program:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_virt_wifi\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x2a}, 0x200021, r1})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000021800110100000000000000000a0000000000000600000000"], 0x1c}}, 0x0)
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8008, &(0x7f0000001980)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16, @ANYRES16, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES8, @ANYRES32, @ANYBLOB="2fecfb2b47b99181063f4ea9a91ac6f65072f0152c20c39ac1fa3f98a9bf4519f1ddd806e46d4f97e3a0c06d3b224332dd177d91e19dbd12718934e5c33da190f134ef5de5cd25678f897b106a4bcc4956a5b987b8b305cec56493d8d526a15bc1359b9c7c18c1c9cf278f262b8d7fea7e8630bec974d1d44f316f6be8491fa5febafde1aece65252ae1609105a79749c16f8ef0593680b0ab39ae08bb", @ANYRESDEC, @ANYRES8, @ANYRESDEC, @ANYRES64, @ANYRES8], 0xd, 0xb6, &(0x7f00000001c0)="$eJzs1zFKxEAYBeCXCDGtjQgW2qbxDp7F0kqsFEG8gRfxKh4hvYVFOhF1RJNlCdul2IXl+4qBN4+fmfZ//Xw5fe6S8piU7uTmrazd3t1fP+XvTJWZJuyHOslhkjbJ2dGY3y/Hrpr6fni46oeD843h5qOUsvDh7+WjAADAMnUu5vmnTBdf0xb4H45Xfbvl/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2m8AAAD//6ykLvo=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r6 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x56f, &(0x7f0000000640)="$eJzs3U9rHGUcB/DfM9mkf1JNKoLWHgwUbEFNmrSiiGCL9ebBPwVPgjFJS+m2DU0EWyu2UN+BvgDBmxfxWESKevHqTfAFSLFIzcVbZDYz222zmybtplMznw9MMs88uzzPZPnmmX12ZjaA2hrLf2QReyJiPkWMdNQ1oqgcW3ncP7cuzSzdujSTYnn5vb9TpGJb+fhU/B4unrw9In77KcUTA6vbXbhw8fR0szl3vihPLJ6Zn1i4cPHFU2emT86dnDs7Nfny5EuHD00dPti3ff1l/Fjj6ok39n43883uz3/49lqKI7GrqOvcj34Zi7H236RT/nd9pd+NVWSg2J/Olzg1KuwQG1K+foMR8VSMxEDcfvFG4ot3Ku0csKmWU8QyUFNJ/qGmyuOA/P1vuVR7RAI8LDePrkwAlHN7S+38N1bmBmN7a25g51KKzmmdFBH9mJnL25h/Lo3kS2zSPBzQ3eUrEfF0t/E/tbI52prFz/Of3ZH/LCLeLn7n29+9z/bH7irLPzw8D5L/Dzvy/9F9ti//AAAAAAAA0D/Xj0bEC90+/8va5/9El/N/hiPiSB/av/fnf9mNPjQDdHHzaMRrEbG06vy/rHzI6EBReqx1PsBgOnGqOXcwIh6PiAMxuC0vT67RxtjeXwd71nWc/5cvefvluYBFP240tt35nNnpxekH2Wdgxc0rEc80uuU/tcf/1GX8z/8fzK+zjeVjr//cq+7e+Qc2y/LXEfu7jv+371yR1r4/x0TreGCiPCpY7dMPrn3fq335h+rk4//OtfM/mjrv17Ow8TY+++uPB8h/9+P/oXS8dcuZoWLbJ9OLi+cnI4bSW6u3T228z7AVlXko85Ln/8C+7u//1zr+3xERl9fZ5vEf37zaq874D9XJ8z+7ofF/4yv73v/q317tr2/8P9wa0w8UW8z/wdrWG9Cq+wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/0dZROyKlI2317NsfDxiOCKejJ1Z89zC4vMnzn18djava33/f1Z+0+/ISjmV3/8/2lGeuqt8KCJ2R8SXAzta5fGZc83ZqnceAAAAAAAAAAAAAAAAAAAAHhHDPa7/z/05UHXvgE3XqLoDQGXkH+pL/qG+5B/qS/6hvuQf6kv+ob7kH+pL/qG+5B8AAAAAALaU3c9e/z1FxOVXd7SW3FDVnQIeiqzqDgCVcYsfqC+n/kB9DVbdAaBy6R712+/7mQAAAAAAAAAAAABAv+zf0/v6f9cGwNbm+n+oL9f/Q325/h/qy3t8wPX/AAAAAAAAAAAAAPDoW7hw8fR0szl33ooVK1baK1X/ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEr/BQAA//9Tbfk2")
lchown(&(0x7f0000000000)='./file0\x00', 0xee01, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x171c, 0x0, 0x0, 0x0, 0x8, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7896de1fdcf335263bdbcef549ba197fce47ddfdd753abd9501ce721b6ae9b49600002a00", "b7326736181c208220000000b9000010000000000000f0ffefffff5aff000001"})
lchown(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
