program:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161442, 0xb6)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.current\x00', 0x275a, 0x0)

[  103.463595][ T5340] loop0: detected capacity change from 0 to 64
[  103.474252][ T4681] Bluetooth: hci0: command tx timeout
[  103.804826][ T5340] ------------[ cut here ]------------
[  103.806980][ T5340] !buffer_uptodate(bh)
[  103.806989][ T5340] WARNING: fs/buffer.c:1087 at mark_buffer_dirty+0x299/0x410, CPU#0: syz.0.0/5340
[  103.812141][ T5340] Modules linked in:
[  103.814771][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  103.819055][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.823789][ T5340] RIP: 0010:mark_buffer_dirty+0x299/0x410
[  103.827103][ T5340] Code: 4c 89 f7 e8 69 5e da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 94 63 fb ff e8 0f 95 6d ff eb 8c e8 08 95 6d ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 fa 94 6d ff 90 0f 0b 90 e9 cf fd ff ff
[  103.835886][ T5340] RSP: 0018:ffffc9000e437608 EFLAGS: 00010283
[  103.838629][ T5340] RAX: ffffffff82584be8 RBX: ffff88803257f9f8 RCX: 0000000000100000
[  103.841931][ T5340] RDX: ffffc9000ecaa000 RSI: 000000000000148b RDI: 000000000000148c
[  103.845586][ T5340] RBP: ffff888012b6c001 R08: ffff88803257f9ff R09: 1ffff110064aff3f
[  103.849425][ T5340] R10: dffffc0000000000 R11: ffffed10064aff40 R12: ffff888050bd9600
[  103.852907][ T5340] R13: ffff8880478b73a0 R14: ffff88803257f9f8 R15: 000000000000000a
[  103.856415][ T5340] FS:  00007f66979cd6c0(0000) GS:ffff88808c808000(0000) knlGS:0000000000000000
[  103.860500][ T5340] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  103.863547][ T5340] CR2: 0000200000000340 CR3: 0000000042bf9000 CR4: 0000000000352ef0
[  103.867164][ T5340] Call Trace:
[  103.868808][ T5340]  <TASK>
[  103.870171][ T5340]  bfs_get_block+0x5da/0xae0
[  103.872075][ T5340]  __block_write_begin_int+0x6c6/0x1910
[  103.874320][ T5340]  ? __pfx_bfs_get_block+0x10/0x10
[  103.876691][ T5340]  ? __pfx___block_write_begin_int+0x10/0x10
[  103.879691][ T5340]  ? __pfx_bfs_get_block+0x10/0x10
[  103.882058][ T5340]  block_write_begin+0x8d/0x120
[  103.884421][ T5340]  ? bfs_write_begin+0x1e/0xd0
[  103.886706][ T5340]  bfs_write_begin+0x35/0xd0
[  103.889053][ T5340]  generic_perform_write+0x2e2/0x8f0
[  103.892404][ T5340]  ? __pfx_generic_perform_write+0x10/0x10
[  103.895319][ T5340]  ? file_update_time_flags+0x219/0x4a0
[  103.897538][ T5340]  ? __generic_file_write_iter+0xf9/0x230
[  103.900132][ T5340]  ? generic_file_write_iter+0x136/0x680
[  103.902764][ T5340]  generic_file_write_iter+0x14a/0x680
[  103.905127][ T5340]  ? __pfx_generic_file_write_iter+0x10/0x10
[  103.907836][ T5340]  ? irqentry_exit+0x218/0x730
[  103.910247][ T5340]  ? lockdep_hardirqs_on+0x7a/0x110
[  103.912805][ T5340]  ? irqentry_exit+0x218/0x730
[  103.915118][ T5340]  ? trace_irq_disable+0x3b/0x140
[  103.917285][ T5340]  ? vfs_write+0x227/0xb90
[  103.919412][ T5340]  vfs_write+0x61d/0xb90
