program:
syz_mount_image$udf(&(0x7f0000000e00), &(0x7f0000000180)='./file0\x00', 0x400007, &(0x7f0000000ec0)={[{@volume={'volume', 0x3d, 0x3f}}, {@iocharset={'iocharset', 0x3d, 'cp864'}}, {@session}, {@uid_forget}, {@undelete}, {}, {@longad}, {@uid_forget}, {@utf8}]}, 0x1, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r0 = syz_open_dev$loop(&(0x7f0000000640), 0x0, 0x22400)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000680)={0x0, {}, 0x0, {}, 0x40010001, 0x1, 0x15, 0x17, "9e959f16b6787b08aa26e66c4056a51695284854c382ec6bcfeef4fb0efcc1d8a6078ed98e203fd5f0643902dd8f6fac274de9d940bba5e51e92bbd4ce85450d", "f625c1076e4c36c800def96015e0fb7e904d865c2fdc00000000000000805208", [0x3, 0x7]})
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='.\x00', 0x1e4047c, &(0x7f0000000ec0)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) (async)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) (async)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

[   69.067184][ T5305] Bluetooth: hci0: command tx timeout
[   69.141482][ T5320] loop0: detected capacity change from 0 to 2048
[   69.183573][ T5320] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   69.215068][ T5320] loop0: detected capacity change from 2048 to 0
[   69.229719][ T5322] syz.0.0: attempt to access beyond end of device
[   69.229719][ T5322] loop0: rw=2049, sector=128, nr_sectors = 1 limit=0
[   69.236580][ T5320] =======================================================
[   69.236580][ T5320] WARNING: The mand mount option has been deprecated and
[   69.236580][ T5320]          and is ignored by this kernel. Remove the mand
[   69.236580][ T5320]          option from the mount to silence this warning.
[   69.236580][ T5320] =======================================================
[   69.250781][ T5322] Buffer I/O error on dev loop0, logical block 128, lost sync page write
[   69.254445][ T5320] ------------[ cut here ]------------
[   69.256460][ T5320] WARNING: CPU: 0 PID: 5320 at fs/buffer.c:1173 mark_buffer_dirty+0x2c6/0x440
[   69.259454][ T5320] Modules linked in:
[   69.260794][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[   69.264210][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.268146][ T5320] RIP: 0010:mark_buffer_dirty+0x2c6/0x440
[   69.270434][ T5320] Code: 4c 89 f7 e8 7c 54 dc ff 49 8b 3e be 20 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 97 de fb ff e8 b2 eb 75 ff eb 8b e8 ab eb 75 ff 90 <0f> 0b 90 e9 82 fd ff ff e8 9d eb 75 ff 90 0f 0b 90 e9 a9 fd ff ff
[   69.277860][ T5320] RSP: 0018:ffffc900019cfbb0 EFLAGS: 00010293
[   69.280258][ T5320] RAX: ffffffff82298845 RBX: 0000000000000001 RCX: ffff88801f298000
[   69.283166][ T5320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.286667][ T5320] RBP: 0000000000000000 R08: ffffffff822985c3 R09: 1ffff110086fa057
[   69.289624][ T5320] R10: dffffc0000000000 R11: ffffed10086fa058 R12: dffffc0000000000
[   69.292717][ T5320] R13: ffff888040bbb004 R14: ffff8880437d02b8 R15: ffff8880437d02b8
[   69.295797][ T5320] FS:  00007f14f686e6c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   69.298945][ T5320] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.301209][ T5320] CR2: 00007f14f682bfe0 CR3: 0000000039786000 CR4: 0000000000352ef0
[   69.304073][ T5320] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   69.307173][ T5320] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   69.310079][ T5320] Call Trace:
[   69.311400][ T5320]  <TASK>
[   69.312505][ T5320]  ? __warn+0x165/0x4d0
[   69.314045][ T5320]  ? mark_buffer_dirty+0x2c6/0x440
[   69.316294][ T5320]  ? report_bug+0x2b3/0x500
[   69.318317][ T5320]  ? mark_buffer_dirty+0x2c6/0x440
[   69.320424][ T5320]  ? handle_bug+0x60/0x90
[   69.321977][ T5320]  ? exc_invalid_op+0x1a/0x50
[   69.323739][ T5320]  ? asm_exc_invalid_op+0x1a/0x20
[   69.325721][ T5320]  ? mark_buffer_dirty+0x43/0x440
[   69.327674][ T5320]  ? mark_buffer_dirty+0x2c5/0x440
[   69.329596][ T5320]  ? mark_buffer_dirty+0x2c6/0x440
[   69.331556][ T5320]  udf_open_lvid+0x384/0x5b0
[   69.333332][ T5320]  ? __pfx_udf_open_lvid+0x10/0x10
[   69.335449][ T5320]  ? shrink_dcache_sb+0x38e/0x3e0
[   69.337928][ T5320]  udf_reconfigure+0x2f9/0x490
[   69.339746][ T5320]  reconfigure_super+0x43a/0x870
[   69.341545][ T5320]  path_mount+0xc22/0xfa0
[   69.343215][ T5320]  __se_sys_mount+0x2d6/0x3c0
