program:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f00000001c0)=0x3, 0x4) (async)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x1c, 0x5f, 0x101, 0x0, 0x0, "", [@generic="7f1de738c07e2e0734"]}, 0x1c}], 0x1, 0x0, 0x0, 0x4008040}, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000640)=@framed={{}, [@jmp={0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x85ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x6}, 0x94) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10, 0x48}, [@ldst={0x6, 0x0, 0x6}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) (async)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000007040)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x19}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x94}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0xd9, 0x6, 0x0, @private=0xa210104, @local, {[@generic={0x7, 0x7, "04030e5c61"}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x80}}}}}}, 0x0) (async)
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000008c0), 0xfecc) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfecc) (async)
r6 = open(&(0x7f0000000000)='./file0\x00', 0x40000, 0x10)
ioctl$VIDIOC_DBG_G_CHIP_INFO(r6, 0xc0c85666, &(0x7f00000000c0)={{0x2, @addr=0x1000}, "0f47aa07bb07d3bc7d8858fbc6662a6e4c9e0890e305d108fd07887da431217d"})
[ 84.813371][ T4677] Bluetooth: hci0: command tx timeout
[ 84.908977][ T5337] loop0: detected capacity change from 0 to 64
[ 84.960880][ T5337] ------------[ cut here ]------------
[ 84.963342][ T5337] WARNING: CPU: 0 PID: 5337 at fs/buffer.c:1183 mark_buffer_dirty+0x2a9/0x410
[ 84.967219][ T5337] Modules linked in:
[ 84.969042][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 84.973004][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.977442][ T5337] RIP: 0010:mark_buffer_dirty+0x2a9/0x410
[ 84.979832][ T5337] Code: 4c 89 f7 e8 d9 2a dd ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 f1 fb ff e8 df f6 76 ff eb 8c e8 d8 f6 76 ff 90 <0f> 0b 90 e9 95 fd ff ff e8 ca f6 76 ff 90 0f 0b 90 e9 bf fd ff ff
[ 84.987825][ T5337] RSP: 0018:ffffc9000d3e7608 EFLAGS: 00010293
[ 84.990335][ T5337] RAX: ffffffff82478f48 RBX: ffff888042ef8828 RCX: ffff888000c60000
[ 84.993604][ T5337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 84.996755][ T5337] RBP: ffff888010cc0001 R08: ffff888042ef882f R09: 1ffff110085df105
[ 85.000017][ T5337] R10: dffffc0000000000 R11: ffffed10085df106 R12: ffff88804c60e000
[ 85.003372][ T5337] R13: ffff888042ef09f8 R14: ffff888042ef8828 R15: 0000000000000010
[ 85.006675][ T5337] FS: 00007f78a648c6c0(0000) GS:ffff88808d969000(0000) knlGS:0000000000000000
[ 85.010382][ T5337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 85.013351][ T5337] CR2: 0000200000001000 CR3: 00000000428f8000 CR4: 0000000000352ef0
[ 85.016512][ T5337] Call Trace:
[ 85.017937][ T5337]
[ 85.019193][ T5337] bfs_get_block+0x5da/0xae0
[ 85.021489][ T5337] __block_write_begin_int+0x6b5/0x1900
[ 85.024104][ T5337] ? __pfx_bfs_get_block+0x10/0x10
[ 85.026231][ T5337] ? __pfx___block_write_begin_int+0x10/0x10
[ 85.028996][ T5337] ? __filemap_get_folio+0x79f/0xaf0
[ 85.031414][ T5337] ? __pfx_bfs_get_block+0x10/0x10
[ 85.033757][ T5337] block_write_begin+0x8a/0x120
[ 85.035747][ T5337] ? bfs_write_begin+0x1e/0xd0
