program:
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
socket$inet6(0xa, 0x1, 0x0) (async)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94) (async)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x800082, &(0x7f0000000680)=ANY=[@ANYBLOB="756d61736b3d30303030303030303030303030303030303030333537372c616c6c6f775f7574696d653d30303030303030332c000000000083ec4c0d6e84de0249d09f31ef580c3d00000000"], 0x1, 0x1b1, &(0x7f0000000240)="$eJzs3cFqE0EYB/Bv23UbxEPP4mHBi6egPkFUWiguCMoe9KRQvbQi2MvqqW/hG/gqvo7k1FskTmhoWcEetrvJ/n6XfOx/wnwzgcwpk/cPPp8cfzn79PPXj5hMsshnMYuLLPZjJ3YjOY8rstanAMDGuFgs4vci+Y/hz2+hJQCgYzc8/wGALeD8B4Dxcf4DwPi8efvu5bOqOnhdlpOI+XlTN3V6TfnhUXXwuPxrf/2uedPUu5f5k5SXV/M7cXeVP23Ni3j0MOXL7MWrKuV5GtHUe3Hc1vAs62AXAAAAAAAAAAAAAAAAAAAAAADgdk3LS633+0ynxT/yVB0eFatn1+/3yeN+3jJh0ckyAAAAAAAAAAAAAAAAAAAAYKOdfft+8uH09OPX4RbzYbQxtOJe55/g3mqGvle67cVynwfQxrWixy8lAAAAAAAAAAAAAAAAAAAYqfWPfvvuBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6s/7//+6K5Tw7fS8UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBR+xMAAP//+cFD/w==")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) (async)
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x2a) (async)
mount(&(0x7f0000000240)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) (async)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) (async)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x8, 0x399})
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) (async)
ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000000)={0xa000000000000000, 0x10000, 0xe6, 0x2, 0xd}) (async)
io_uring_enter(r1, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)

[   86.697812][   T45] Bluetooth: hci0: command tx timeout
[   86.858522][ T5323] loop0: detected capacity change from 0 to 256
[   86.957843][ T1101] I/O error, dev loop0, sector 20 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2
[   86.962517][ T1101] Buffer I/O error on dev loop0, logical block 5, lost sync page write
[   86.967791][ T5324] loop0: detected capacity change from 256 to 0
[   86.977312][ T5327] ------------[ cut here ]------------
[   86.980592][ T5327] !buffer_uptodate(bh)
[   86.980606][ T5327] WARNING: fs/buffer.c:1180 at mark_buffer_dirty+0x299/0x440, CPU#0: syz.0.0/5327
[   86.987051][ T5327] Modules linked in:
[   86.988943][ T5327] CPU: 0 UID: 0 PID: 5327 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.993799][ T5327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.999424][ T5327] RIP: 0010:mark_buffer_dirty+0x299/0x440
[   87.002112][ T5327] Code: 4c 89 f7 e8 79 fd d9 ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 60 fb ff e8 9f 34 6e ff eb 8c e8 98 34 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 8a 34 6e ff 90 0f 0b 90 e9 cf fd ff ff
[   87.010937][ T5327] RSP: 0018:ffffc9000f7cf890 EFLAGS: 00010293
[   87.013979][ T5327] RAX: ffffffff825778b8 RBX: ffff8880476b0910 RCX: ffff88801f38c980
[   87.018173][ T5327] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[   87.021837][ T5327] RBP: ffff88801cc2d901 R08: ffff8880476b0917 R09: 1ffff11008ed6122
[   87.025534][ T5327] R10: dffffc0000000000 R11: ffffed1008ed6123 R12: dffffc0000000000
[   87.029161][ T5327] R13: ffff888047777b58 R14: ffffea0001565318 R15: 0000000000000000
[   87.033838][ T5327] FS:  00007fc295e246c0(0000) GS:ffff88808ca58000(0000) knlGS:0000000000000000