[   69.345302][ T5320]  ? __pfx___se_sys_mount+0x10/0x10
[   69.347322][ T5320]  ? do_syscall_64+0x100/0x230
[   69.349111][ T5320]  ? __x64_sys_mount+0x20/0xc0
[   69.350883][ T5320]  do_syscall_64+0xf3/0x230
[   69.352558][ T5320]  ? clear_bhb_loop+0x35/0x90
[   69.354319][ T5320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.356633][ T5320] RIP: 0033:0x7f14f59874ca
[   69.358391][ T5320] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.365441][ T5320] RSP: 002b:00007f14f686de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.368406][ T5320] RAX: ffffffffffffffda RBX: 00007f14f686def0 RCX: 00007f14f59874ca
[   69.371134][ T5320] RDX: 0000000020000040 RSI: 00000000200000c0 RDI: 0000000000000000
[   69.373568][ T5320] RBP: 0000000020000040 R08: 00007f14f686def0 R09: 0000000001e4047c
[   69.376307][ T5320] R10: 0000000001e4047c R11: 0000000000000246 R12: 00000000200000c0
[   69.379032][ T5320] R13: 00007f14f686deb0 R14: 0000000000000000 R15: 0000000020000ec0
[   69.381881][ T5320]  </TASK>
[   69.383145][ T5320] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   69.385977][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[   69.389969][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.393952][ T5320] Call Trace:
[   69.395195][ T5320]  <TASK>
[   69.396306][ T5320]  dump_stack_lvl+0x241/0x360
[   69.398006][ T5320]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.399863][ T5320]  ? __pfx__printk+0x10/0x10
[   69.401467][ T5320]  ? vscnprintf+0x5d/0x90
[   69.403024][ T5320]  panic+0x349/0x880
[   69.404401][ T5320]  ? __warn+0x174/0x4d0
[   69.405881][ T5320]  ? __pfx_panic+0x10/0x10
[   69.407539][ T5320]  __warn+0x344/0x4d0
[   69.408945][ T5320]  ? mark_buffer_dirty+0x2c6/0x440
[   69.410925][ T5320]  report_bug+0x2b3/0x500
[   69.412480][ T5320]  ? mark_buffer_dirty+0x2c6/0x440
[   69.414244][ T5320]  handle_bug+0x60/0x90
[   69.415640][ T5320]  exc_invalid_op+0x1a/0x50
[   69.417274][ T5320]  asm_exc_invalid_op+0x1a/0x20
[   69.419007][ T5320] RIP: 0010:mark_buffer_dirty+0x2c6/0x440
[   69.421288][ T5320] Code: 4c 89 f7 e8 7c 54 dc ff 49 8b 3e be 20 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 97 de fb ff e8 b2 eb 75 ff eb 8b e8 ab eb 75 ff 90 <0f> 0b 90 e9 82 fd ff ff e8 9d eb 75 ff 90 0f 0b 90 e9 a9 fd ff ff
[   69.428319][ T5320] RSP: 0018:ffffc900019cfbb0 EFLAGS: 00010293
[   69.430617][ T5320] RAX: ffffffff82298845 RBX: 0000000000000001 RCX: ffff88801f298000
[   69.433639][ T5320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.436725][ T5320] RBP: 0000000000000000 R08: ffffffff822985c3 R09: 1ffff110086fa057
[   69.439791][ T5320] R10: dffffc0000000000 R11: ffffed10086fa058 R12: dffffc0000000000
[   69.442890][ T5320] R13: ffff888040bbb004 R14: ffff8880437d02b8 R15: ffff8880437d02b8
[   69.445836][ T5320]  ? mark_buffer_dirty+0x43/0x440
[   69.448045][ T5320]  ? mark_buffer_dirty+0x2c5/0x440
[   69.450446][ T5320]  udf_open_lvid+0x384/0x5b0
[   69.452857][ T5320]  ? __pfx_udf_open_lvid+0x10/0x10
[   69.455356][ T5320]  ? shrink_dcache_sb+0x38e/0x3e0
[   69.457842][ T5320]  udf_reconfigure+0x2f9/0x490
[   69.460330][ T5320]  reconfigure_super+0x43a/0x870
[   69.462749][ T5320]  path_mount+0xc22/0xfa0
[   69.464836][ T5320]  __se_sys_mount+0x2d6/0x3c0
[   69.466959][ T5320]  ? __pfx___se_sys_mount+0x10/0x10
[   69.468920][ T5320]  ? do_syscall_64+0x100/0x230
[   69.470850][ T5320]  ? __x64_sys_mount+0x20/0xc0
[   69.472662][ T5320]  do_syscall_64+0xf3/0x230
[   69.474598][ T5320]  ? clear_bhb_loop+0x35/0x90
[   69.476559][ T5320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.479106][ T5320] RIP: 0033:0x7f14f59874ca
[   69.481033][ T5320] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.489325][ T5320] RSP: 002b:00007f14f686de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.493056][ T5320] RAX: ffffffffffffffda RBX: 00007f14f686def0 RCX: 00007f14f59874ca
[   69.496828][ T5320] RDX: 0000000020000040 RSI: 00000000200000c0 RDI: 0000000000000000
[   69.500424][ T5320] RBP: 0000000020000040 R08: 00007f14f686def0 R09: 0000000001e4047c
[   69.503408][ T5320] R10: 0000000001e4047c R11: 0000000000000246 R12: 00000000200000c0
[   69.506189][ T5320] R13: 00007f14f686deb0 R14: 0000000000000000 R15: 0000000020000ec0
[   69.509126][ T5320]  </TASK>
[   69.510628][ T5320] Kernel Offset: disabled
[   69.512241][ T5320] Rebooting in 86400 seconds..