program:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x28, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r7, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x56e, &(0x7f0000000640)="$eJzs3U9sHFcZAPBvdh0ndU1dm1pqysGBRLh/FNvtSk4NB8IBDhT1UiRUqRysZGMHr2Nju6I2F/fGiQoJBKiiasQBCSRiiQNwqChIHJAIEgIhLNRKIA78aQHhHggBjGZ3NtnYs2bBjhcyv5+02TdvnvO9t5vvafe9iSeAwjqR/pFE9EfE1YgYaBze2uBE4+kblY3ZK5WN2SS2t5/6U1Jvd7myMdts2vy5uyNiPSLuj4jvX4g4d2R33OXVtbnpWq26lB2Pr8wvji+vrp2+OD89U52pXqpUHp+anJw6MznxH4wm2fPsRxffGPrF7JMzL4/8/ekz81/5YxJn6+OOHeM4SHk96kkizt6OYF1QTscTEX0dth+uvvDKbe4SHfrc0OZ4+t7dFxGn6vk/EOX6uxnxvpee+ctAvPd6u5+9uvnS7w6zrwDAwdlOHd37NHBnKkX63T8pjUVEo1wqjY01vsPfF32l2sLyyiMXFp69dL6xRnBvHClduFirTmRrBffGkSQ9frRevnn82I7jSkQMRsSny3fVj8fOLdTOH+pMBzT1R7z+zU+c6717R/7/ttzIf+DOleb/z37w7e+m5bfK3e4NcJjS/P/aW/NPhPyHwpH/UFzyH4pL/kNxyX8oLvkPxSX/objkPxSX/Ifikv9QXK35L/2hmAZHXt1MImL9PXfVH6ne7FzOr+0B7iDb24n/5A8F5bM/FFdPtzsAdI3v+MDevzk74li7E4sH3xfgcJS63QGga0aP2/+DorL+D8Vl/R+Ky2d8wPo/FI/1fyiu/jb3/3pby727JiLinoj4UfnI0ea9voD/X/0Rr7949VvPRJR+n2Sf/0cHTvVPv/Ha91rb9SZ/rW8R9EbEJ1986gvPTa+sLD2a1v/5Rv3KF7P6x7o1GqATzTxt5jFQXMura3PTtVp1SUFBoXCF5jxwubIx23wc1tzzwsMRb76/cRFCGvdK9mic7cnWJo/V9yj7tpJbrlVIDmDv8jOnI9afj4j788afZPc7b+x89G2Vd8V/e/acPo5n6ydpm+EO45fv2V/8B1rij7TEf0eH8Tc/0mHD22Tw692N//Ivs9d/oqcn7/Xf77UxQ//m/BNf3WeAffrNr7sb/9RId+N/fiHi1XT+mcjLv1Kaljd2PnfOP/0t10n/tz41enP+u7Jr/ivdmP/Kbea/Ex3G+eHT1Y/l1Zd/HPHm8xEP5MZvxjtWj9W3VdoV/2TL/PPgHvH/8OGfzuXVn30tYvtyxGjkx2+NNb4yvzi+vLp2+uL89Ex1pnqpUnl8anJy6szkxHh9jXq8uVK925PXhz+QV3/yy43x97WJ3xx/u9d/e48xt1r70sf735lT/5PjjfgPnsx//4ey+I3Xv2dX/Hdlz+m/k39k1/Kmba5FxNGs/qGI+M4rgw/n9etD1xvxz7cZf+mW+LvH/0iH4//sr/75bF79cx/s8C8AAA5U+6WBbvcMAAA4aIex09jtMQL5+rZ6o3UbOFlv2VdYv7mvkNZfy/YXyusRf8v2GNL6h7JdsrScu9EA/M8ZXnv3z7vdBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICiW15dm5uu1apLy93uCXDY/hUAAP//T2kBHQ==")
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r8, 0x201bf)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x131)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r11, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r13, 0xae03, 0x21)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

[   88.655966][   T46] Bluetooth: hci0: command tx timeout
[   88.909017][ T5337] loop0: detected capacity change from 0 to 512
[   89.022535][ T5337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.044724][ T5337] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.131343][ T5337] loop0: detected capacity change from 512 to 64
[   89.156808][ T3703] EXT4-fs error (device loop0): ext4_validate_block_bitmap:423: comm kworker/u4:19: bg 0: bad block bitmap checksum
[   89.188886][ T5337] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6298: Out of memory