write$FUSE_INIT(r5, &(0x7f0000000300)={0x50, 0x0, 0x0, {0x7, 0x28, 0x1, 0x1000001, 0x2, 0x4, 0x9, 0x7f}}, 0x50)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000200)=ANY=[], 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000100), 0xfecc)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r9 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r9, 0x7005, 0x0)
readv(r9, &(0x7f0000000000)=[{&(0x7f00000012c0)=""/191, 0x4}], 0x3)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000001100), 0x0, &(0x7f00000000c0)={[{}, {@subsystem='freezer'}]})

[   68.653095][ T5318] syz.0.0 (5318) used greatest stack depth: 14544 b[   68.190231][   T48] Bluetooth: hci0: command tx timeout
[   68.260958][ T5318] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   68.270238][ T5318] loop0: detected capacity change from 0 to 64
[   68.346384][ T5318] loop0: detected capacity change from 64 to 11
[   68.352931][ T5318] Dev loop0: unable to read RDB block 11
[   68.355206][ T5318]  loop0: unable to read partition table
[   68.358852][ T5318] loop0: partition table beyond EOD, truncated
[   68.366546][ T5318] loop_reread_partitions: partition scan of loop0 (ï5ŸA;¹8R÷ÖÑÎ])Ãî^\©) failed (rc=-5)
[   68.374774][ T5318] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   68.379666][ T5318] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[   68.382959][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[   68.386820][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.390784][ T5318] RIP: 0010:bfs_get_block+0xa75/0xb70
[   68.392742][ T5318] Code: 00 41 8b 0f b8 77 7f ff ff 21 c1 81 c9 08 80 00 00 4c 89 ef 4c 89 f6 e8 a9 3d ac ff 49 89 c5 48 8d 68 28 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 ef e8 dc 3a 87 ff 4c 8b 75 00 48 8d 7b
[   68.399842][ T5318] RSP: 0018:ffffc9000d3e7870 EFLAGS: 00010206
[   68.402064][ T5318] RAX: 0000000000000005 RBX: ffff888052c102b8 RCX: 0000000000100000
[   68.404976][ T5318] RDX: ffffc9000e83a000 RSI: 00000000000003c3 RDI: 00000000000003c4
[   68.407832][ T5318] RBP: 0000000000000028 R08: ffffffff822f6087 R09: 1ffffd40002666ae
[   68.410661][ T5318] R10: dffffc0000000000 R11: fffff940002666af R12: dffffc0000000000
[   68.413468][ T5318] R13: 0000000000000000 R14: 0000000000000014 R15: ffff888031cbce68
[   68.416193][ T5318] FS:  00007f0eab3426c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   68.419342][ T5318] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.421511][ T5318] CR2: 00007ffc125e98e8 CR3: 0000000033b0c000 CR4: 0000000000352ef0
[   68.424046][ T5318] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   68.426452][ T5318] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   68.428966][ T5318] Call Trace:
[   68.430227][ T5318]  <TASK>
[   68.431363][ T5318]  ? __die_body+0x5f/0xb0
[   68.432979][ T5318]  ? die_addr+0xb0/0xe0
[   68.434481][ T5318]  ? exc_general_protection+0x3dd/0x5d0
[   68.436711][ T5318]  ? asm_exc_general_protection+0x26/0x30
[   68.438815][ T5318]  ? bdev_getblk+0x3e7/0x550
[   68.440507][ T5318]  ? bfs_get_block+0xa75/0xb70
[   68.442178][ T5318]  __block_write_begin_int+0x50c/0x1a70
[   68.444237][ T5318]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   68.446614][ T5318]  ? __pfx_bfs_get_block+0x10/0x10
[   68.448327][ T5318]  ? __pfx___block_write_begin_int+0x10/0x10
[   68.450493][ T5318]  ? __filemap_get_folio+0x90b/0xbd0
