program:
r0 = socket$inet6(0x10, 0x2, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x40) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x37}, @dev={0xfe, 0x80, '\x00', 0x25}, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x67, &(0x7f00000002c0)={@local, @link_local, @val={@void, {0x8100, 0x6, 0x0, 0x1}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x2d, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e21, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}, {"05ea95a52ed4e9dae241eebebb8192adc21258509d44add29c"}}}}}}}, 0x0) (async)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="020000000400002ac82f0092aa00000000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
connect(r2, &(0x7f0000000140)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}}, 0x80)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76389e6a65585578f830e9000000", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
close(0x3) (async)
syz_emit_ethernet(0xae, &(0x7f00000005c0)=ANY=[@ANYBLOB="0000000000000180c200000086dd6001012000783afffe8000000000000000000000000000bbff02000000000000000000000000000186009078000000000000000008000000000aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96489269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af180200010000000004002600040000000101fe906d17efe3f3ee0d3214b90d930afe03654e391f0930458d626bc31480b2f4a82d9d1a8ae4a9b88fdb28fb0b17a5059321706b1f163fe14a09a8896778333b80cfbc512801b69a61fc539d01036d5758b18b7625cb92c87960cbb7655971414dd8f2f82217e5969f4d539a857ee01d802b1e6607eded3a48c9a8ca5e58b9c38de64340e90d44abed0bf2e6b84fb2724a7ea98e8b7cac122fd75d661b17e63eaae60fd9b7573715faeb588abeb5873fcfc9bf39ae2be8b6caf8b7d355ffb0c11cbad0c318c6deaa8cd4b3a75a306872cb1f03b90812bce8beb241fcef850afd784dd9fa9c0b970e1f2fddbf14"], 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @log={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOG_FLAGS={0x8, 0x6, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0) (async)
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f00000008c0), 0xfecc) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000100), 0xfecc) (async)
sendto$inet6(r0, &(0x7f0000000540)="4c00000012001f15b9409b849ac0f4c50383180a00a5784002e03a3ad3ffffff0000030038c88cc055c5ac27a6c5b068d0bf46d323456536005ad94a461cdbfee90400"/77, 0x4d, 0x26001050, 0x0, 0x0)

[  221.371766][ T4667] Bluetooth: hci0: command tx timeout
[  221.428731][ T5356] loop0: detected capacity change from 0 to 64
[  221.511495][ T5356] ------------[ cut here ]------------
[  221.514364][ T5356] !buffer_uptodate(bh)
[  221.514375][ T5356] WARNING: fs/buffer.c:1183 at mark_buffer_dirty+0x299/0x3f0, CPU#0: syz.0.0/5356
[  221.520559][ T5356] Modules linked in:
[  221.522451][ T5356] CPU: 0 UID: 0 PID: 5356 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  221.526470][ T5356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  221.530772][ T5356] RIP: 0010:mark_buffer_dirty+0x299/0x3f0
[  221.533284][ T5356] Code: 4c 89 f7 e8 09 d7 da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 84 7f fb ff e8 5f f9 70 ff eb 8c e8 58 f9 70 ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 4a f9 70 ff 90 0f 0b 90 e9 cf fd ff ff
[  221.541694][ T5356] RSP: 0018:ffffc9000d187608 EFLAGS: 00010293
[  221.544488][ T5356] RAX: ffffffff82538d98 RBX: ffff888047c34bc8 RCX: ffff888036404980
[  221.547780][ T5356] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  221.551003][ T5356] RBP: ffff88801fd9a001 R08: ffff888047c34bcf R09: 1ffff11008f86979
[  221.554221][ T5356] R10: dffffc0000000000 R11: ffffed1008f8697a R12: ffff888055439400
[  221.557349][ T5356] R13: ffff888047c33cb0 R14: ffff888047c34bc8 R15: 000000000000000a
