program:
r0 = syz_ublk_setup_io_uring(0x195f, &(0x7f0000000140)={0x0, 0xecba, 0x2000, 0x3, 0x37}, &(0x7f00000001c0), &(0x7f0000000280), &(0x7f00000002c0))
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000300), 0x201, 0x0)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r0, 0x1e, &(0x7f0000000340)={r1}, 0x1)
r2 = syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f00000008c0), 0xfecc)
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(r0, 0x4048587b, &(0x7f0000000bc0)={{<r4=>r3, &(0x7f0000000380)=',\x00', 0x484082, &(0x7f00000003c0)={@_ha_fsid={[0x3, 0x8001]}, {0x4, 0x23a, 0x7, 0x1}}, 0x1, &(0x7f0000000400), &(0x7f0000000440)=0x8}, 0x7, &(0x7f0000000ac0)=[{0x3, 0xd, &(0x7f0000000480)='#\x00', &(0x7f00000004c0)="bdf69f15593d7c66fe361348401a06f5d3410ca0e375410169b09148af68e1062f6767c48321c312ff3ff7297f37a4315d6a4f70a73d77f40d9e041932095620bb46ce2fe66bd18d7e3d52e5dde15e33680d2203867bb4a0cccff2484180005acbd5c8233c541a7fe5ce4604fbf3580c7fb2edc048f97bd4badd1faa96c13a8efa76b7135360ecc7f503f6171278f466", 0x90, 0x2a}, {0x2, 0x6, &(0x7f0000000580)='rdma.current\x00', &(0x7f00000005c0)="298802c92caf71102bf1c06cf8879496adee138e7730c95f8fb10c8b08ffda0197f32c9ebaa3cf63c7c11152a9fd397a17f279dea5c1a505905c5dbb5a570388a921f15ba087b2426e8ad63fbfadaf18f2afafc2886eefa72599320583fa7d34084975bce2b4b56a844139c567bb67484ab528c3de234e87daa4fbee26f380b174b7110e61b628c7670e5296d701bfc8dbbea0b991cef3b726fdcea9063712b447b8a91d04aa9e55dc5d838ad084155e77ca2b7a6e8f16ab500cf709ac79ff6e39", 0xc1, 0x8}, {0x2, 0x7, &(0x7f00000006c0)='\x00', &(0x7f0000000700)="aadc8c5287ee118d3c8124c982e603074158a8e63c704231aa418ebacf53121d2159950622a8a6486fb7193942c1c13db6d79194fc0abe979224846fb8e98df891f495bc2be722faa415af54c8f43e9bdc", 0x51, 0x18}, {0x1, 0x6, &(0x7f0000000780)='\x00', &(0x7f00000007c0)="8c599622594d689b16088757e462db789ce71ddf3f59807e7b51887f0be9112657e43fa4ca70bec478ca133d2d1fa425732a4bcd41b525e4fd121d701935636b5c452026229b4ff1f90b9e7b0e50ff5e11671fef7d1f03f313aeb1953ca2ee1795d06a96f3240f6143fab6180951920cea67d222bd344504", 0x78, 0x8}, {0x3, 0x1, &(0x7f0000000840)='\x00', &(0x7f0000000880)="1a520458acb9bc89515be1e17469a1076aa1bb474ac25252e2807ff8eb651456c151190447948d15a66f8b7ae93e2cd13727c37974baad94", 0x38, 0x2a}, {0x1, 0xfffff691, &(0x7f0000000900)=',\x00', &(0x7f0000000940)="9b7bb9d9ed1090e6c442a53ad6eae2c26af5af2fb8d499a3acc785dbc5b7cb03acc506c9d98e17ae2e3359c6c08e0684867b579319e8ec", 0x37}, {0x2, 0xc, &(0x7f0000000980)='#! ', &(0x7f00000009c0)="924f6cd33a785ed253f0fbdc9dbcd1b0b17c2926cfd9a85182b7b6edd4e0f675bd054259a13a8ec9d09fcc43809fad5c1a6bbf23782641f54eb43563d8ab2dc457557d1aaee5d4be23cb69a6c02febc5116d624f56c67ebac191fee8c76d5cf4a0fb523b59e8d17c0deb5c69dadefda7a7e37cd10d5698867703be936822559c592a54a1485bb78b1ea524b4084001153d934cb923d233935c317cd57ca0d7f8457d182ce699b719b1d0c3385225569ef72411911f715334b4b423e32bedbf6f9ada4df0471e8581884557462c74ffa174", 0xd1, 0x20}]})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000c40)={0x14})
accept4$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r4, 0x3ba0, &(0x7f0000000e00)={0x48, 0x8, r1, 0x0, 0xc8, 0x5e, &(0x7f0000000d80)="0ca4cfee19a687b7291ae82bad8e5c2129eb0f98931fbd33aeffeb665e7aed6447d1c47829bb64d4156934c1ea40fd3d8413a654971406da19840a7dadce2d3282ccd6f715a196bf7c1ac3af6472aa6a54efe70a6736577acee94b203205", 0x1})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfecc)
