program:
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000500), 0xc240, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f00000002c0)={<r2=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000340)={<r3=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r1, 0xc01864cd, &(0x7f0000000400)={&(0x7f0000000380)=[r2, r3], &(0x7f00000003c0)=[0x8, 0x7fffffff, 0x6, 0x7fffffff], 0x2, 0x1})
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@ipv4_delroute={0x1c, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfd}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x200000000000011, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x56e, &(0x7f0000000640)="$eJzs3U9sHFcZAPBvdh0ndU1dm1pqysGBRLh/FNvtSk4NB8IBDhT1UiRUqRysZGMHr2Nju6I2F/fGiQoJBKiiasQBCSRiiQNwqChIHJAIEgIhLNRKIA78aQHhHggBjGZ3NtnYs2bBjhcyv5+02TdvnvO9t5vvafe9iSeAwjqR/pFE9EfE1YgYaBze2uBE4+kblY3ZK5WN2SS2t5/6U1Jvd7myMdts2vy5uyNiPSLuj4jvX4g4d2R33OXVtbnpWq26lB2Pr8wvji+vrp2+OD89U52pXqpUHp+anJw6MznxH4wm2fPsRxffGPrF7JMzL4/8/ekz81/5YxJn6+OOHeM4SHk96kkizt6OYF1QTscTEX0dth+uvvDKbe4SHfrc0OZ4+t7dFxGn6vk/EOX6uxnxvpee+ctAvPd6u5+9uvnS7w6zrwDAwdlOHd37NHBnKkX63T8pjUVEo1wqjY01vsPfF32l2sLyyiMXFp69dL6xRnBvHClduFirTmRrBffGkSQ9frRevnn82I7jSkQMRsSny3fVj8fOLdTOH+pMBzT1R7z+zU+c6717R/7/ttzIf+DOleb/z37w7e+m5bfK3e4NcJjS/P/aW/NPhPyHwpH/UFzyH4pL/kNxyX8oLvkPxSX/objkPxSX/Ifikv9QXK35L/2hmAZHXt1MImL9PXfVH6ne7FzOr+0B7iDb24n/5A8F5bM/FFdPtzsAdI3v+MDevzk74li7E4sH3xfgcJS63QGga0aP2/+DorL+D8Vl/R+Ky2d8wPo/FI/1fyiu/jb3/3pby727JiLinoj4UfnI0ea9voD/X/0Rr7949VvPRJR+n2Sf/0cHTvVPv/Ha91rb9SZ/rW8R9EbEJ1986gvPTa+sLD2a1v/5Rv3KF7P6x7o1GqATzTxt5jFQXMura3PTtVp1SUFBoXCF5jxwubIx23wc1tzzwsMRb76/cRFCGvdK9mic7cnWJo/V9yj7tpJbrlVIDmDv8jOnI9afj4j788afZPc7b+x89G2Vd8V/e/acPo5n6ydpm+EO45fv2V/8B1rij7TEf0eH8Tc/0mHD22Tw692N//Ivs9d/oqcn7/Xf77UxQ//m/BNf3WeAffrNr7sb/9RId+N/fiHi1XT+mcjLv1Kaljd2PnfOP/0t10n/tz41enP+u7Jr/ivdmP/Kbea/Ex3G+eHT1Y/l1Zd/HPHm8xEP5MZvxjtWj9W3VdoV/2TL/PPgHvH/8OGfzuXVn30tYvtyxGjkx2+NNb4yvzi+vLp2+uL89Ex1pnqpUnl8anJy6szkxHh9jXq8uVK925PXhz+QV3/yy43x97WJ3xx/u9d/e48xt1r70sf735lT/5PjjfgPnsx//4ey+I3Xv2dX/Hdlz+m/k39k1/Kmba5FxNGs/qGI+M4rgw/n9etD1xvxz7cZf+mW+LvH/0iH4//sr/75bF79cx/s8C8AAA5U+6WBbvcMAAA4aIex09jtMQL5+rZ6o3UbOFlv2VdYv7mvkNZfy/YXyusRf8v2GNL6h7JdsrScu9EA/M8ZXnv3z7vdBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICiW15dm5uu1apLy93uCXDY/hUAAP//T2kBHQ==")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r7, 0x201bf)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x131)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r10, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r12=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000010000304000000000000000000007400", @ANYRES32=r12, @ANYBLOB="000000000312010012800b0001006200859bc4b0810a7b9f51b03a00d50000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
r13 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r14 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r14}, 0x2c, {'wfdno', 0x3d, r13}})
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f00000000c0)=r13, 0x4)

[   75.915771][ T4680] Bluetooth: hci0: command tx timeout
[   75.980811][ T5334] netlink: 'syz.0.0': attribute type 10 has an invalid length.
