program:
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x1c3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x441, 0x108)
fallocate(r1, 0x20, 0x0, 0x8000)
writev(r0, &(0x7f0000000580)=[{&(0x7f0000000440)="dd", 0x1}], 0x1)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@shortname_lower}, {@rodir}, {@fat=@check_strict}, {@utf8no}, {@uni_xlateno}, {@rodir}, {@shortname_lower}, {@uni_xlateno}, {@fat=@usefree}, {@shortname_lower}, {@shortname_win95}, {@uni_xlate}, {@shortname_mixed}, {@rodir}, {@fat=@dos1xfloppy}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}]}, 0x7, 0x2d4, &(0x7f0000000180)="$eJzs3b9rJFUcAPDvbGZ/qMWmsBLBAS2sjsu1NhvkDsRUHinUQoOXA8kuQgIBf+B6la2NhYV/gSD4h9j4Hwi2gp0nHDyZ2Zmd2dxissdtRO/zKZJv3rzve9/3ZkImRV4+fHl2cq+I+w+++DVGkUVvEpN4mMVu9KLxVayYfBMAwH/Zw5Tij7SwSV4WEaPtlQUAbNHVfv7nbfjTtZQFAGzR3Xffe3v/4OD2O0Uxijuzr88Py9/sy8+L6/v34+OYxnHcjHE8iqheFPpRvS2U4Z2U0jwvSrvx2mx+flhmzj74uR5///eIKn8vxrFbNS3fNqr8tw5u7xULnfx5Wcfz9fyTMv9WjOPFZfJK/q01+XE4iNdf7dR/I8bxy0fxSUzjXlVEm//lXlG8mb798/P3y/LK/Gx+fjis+rXSzjXfGgAAAAAAAAAAAAAAAAAAAAAA/sdu1GfnDKM6v6dsqs/f2XlUftGPorG7ej7PIj9rBuqeD5RSmqf4vjlf52ZRFKnu2Obn8VLePVgQAAAAAAAAAAAAAAAAAAAAnl1nn352cjSdHp8+laA5DSCPiL/uRjzpOJNOyytRB71Y23lYz3k0nfbqcLVP3m2JnaZPFtH2abajM3K5iCfdjTw2Wvtzj9VcBz/8uOnso8v79NfP9TSDZjtPjrL1eziMpmVUb9R3g4i2zyCuONfgYksaL8ZJG92CwdpL40vTm4Uux3nh5GjaX32QLgSR/VNhb/y2MmB2cRWDaleX+zyKdqP6ddCtZ/XZuNLzXI5Zfac8JnNaBwAAAAAAAAAAAAAAAAAAbFX7179rLj6oPqZsfWovDbdbGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcl/b//28QzOvk49Oz/JLOgzg9+5eXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDPg7wAAAP//SPtPig==")
mkdir(&(0x7f0000000180)='./file0\x00', 0x28)
mount(&(0x7f0000000140)=@sr0, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000800)='9p\x00', 0x0, &(0x7f0000000900)='trans=tcp,')
r2 = socket$igmp6(0xa, 0x3, 0x3a)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000180), 0xfea7)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_buf(r4, 0x29, 0xcd, &(0x7f0000004200)="81193541f29c7c74a9c5d3de1c409843b57b9ae104b85b95383e08634c9629a09ce2567cdabb0d2b91e17f32f39ad57c4395c359e5d6defa552e8edbeea26588bda7ebcb04c964232e724cf74700060c8fc1487709f2cfeb72e806eb", 0x5c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0)
getsockopt$MRT6(r2, 0x3a, 0x1, 0x0, &(0x7f0000000080))

[   85.957683][ T4666] Bluetooth: hci0: command tx timeout
[   86.155024][ T5322] loop0: detected capacity change from 0 to 1024
[   86.196695][ T5322] =======================================================
[   86.196695][ T5322] WARNING: The mand mount option has been deprecated and
[   86.196695][ T5322]          and is ignored by this kernel. Remove the mand
[   86.196695][ T5322]          option from the mount to silence this warning.