[   89.194177][ T3703] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 74
[   89.211377][ T3703] EXT4-fs (loop0): This should not happen!! Data will be lost
[   89.211377][ T3703] 
[   89.217796][ T5337] EXT4-fs error (device loop0): ext4_setattr:5984: inode #18: comm syz.0.0: mark_inode_dirty error
[   89.224663][ T5335] ------------[ cut here ]------------
[   89.228236][ T5335] WARNING: mm/page-writeback.c:2710 at __folio_mark_dirty+0x202/0xe10, CPU#0: syz.0.0/5335
[   89.233070][ T5335] Modules linked in:
[   89.235285][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   89.239475][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.244919][ T5335] RIP: 0010:__folio_mark_dirty+0x202/0xe10
[   89.248380][ T5335] Code: 3c 20 00 74 08 48 89 df e8 7b cf 2a 00 4c 8b 33 4c 89 f6 48 83 e6 08 31 ff e8 6a 29 c3 ff 49 83 e6 08 75 20 e8 7f 24 c3 ff 90 <0f> 0b 90 eb 1a e8 74 24 c3 ff 48 8b 2c 24 e9 5d 07 00 00 e8 66 24
[   89.257431][ T5335] RSP: 0018:ffffc9000d127810 EFLAGS: 00010093
[   89.260173][ T5335] RAX: ffffffff81fde0d1 RBX: ffffea000049c380 RCX: ffff88801c690000
[   89.263646][ T5335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   89.267445][ T5335] RBP: ffff8880481164f8 R08: ffffea000049c387 R09: 1ffffd4000093870
[   89.271293][ T5335] R10: dffffc0000000000 R11: fffff94000093871 R12: dffffc0000000000
[   89.275023][ T5335] R13: ffff888048116500 R14: 0000000000000000 R15: 0000000000000001
[   89.278716][ T5335] FS:  000055555b5e0500(0000) GS:ffff88808d416000(0000) knlGS:0000000000000000
[   89.283801][ T5335] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   89.287061][ T5335] CR2: 0000200000000100 CR3: 000000001164b000 CR4: 0000000000352ef0
[   89.290355][ T5335] Call Trace:
[   89.291842][ T5335]  <TASK>
[   89.293099][ T5335]  ? do_raw_spin_unlock+0x4d/0x240
[   89.295538][ T5335]  block_dirty_folio+0x17a/0x1d0
[   89.297873][ T5335]  ext4_page_mkwrite+0xf07/0x1190
[   89.300340][ T5335]  ? __pfx_ext4_get_block_unwritten+0x10/0x10
[   89.303263][ T5335]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[   89.306315][ T5335]  do_page_mkwrite+0x14d/0x310
[   89.309085][ T5335]  do_wp_page+0x2676/0x5810
[   89.311104][ T5335]  ? ___pte_offset_map+0x29/0x240
[   89.313293][ T5335]  ? __pfx_do_wp_page+0x10/0x10
[   89.315426][ T5335]  ? do_raw_spin_lock+0x121/0x290
[   89.317771][ T5335]  ? handle_mm_fault+0x1411/0x32b0
[   89.320038][ T5335]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   89.322395][ T5335]  handle_mm_fault+0x14c5/0x32b0
[   89.324702][ T5335]  ? handle_mm_fault+0xdb/0x32b0
[   89.327454][ T5335]  ? __pfx_handle_mm_fault+0x10/0x10
