program:
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000000040)=ANY=[@ANYRESDEC=0x0], 0x1, 0x373, &(0x7f00000001c0)="$eJzs3UtoK1UYwPEvaZImudwmC1EUpAcvgm6GNroWg9wLQsDSNmIrCNN2oiFjUjKhGhHbrlwq7l0JLkp3FlwUtGuhG3e6EcFdN4KCFdSReSWTV9OEpOG2/x9c5uSc880j5+TynSaTXLz1+fuVkqWV9IZEk0oiIiKXIlmJSiDib6NuOSHy2Q+ttgN58d4fPz27tlFMehXqUX79pZxSamHxuw8+TvndTuflPPvOxe+5386fPH/64r/198qWKluqWmsoXW3VfmnoW6ahdspWRVNqxTR0y1DlqmXUvfZv/P2Ytd3dptKrO/fTu3XDspRebaqK0VSNmmrUm0p/Vy9XlaZp6n5aMEzxaHVVz48ZvD3hk8GU1Ot5fU5EUj0txaOZnBAAAJip7vw/6qT0w/L/kFb+vykLhcLDVeV0buf/x8+dNe69ebLg5/+niX75/8s/e/vqyP+d5UQ7/69564PS8Pz/Sxkh/+/NiO6WsfP/7BROBuNZTPRURToeOfl/2n/9ug7fPl5yC+T/AAAAAAAAAAAAAAAAAAAAAAA8Di5tO2PbdibYBv/atxD4j3ErDRr/eRFJOqNvM/632drGpiTdG/ecMTY/3SvuFb2t3+FMREwx/rW7OXMjuPNIObLyvbnvx+/vFefclnxJyk68LEtGsu58CsXb9qPXCw+XlcePb92mlA7H5yQjT4Tjv3VnpxOf64z3j5+QFx6E4jXJyI/bUhNTdtzI9vE/WVbqtTcKXfEpt5+I/Optkjc7MAAAAAAATJCmWvqu3zVtULv3LSP5krswNmRJMvJP//X9Ut/1eSzzTGzWVw8AAAAAwN1gNT+q6BI16m7BNPsVUjKwaQKFWEdNXET6dk501cSv2vNc6Aqvez4J/x3+3qbISNf1VfCsjhIVfJDCOfFWU/CJg/Ge3uD63ZpI7Pk//aa/Rx2myIG4E+Ag3BSVa4THuk9+0alQfTs/GLifQ/9CWjXBn40SA55nWendT/SKmRDvqbEj483np774+q/JvUBeOfFnwIfDOx+ahr0v1xmUroJziN6m+NT/4wEAAABw49pJf1Dzarg5/EMi4R/L4Z17AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmaCpf6ddVGHz0+Zu8VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDm/g8AAP//eFH1dg==") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105142, 0x2c)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000aa2000/0x4000)=nil, 0x4000, 0x100000f, 0x13, r0, 0x0)
socket(0x2a, 0xa, 0x1000000)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
r2 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000) (async)
r3 = socket(0x2, 0x1, 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SOCK(r2, 0xab00, r3) (async)
ioctl$NBD_DO_IT(r4, 0xab03)
ioctl$NBD_SET_SIZE_BLOCKS(r2, 0xab07, 0x100000000) (async)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='udf\x00', 0x2008087, 0x0) (async, rerun: 64)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYRES8=r1], 0x32600) (rerun: 64)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r2, 0x40046210, &(0x7f0000000100))

[   69.094693][ T4665] Bluetooth: hci0: command tx timeout
[   69.164828][   T25] audit: type=1800 audit(1760461628.481:2): pid=5317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file2" dev="tmpfs" ino=18 res=0 errno=0
[   69.193667][ T5316] loop0: detected capacity change from 0 to 128
[   69.198225][ T5316] vfat: Unknown parameter '00000000000000000000'
[   69.232145][ T4665] block nbd0: Receive control failed (result -107)
[   69.245348][ T5317] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   69.269592][ T5317] ------------[ cut here ]------------
[   69.272144][ T5317] WARNING: CPU: 0 PID: 5317 at fs/buffer.c:1125 bdev_getblk+0x580/0x660
[   69.275783][ T5317] Modules linked in:
[   69.277656][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   69.281414][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.286063][ T5317] RIP: 0010:bdev_getblk+0x580/0x660