[   76.006900][ T5334] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.011266][ T5334] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.023429][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.026705][ T5334] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.030220][ T5334] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.033454][ T5334] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.054342][ T5334] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   76.084043][ T5334] loop0: detected capacity change from 0 to 512
[   76.139349][ T5334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.144668][ T5334] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.216595][ T5334] loop0: detected capacity change from 512 to 64
[   76.225147][ T1817] EXT4-fs error (device loop0): ext4_validate_block_bitmap:423: comm kworker/u4:11: bg 0: bad block bitmap checksum
[   76.278531][ T1817] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 74
[   76.283386][ T1817] EXT4-fs (loop0): This should not happen!! Data will be lost
[   76.283386][ T1817] 
[   76.291394][ T5334] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6298: Out of memory
[   76.303715][ T5307] udevd[5307]: incorrect ext4 checksum on /dev/loop0
[   76.313333][ T5334] EXT4-fs error (device loop0): ext4_setattr:5984: inode #18: comm syz.0.0: mark_inode_dirty error
[   76.338284][ T5333] ------------[ cut here ]------------
[   76.340996][ T5333] WARNING: mm/page-writeback.c:2710 at __folio_mark_dirty+0x202/0xe10, CPU#0: syz.0.0/5333
[   76.345520][ T5333] Modules linked in:
[   76.347566][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.351412][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.356125][ T5333] RIP: 0010:__folio_mark_dirty+0x202/0xe10
[   76.358707][ T5333] Code: 3c 20 00 74 08 48 89 df e8 8b d8 2a 00 4c 8b 33 4c 89 f6 48 83 e6 08 31 ff e8 1a fc c2 ff 49 83 e6 08 75 20 e8 2f f7 c2 ff 90 <0f> 0b 90 eb 1a e8 24 f7 c2 ff 48 8b 2c 24 e9 5d 07 00 00 e8 16 f7
[   76.367080][ T5333] RSP: 0018:ffffc9000912f810 EFLAGS: 00010093
[   76.369743][ T5333] RAX: ffffffff81fec971 RBX: ffffea0001418ec0 RCX: ffff888000f0a4c0
[   76.373206][ T5333] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   76.376737][ T5333] RBP: ffff88802314ab38 R08: ffffea0001418ec7 R09: 1ffffd40002831d8
[   76.380193][ T5333] R10: dffffc0000000000 R11: fffff940002831d9 R12: dffffc0000000000
[   76.383776][ T5333] R13: ffff88802314ab40 R14: 0000000000000000 R15: 0000000000000001
[   76.387273][ T5333] FS:  000055555e327500(0000) GS:ffff88808d22a000(0000) knlGS:0000000000000000
[   76.391191][ T5333] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.394113][ T5333] CR2: 0000200000000140 CR3: 000000001fa62000 CR4: 0000000000352ef0
[   76.397631][ T5333] Call Trace:
[   76.399143][ T5333]  <TASK>
[   76.400567][ T5333]  ? do_raw_spin_unlock+0x4d/0x240
[   76.402892][ T5333]  block_dirty_folio+0x17a/0x1d0
[   76.405128][ T5333]  ext4_page_mkwrite+0xf07/0x1190
[   76.407315][ T5333]  ? __pfx_ext4_get_block_unwritten+0x10/0x10
[   76.410110][ T5333]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[   76.412590][ T5333]  do_page_mkwrite+0x14d/0x310
