program:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x29b, 0x0, 0x5}]})
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000080)=0x2)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x7, 0x0, 0x0, 0xd000, 0x4, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0x2}, 0x986, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
write$binfmt_elf32(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c4601f5f014ab0800000000000002003e00010000809a010000380000008b0000000600000005002000020001000100200000f2ffff04"], 0x78) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4000005, 0x10012, r3, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0) (async)
r5 = syz_open_dev$evdev(&(0x7f0000000140), 0x0, 0x0)
ioctl$EVIOCGREP(r5, 0x80084503, 0x0)
write$binfmt_script(r4, &(0x7f00000008c0), 0xfecc) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)

[   84.854711][   T47] Bluetooth: hci0: command tx timeout
[   84.912573][ T5343] loop0: detected capacity change from 0 to 64
[   85.064865][ T5343] ------------[ cut here ]------------
[   85.067638][ T5343] !buffer_uptodate(bh)
[   85.067653][ T5343] WARNING: fs/buffer.c:1183 at mark_buffer_dirty+0x299/0x3f0, CPU#0: syz.0.0/5343
[   85.075072][ T5343] Modules linked in:
[   85.077101][ T5343] CPU: 0 UID: 0 PID: 5343 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.081630][ T5343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.086518][ T5343] RIP: 0010:mark_buffer_dirty+0x299/0x3f0
[   85.089241][ T5343] Code: 4c 89 f7 e8 d9 62 db ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 b4 8a fb ff e8 3f d0 72 ff eb 8c e8 38 d0 72 ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 2a d0 72 ff 90 0f 0b 90 e9 cf fd ff ff
[   85.098426][ T5343] RSP: 0018:ffffc9000f027608 EFLAGS: 00010293
[   85.102174][ T5343] RAX: ffffffff824fd808 RBX: ffff8880320b53a0 RCX: ffff888000f54980
[   85.107287][ T5343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[   85.111177][ T5343] RBP: ffff888033ce2001 R08: ffff8880320b53a7 R09: 1ffff11006416a74
[   85.114955][ T5343] R10: dffffc0000000000 R11: ffffed1006416a75 R12: ffff888012d3f400
[   85.118647][ T5343] R13: ffff888012004000 R14: ffff8880320b53a0 R15: 000000000000000a
[   85.122605][ T5343] FS:  00007f25fedf56c0(0000) GS:ffff88808cf1d000(0000) knlGS:0000000000000000
[   85.126794][ T5343] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.130142][ T5343] CR2: 0000200000002000 CR3: 0000000032df4000 CR4: 0000000000352ef0
[   85.133961][ T5343] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   85.137746][ T5343] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000050602
[   85.141492][ T5343] Call Trace:
[   85.143170][ T5343]  <TASK>
[   85.144752][ T5343]  bfs_get_block+0x5da/0xae0
[   85.147118][ T5343]  __block_write_begin_int+0x6c6/0x1910
[   85.149842][ T5343]  ? __pfx_bfs_get_block+0x10/0x10
[   85.152381][ T5343]  ? __pfx___block_write_begin_int+0x10/0x10
[   85.155470][ T5343]  ? __pfx_bfs_get_block+0x10/0x10
[   85.158430][ T5343]  block_write_begin+0x8d/0x120
[   85.161673][ T5343]  ? bfs_write_begin+0x1e/0xd0
[   85.164964][ T5343]  bfs_write_begin+0x35/0xd0
[   85.167982][ T5343]  generic_perform_write+0x2e2/0x8f0
[   85.170606][ T5343]  ? __pfx_generic_perform_write+0x10/0x10