[  103.921181][ T5340]  ? __pfx_vfs_write+0x10/0x10
[  103.923200][ T5340]  ? __fget_files+0x2a/0x420
[  103.925504][ T5340]  ksys_write+0x150/0x270
[  103.927875][ T5340]  ? __pfx_ksys_write+0x10/0x10
[  103.930410][ T5340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.933152][ T5340]  do_syscall_64+0x15f/0xf80
[  103.935358][ T5340]  ? trace_irq_disable+0x3b/0x140
[  103.937811][ T5340]  ? clear_bhb_loop+0x40/0x90
[  103.940281][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.942996][ T5340] RIP: 0033:0x7f6696b9cdd9
[  103.945149][ T5340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.954171][ T5340] RSP: 002b:00007f66979ccfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  103.958035][ T5340] RAX: ffffffffffffffda RBX: 00007f6696e15fa0 RCX: 00007f6696b9cdd9
[  103.962060][ T5340] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000007
[  103.965801][ T5340] RBP: 00007f6696c32d69 R08: 0000000000000000 R09: 0000000000000000
[  103.969596][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  103.973172][ T5340] R13: 00007f6696e16038 R14: 00007f6696e15fa0 R15: 00007ffe7156e1b8
[  103.976767][ T5340]  </TASK>
[  103.978113][ T5340] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  103.981164][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  103.984745][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.989077][ T5340] Call Trace:
[  103.990753][ T5340]  <TASK>
[  103.992147][ T5340]  vpanic+0x56c/0xa60
[  103.993865][ T5340]  ? __pfx__printk+0x10/0x10
[  103.995897][ T5340]  ? __pfx_vpanic+0x10/0x10
[  103.997910][ T5340]  ? is_bpf_text_address+0x292/0x2b0
[  104.000658][ T5340]  ? is_bpf_text_address+0x26/0x2b0
[  104.003176][ T5340]  panic+0xc5/0xd0
[  104.004947][ T5340]  ? __pfx_panic+0x10/0x10
[  104.007029][ T5340]  __warn+0x315/0x4c0
[  104.008959][ T5340]  ? mark_buffer_dirty+0x299/0x410
[  104.011296][ T5340]  ? mark_buffer_dirty+0x299/0x410
[  104.013790][ T5340]  __report_bug+0x29a/0x540
[  104.016062][ T5340]  ? mark_buffer_dirty+0x299/0x410
[  104.018632][ T5340]  ? __pfx___report_bug+0x10/0x10
[  104.020879][ T5340]  ? lockdep_hardirqs_on+0x7a/0x110
[  104.023281][ T5340]  ? irqentry_exit+0x218/0x730
[  104.025415][ T5340]  ? trace_irq_disable+0x3b/0x140
[  104.027669][ T5340]  ? mark_buffer_dirty+0x29b/0x410
[  104.029970][ T5340]  ? mark_buffer_dirty+0x299/0x410
[  104.032236][ T5340]  report_bug+0x16a/0x220
[  104.034004][ T5340]  ? mark_buffer_dirty+0x299/0x410
[  104.036161][ T5340]  ? mark_buffer_dirty+0x29b/0x410
[  104.038373][ T5340]  handle_bug+0x9c/0x200
[  104.040151][ T5340]  exc_invalid_op+0x1a/0x50
[  104.042027][ T5340]  asm_exc_invalid_op+0x1a/0x20
[  104.044055][ T5340] RIP: 0010:mark_buffer_dirty+0x299/0x410
[  104.046546][ T5340] Code: 4c 89 f7 e8 69 5e da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 94 63 fb ff e8 0f 95 6d ff eb 8c e8 08 95 6d ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 fa 94 6d ff 90 0f 0b 90 e9 cf fd ff ff
[  104.054535][ T5340] RSP: 0018:ffffc9000e437608 EFLAGS: 00010283