[   89.330619][ T5335]  ? lock_vma_under_rcu+0x42c/0x4a0
[   89.333132][ T5335]  ? __pfx_do_futex+0x10/0x10
[   89.335089][ T5335]  do_user_addr_fault+0xa7c/0x1380
[   89.337258][ T5335]  ? rcu_is_watching+0x15/0xb0
[   89.339302][ T5335]  ? trace_page_fault_user+0x84/0x1c0
[   89.341602][ T5335]  exc_page_fault+0x71/0xd0
[   89.343680][ T5335]  asm_exc_page_fault+0x26/0x30
[   89.345866][ T5335] RIP: 0033:0x7f7809b58b88
[   89.347875][ T5335] Code: 66 89 74 17 02 88 0f c3 c5 fa 6f 06 c5 fa 6f 4c 16 f0 c5 fa 7f 07 c5 fa 7f 4c 17 f0 c3 0f 1f 44 00 00 48 8b 4c 16 f8 48 8b 36 <48> 89 37 48 89 4c 17 f8 c3 62 e1 fe 28 6f 54 16 ff 62 e1 fe 28 6f
[   89.356188][ T5335] RSP: 002b:00007ffdf838d7d8 EFLAGS: 00010202
[   89.358875][ T5335] RAX: 0000200000000100 RBX: 0000000000000004 RCX: 006d766b2f766564
[   89.362175][ T5335] RDX: 0000000000000009 RSI: 6d766b2f7665642f RDI: 0000200000000100
[   89.365577][ T5335] RBP: 00007f7809de7da0 R08: 00007f78099ff02c R09: 0000000000000001
[   89.368842][ T5335] R10: 0000000000000001 R11: 0000000000000009 R12: 00007f7809de5fac
[   89.372263][ T5335] R13: 00007ffdf838d8d0 R14: fffffffffffffffe R15: 00007ffdf838d8f0
[   89.375766][ T5335]  </TASK>
[   89.377202][ T5335] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   89.380549][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   89.384699][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.390572][ T5335] Call Trace:
[   89.392147][ T5335]  <TASK>
[   89.393456][ T5335]  vpanic+0x1e0/0x670
[   89.395184][ T5335]  panic+0xb9/0xc0
[   89.396851][ T5335]  ? __pfx_panic+0x10/0x10
[   89.398949][ T5335]  __warn+0x317/0x4b0
[   89.400815][ T5335]  ? __folio_mark_dirty+0x202/0xe10
[   89.403353][ T5335]  ? __folio_mark_dirty+0x202/0xe10
[   89.405968][ T5335]  __report_bug+0x288/0x500
[   89.408145][ T5335]  ? __folio_mark_dirty+0x202/0xe10
[   89.410554][ T5335]  ? __pfx___report_bug+0x10/0x10
[   89.412832][ T5335]  ? __lock_acquire+0x6b6/0x2cf0
[   89.415180][ T5335]  ? do_raw_spin_unlock+0x4d/0x240
[   89.417686][ T5335]  ? __folio_mark_dirty+0x202/0xe10
[   89.420375][ T5335]  report_bug+0x16a/0x220
[   89.422727][ T5335]  ? __folio_mark_dirty+0x202/0xe10
[   89.425476][ T5335]  ? __folio_mark_dirty+0x204/0xe10
[   89.428373][ T5335]  handle_bug+0x98/0x200
[   89.430335][ T5335]  exc_invalid_op+0x1a/0x50
[   89.432466][ T5335]  asm_exc_invalid_op+0x1a/0x20
[   89.434546][ T5335] RIP: 0010:__folio_mark_dirty+0x202/0xe10
[   89.437106][ T5335] Code: 3c 20 00 74 08 48 89 df e8 7b cf 2a 00 4c 8b 33 4c 89 f6 48 83 e6 08 31 ff e8 6a 29 c3 ff 49 83 e6 08 75 20 e8 7f 24 c3 ff 90 <0f> 0b 90 eb 1a e8 74 24 c3 ff 48 8b 2c 24 e9 5d 07 00 00 e8 66 24