[   87.038249][ T5327] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.041233][ T5327] CR2: 00007f3cc1b97708 CR3: 0000000011ad1000 CR4: 0000000000352ef0
[   87.045284][ T5327] Call Trace:
[   87.047020][ T5327]  <TASK>
[   87.048647][ T5327]  mark_buffer_dirty_inode+0x86/0x2f0
[   87.051730][ T5327]  fat_remove_entries+0x181/0x400
[   87.054896][ T5327]  msdos_rename+0xf4e/0x1370
[   87.057532][ T5327]  ? __pfx_msdos_rename+0x10/0x10
[   87.059489][ T5327]  ? down_write_nested+0x174/0x210
[   87.061692][ T5327]  ? __pfx_down_write_nested+0x10/0x10
[   87.064535][ T5327]  ? do_raw_spin_unlock+0x4d/0x210
[   87.066878][ T5327]  ? try_break_deleg+0x5b/0x180
[   87.069413][ T5327]  ? __pfx_msdos_rename+0x10/0x10
[   87.071715][ T5327]  vfs_rename+0xa96/0xeb0
[   87.074106][ T5327]  ? __pfx_vfs_rename+0x10/0x10
[   87.077219][ T5327]  ? do_raw_spin_unlock+0x4d/0x210
[   87.079812][ T5327]  ? bpf_lsm_path_rename+0x9/0x20
[   87.082015][ T5327]  ? security_path_rename+0x17d/0x460
[   87.084691][ T5327]  filename_renameat2+0x539/0x9c0
[   87.087235][ T5327]  ? __pfx_filename_renameat2+0x10/0x10
[   87.089958][ T5327]  ? getname_long+0xbc/0x130
[   87.092295][ T5327]  ? do_getname+0x151/0x250
[   87.094868][ T5327]  __se_sys_rename+0x55/0x2c0
[   87.097711][ T5327]  do_syscall_64+0x14d/0xf80
[   87.100274][ T5327]  ? trace_irq_disable+0x3b/0x150
[   87.102687][ T5327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.105815][ T5327]  ? clear_bhb_loop+0x40/0x90
[   87.108153][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.111228][ T5327] RIP: 0033:0x7fc294f9c799
[   87.113525][ T5327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.122873][ T5327] RSP: 002b:00007fc295e23fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   87.127617][ T5327] RAX: ffffffffffffffda RBX: 00007fc295216180 RCX: 00007fc294f9c799
[   87.131326][ T5327] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000200000000000
[   87.135292][ T5327] RBP: 00007fc295032c99 R08: 0000000000000000 R09: 0000000000000000
[   87.139526][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.143298][ T5327] R13: 00007fc295216218 R14: 00007fc295216180 R15: 00007fff56f8db98
[   87.146634][ T5327]  </TASK>
[   87.147966][ T5327] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   87.151643][ T5327] CPU: 0 UID: 0 PID: 5327 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.156128][ T5327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.161188][ T5327] Call Trace:
[   87.162688][ T5327]  <TASK>
[   87.164120][ T5327]  vpanic+0x56c/0xa60
[   87.166000][ T5327]  ? __pfx__printk+0x10/0x10
[   87.168502][ T5327]  ? __pfx_vpanic+0x10/0x10
[   87.171551][ T5327]  ? is_bpf_text_address+0x292/0x2b0
[   87.174987][ T5327]  ? is_bpf_text_address+0x26/0x2b0
[   87.177490][ T5327]  panic+0xc5/0xd0
[   87.179171][ T5327]  ? __pfx_panic+0x10/0x10
[   87.181094][ T5327]  __warn+0x315/0x4f0
[   87.182850][ T5327]  ? mark_buffer_dirty+0x299/0x440
[   87.185258][ T5327]  ? mark_buffer_dirty+0x299/0x440
[   87.187770][ T5327]  __report_bug+0x29a/0x540
[   87.190472][ T5327]  ? mark_buffer_dirty+0x299/0x440
[   87.193738][ T5327]  ? __pfx___report_bug+0x10/0x10
[   87.196129][ T5327]  ? out_of_line_wait_on_bit+0x13b/0x190
[   87.198622][ T5327]  ? __pfx_bit_wait_io+0x10/0x10
[   87.200622][ T5327]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[   87.203625][ T5327]  ? __pfx_wake_bit_function+0x10/0x10