[   69.288424][ T5317] Code: 26 fb ff ff e8 c1 a6 75 ff 48 c7 c7 20 28 7a 8b 48 c7 c6 d9 c7 83 8d 4c 89 fa 4c 89 e9 e8 68 e4 dc fe eb bd e8 a1 a6 75 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[   69.297376][ T5317] RSP: 0018:ffffc9000d43f670 EFLAGS: 00010293
[   69.299978][ T5317] RAX: ffffffff824aacef RBX: ffff88803216d098 RCX: ffff888038e18000
[   69.303846][ T5317] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
[   69.307208][ T5317] RBP: 0000000000000200 R08: 0000000000000000 R09: ffffffff82199acd
[   69.310593][ T5317] R10: 0000000000000406 R11: 0000000000000000 R12: ffff88803216d9f0
[   69.314057][ T5317] R13: ffff88803216d080 R14: 0000000000000200 R15: 1ffff1100642da13
[   69.317526][ T5317] FS:  00007f1bf6c376c0(0000) GS:ffff88808d301000(0000) knlGS:0000000000000000
[   69.321547][ T5317] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.324500][ T5317] CR2: 00007fff34316ec0 CR3: 0000000041dbf000 CR4: 0000000000352ef0
[   69.327919][ T5317] Call Trace:
[   69.329357][ T5317]  <TASK>
[   69.330676][ T5317]  ? __pfx__udf_err+0x10/0x10
[   69.332913][ T5317]  ? kmem_cache_free+0x4b5/0x690
[   69.335154][ T5317]  __bread_gfp+0x89/0x3c0
[   69.337148][ T5317]  udf_read_tagged+0xad/0xe00
[   69.339254][ T5317]  udf_check_anchor_block+0x99/0x550
[   69.341789][ T5317]  ? __phys_addr+0xd3/0x180
[   69.343848][ T5317]  ? udf_get_last_block+0x286/0x360
[   69.345952][ T5317]  ? __pfx_udf_check_anchor_block+0x10/0x10
[   69.348279][ T5317]  udf_load_vrs+0xa83/0xf20
[   69.350066][ T5317]  ? __pfx_udf_load_vrs+0x10/0x10
[   69.352310][ T5317]  ? udf_get_last_session+0x100/0x200
[   69.354657][ T5317]  udf_fill_super+0x5ad/0x17a0
[   69.356798][ T5317]  ? __pfx_udf_fill_super+0x10/0x10
[   69.359111][ T5317]  ? set_blocksize+0x21e/0x500
[   69.361318][ T5317]  ? sb_set_blocksize+0x104/0x180
[   69.363544][ T5317]  ? setup_bdev_super+0x4c1/0x5b0
[   69.365834][ T5317]  get_tree_bdev_flags+0x40e/0x4d0
[   69.368123][ T5317]  ? __pfx_udf_fill_super+0x10/0x10
[   69.370453][ T5317]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   69.373043][ T5317]  vfs_get_tree+0x92/0x2b0
[   69.375001][ T5317]  do_new_mount+0x302/0xa10
[   69.376967][ T5317]  ? apparmor_capable+0x137/0x1b0
[   69.379205][ T5317]  ? __pfx_do_new_mount+0x10/0x10
[   69.381580][ T5317]  ? ns_capable+0x8a/0xf0
[   69.383508][ T5317]  ? kmem_cache_free+0x19b/0x690
[   69.385802][ T5317]  __se_sys_mount+0x313/0x410
[   69.387915][ T5317]  ? __pfx___se_sys_mount+0x10/0x10
[   69.390118][ T5317]  ? do_syscall_64+0xbe/0xfa0
[   69.392174][ T5317]  ? __x64_sys_mount+0x20/0xc0
[   69.394077][ T5317]  do_syscall_64+0xfa/0xfa0
[   69.396260][ T5317]  ? lockdep_hardirqs_on+0x9c/0x150
[   69.398337][ T5317]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.400800][ T5317]  ? clear_bhb_loop+0x60/0xb0
[   69.403052][ T5317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.405583][ T5317] RIP: 0033:0x7f1bf5d8eec9