[   85.173726][ T5343]  ? file_update_time_flags+0x2cb/0x4d0
[   85.176393][ T5343]  ? __generic_file_write_iter+0xf9/0x230
[   85.179050][ T5343]  ? generic_file_write_iter+0x136/0x680
[   85.181696][ T5343]  generic_file_write_iter+0x14a/0x680
[   85.184471][ T5343]  ? add_lock_to_list+0xc7/0x100
[   85.187085][ T5343]  ? __pfx_generic_file_write_iter+0x10/0x10
[   85.189955][ T5343]  ? lockdep_unlock+0x5d/0xd0
[   85.192094][ T5343]  ? __lock_acquire+0x146e/0x2cf0
[   85.194487][ T5343]  ? __pfx_aa_file_perm+0x10/0x10
[   85.197169][ T5343]  ? vfs_write+0x227/0xb90
[   85.199554][ T5343]  ? vfs_write+0x227/0xb90
[   85.201642][ T5343]  vfs_write+0x61d/0xb90
[   85.203588][ T5343]  ? __pfx_vfs_write+0x10/0x10
[   85.205909][ T5343]  ? __fget_files+0x2a/0x420
[   85.208253][ T5343]  ksys_write+0x150/0x270
[   85.210336][ T5343]  ? __pfx_ksys_write+0x10/0x10
[   85.212710][ T5343]  do_syscall_64+0xe2/0xf80
[   85.214923][ T5343]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.217904][ T5343]  ? trace_irq_disable+0x37/0x100
[   85.220326][ T5343]  ? clear_bhb_loop+0x60/0xb0
[   85.222622][ T5343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.225445][ T5343] RIP: 0033:0x7f260299acb9
[   85.227914][ T5343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.237136][ T5343] RSP: 002b:00007f25fedf5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   85.241202][ T5343] RAX: ffffffffffffffda RBX: 00007f2602c15fa0 RCX: 00007f260299acb9
[   85.244521][ T5343] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000008
[   85.247873][ T5343] RBP: 00007f2602a08bf7 R08: 0000000000000000 R09: 0000000000000000
[   85.251746][ T5343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.255710][ T5343] R13: 00007f2602c16038 R14: 00007f2602c15fa0 R15: 00007ffea184b758
[   85.259328][ T5343]  </TASK>
[   85.260782][ T5343] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   85.263905][ T5343] CPU: 0 UID: 0 PID: 5343 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.268128][ T5343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.272984][ T5343] Call Trace:
[   85.274607][ T5343]  <TASK>
[   85.276083][ T5343]  vpanic+0x1e0/0x670
[   85.277867][ T5343]  panic+0xc5/0xd0
[   85.279659][ T5343]  ? __pfx_panic+0x10/0x10
[   85.281700][ T5343]  __warn+0x315/0x4a0
[   85.283442][ T5343]  ? mark_buffer_dirty+0x299/0x3f0
[   85.285427][ T5343]  ? mark_buffer_dirty+0x299/0x3f0
[   85.287711][ T5343]  __report_bug+0x29a/0x540
[   85.289579][ T5343]  ? filemap_get_entry+0xca/0x320
[   85.291927][ T5343]  ? mark_buffer_dirty+0x299/0x3f0
[   85.294263][ T5343]  ? __pfx___report_bug+0x10/0x10
[   85.296570][ T5343]  ? __pfx_folio_mark_accessed+0x10/0x10
[   85.299381][ T5343]  ? mark_buffer_dirty+0x299/0x3f0
[   85.301948][ T5343]  report_bug+0x16a/0x220
[   85.304062][ T5343]  ? mark_buffer_dirty+0x299/0x3f0
[   85.306519][ T5343]  ? mark_buffer_dirty+0x29b/0x3f0
[   85.309004][ T5343]  handle_bug+0x98/0x200
[   85.311065][ T5343]  exc_invalid_op+0x1a/0x50
[   85.313194][ T5343]  asm_exc_invalid_op+0x1a/0x20
[   85.315512][ T5343] RIP: 0010:mark_buffer_dirty+0x299/0x3f0