[   87.206055][ T5327]  ? mark_buffer_dirty+0x299/0x440
[   87.208314][ T5327]  report_bug+0x16a/0x220
[   87.210392][ T5327]  ? mark_buffer_dirty+0x299/0x440
[   87.212977][ T5327]  ? mark_buffer_dirty+0x29b/0x440
[   87.215521][ T5327]  handle_bug+0x9c/0x200
[   87.217327][ T5327]  exc_invalid_op+0x1a/0x50
[   87.219353][ T5327]  asm_exc_invalid_op+0x1a/0x20
[   87.221421][ T5327] RIP: 0010:mark_buffer_dirty+0x299/0x440
[   87.224023][ T5327] Code: 4c 89 f7 e8 79 fd d9 ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 60 fb ff e8 9f 34 6e ff eb 8c e8 98 34 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 8a 34 6e ff 90 0f 0b 90 e9 cf fd ff ff
[   87.234285][ T5327] RSP: 0018:ffffc9000f7cf890 EFLAGS: 00010293
[   87.237319][ T5327] RAX: ffffffff825778b8 RBX: ffff8880476b0910 RCX: ffff88801f38c980
[   87.240327][ T5327] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[   87.243774][ T5327] RBP: ffff88801cc2d901 R08: ffff8880476b0917 R09: 1ffff11008ed6122
[   87.247354][ T5327] R10: dffffc0000000000 R11: ffffed1008ed6123 R12: dffffc0000000000
[   87.251471][ T5327] R13: ffff888047777b58 R14: ffffea0001565318 R15: 0000000000000000
[   87.255614][ T5327]  ? mark_buffer_dirty+0x298/0x440
[   87.258037][ T5327]  mark_buffer_dirty_inode+0x86/0x2f0
[   87.260525][ T5327]  fat_remove_entries+0x181/0x400
[   87.263132][ T5327]  msdos_rename+0xf4e/0x1370
[   87.266212][ T5327]  ? __pfx_msdos_rename+0x10/0x10
[   87.268940][ T5327]  ? down_write_nested+0x174/0x210
[   87.271055][ T5327]  ? __pfx_down_write_nested+0x10/0x10
[   87.273570][ T5327]  ? do_raw_spin_unlock+0x4d/0x210
[   87.275766][ T5327]  ? try_break_deleg+0x5b/0x180
[   87.278371][ T5327]  ? __pfx_msdos_rename+0x10/0x10
[   87.281032][ T5327]  vfs_rename+0xa96/0xeb0
[   87.283227][ T5327]  ? __pfx_vfs_rename+0x10/0x10
[   87.285542][ T5327]  ? do_raw_spin_unlock+0x4d/0x210
[   87.287745][ T5327]  ? bpf_lsm_path_rename+0x9/0x20
[   87.290007][ T5327]  ? security_path_rename+0x17d/0x460
[   87.292624][ T5327]  filename_renameat2+0x539/0x9c0
[   87.295498][ T5327]  ? __pfx_filename_renameat2+0x10/0x10
[   87.297999][ T5327]  ? getname_long+0xbc/0x130
[   87.300744][ T5327]  ? do_getname+0x151/0x250
[   87.302783][ T5327]  __se_sys_rename+0x55/0x2c0
[   87.304932][ T5327]  do_syscall_64+0x14d/0xf80
[   87.307125][ T5327]  ? trace_irq_disable+0x3b/0x150
[   87.309496][ T5327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.312235][ T5327]  ? clear_bhb_loop+0x40/0x90
[   87.314452][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.317678][ T5327] RIP: 0033:0x7fc294f9c799
[   87.320401][ T5327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.329294][ T5327] RSP: 002b:00007fc295e23fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   87.333620][ T5327] RAX: ffffffffffffffda RBX: 00007fc295216180 RCX: 00007fc294f9c799
[   87.338198][ T5327] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000200000000000
[   87.341756][ T5327] RBP: 00007fc295032c99 R08: 0000000000000000 R09: 0000000000000000
[   87.345124][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.348972][ T5327] R13: 00007fc295216218 R14: 00007fc295216180 R15: 00007fff56f8db98
[   87.352595][ T5327]  </TASK>
[   87.355090][ T5327] Kernel Offset: disabled
[   87.357739][ T5327] Rebooting in 86400 seconds..