program: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1410266c0652190000003e0007012bbd70000000"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x4040) (async) syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) (async) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000200)=ANY=[@ANYBLOB="5000000008021100000108021100000050505050505000000000000000000000000001000006020202020202010130030106"], 0x5a) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x94) r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) (async) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="5000000002060108000034e4000000000000000805000400000000000900020073797a3100000000050005000200000016000300686173683a6e65742c706f72742c6e65740000000500010007"], 0x50}, 0x1, 0x0, 0x0, 0x20044000}, 0x8042) (async) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="74000000090603000000000000000000050000400900020073797a310000000005000100070000004c000780060004404e21000005000700ff0000000c00018008000140e00040000c00148008000140ffff0011fbff04404e21000018001680140002daa00000000001"], 0x74}, 0x1, 0x0, 0x0, 0x11}, 0x80) (async) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async) r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$llc_int(r7, 0x10c, 0x3, &(0x7f0000000380)=0x7fff, 0x4) (async) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) syz_init_net_socket$x25(0x9, 0x5, 0x0) (async) ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r8], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000040)}) (async) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="05000000000000000000060000000800030027f80d2c45ac9f0c1781ab5b774948c63c2cb2e18a8c6602b7153add7d784725be83571829d51180ab9c953a0f4d8b0cf6967ced19c177b21917eae6ede548692844bf4a48471c976e6f758ef0d172a4c38ebf34d5da", @ANYRES32=r9, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) (async) futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199) (async) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x2c, r3, 0x400, 0x1040, 0x0, {{}, {@val={0x8, 0x3, r9}, @val={0x0, 0x99, {0x0, 0x46}}}}, [@NL80211_ATTR_VHT_CAPABILITY_MASK={0xffffffffffffffce, 0xb0, {0x2, {0x68c5, 0x7, 0x3, 0x2}}}]}, 0x2c}}, 0x48081) [ 118.460023][ T44] Bluetooth: hci0: command tx timeout [ 118.591451][ T5334] loop0: detected capacity change from 0 to 64 [ 118.694648][ T5334] ------------[ cut here ]------------ [ 118.697678][ T5334] !buffer_uptodate(bh) [ 118.697693][ T5334] WARNING: fs/buffer.c:1080 at mark_buffer_dirty+0x299/0x410, CPU#0: syz.0.0/5334 [ 118.704868][ T5334] Modules linked in: [ 118.707621][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 118.712111][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 118.716616][ T5334] RIP: 0010:mark_buffer_dirty+0x299/0x410 [ 118.719080][ T5334] Code: 4c 89 f7 e8 49 91 da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 b4 62 fb ff e8 0f c8 6e ff eb 8c e8 08 c8 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 fa c7 6e ff 90 0f 0b 90 e9 cf fd ff ff [ 118.729615][ T5334] RSP: 0018:ffffc9000e58f608 EFLAGS: 00010293 [ 118.732741][ T5334] RAX: ffffffff8256c038 RBX: ffff888046eb5828 RCX: ffff88803cd9ca00 [ 118.736441][ T5334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 118.740033][ T5334] RBP: ffff88804136a001 R08: ffff888046eb582f R09: 1ffff11008dd6b05 [ 118.743990][ T5334] R10: dffffc0000000000 R11: ffffed1008dd6b06 R12: ffff888055848000 [ 118.747687][ T5334] R13: ffff888046ecbbc8 R14: ffff888046eb5828 R15: 0000000000000010 [ 118.751229][ T5334] FS: 00007f72185296c0(0000) GS:ffff88808c838000(0000) knlGS:0000000000000000 [ 118.755259][ T5334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.758449][ T5334] CR2: 00007f72176b9990 CR3: 0000000044656000 CR4: 0000000000352ef0 [ 118.763422][ T5334] Call Trace: [ 118.765075][ T5334] [ 118.766795][ T5334] bfs_get_block+0x5da/0xae0 [ 118.768890][ T5334] __block_write_begin_int+0x6c6/0x1910 [ 118.771316][ T5334] ? __pfx_bfs_get_block+0x10/0x10 [ 118.773691][ T5334] ? __pfx___block_write_begin_int+0x10/0x10 [ 118.776874][ T5334] ? __pfx_bfs_get_block+0x10/0x10 [ 118.779621][ T5334] block_write_begin+0x8d/0x120 [ 118.782329][ T5334] ? bfs_write_begin+0x1e/0xd0 [ 118.784830][ T5334] bfs_write_begin+0x35/0xd0 [ 118.786909][ T5334] generic_perform_write+0x2e2/0x8f0 [ 118.789585][ T5334] ? __pfx_generic_perform_write+0x10/0x10 [ 118.792337][ T5334] ? file_update_time_flags+0x219/0x4a0 [ 118.794992][ T5334] ? __generic_file_write_iter+0xf9/0x230 [ 118.798061][ T5334] ? generic_file_write_iter+0x136/0x680 [ 118.800983][ T5334] generic_file_write_iter+0x14a/0x680 [ 118.803560][ T5334] ? add_lock_to_list+0xc7/0x100 [ 118.805770][ T5334] ? __pfx_generic_file_write_iter+0x10/0x10 [ 118.808497][ T5334] ? lockdep_unlock+0x5d/0xd0 [ 118.810583][ T5334] ? __lock_acquire+0x146e/0x2cf0 [ 118.813406][ T5334] ? __pfx_aa_file_perm+0x10/0x10 [ 118.816732][ T5334] ? vfs_write+0x227/0xb90 [ 118.819144][ T5334] ? vfs_write+0x227/0xb90 [ 118.821251][ T5334] vfs_write+0x61d/0xb90 [ 118.823099][ T5334] ? __pfx_vfs_write+0x10/0x10 [ 118.825794][ T5334] ? __fget_files+0x2a/0x420 [ 118.828309][ T5334] ksys_write+0x150/0x270 [ 118.830322][ T5334] ? __pfx_ksys_write+0x10/0x10 [ 118.832617][ T5334] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.835879][ T5334] do_syscall_64+0x15f/0xf80 [ 118.838771][ T5334] ? trace_irq_disable+0x3b/0x140 [ 118.841470][ T5334] ? clear_bhb_loop+0x40/0x90 [ 118.843576][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.846174][ T5334] RIP: 0033:0x7f721759c819 [ 118.848596][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 118.856640][ T5334] RSP: 002b:00007f7218528fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 118.860399][ T5334] RAX: ffffffffffffffda RBX: 00007f7217815fa0 RCX: 00007f721759c819 [ 118.865652][ T5334] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000004 [ 118.869255][ T5334] RBP: 00007f7217632c91 R08: 0000000000000000 R09: 0000000000000000 [ 118.872517][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.876042][ T5334] R13: 00007f7217816038 R14: 00007f7217815fa0 R15: 00007ffd09b7e698 [ 118.880348][ T5334] [ 118.882057][ T5334] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 118.885776][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 118.889923][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 118.894502][ T5334] Call Trace: [ 118.896515][ T5334] [ 118.898342][ T5334] vpanic+0x56c/0xa60 [ 118.901003][ T5334] ? __pfx__printk+0x10/0x10 [ 118.903142][ T5334] ? __pfx_vpanic+0x10/0x10 [ 118.905221][ T5334] ? is_bpf_text_address+0x292/0x2b0 [ 118.907671][ T5334] ? is_bpf_text_address+0x26/0x2b0 [ 118.910142][ T5334] panic+0xc5/0xd0 [ 118.911909][ T5334] ? __pfx_panic+0x10/0x10 [ 118.913940][ T5334] __warn+0x315/0x4c0 [ 118.915897][ T5334] ? mark_buffer_dirty+0x299/0x410 [ 118.918301][ T5334] ? mark_buffer_dirty+0x299/0x410 [ 118.920609][ T5334] __report_bug+0x29a/0x540 [ 118.922712][ T5334] ? filemap_get_entry+0xcd/0x3f0 [ 118.924706][ T5334] ? filemap_get_entry+0xcd/0x3f0 [ 118.926727][ T5334] ? mark_buffer_dirty+0x299/0x410 [ 118.928994][ T5334] ? __pfx___report_bug+0x10/0x10 [ 118.931837][ T5334] ? __pfx_folio_mark_accessed+0x10/0x10 [ 118.934853][ T5334] ? trace_kmem_cache_alloc+0x29/0xe0 [ 118.937500][ T5334] ? mark_buffer_dirty+0x299/0x410 [ 118.939912][ T5334] report_bug+0x16a/0x220 [ 118.941850][ T5334] ? mark_buffer_dirty+0x299/0x410 [ 118.944194][ T5334] ? mark_buffer_dirty+0x29b/0x410 [ 118.946907][ T5334] handle_bug+0x9c/0x200 [ 118.949047][ T5334] exc_invalid_op+0x1a/0x50 [ 118.951333][ T5334] asm_exc_invalid_op+0x1a/0x20 [ 118.953320][ T5334] RIP: 0010:mark_buffer_dirty+0x299/0x410 [ 118.955575][ T5334] Code: 4c 89 f7 e8 49 91 da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 b4 62 fb ff e8 0f c8 6e ff eb 8c e8 08 c8 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 fa c7 6e ff 90 0f 0b 90 e9 cf fd ff ff [ 118.964132][ T5334] RSP: 0018:ffffc9000e58f608 EFLAGS: 00010293 [ 118.967479][ T5334] RAX: ffffffff8256c038 RBX: ffff888046eb5828 RCX: ffff88803cd9ca00 [ 118.971626][ T5334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 118.975261][ T5334] RBP: ffff88804136a001 R08: ffff888046eb582f R09: 1ffff11008dd6b05 [ 118.978828][ T5334] R10: dffffc0000000000 R11: ffffed1008dd6b06 R12: ffff888055848000 [ 118.982244][ T5334] R13: ffff888046ecbbc8 R14: ffff888046eb5828 R15: 0000000000000010 [ 118.985644][ T5334] ? mark_buffer_dirty+0x298/0x410 [ 118.987799][ T5334] ? mark_buffer_dirty+0x298/0x410 [ 118.990324][ T5334] bfs_get_block+0x5da/0xae0 [ 118.992813][ T5334] __block_write_begin_int+0x6c6/0x1910 [ 118.995289][ T5334] ? __pfx_bfs_get_block+0x10/0x10 [ 118.997434][ T5334] ? __pfx___block_write_begin_int+0x10/0x10 [ 118.999973][ T5334] ? __pfx_bfs_get_block+0x10/0x10 [ 119.002445][ T5334] block_write_begin+0x8d/0x120 [ 119.004884][ T5334] ? bfs_write_begin+0x1e/0xd0 [ 119.007699][ T5334] bfs_write_begin+0x35/0xd0 [ 119.010126][ T5334] generic_perform_write+0x2e2/0x8f0 [ 119.012232][ T5334] ? __pfx_generic_perform_write+0x10/0x10 [ 119.014643][ T5334] ? file_update_time_flags+0x219/0x4a0 [ 119.016967][ T5334] ? __generic_file_write_iter+0xf9/0x230 [ 119.019277][ T5334] ? generic_file_write_iter+0x136/0x680 [ 119.021675][ T5334] generic_file_write_iter+0x14a/0x680 [ 119.024175][ T5334] ? add_lock_to_list+0xc7/0x100 [ 119.027115][ T5334] ? __pfx_generic_file_write_iter+0x10/0x10 [ 119.031513][ T5334] ? lockdep_unlock+0x5d/0xd0 [ 119.033841][ T5334] ? __lock_acquire+0x146e/0x2cf0 [ 119.036152][ T5334] ? __pfx_aa_file_perm+0x10/0x10 [ 119.038507][ T5334] ? vfs_write+0x227/0xb90 [ 119.040348][ T5334] ? vfs_write+0x227/0xb90 [ 119.042306][ T5334] vfs_write+0x61d/0xb90 [ 119.044348][ T5334] ? __pfx_vfs_write+0x10/0x10 [ 119.046349][ T5334] ? __fget_files+0x2a/0x420 [ 119.048466][ T5334] ksys_write+0x150/0x270 [ 119.050714][ T5334] ? __pfx_ksys_write+0x10/0x10 [ 119.053787][ T5334] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.056951][ T5334] do_syscall_64+0x15f/0xf80 [ 119.059017][ T5334] ? trace_irq_disable+0x3b/0x140 [ 119.061246][ T5334] ? clear_bhb_loop+0x40/0x90 [ 119.063404][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.066248][ T5334] RIP: 0033:0x7f721759c819 [ 119.068611][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 119.077679][ T5334] RSP: 002b:00007f7218528fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 119.081464][ T5334] RAX: ffffffffffffffda RBX: 00007f7217815fa0 RCX: 00007f721759c819 [ 119.084945][ T5334] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000004 [ 119.088948][ T5334] RBP: 00007f7217632c91 R08: 0000000000000000 R09: 0000000000000000 [ 119.092573][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.096011][ T5334] R13: 00007f7217816038 R14: 00007f7217815fa0 R15: 00007ffd09b7e698 [ 119.099669][ T5334] [ 119.101342][ T5334] Kernel Offset: disabled [ 119.103259][ T5334] Rebooting in 86400 seconds..