[   76.414821][ T5333]  do_wp_page+0x2676/0x5810
[   76.416911][ T5333]  ? __pfx_do_wp_page+0x10/0x10
[   76.419047][ T5333]  ? do_raw_spin_lock+0x121/0x290
[   76.421415][ T5333]  ? handle_mm_fault+0x1411/0x32b0
[   76.423805][ T5333]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   76.426282][ T5333]  handle_mm_fault+0x14c5/0x32b0
[   76.428544][ T5333]  ? handle_mm_fault+0xdb/0x32b0
[   76.430758][ T5333]  ? __pfx_handle_mm_fault+0x10/0x10
[   76.433149][ T5333]  ? lock_vma_under_rcu+0x42c/0x4a0
[   76.435487][ T5333]  ? __pfx_do_futex+0x10/0x10
[   76.437615][ T5333]  ? do_user_addr_fault+0x1a8/0x1380
[   76.439966][ T5333]  do_user_addr_fault+0xa7c/0x1380
[   76.442268][ T5333]  ? rcu_is_watching+0x15/0xb0
[   76.444465][ T5333]  ? trace_page_fault_user+0x84/0x1c0
[   76.446824][ T5333]  exc_page_fault+0x82/0x100
[   76.448866][ T5333]  asm_exc_page_fault+0x26/0x30
[   76.450789][ T5333] RIP: 0033:0x7f7cc62555f3
[   76.452606][ T5333] Code: 8b 44 24 08 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 7a 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 d2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 44 24 08 48
[   76.460239][ T5333] RSP: 002b:00007ffe271fb300 EFLAGS: 00010246
[   76.462888][ T5333] RAX: 0000200000000140 RBX: 0000000000000008 RCX: 0000000000000000
[   76.466479][ T5333] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 000055555e3273c8
[   76.469983][ T5333] RBP: 00007ffe271fb408 R08: 0000000000000000 R09: 0000000000000000
[   76.473511][ T5333] R10: 0000000000000000 R11: 0000000000000001 R12: 00007f7cc65e5fac
[   76.477120][ T5333] R13: 00007ffe271fb430 R14: fffffffffffffffe R15: 00007ffe271fb450
[   76.480609][ T5333]  </TASK>
[   76.482078][ T5333] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.485343][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.489271][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.493816][ T5333] Call Trace:
[   76.495310][ T5333]  <TASK>
[   76.496672][ T5333]  dump_stack_lvl+0x99/0x250
[   76.498670][ T5333]  ? __asan_memcpy+0x40/0x70
[   76.500735][ T5333]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.503089][ T5333]  ? __pfx__printk+0x10/0x10
[   76.505225][ T5333]  vpanic+0x237/0x6d0
[   76.506968][ T5333]  ? __pfx_vpanic+0x10/0x10
[   76.508991][ T5333]  ? is_bpf_text_address+0x292/0x2b0
[   76.511386][ T5333]  ? is_bpf_text_address+0x26/0x2b0
[   76.513748][ T5333]  panic+0xb9/0xc0
[   76.515436][ T5333]  ? __pfx_panic+0x10/0x10
[   76.517442][ T5333]  __warn+0x317/0x4b0
[   76.519056][ T5333]  ? __folio_mark_dirty+0x202/0xe10
[   76.521164][ T5333]  ? __folio_mark_dirty+0x202/0xe10
[   76.523279][ T5333]  __report_bug+0x288/0x500
[   76.525154][ T5333]  ? __folio_mark_dirty+0x202/0xe10
[   76.527340][ T5333]  ? __pfx___report_bug+0x10/0x10
[   76.529406][ T5333]  ? do_raw_spin_lock+0x121/0x290
[   76.531454][ T5333]  ? do_raw_spin_lock+0x121/0x290
[   76.533822][ T5333]  ? __folio_mark_dirty+0x202/0xe10
[   76.536191][ T5333]  report_bug+0x16a/0x220
[   76.538159][ T5333]  ? __folio_mark_dirty+0x202/0xe10
[   76.540475][ T5333]  ? __folio_mark_dirty+0x204/0xe10