[ 85.037830][ T5337] bfs_write_begin+0x35/0xd0
[ 85.039882][ T5337] generic_perform_write+0x2c5/0x900
[ 85.042088][ T5337] ? __pfx_generic_perform_write+0x10/0x10
[ 85.044631][ T5337] ? file_update_time+0x2da/0x490
[ 85.046800][ T5337] ? __generic_file_write_iter+0xf9/0x230
[ 85.049299][ T5337] ? generic_file_write_iter+0x103/0x550
[ 85.051717][ T5337] generic_file_write_iter+0x117/0x550
[ 85.054191][ T5337] ? __pfx_generic_file_write_iter+0x10/0x10
[ 85.056836][ T5337] ? __lock_acquire+0xab9/0xd20
[ 85.058917][ T5337] ? rcu_read_lock_any_held+0xb3/0x120
[ 85.061263][ T5337] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 85.063938][ T5337] vfs_write+0x5c9/0xb30
[ 85.065780][ T5337] ? __pfx_generic_file_write_iter+0x10/0x10
[ 85.068386][ T5337] ? __pfx_vfs_write+0x10/0x10
[ 85.070534][ T5337] ? __fget_files+0x2a/0x420
[ 85.072564][ T5337] ksys_write+0x145/0x250
[ 85.074556][ T5337] ? __pfx_ksys_write+0x10/0x10
[ 85.076808][ T5337] ? rcu_is_watching+0x15/0xb0
[ 85.078933][ T5337] ? do_syscall_64+0xbe/0x3b0
[ 85.081067][ T5337] do_syscall_64+0xfa/0x3b0
[ 85.083220][ T5337] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.085502][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.088119][ T5337] ? clear_bhb_loop+0x60/0xb0
[ 85.090187][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.092766][ T5337] RIP: 0033:0x7f78a558eec9
[ 85.094821][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.103289][ T5337] RSP: 002b:00007f78a648c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 85.106768][ T5337] RAX: ffffffffffffffda RBX: 00007f78a57e6090 RCX: 00007f78a558eec9
[ 85.109868][ T5337] RDX: 000000000000fecc RSI: 0000200000000100 RDI: 000000000000000b
[ 85.113089][ T5337] RBP: 00007f78a5611f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.116492][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.119882][ T5337] R13: 00007f78a57e6128 R14: 00007f78a57e6090 R15: 00007ffc5a4a2b58
[ 85.123734][ T5337]
[ 85.125152][ T5337] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 85.128354][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.132241][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.136843][ T5337] Call Trace:
[ 85.138354][ T5337]
[ 85.139702][ T5337] dump_stack_lvl+0x99/0x250
[ 85.141821][ T5337] ? __asan_memcpy+0x40/0x70
[ 85.143905][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10
[ 85.146181][ T5337] ? __pfx__printk+0x10/0x10
[ 85.148298][ T5337] vpanic+0x281/0x750
[ 85.150112][ T5337] ? __pfx__printk+0x10/0x10
[ 85.152156][ T5337] ? __pfx_vpanic+0x10/0x10
[ 85.154167][ T5337] ? is_bpf_text_address+0x26/0x2b0
[ 85.156512][ T5337] panic+0xb9/0xc0
[ 85.158150][ T5337] ? __pfx_panic+0x10/0x10
[ 85.160078][ T5337] __warn+0x31b/0x4b0
[ 85.161827][ T5337] ? mark_buffer_dirty+0x2a9/0x410
[ 85.164015][ T5337] ? mark_buffer_dirty+0x2a9/0x410
[ 85.166168][ T5337] report_bug+0x2be/0x4f0
[ 85.168090][ T5337] ? mark_buffer_dirty+0x2a9/0x410
[ 85.170276][ T5337] ? mark_buffer_dirty+0x2a9/0x410
[ 85.172565][ T5337] ? mark_buffer_dirty+0x2ab/0x410
[ 85.174778][ T5337] handle_bug+0x84/0x160
[ 85.176671][ T5337] exc_invalid_op+0x1a/0x50
[ 85.178679][ T5337] asm_exc_invalid_op+0x1a/0x20
[ 85.180770][ T5337] RIP: 0010:mark_buffer_dirty+0x2a9/0x410