[   86.196695][ T5322] =======================================================
[   86.382791][ T5322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   86.406220][ T5322] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.430503][   T26] audit: type=1800 audit(1769374471.399:2): pid=5322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0
[   86.458167][ T5322] EXT4-fs error (device loop0): ext4_map_blocks:825: inode #15: comm syz.0.0: lblock 0 mapped to illegal pblock 0 (length 1)
[   86.478050][ T5322] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[   86.493861][   T26] audit: type=1800 audit(1769374471.419:3): pid=5322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0
[   86.516168][ T5322] EXT4-fs (loop0): This should not happen!! Data will be lost
[   86.516168][ T5322] 
[   86.529389][ T5322] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #15: comm syz.0.0: lblock 0 mapped to illegal pblock 0 (length 1)
[   86.556392][ T5333] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[   86.586847][ T5322] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #15: comm syz.0.0: lblock 0 mapped to illegal pblock 0 (length 1)
[   86.640880][ T5321] ------------[ cut here ]------------
[   86.643965][ T5321] warn && !folio_test_uptodate(folio)
[   86.643979][ T5321] WARNING: mm/page-writeback.c:2710 at __folio_mark_dirty+0x202/0xe00, CPU#0: syz.0.0/5321
[   86.652681][ T5321] Modules linked in:
[   86.667983][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.673816][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.679796][ T5321] RIP: 0010:__folio_mark_dirty+0x202/0xe00
[   86.682233][ T5321] Code: 3c 20 00 74 08 48 89 df e8 7b 29 2b 00 4c 8b 33 4c 89 f6 48 83 e6 08 31 ff e8 4a 9a c2 ff 49 83 e6 08 75 20 e8 5f 95 c2 ff 90 <0f> 0b 90 eb 1a e8 54 95 c2 ff 48 8b 2c 24 e9 56 07 00 00 e8 46 95
[   86.689942][ T5321] RSP: 0000:ffffc9000e3ff970 EFLAGS: 00010093
[   86.695882][ T5321] RAX: ffffffff82001351 RBX: ffffea00004b3c80 RCX: ffff8880352924c0
[   86.703489][ T5321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   86.709454][ T5321] RBP: ffff8880122917f8 R08: ffffea00004b3c87 R09: 1ffffd4000096790
[   86.715101][ T5321] R10: dffffc0000000000 R11: fffff94000096791 R12: dffffc0000000000
[   86.720893][ T5321] R13: ffff888012291800 R14: 0000000000000000 R15: 0000000000000001
[   86.726507][ T5321] FS:  00005555826d5500(0000) GS:ffff88808cf1b000(0000) knlGS:0000000000000000
[   86.733587][ T5321] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.737430][ T5321] CR2: 00002000000001a0 CR3: 0000000012a14000 CR4: 0000000000352ef0
[   86.743051][ T5321] Call Trace:
[   86.745299][ T5321]  <TASK>
[   86.747352][ T5321]  block_dirty_folio+0x17a/0x1d0
[   86.750811][ T5321]  fault_dirty_shared_page+0x103/0x550
[   86.754756][ T5321]  do_wp_page+0x270c/0x57b0
[   86.757832][ T5321]  ? ___pte_offset_map+0x29/0x240
[   86.760713][ T5321]  ? __pfx_do_wp_page+0x10/0x10
[   86.762969][ T5321]  ? do_raw_spin_lock+0x12b/0x2f0
[   86.765048][ T5321]  ? handle_mm_fault+0x146c/0x32a0
[   86.767180][ T5321]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   86.769454][ T5321]  handle_mm_fault+0x1520/0x32a0
[   86.772528][ T5321]  ? handle_mm_fault+0xee/0x32a0
[   86.776632][ T5321]  ? __pfx_handle_mm_fault+0x10/0x10
[   86.780340][ T5321]  ? lock_vma_under_rcu+0x45a/0x500
[   86.783538][ T5321]  ? __pfx_do_futex+0x10/0x10
[   86.785861][ T5321]  do_user_addr_fault+0xa73/0x1360
[   86.788407][ T5321]  ? rcu_is_watching+0x15/0xb0
[   86.790793][ T5321]  ? trace_page_fault_user+0x84/0x1c0
[   86.793897][ T5321]  exc_page_fault+0x6a/0xc0
[   86.797839][ T5321]  asm_exc_page_fault+0x26/0x30
[   86.800654][ T5321] RIP: 0033:0x7f167ab6b4df
[   86.802900][ T5321] Code: fe 48 8d 54 11 80 0f 1f 44 00 00 62 e1 fe 28 6f 0e 62 e1 fe 28 6f 56 01 62 e1 fe 28 6f 5e 02 62 e1 fe 28 6f 66 03 48 83 ee 80 <62> e1 fd 28 7f 0f 62 e1 fd 28 7f 57 01 62 e1 fd 28 7f 5f 02 62 e1
[   86.817942][ T5321] RSP: 002b:00007ffe228e72b8 EFLAGS: 00010207
[   86.838113][ T5321] RAX: 0000200000000180 RBX: 0000000000000004 RCX: 0000200000000180
[   86.845899][ T5321] RDX: 00002000000003d4 RSI: 00007f167a5ffa7b RDI: 00002000000001a0