ioctl$FS_IOC_SETFSLABEL(r2, 0x41009432, &(0x7f0000000c80)="036c9d6d3048e3af4b65a21e7ac9ec8bab969806daf66001f85883cf54289ca709d6a5d157f6b0a65c174a43374afe7cf8a5bc46d734414de9d184a996f9488b6daa4d88370997c564545eef5d3ba4057caa7bccdf02171e2bd8b93ac02275d6a9dacb87ab666bb9d93d0e0fc6d2f9f11049ac352999fb35573aeb6cc4c048c557bdfa86d4be2e069b4deb7d10b509ee68d7e3dc8f8e65f1387b6b90198fb7493be4c352cc22c890fede12284980f37294dbf43c1e56de2b75b011c27c5acde9328399d74997714a74098cb71b704e44ed98fdb701d211d18baff170ecde2c0083cc6c134175f4e577eaae56884e238d9310e75122307d943cf8ccb0f5c525cb")

[   90.972141][ T5335] loop0: detected capacity change from 0 to 64
[   91.013720][ T4680] Bluetooth: hci0: command tx timeout
[   91.498121][ T5335] ------------[ cut here ]------------
[   91.513113][ T5335] !buffer_uptodate(bh)
[   91.513131][ T5335] WARNING: fs/buffer.c:1087 at mark_buffer_dirty+0x299/0x410, CPU#0: syz.0.0/5335
[   91.532211][ T5335] Modules linked in:
[   91.535349][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   91.540012][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   91.546190][ T5335] RIP: 0010:mark_buffer_dirty+0x299/0x410
[   91.548942][ T5335] Code: 4c 89 f7 e8 69 5e da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 94 63 fb ff e8 0f 95 6d ff eb 8c e8 08 95 6d ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 fa 94 6d ff 90 0f 0b 90 e9 cf fd ff ff
[   91.576623][ T5335] RSP: 0018:ffffc900065d7608 EFLAGS: 00010283
[   91.580059][ T5335] RAX: ffffffff82584be8 RBX: ffff88801aabb1d0 RCX: 0000000000100000
[   91.591571][ T5335] RDX: ffffc90020001000 RSI: 0000000000000763 RDI: 0000000000000764
[   91.614172][ T5335] RBP: ffff888040f54001 R08: ffff88801aabb1d7 R09: 1ffff1100355763a
[   91.620646][ T5335] R10: dffffc0000000000 R11: ffffed100355763b R12: ffff8880502a8400
[   91.625929][ T5335] R13: ffff8880472da488 R14: ffff88801aabb1d0 R15: 000000000000000a
[   91.630525][ T5335] FS:  00007f8b030b06c0(0000) GS:ffff88808c808000(0000) knlGS:0000000000000000
[   91.636448][ T5335] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   91.641138][ T5335] CR2: 0000200000002000 CR3: 000000001f1a3000 CR4: 0000000000352ef0
[   91.647118][ T5335] Call Trace:
[   91.649735][ T5335]  <TASK>
[   91.654743][ T5335]  bfs_get_block+0x5da/0xae0
[   91.659930][ T5335]  __block_write_begin_int+0x6c6/0x1910
[   91.664058][ T5335]  ? __pfx_bfs_get_block+0x10/0x10
[   91.666838][ T5335]  ? __pfx___block_write_begin_int+0x10/0x10
[   91.670891][ T5335]  ? __pfx_bfs_get_block+0x10/0x10
[   91.674435][ T5335]  block_write_begin+0x8d/0x120
[   91.676882][ T5335]  ? bfs_write_begin+0x1e/0xd0
[   91.679360][ T5335]  bfs_write_begin+0x35/0xd0
[   91.684085][ T5335]  generic_perform_write+0x2e2/0x8f0
[   91.687545][ T5335]  ? __pfx_generic_perform_write+0x10/0x10
[   91.691065][ T5335]  ? file_update_time_flags+0x219/0x4a0
[   91.694697][ T5335]  ? __generic_file_write_iter+0xf9/0x230
[   91.699081][ T5335]  ? generic_file_write_iter+0x136/0x680
[   91.704733][ T5335]  generic_file_write_iter+0x14a/0x680