[   76.542795][ T5333]  handle_bug+0x98/0x200
[   76.544727][ T5333]  exc_invalid_op+0x1a/0x50
[   76.546795][ T5333]  asm_exc_invalid_op+0x1a/0x20
[   76.549041][ T5333] RIP: 0010:__folio_mark_dirty+0x202/0xe10
[   76.551621][ T5333] Code: 3c 20 00 74 08 48 89 df e8 8b d8 2a 00 4c 8b 33 4c 89 f6 48 83 e6 08 31 ff e8 1a fc c2 ff 49 83 e6 08 75 20 e8 2f f7 c2 ff 90 <0f> 0b 90 eb 1a e8 24 f7 c2 ff 48 8b 2c 24 e9 5d 07 00 00 e8 16 f7
[   76.560004][ T5333] RSP: 0018:ffffc9000912f810 EFLAGS: 00010093
[   76.562734][ T5333] RAX: ffffffff81fec971 RBX: ffffea0001418ec0 RCX: ffff888000f0a4c0
[   76.566237][ T5333] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   76.569762][ T5333] RBP: ffff88802314ab38 R08: ffffea0001418ec7 R09: 1ffffd40002831d8
[   76.573272][ T5333] R10: dffffc0000000000 R11: fffff940002831d9 R12: dffffc0000000000
[   76.576798][ T5333] R13: ffff88802314ab40 R14: 0000000000000000 R15: 0000000000000001
[   76.580370][ T5333]  ? __folio_mark_dirty+0x201/0xe10
[   76.582700][ T5333]  ? do_raw_spin_unlock+0x4d/0x240
[   76.584947][ T5333]  block_dirty_folio+0x17a/0x1d0
[   76.587070][ T5333]  ext4_page_mkwrite+0xf07/0x1190
[   76.589343][ T5333]  ? __pfx_ext4_get_block_unwritten+0x10/0x10
[   76.592057][ T5333]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[   76.594536][ T5333]  do_page_mkwrite+0x14d/0x310
[   76.596739][ T5333]  do_wp_page+0x2676/0x5810
[   76.598812][ T5333]  ? __pfx_do_wp_page+0x10/0x10
[   76.601037][ T5333]  ? do_raw_spin_lock+0x121/0x290
[   76.603314][ T5333]  ? handle_mm_fault+0x1411/0x32b0
[   76.605663][ T5333]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   76.608135][ T5333]  handle_mm_fault+0x14c5/0x32b0
[   76.610267][ T5333]  ? handle_mm_fault+0xdb/0x32b0
[   76.612345][ T5333]  ? __pfx_handle_mm_fault+0x10/0x10
[   76.614437][ T5333]  ? lock_vma_under_rcu+0x42c/0x4a0
[   76.616518][ T5333]  ? __pfx_do_futex+0x10/0x10
[   76.618374][ T5333]  ? do_user_addr_fault+0x1a8/0x1380
[   76.620525][ T5333]  do_user_addr_fault+0xa7c/0x1380
[   76.622581][ T5333]  ? rcu_is_watching+0x15/0xb0
[   76.624498][ T5333]  ? trace_page_fault_user+0x84/0x1c0
[   76.626554][ T5333]  exc_page_fault+0x82/0x100
[   76.628383][ T5333]  asm_exc_page_fault+0x26/0x30
[   76.630760][ T5333] RIP: 0033:0x7f7cc62555f3
[   76.632644][ T5333] Code: 8b 44 24 08 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 7a 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 d2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 44 24 08 48
[   76.640411][ T5333] RSP: 002b:00007ffe271fb300 EFLAGS: 00010246
[   76.642817][ T5333] RAX: 0000200000000140 RBX: 0000000000000008 RCX: 0000000000000000
[   76.645997][ T5333] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 000055555e3273c8
[   76.648979][ T5333] RBP: 00007ffe271fb408 R08: 0000000000000000 R09: 0000000000000000
[   76.652056][ T5333] R10: 0000000000000000 R11: 0000000000000001 R12: 00007f7cc65e5fac
[   76.655315][ T5333] R13: 00007ffe271fb430 R14: fffffffffffffffe R15: 00007ffe271fb450
[   76.658406][ T5333]  </TASK>
[   76.659995][ T5333] Kernel Offset: disabled
[   76.661772][ T5333] Rebooting in 86400 seconds..