[  221.560523][ T5356] FS:  00007f2b1a0f36c0(0000) GS:ffff88808ccea000(0000) knlGS:0000000000000000
[  221.564187][ T5356] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.567225][ T5356] CR2: 00007fdde718dd30 CR3: 0000000011e42000 CR4: 0000000000352ef0
[  221.570756][ T5356] Call Trace:
[  221.572184][ T5356]  <TASK>
[  221.573495][ T5356]  bfs_get_block+0x5da/0xae0
[  221.575635][ T5356]  __block_write_begin_int+0x6c6/0x1910
[  221.578098][ T5356]  ? __pfx_bfs_get_block+0x10/0x10
[  221.580561][ T5356]  ? __pfx___block_write_begin_int+0x10/0x10
[  221.583192][ T5356]  ? __pfx_bfs_get_block+0x10/0x10
[  221.585475][ T5356]  block_write_begin+0x8d/0x120
[  221.587576][ T5356]  ? bfs_write_begin+0x1e/0xd0
[  221.590426][ T5356]  bfs_write_begin+0x35/0xd0
[  221.592620][ T5356]  generic_perform_write+0x2e2/0x8f0
[  221.595036][ T5356]  ? __pfx_generic_perform_write+0x10/0x10
[  221.597646][ T5356]  ? file_update_time_flags+0x2cb/0x4d0
[  221.600282][ T5356]  ? __generic_file_write_iter+0xf9/0x230
[  221.602764][ T5356]  ? generic_file_write_iter+0x136/0x680
[  221.605294][ T5356]  generic_file_write_iter+0x14a/0x680
[  221.607758][ T5356]  ? add_lock_to_list+0xc7/0x100
[  221.609829][ T5356]  ? __pfx_generic_file_write_iter+0x10/0x10
[  221.612498][ T5356]  ? lockdep_unlock+0x5d/0xd0
[  221.614650][ T5356]  ? __lock_acquire+0x146e/0x2cf0
[  221.616974][ T5356]  ? __pfx_aa_file_perm+0x10/0x10
[  221.619638][ T5356]  ? vfs_write+0x227/0xb90
[  221.621720][ T5356]  ? vfs_write+0x227/0xb90
[  221.623692][ T5356]  vfs_write+0x61d/0xb90
[  221.625685][ T5356]  ? __pfx_vfs_write+0x10/0x10
[  221.627952][ T5356]  ? __fget_files+0x2a/0x420
[  221.630179][ T5356]  ksys_write+0x150/0x270
[  221.632499][ T5356]  ? __pfx_ksys_write+0x10/0x10
[  221.635362][ T5356]  do_syscall_64+0xe2/0xf80
[  221.637946][ T5356]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.641015][ T5356]  ? trace_irq_disable+0x37/0x100
[  221.643280][ T5356]  ? clear_bhb_loop+0x60/0xb0
[  221.645395][ T5356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.647936][ T5356] RIP: 0033:0x7f2b1919aeb9
[  221.649763][ T5356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  221.658046][ T5356] RSP: 002b:00007f2b1a0f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  221.661712][ T5356] RAX: ffffffffffffffda RBX: 00007f2b19415fa0 RCX: 00007f2b1919aeb9
[  221.665106][ T5356] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000008
[  221.668417][ T5356] RBP: 00007f2b19208c1f R08: 0000000000000000 R09: 0000000000000000
[  221.671918][ T5356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  221.675450][ T5356] R13: 00007f2b19416038 R14: 00007f2b19415fa0 R15: 00007ffd99754c68
[  221.678789][ T5356]  </TASK>
[  221.680404][ T5356] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  221.683624][ T5356] CPU: 0 UID: 0 PID: 5356 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  221.687600][ T5356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  221.691931][ T5356] Call Trace:
[  221.693461][ T5356]  <TASK>
[  221.694864][ T5356]  vpanic+0x1e0/0x670
[  221.696684][ T5356]  panic+0xc5/0xd0
[  221.698250][ T5356]  ? __pfx_panic+0x10/0x10
[  221.700147][ T5356]  __warn+0x315/0x4a0
[  221.701787][ T5356]  ? mark_buffer_dirty+0x299/0x3f0
[  221.703928][ T5356]  ? mark_buffer_dirty+0x299/0x3f0
[  221.706183][ T5356]  __report_bug+0x29a/0x540
[  221.708200][ T5356]  ? filemap_get_entry+0xca/0x320
[  221.710440][ T5356]  ? mark_buffer_dirty+0x299/0x3f0
[  221.712701][ T5356]  ? __pfx___report_bug+0x10/0x10
[  221.714759][ T5356]  ? __pfx_folio_mark_accessed+0x10/0x10
[  221.717100][ T5356]  ? mark_buffer_dirty+0x299/0x3f0
[  221.719342][ T5356]  report_bug+0x16a/0x220