[   91.707229][ T5335]  ? add_lock_to_list+0xc7/0x100
[   91.709590][ T5335]  ? __pfx_generic_file_write_iter+0x10/0x10
[   91.713526][ T5335]  ? lockdep_unlock+0x5d/0xd0
[   91.718742][ T5335]  ? __lock_acquire+0x146e/0x2cf0
[   91.724095][ T5335]  ? __pfx_aa_file_perm+0x10/0x10
[   91.730859][ T5335]  ? vfs_write+0x227/0xb90
[   91.735913][ T5335]  ? vfs_write+0x227/0xb90
[   91.739794][ T5335]  vfs_write+0x61d/0xb90
[   91.744896][ T5335]  ? __pfx_vfs_write+0x10/0x10
[   91.749299][ T5335]  ? __fget_files+0x2a/0x420
[   91.753382][ T5335]  ksys_write+0x150/0x270
[   91.756455][ T5335]  ? __pfx_ksys_write+0x10/0x10
[   91.758811][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.763464][ T5335]  do_syscall_64+0x15f/0xf80
[   91.767236][ T5335]  ? trace_irq_disable+0x3b/0x140
[   91.770294][ T5335]  ? clear_bhb_loop+0x40/0x90
[   91.774110][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.780212][ T5335] RIP: 0033:0x7f8b0219cdd9
[   91.784442][ T5335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   91.804740][ T5335] RSP: 002b:00007f8b030affe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   91.808797][ T5335] RAX: ffffffffffffffda RBX: 00007f8b02415fa0 RCX: 00007f8b0219cdd9
[   91.823041][ T5335] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000004
[   91.826469][ T5335] RBP: 00007f8b02232d69 R08: 0000000000000000 R09: 0000000000000000
[   91.830631][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.847160][ T5335] R13: 00007f8b02416038 R14: 00007f8b02415fa0 R15: 00007ffe6a347ec8
[   91.863235][ T5335]  </TASK>
[   91.864993][ T5335] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   91.868580][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   91.873978][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   91.878488][ T5335] Call Trace:
[   91.881701][ T5335]  <TASK>
[   91.885635][ T5335]  vpanic+0x56c/0xa60
[   91.893936][ T5335]  ? __pfx__printk+0x10/0x10
[   91.899285][ T5335]  ? __pfx_vpanic+0x10/0x10
[   91.904673][ T5335]  ? is_bpf_text_address+0x292/0x2b0
[   91.912079][ T5335]  ? is_bpf_text_address+0x26/0x2b0
[   91.921171][ T5335]  panic+0xc5/0xd0
[   91.926437][ T5335]  ? __pfx_panic+0x10/0x10
[   91.932824][ T5335]  __warn+0x315/0x4c0
[   91.936362][ T5335]  ? mark_buffer_dirty+0x299/0x410
[   91.941439][ T5335]  ? mark_buffer_dirty+0x299/0x410
[   91.947208][ T5335]  __report_bug+0x29a/0x540
[   91.953136][ T5335]  ? filemap_get_entry+0xcd/0x3f0
[   91.958526][ T5335]  ? filemap_get_entry+0xcd/0x3f0
[   91.973333][ T5335]  ? mark_buffer_dirty+0x299/0x410
[   91.978089][ T5335]  ? __pfx___report_bug+0x10/0x10
[   91.983376][ T5335]  ? __pfx_folio_mark_accessed+0x10/0x10
[   91.985891][ T5335]  ? mark_buffer_dirty+0x299/0x410
[   91.988210][ T5335]  report_bug+0x16a/0x220
[   91.990341][ T5335]  ? mark_buffer_dirty+0x299/0x410
[   91.992983][ T5335]  ? mark_buffer_dirty+0x29b/0x410
[   91.995364][ T5335]  handle_bug+0x9c/0x200
[   91.998971][ T5335]  exc_invalid_op+0x1a/0x50
[   92.003527][ T5335]  asm_exc_invalid_op+0x1a/0x20
[   92.007345][ T5335] RIP: 0010:mark_buffer_dirty+0x299/0x410
[   92.017601][ T5335] Code: 4c 89 f7 e8 69 5e da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 94 63 fb ff e8 0f 95 6d ff eb 8c e8 08 95 6d ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 fa 94 6d ff 90 0f 0b 90 e9 cf fd ff ff