[  104.057308][ T5340] RAX: ffffffff82584be8 RBX: ffff88803257f9f8 RCX: 0000000000100000
[  104.060872][ T5340] RDX: ffffc9000ecaa000 RSI: 000000000000148b RDI: 000000000000148c
[  104.064367][ T5340] RBP: ffff888012b6c001 R08: ffff88803257f9ff R09: 1ffff110064aff3f
[  104.068023][ T5340] R10: dffffc0000000000 R11: ffffed10064aff40 R12: ffff888050bd9600
[  104.071572][ T5340] R13: ffff8880478b73a0 R14: ffff88803257f9f8 R15: 000000000000000a
[  104.075098][ T5340]  ? mark_buffer_dirty+0x298/0x410
[  104.077360][ T5340]  ? mark_buffer_dirty+0x298/0x410
[  104.079532][ T5340]  bfs_get_block+0x5da/0xae0
[  104.081463][ T5340]  __block_write_begin_int+0x6c6/0x1910
[  104.083757][ T5340]  ? __pfx_bfs_get_block+0x10/0x10
[  104.085611][ T5340]  ? __pfx___block_write_begin_int+0x10/0x10
[  104.087859][ T5340]  ? __pfx_bfs_get_block+0x10/0x10
[  104.089814][ T5340]  block_write_begin+0x8d/0x120
[  104.091853][ T5340]  ? bfs_write_begin+0x1e/0xd0
[  104.093853][ T5340]  bfs_write_begin+0x35/0xd0
[  104.095855][ T5340]  generic_perform_write+0x2e2/0x8f0
[  104.098294][ T5340]  ? __pfx_generic_perform_write+0x10/0x10
[  104.100844][ T5340]  ? file_update_time_flags+0x219/0x4a0
[  104.103249][ T5340]  ? __generic_file_write_iter+0xf9/0x230
[  104.105670][ T5340]  ? generic_file_write_iter+0x136/0x680
[  104.108053][ T5340]  generic_file_write_iter+0x14a/0x680
[  104.110559][ T5340]  ? __pfx_generic_file_write_iter+0x10/0x10
[  104.113324][ T5340]  ? irqentry_exit+0x218/0x730
[  104.115498][ T5340]  ? lockdep_hardirqs_on+0x7a/0x110
[  104.117833][ T5340]  ? irqentry_exit+0x218/0x730
[  104.120046][ T5340]  ? trace_irq_disable+0x3b/0x140
[  104.122213][ T5340]  ? vfs_write+0x227/0xb90
[  104.124331][ T5340]  vfs_write+0x61d/0xb90
[  104.126235][ T5340]  ? __pfx_vfs_write+0x10/0x10
[  104.128434][ T5340]  ? __fget_files+0x2a/0x420
[  104.130573][ T5340]  ksys_write+0x150/0x270
[  104.132551][ T5340]  ? __pfx_ksys_write+0x10/0x10
[  104.134795][ T5340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.137581][ T5340]  do_syscall_64+0x15f/0xf80
[  104.139795][ T5340]  ? trace_irq_disable+0x3b/0x140
[  104.142090][ T5340]  ? clear_bhb_loop+0x40/0x90
[  104.144146][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.146867][ T5340] RIP: 0033:0x7f6696b9cdd9
[  104.148866][ T5340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.157627][ T5340] RSP: 002b:00007f66979ccfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.161434][ T5340] RAX: ffffffffffffffda RBX: 00007f6696e15fa0 RCX: 00007f6696b9cdd9
[  104.165140][ T5340] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000007
[  104.168914][ T5340] RBP: 00007f6696c32d69 R08: 0000000000000000 R09: 0000000000000000
[  104.172531][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.176113][ T5340] R13: 00007f6696e16038 R14: 00007f6696e15fa0 R15: 00007ffe7156e1b8
[  104.179695][ T5340]  </TASK>
[  104.181462][ T5340] Kernel Offset: disabled
[  104.183224][ T5340] Rebooting in 86400 seconds..