[   85.317833][ T5343] Code: 4c 89 f7 e8 d9 62 db ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 b4 8a fb ff e8 3f d0 72 ff eb 8c e8 38 d0 72 ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 2a d0 72 ff 90 0f 0b 90 e9 cf fd ff ff
[   85.326715][ T5343] RSP: 0018:ffffc9000f027608 EFLAGS: 00010293
[   85.329813][ T5343] RAX: ffffffff824fd808 RBX: ffff8880320b53a0 RCX: ffff888000f54980
[   85.333568][ T5343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[   85.337306][ T5343] RBP: ffff888033ce2001 R08: ffff8880320b53a7 R09: 1ffff11006416a74
[   85.341103][ T5343] R10: dffffc0000000000 R11: ffffed1006416a75 R12: ffff888012d3f400
[   85.344896][ T5343] R13: ffff888012004000 R14: ffff8880320b53a0 R15: 000000000000000a
[   85.348746][ T5343]  ? mark_buffer_dirty+0x298/0x3f0
[   85.351212][ T5343]  ? mark_buffer_dirty+0x298/0x3f0
[   85.353626][ T5343]  bfs_get_block+0x5da/0xae0
[   85.355890][ T5343]  __block_write_begin_int+0x6c6/0x1910
[   85.358620][ T5343]  ? __pfx_bfs_get_block+0x10/0x10
[   85.361156][ T5343]  ? __pfx___block_write_begin_int+0x10/0x10
[   85.364119][ T5343]  ? __pfx_bfs_get_block+0x10/0x10
[   85.366651][ T5343]  block_write_begin+0x8d/0x120
[   85.369046][ T5343]  ? bfs_write_begin+0x1e/0xd0
[   85.371164][ T5343]  bfs_write_begin+0x35/0xd0
[   85.373021][ T5343]  generic_perform_write+0x2e2/0x8f0
[   85.375160][ T5343]  ? __pfx_generic_perform_write+0x10/0x10
[   85.377531][ T5343]  ? file_update_time_flags+0x2cb/0x4d0
[   85.380002][ T5343]  ? __generic_file_write_iter+0xf9/0x230
[   85.382720][ T5343]  ? generic_file_write_iter+0x136/0x680
[   85.385749][ T5343]  generic_file_write_iter+0x14a/0x680
[   85.388457][ T5343]  ? add_lock_to_list+0xc7/0x100
[   85.391089][ T5343]  ? __pfx_generic_file_write_iter+0x10/0x10
[   85.393939][ T5343]  ? lockdep_unlock+0x5d/0xd0
[   85.396235][ T5343]  ? __lock_acquire+0x146e/0x2cf0
[   85.398769][ T5343]  ? __pfx_aa_file_perm+0x10/0x10
[   85.401053][ T5343]  ? vfs_write+0x227/0xb90
[   85.403177][ T5343]  ? vfs_write+0x227/0xb90
[   85.405193][ T5343]  vfs_write+0x61d/0xb90
[   85.407161][ T5343]  ? __pfx_vfs_write+0x10/0x10
[   85.409392][ T5343]  ? __fget_files+0x2a/0x420
[   85.411540][ T5343]  ksys_write+0x150/0x270
[   85.413549][ T5343]  ? __pfx_ksys_write+0x10/0x10
[   85.415854][ T5343]  do_syscall_64+0xe2/0xf80
[   85.417899][ T5343]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.420897][ T5343]  ? trace_irq_disable+0x37/0x100
[   85.423256][ T5343]  ? clear_bhb_loop+0x60/0xb0
[   85.425515][ T5343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.428226][ T5343] RIP: 0033:0x7f260299acb9
[   85.430288][ T5343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.439260][ T5343] RSP: 002b:00007f25fedf5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   85.443134][ T5343] RAX: ffffffffffffffda RBX: 00007f2602c15fa0 RCX: 00007f260299acb9
[   85.446674][ T5343] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000008
[   85.450499][ T5343] RBP: 00007f2602a08bf7 R08: 0000000000000000 R09: 0000000000000000
[   85.454452][ T5343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.458281][ T5343] R13: 00007f2602c16038 R14: 00007f2602c15fa0 R15: 00007ffea184b758
[   85.462279][ T5343]  </TASK>
[   85.464336][ T5343] Kernel Offset: disabled
[   85.466349][ T5343] Rebooting in 86400 seconds..