[  221.721345][ T5356]  ? mark_buffer_dirty+0x299/0x3f0
[  221.723604][ T5356]  ? mark_buffer_dirty+0x29b/0x3f0
[  221.726017][ T5356]  handle_bug+0x98/0x200
[  221.727875][ T5356]  exc_invalid_op+0x1a/0x50
[  221.729843][ T5356]  asm_exc_invalid_op+0x1a/0x20
[  221.732000][ T5356] RIP: 0010:mark_buffer_dirty+0x299/0x3f0
[  221.734414][ T5356] Code: 4c 89 f7 e8 09 d7 da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 84 7f fb ff e8 5f f9 70 ff eb 8c e8 58 f9 70 ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 4a f9 70 ff 90 0f 0b 90 e9 cf fd ff ff
[  221.742465][ T5356] RSP: 0018:ffffc9000d187608 EFLAGS: 00010293
[  221.745131][ T5356] RAX: ffffffff82538d98 RBX: ffff888047c34bc8 RCX: ffff888036404980
[  221.748439][ T5356] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  221.751849][ T5356] RBP: ffff88801fd9a001 R08: ffff888047c34bcf R09: 1ffff11008f86979
[  221.755289][ T5356] R10: dffffc0000000000 R11: ffffed1008f8697a R12: ffff888055439400
[  221.758624][ T5356] R13: ffff888047c33cb0 R14: ffff888047c34bc8 R15: 000000000000000a
[  221.761938][ T5356]  ? mark_buffer_dirty+0x298/0x3f0
[  221.764872][ T5356]  ? mark_buffer_dirty+0x298/0x3f0
[  221.767028][ T5356]  bfs_get_block+0x5da/0xae0
[  221.768991][ T5356]  __block_write_begin_int+0x6c6/0x1910
[  221.771382][ T5356]  ? __pfx_bfs_get_block+0x10/0x10
[  221.773607][ T5356]  ? __pfx___block_write_begin_int+0x10/0x10
[  221.776291][ T5356]  ? __pfx_bfs_get_block+0x10/0x10
[  221.778585][ T5356]  block_write_begin+0x8d/0x120
[  221.780711][ T5356]  ? bfs_write_begin+0x1e/0xd0
[  221.782762][ T5356]  bfs_write_begin+0x35/0xd0
[  221.784864][ T5356]  generic_perform_write+0x2e2/0x8f0
[  221.787245][ T5356]  ? __pfx_generic_perform_write+0x10/0x10
[  221.789812][ T5356]  ? file_update_time_flags+0x2cb/0x4d0
[  221.792110][ T5356]  ? __generic_file_write_iter+0xf9/0x230
[  221.794808][ T5356]  ? generic_file_write_iter+0x136/0x680
[  221.797889][ T5356]  generic_file_write_iter+0x14a/0x680
[  221.800302][ T5356]  ? add_lock_to_list+0xc7/0x100
[  221.802347][ T5356]  ? __pfx_generic_file_write_iter+0x10/0x10
[  221.804748][ T5356]  ? lockdep_unlock+0x5d/0xd0
[  221.806856][ T5356]  ? __lock_acquire+0x146e/0x2cf0
[  221.808963][ T5356]  ? __pfx_aa_file_perm+0x10/0x10
[  221.811137][ T5356]  ? vfs_write+0x227/0xb90
[  221.813056][ T5356]  ? vfs_write+0x227/0xb90
[  221.815328][ T5356]  vfs_write+0x61d/0xb90
[  221.817147][ T5356]  ? __pfx_vfs_write+0x10/0x10
[  221.819210][ T5356]  ? __fget_files+0x2a/0x420
[  221.821276][ T5356]  ksys_write+0x150/0x270
[  221.823206][ T5356]  ? __pfx_ksys_write+0x10/0x10
[  221.825346][ T5356]  do_syscall_64+0xe2/0xf80
[  221.827253][ T5356]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.829818][ T5356]  ? trace_irq_disable+0x37/0x100
[  221.832059][ T5356]  ? clear_bhb_loop+0x60/0xb0
[  221.834213][ T5356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.836730][ T5356] RIP: 0033:0x7f2b1919aeb9
[  221.838630][ T5356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  221.846647][ T5356] RSP: 002b:00007f2b1a0f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  221.850145][ T5356] RAX: ffffffffffffffda RBX: 00007f2b19415fa0 RCX: 00007f2b1919aeb9
[  221.853604][ T5356] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000008
[  221.857051][ T5356] RBP: 00007f2b19208c1f R08: 0000000000000000 R09: 0000000000000000
[  221.860454][ T5356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  221.863615][ T5356] R13: 00007f2b19416038 R14: 00007f2b19415fa0 R15: 00007ffd99754c68
[  221.866988][ T5356]  </TASK>
[  221.868700][ T5356] Kernel Offset: disabled
[  221.870616][ T5356] Rebooting in 86400 seconds..