[ 85.183205][ T5337] Code: 4c 89 f7 e8 d9 2a dd ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 f1 fb ff e8 df f6 76 ff eb 8c e8 d8 f6 76 ff 90 <0f> 0b 90 e9 95 fd ff ff e8 ca f6 76 ff 90 0f 0b 90 e9 bf fd ff ff
[ 85.191584][ T5337] RSP: 0018:ffffc9000d3e7608 EFLAGS: 00010293
[ 85.194380][ T5337] RAX: ffffffff82478f48 RBX: ffff888042ef8828 RCX: ffff888000c60000
[ 85.198436][ T5337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 85.202282][ T5337] RBP: ffff888010cc0001 R08: ffff888042ef882f R09: 1ffff110085df105
[ 85.205993][ T5337] R10: dffffc0000000000 R11: ffffed10085df106 R12: ffff88804c60e000
[ 85.209451][ T5337] R13: ffff888042ef09f8 R14: ffff888042ef8828 R15: 0000000000000010
[ 85.212906][ T5337] ? mark_buffer_dirty+0x2a8/0x410
[ 85.215216][ T5337] ? mark_buffer_dirty+0x2a8/0x410
[ 85.217316][ T5337] bfs_get_block+0x5da/0xae0
[ 85.219213][ T5337] __block_write_begin_int+0x6b5/0x1900
[ 85.221463][ T5337] ? __pfx_bfs_get_block+0x10/0x10
[ 85.223501][ T5337] ? __pfx___block_write_begin_int+0x10/0x10
[ 85.225744][ T5337] ? __filemap_get_folio+0x79f/0xaf0
[ 85.227924][ T5337] ? __pfx_bfs_get_block+0x10/0x10
[ 85.229973][ T5337] block_write_begin+0x8a/0x120
[ 85.231728][ T5337] ? bfs_write_begin+0x1e/0xd0
[ 85.233573][ T5337] bfs_write_begin+0x35/0xd0
[ 85.235530][ T5337] generic_perform_write+0x2c5/0x900
[ 85.237751][ T5337] ? __pfx_generic_perform_write+0x10/0x10
[ 85.240210][ T5337] ? file_update_time+0x2da/0x490
[ 85.242426][ T5337] ? __generic_file_write_iter+0xf9/0x230
[ 85.244875][ T5337] ? generic_file_write_iter+0x103/0x550
[ 85.247362][ T5337] generic_file_write_iter+0x117/0x550
[ 85.249774][ T5337] ? __pfx_generic_file_write_iter+0x10/0x10
[ 85.252467][ T5337] ? __lock_acquire+0xab9/0xd20
[ 85.254718][ T5337] ? rcu_read_lock_any_held+0xb3/0x120
[ 85.257310][ T5337] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 85.259954][ T5337] vfs_write+0x5c9/0xb30
[ 85.261819][ T5337] ? __pfx_generic_file_write_iter+0x10/0x10
[ 85.264449][ T5337] ? __pfx_vfs_write+0x10/0x10
[ 85.266612][ T5337] ? __fget_files+0x2a/0x420
[ 85.268652][ T5337] ksys_write+0x145/0x250
[ 85.270561][ T5337] ? __pfx_ksys_write+0x10/0x10
[ 85.272719][ T5337] ? rcu_is_watching+0x15/0xb0
[ 85.274856][ T5337] ? do_syscall_64+0xbe/0x3b0
[ 85.277550][ T5337] do_syscall_64+0xfa/0x3b0
[ 85.280034][ T5337] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.282653][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.285653][ T5337] ? clear_bhb_loop+0x60/0xb0
[ 85.287776][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.290213][ T5337] RIP: 0033:0x7f78a558eec9
[ 85.292158][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.300163][ T5337] RSP: 002b:00007f78a648c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 85.303546][ T5337] RAX: ffffffffffffffda RBX: 00007f78a57e6090 RCX: 00007f78a558eec9
[ 85.307037][ T5337] RDX: 000000000000fecc RSI: 0000200000000100 RDI: 000000000000000b
[ 85.310393][ T5337] RBP: 00007f78a5611f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.313733][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.317174][ T5337] R13: 00007f78a57e6128 R14: 00007f78a57e6090 R15: 00007ffc5a4a2b58
[ 85.320658][ T5337]
[ 85.322394][ T5337] Kernel Offset: disabled
[ 85.324243][ T5337] Rebooting in 86400 seconds..