[   89.445708][ T5335] RSP: 0018:ffffc9000d127810 EFLAGS: 00010093
[   89.448667][ T5335] RAX: ffffffff81fde0d1 RBX: ffffea000049c380 RCX: ffff88801c690000
[   89.452483][ T5335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   89.456037][ T5335] RBP: ffff8880481164f8 R08: ffffea000049c387 R09: 1ffffd4000093870
[   89.460209][ T5335] R10: dffffc0000000000 R11: fffff94000093871 R12: dffffc0000000000
[   89.464487][ T5335] R13: ffff888048116500 R14: 0000000000000000 R15: 0000000000000001
[   89.468072][ T5335]  ? __folio_mark_dirty+0x201/0xe10
[   89.470388][ T5335]  ? do_raw_spin_unlock+0x4d/0x240
[   89.472801][ T5335]  block_dirty_folio+0x17a/0x1d0
[   89.475116][ T5335]  ext4_page_mkwrite+0xf07/0x1190
[   89.477415][ T5335]  ? __pfx_ext4_get_block_unwritten+0x10/0x10
[   89.480105][ T5335]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[   89.482447][ T5335]  do_page_mkwrite+0x14d/0x310
[   89.484526][ T5335]  do_wp_page+0x2676/0x5810
[   89.486519][ T5335]  ? ___pte_offset_map+0x29/0x240
[   89.488796][ T5335]  ? __pfx_do_wp_page+0x10/0x10
[   89.491130][ T5335]  ? do_raw_spin_lock+0x121/0x290
[   89.493337][ T5335]  ? handle_mm_fault+0x1411/0x32b0
[   89.495679][ T5335]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   89.498139][ T5335]  handle_mm_fault+0x14c5/0x32b0
[   89.500773][ T5335]  ? handle_mm_fault+0xdb/0x32b0
[   89.503496][ T5335]  ? __pfx_handle_mm_fault+0x10/0x10
[   89.506462][ T5335]  ? lock_vma_under_rcu+0x42c/0x4a0
[   89.508829][ T5335]  ? __pfx_do_futex+0x10/0x10
[   89.510984][ T5335]  do_user_addr_fault+0xa7c/0x1380
[   89.513232][ T5335]  ? rcu_is_watching+0x15/0xb0
[   89.515384][ T5335]  ? trace_page_fault_user+0x84/0x1c0
[   89.517618][ T5335]  exc_page_fault+0x71/0xd0
[   89.519661][ T5335]  asm_exc_page_fault+0x26/0x30
[   89.521866][ T5335] RIP: 0033:0x7f7809b58b88
[   89.523925][ T5335] Code: 66 89 74 17 02 88 0f c3 c5 fa 6f 06 c5 fa 6f 4c 16 f0 c5 fa 7f 07 c5 fa 7f 4c 17 f0 c3 0f 1f 44 00 00 48 8b 4c 16 f8 48 8b 36 <48> 89 37 48 89 4c 17 f8 c3 62 e1 fe 28 6f 54 16 ff 62 e1 fe 28 6f
[   89.532512][ T5335] RSP: 002b:00007ffdf838d7d8 EFLAGS: 00010202
[   89.535215][ T5335] RAX: 0000200000000100 RBX: 0000000000000004 RCX: 006d766b2f766564
[   89.538727][ T5335] RDX: 0000000000000009 RSI: 6d766b2f7665642f RDI: 0000200000000100
[   89.542245][ T5335] RBP: 00007f7809de7da0 R08: 00007f78099ff02c R09: 0000000000000001
[   89.545858][ T5335] R10: 0000000000000001 R11: 0000000000000009 R12: 00007f7809de5fac
[   89.549424][ T5335] R13: 00007ffdf838d8d0 R14: fffffffffffffffe R15: 00007ffdf838d8f0
[   89.553051][ T5335]  </TASK>
[   89.554863][ T5335] Kernel Offset: disabled
[   89.556845][ T5335] Rebooting in 86400 seconds..