[   86.866640][ T5321] RBP: fffffffffffffffe R08: 0000000000000000 R09: 000000000000000b
[   86.873914][ T5321] R10: 00000000000002d4 R11: 0000000000000001 R12: 00007ffe228e73e0
[   86.882464][ T5321] R13: 00007f167ae15fac R14: 0000000000014f8d R15: 00007ffe228e73c0
[   86.900384][ T5321]  </TASK>
[   86.901697][ T5321] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   86.923321][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.926918][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.951320][ T5321] Call Trace:
[   86.952750][ T5321]  <TASK>
[   86.954012][ T5321]  vpanic+0x1e0/0x670
[   86.956346][ T5321]  panic+0xc5/0xd0
[   86.959536][ T5321]  ? __pfx_panic+0x10/0x10
[   86.962071][ T5321]  __warn+0x315/0x4a0
[   86.964353][ T5321]  ? __folio_mark_dirty+0x202/0xe00
[   86.967560][ T5321]  ? __folio_mark_dirty+0x202/0xe00
[   86.971237][ T5321]  __report_bug+0x29a/0x540
[   86.974611][ T5321]  ? __folio_mark_dirty+0x202/0xe00
[   86.977692][ T5321]  ? __pfx___report_bug+0x10/0x10
[   86.980251][ T5321]  ? __folio_mark_dirty+0x202/0xe00
[   86.982387][ T5321]  report_bug+0x16a/0x220
[   86.984231][ T5321]  ? __folio_mark_dirty+0x202/0xe00
[   86.986660][ T5321]  ? __folio_mark_dirty+0x204/0xe00
[   86.988774][ T5321]  handle_bug+0x98/0x200
[   86.990624][ T5321]  exc_invalid_op+0x1a/0x50
[   86.992484][ T5321]  asm_exc_invalid_op+0x1a/0x20
[   86.994513][ T5321] RIP: 0010:__folio_mark_dirty+0x202/0xe00
[   86.999357][ T5321] Code: 3c 20 00 74 08 48 89 df e8 7b 29 2b 00 4c 8b 33 4c 89 f6 48 83 e6 08 31 ff e8 4a 9a c2 ff 49 83 e6 08 75 20 e8 5f 95 c2 ff 90 <0f> 0b 90 eb 1a e8 54 95 c2 ff 48 8b 2c 24 e9 56 07 00 00 e8 46 95
[   87.015299][ T5321] RSP: 0000:ffffc9000e3ff970 EFLAGS: 00010093
[   87.020842][ T5321] RAX: ffffffff82001351 RBX: ffffea00004b3c80 RCX: ffff8880352924c0
[   87.026205][ T5321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   87.030668][ T5321] RBP: ffff8880122917f8 R08: ffffea00004b3c87 R09: 1ffffd4000096790
[   87.036099][ T5321] R10: dffffc0000000000 R11: fffff94000096791 R12: dffffc0000000000
[   87.040507][ T5321] R13: ffff888012291800 R14: 0000000000000000 R15: 0000000000000001
[   87.044877][ T5321]  ? __folio_mark_dirty+0x201/0xe00
[   87.048098][ T5321]  block_dirty_folio+0x17a/0x1d0
[   87.050974][ T5321]  fault_dirty_shared_page+0x103/0x550
[   87.053472][ T5321]  do_wp_page+0x270c/0x57b0
[   87.055400][ T5321]  ? ___pte_offset_map+0x29/0x240
[   87.057491][ T5321]  ? __pfx_do_wp_page+0x10/0x10
[   87.059583][ T5321]  ? do_raw_spin_lock+0x12b/0x2f0
[   87.061613][ T5321]  ? handle_mm_fault+0x146c/0x32a0
[   87.063628][ T5321]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   87.065775][ T5321]  handle_mm_fault+0x1520/0x32a0
[   87.069420][ T5321]  ? handle_mm_fault+0xee/0x32a0
[   87.074671][ T5321]  ? __pfx_handle_mm_fault+0x10/0x10
[   87.077596][ T5321]  ? lock_vma_under_rcu+0x45a/0x500
[   87.080575][ T5321]  ? __pfx_do_futex+0x10/0x10
[   87.083242][ T5321]  do_user_addr_fault+0xa73/0x1360
[   87.086077][ T5321]  ? rcu_is_watching+0x15/0xb0
[   87.088864][ T5321]  ? trace_page_fault_user+0x84/0x1c0
[   87.092155][ T5321]  exc_page_fault+0x6a/0xc0
[   87.094766][ T5321]  asm_exc_page_fault+0x26/0x30
[   87.097948][ T5321] RIP: 0033:0x7f167ab6b4df
[   87.100455][ T5321] Code: fe 48 8d 54 11 80 0f 1f 44 00 00 62 e1 fe 28 6f 0e 62 e1 fe 28 6f 56 01 62 e1 fe 28 6f 5e 02 62 e1 fe 28 6f 66 03 48 83 ee 80 <62> e1 fd 28 7f 0f 62 e1 fd 28 7f 57 01 62 e1 fd 28 7f 5f 02 62 e1
[   87.110933][ T5321] RSP: 002b:00007ffe228e72b8 EFLAGS: 00010207
[   87.114301][ T5321] RAX: 0000200000000180 RBX: 0000000000000004 RCX: 0000200000000180
[   87.118718][ T5321] RDX: 00002000000003d4 RSI: 00007f167a5ffa7b RDI: 00002000000001a0
[   87.123190][ T5321] RBP: fffffffffffffffe R08: 0000000000000000 R09: 000000000000000b
[   87.127300][ T5321] R10: 00000000000002d4 R11: 0000000000000001 R12: 00007ffe228e73e0
[   87.131924][ T5321] R13: 00007f167ae15fac R14: 0000000000014f8d R15: 00007ffe228e73c0
[   87.136486][ T5321]  </TASK>
[   87.138632][ T5321] Kernel Offset: disabled
[   87.141144][ T5321] Rebooting in 86400 seconds..