[   68.452427][ T5318]  ? __pfx_bfs_get_block+0x10/0x10
[   68.454284][ T5318]  block_write_begin+0x8f/0x120
[   68.456121][ T5318]  bfs_write_begin+0x35/0xd0
[   68.457960][ T5318]  generic_perform_write+0x344/0x6d0
[   68.459981][ T5318]  ? __pfx_generic_perform_write+0x10/0x10
[   68.462256][ T5318]  ? file_update_time+0x2ab/0x450
[   68.464298][ T5318]  ? __generic_file_write_iter+0x102/0x230
[   68.466578][ T5318]  generic_file_write_iter+0xae/0x310
[   68.468622][ T5318]  vfs_write+0xaeb/0xd30
[   68.470103][ T5318]  ? __pfx_generic_file_write_iter+0x10/0x10
[   68.472207][ T5318]  ? __pfx_vfs_write+0x10/0x10
[   68.474076][ T5318]  ? __fget_files+0x2a/0x410
[   68.475797][ T5318]  ? __fget_files+0x2a/0x410
[   68.477530][ T5318]  ksys_write+0x18f/0x2b0
[   68.479023][ T5318]  ? __pfx_ksys_write+0x10/0x10
[   68.480637][ T5318]  ? do_syscall_64+0x100/0x230
[   68.482323][ T5318]  ? do_syscall_64+0xb6/0x230
[   68.483979][ T5318]  do_syscall_64+0xf3/0x230
[   68.485551][ T5318]  ? clear_bhb_loop+0x35/0x90
[   68.487222][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.489286][ T5318] RIP: 0033:0x7f0eaa57ff19
[   68.490841][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.498727][ T5318] RSP: 002b:00007f0eab342058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   68.501999][ T5318] RAX: ffffffffffffffda RBX: 00007f0eaa745fa0 RCX: 00007f0eaa57ff19
[   68.505110][ T5318] RDX: 000000000000fecc RSI: 0000000020000100 RDI: 000000000000000d
[   68.508265][ T5318] RBP: 00007f0eaa5f3986 R08: 0000000000000000 R09: 0000000000000000
[   68.511327][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.514436][ T5318] R13: 0000000000000000 R14: 00007f0eaa745fa0 R15: 00007ffdbcd27f98
[   68.517474][ T5318]  </TASK>
[   68.518686][ T5318] Modules linked in:
[   68.520920][ T5318] ---[ end trace 0000000000000000 ]---
[   68.530032][ T5318] RIP: 0010:bfs_get_block+0xa75/0xb70
[   68.532144][ T5318] Code: 00 41 8b 0f b8 77 7f ff ff 21 c1 81 c9 08 80 00 00 4c 89 ef 4c 89 f6 e8 a9 3d ac ff 49 89 c5 48 8d 68 28 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 ef e8 dc 3a 87 ff 4c 8b 75 00 48 8d 7b
[   68.539857][ T5318] RSP: 0018:ffffc9000d3e7870 EFLAGS: 00010206
[   68.542103][ T5318] RAX: 0000000000000005 RBX: ffff888052c102b8 RCX: 0000000000100000
[   68.545296][ T5318] RDX: ffffc9000e83a000 RSI: 00000000000003c3 RDI: 00000000000003c4
[   68.549150][ T5318] RBP: 0000000000000028 R08: ffffffff822f6087 R09: 1ffffd40002666ae
[   68.552251][ T5318] R10: dffffc0000000000 R11: fffff940002666af R12: dffffc0000000000
[   68.555012][ T5318] R13: 0000000000000000 R14: 0000000000000014 R15: ffff888031cbce68
[   68.558106][ T5318] FS:  00007f0eab3426c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   68.561436][ T5318] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.564002][ T5318] CR2: 00007f0eab320fe0 CR3: 0000000033b0c000 CR4: 0000000000352ef0
[   68.567437][ T5318] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   68.570391][ T5318] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   68.573391][ T5318] Kernel panic - not syncing: Fatal exception
[   68.575731][ T5318] Kernel Offset: disabled
[   68.577591][ T5318] Rebooting in 86400 seconds..