[   92.047199][ T5335] RSP: 0018:ffffc900065d7608 EFLAGS: 00010283
[   92.050095][ T5335] RAX: ffffffff82584be8 RBX: ffff88801aabb1d0 RCX: 0000000000100000
[   92.088826][ T5335] RDX: ffffc90020001000 RSI: 0000000000000763 RDI: 0000000000000764
[   92.093083][ T5335] RBP: ffff888040f54001 R08: ffff88801aabb1d7 R09: 1ffff1100355763a
[   92.096801][ T5335] R10: dffffc0000000000 R11: ffffed100355763b R12: ffff8880502a8400
[   92.120607][ T5335] R13: ffff8880472da488 R14: ffff88801aabb1d0 R15: 000000000000000a
[   92.124760][ T5335]  ? mark_buffer_dirty+0x298/0x410
[   92.127654][ T5335]  ? mark_buffer_dirty+0x298/0x410
[   92.130460][ T5335]  bfs_get_block+0x5da/0xae0
[   92.152847][ T5335]  __block_write_begin_int+0x6c6/0x1910
[   92.155580][ T5335]  ? __pfx_bfs_get_block+0x10/0x10
[   92.158301][ T5335]  ? __pfx___block_write_begin_int+0x10/0x10
[   92.181493][ T5335]  ? __pfx_bfs_get_block+0x10/0x10
[   92.184011][ T5335]  block_write_begin+0x8d/0x120
[   92.186248][ T5335]  ? bfs_write_begin+0x1e/0xd0
[   92.192063][ T5335]  bfs_write_begin+0x35/0xd0
[   92.196895][ T5335]  generic_perform_write+0x2e2/0x8f0
[   92.199265][ T5335]  ? __pfx_generic_perform_write+0x10/0x10
[   92.212954][ T5335]  ? file_update_time_flags+0x219/0x4a0
[   92.219303][ T5335]  ? __generic_file_write_iter+0xf9/0x230
[   92.225743][ T5335]  ? generic_file_write_iter+0x136/0x680
[   92.237895][ T5335]  generic_file_write_iter+0x14a/0x680
[   92.248230][ T5335]  ? add_lock_to_list+0xc7/0x100
[   92.256508][ T5335]  ? __pfx_generic_file_write_iter+0x10/0x10
[   92.272517][ T5335]  ? lockdep_unlock+0x5d/0xd0
[   92.277741][ T5335]  ? __lock_acquire+0x146e/0x2cf0
[   92.282543][ T5335]  ? __pfx_aa_file_perm+0x10/0x10
[   92.284850][ T5335]  ? vfs_write+0x227/0xb90
[   92.293634][ T5335]  ? vfs_write+0x227/0xb90
[   92.304118][ T5335]  vfs_write+0x61d/0xb90
[   92.306129][ T5335]  ? __pfx_vfs_write+0x10/0x10
[   92.308332][ T5335]  ? __fget_files+0x2a/0x420
[   92.310700][ T5335]  ksys_write+0x150/0x270
[   92.323200][ T5335]  ? __pfx_ksys_write+0x10/0x10
[   92.325915][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.328775][ T5335]  do_syscall_64+0x15f/0xf80
[   92.340023][ T5335]  ? trace_irq_disable+0x3b/0x140
[   92.342615][ T5335]  ? clear_bhb_loop+0x40/0x90
[   92.345302][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.348340][ T5335] RIP: 0033:0x7f8b0219cdd9
[   92.350666][ T5335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   92.389526][ T5335] RSP: 002b:00007f8b030affe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   92.403731][ T5335] RAX: ffffffffffffffda RBX: 00007f8b02415fa0 RCX: 00007f8b0219cdd9
[   92.407172][ T5335] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000004
[   92.415292][ T5335] RBP: 00007f8b02232d69 R08: 0000000000000000 R09: 0000000000000000
[   92.424413][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.428149][ T5335] R13: 00007f8b02416038 R14: 00007f8b02415fa0 R15: 00007ffe6a347ec8
[   92.447664][ T5335]  </TASK>
[   92.450014][ T5335] Kernel Offset: disabled
[   92.452998][ T5335] Rebooting in 86400 seconds..