RSP: 0018:ffffc9000e1a7608 EFLAGS: 00010293
[  113.509029][ T5331] RAX: ffffffff82577e18 RBX: ffff88801f40a910 RCX: ffff888012a2c980
[  113.512229][ T5331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  113.515898][ T5331] RBP: ffff888043c3c001 R08: ffff88801f40a917 R09: 1ffff11003e81522
[  113.519393][ T5331] R10: dffffc0000000000 R11: ffffed1003e81523 R12: ffff88801fccd000
[  113.522650][ T5331] R13: ffff88801a87c9f8 R14: ffff88801f40a910 R15: 0000000000000010
[  113.526950][ T5331]  ? mark_buffer_dirty+0x298/0x440
[  113.530779][ T5331]  ? mark_buffer_dirty+0x298/0x440
[  113.533903][ T5331]  bfs_get_block+0x5da/0xae0
[  113.536447][ T5331]  __block_write_begin_int+0x6c6/0x1910
[  113.539521][ T5331]  ? __pfx_bfs_get_block+0x10/0x10
[  113.542564][ T5331]  ? __pfx___block_write_begin_int+0x10/0x10
[  113.545730][ T5331]  ? __pfx_bfs_get_block+0x10/0x10
[  113.548089][ T5331]  block_write_begin+0x8d/0x120
[  113.550679][ T5331]  ? bfs_write_begin+0x1e/0xd0
[  113.553358][ T5331]  bfs_write_begin+0x35/0xd0
[  113.556945][ T5331]  generic_perform_write+0x2e2/0x8f0
[  113.560947][ T5331]  ? __pfx_generic_perform_write+0x10/0x10
[  113.564031][ T5331]  ? file_update_time_flags+0x219/0x4a0
[  113.566512][ T5331]  ? __generic_file_write_iter+0xf9/0x230
[  113.569102][ T5331]  ? generic_file_write_iter+0x136/0x680
[  113.571958][ T5331]  generic_file_write_iter+0x14a/0x680
[  113.574659][ T5331]  ? __pfx_generic_file_write_iter+0x10/0x10
[  113.577476][ T5331]  ? add_lock_to_list+0xc7/0x100
[  113.580198][ T5331]  ? lockdep_unlock+0x5d/0xd0
[  113.582648][ T5331]  ? __lock_acquire+0x146e/0x2cf0
[  113.584846][ T5331]  vfs_write+0x61d/0xb90
[  113.586534][ T5331]  ? __pfx_vfs_write+0x10/0x10
[  113.588606][ T5331]  ? __fget_files+0x2a/0x420
[  113.590761][ T5331]  ksys_write+0x150/0x270
[  113.592629][ T5331]  ? __pfx_ksys_write+0x10/0x10
[  113.594793][ T5331]  do_syscall_64+0x14d/0xf80
[  113.596504][ T5331]  ? trace_irq_disable+0x3b/0x150
[  113.598252][ T5331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.601238][ T5331]  ? clear_bhb_loop+0x40/0x90
[  113.604540][ T5331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.607965][ T5331] RIP: 0033:0x7f003b79c799
[  113.610116][ T5331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  113.617724][ T5331] RSP: 002b:00007f003c5ddfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.620799][ T5331] RAX: ffffffffffffffda RBX: 00007f003ba16090 RCX: 00007f003b79c799
[  113.624203][ T5331] RDX: 000000000000fecc RSI: 0000200000000100 RDI: 0000000000000005
[  113.627212][ T5331] RBP: 00007f003b832c99 R08: 0000000000000000 R09: 0000000000000000
[  113.630075][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.632996][ T5331] R13: 00007f003ba16128 R14: 00007f003ba16090 R15: 00007ffe9fc5ed58
[  113.636308][ T5331]  </TASK>
[  113.638277][ T5331] Kernel Offset: disabled
[  113.640538][ T5331] Rebooting in 86400 seconds..