[   69.407517][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.415872][ T5317] RSP: 002b:00007f1bf6c37038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.419385][ T5317] RAX: ffffffffffffffda RBX: 00007f1bf5fe6090 RCX: 00007f1bf5d8eec9
[   69.422869][ T5317] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[   69.426175][ T5317] RBP: 00007f1bf5e11f91 R08: 0000000000000000 R09: 0000000000000000
[   69.429516][ T5317] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000000
[   69.433082][ T5317] R13: 00007f1bf5fe6128 R14: 00007f1bf5fe6090 R15: 00007fff34317a58
[   69.436516][ T5317]  </TASK>
[   69.437899][ T5317] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   69.441024][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   69.444925][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.449493][ T5317] Call Trace:
[   69.450927][ T5317]  <TASK>
[   69.452212][ T5317]  dump_stack_lvl+0x99/0x250
[   69.454173][ T5317]  ? __asan_memcpy+0x40/0x70
[   69.456179][ T5317]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.458344][ T5317]  ? __pfx__printk+0x10/0x10
[   69.460418][ T5317]  vpanic+0x237/0x6d0
[   69.462116][ T5317]  ? __pfx_vpanic+0x10/0x10
[   69.464161][ T5317]  panic+0xb9/0xc0
[   69.465840][ T5317]  ? __pfx_panic+0x10/0x10
[   69.467708][ T5317]  __warn+0x31b/0x4b0
[   69.469539][ T5317]  ? bdev_getblk+0x580/0x660
[   69.471568][ T5317]  ? bdev_getblk+0x580/0x660
[   69.473524][ T5317]  report_bug+0x2be/0x4f0
[   69.475301][ T5317]  ? bdev_getblk+0x580/0x660
[   69.477307][ T5317]  ? bdev_getblk+0x580/0x660
[   69.479245][ T5317]  ? bdev_getblk+0x582/0x660
[   69.481242][ T5317]  handle_bug+0x84/0x160
[   69.483068][ T5317]  exc_invalid_op+0x1a/0x50
[   69.485006][ T5317]  asm_exc_invalid_op+0x1a/0x20
[   69.487070][ T5317] RIP: 0010:bdev_getblk+0x580/0x660
[   69.489275][ T5317] Code: 26 fb ff ff e8 c1 a6 75 ff 48 c7 c7 20 28 7a 8b 48 c7 c6 d9 c7 83 8d 4c 89 fa 4c 89 e9 e8 68 e4 dc fe eb bd e8 a1 a6 75 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[   69.497390][ T5317] RSP: 0018:ffffc9000d43f670 EFLAGS: 00010293
[   69.500073][ T5317] RAX: ffffffff824aacef RBX: ffff88803216d098 RCX: ffff888038e18000
[   69.503455][ T5317] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
[   69.506788][ T5317] RBP: 0000000000000200 R08: 0000000000000000 R09: ffffffff82199acd
[   69.509979][ T5317] R10: 0000000000000406 R11: 0000000000000000 R12: ffff88803216d9f0
[   69.513279][ T5317] R13: ffff88803216d080 R14: 0000000000000200 R15: 1ffff1100642da13
[   69.516549][ T5317]  ? fs_reclaim_acquire+0x7d/0x100
[   69.518739][ T5317]  ? bdev_getblk+0x57f/0x660
[   69.520697][ T5317]  ? __pfx__udf_err+0x10/0x10
[   69.522726][ T5317]  ? kmem_cache_free+0x4b5/0x690
[   69.524867][ T5317]  __bread_gfp+0x89/0x3c0
[   69.526755][ T5317]  udf_read_tagged+0xad/0xe00
[   69.528838][ T5317]  udf_check_anchor_block+0x99/0x550
[   69.531069][ T5317]  ? __phys_addr+0xd3/0x180
[   69.533049][ T5317]  ? udf_get_last_block+0x286/0x360
[   69.535254][ T5317]  ? __pfx_udf_check_anchor_block+0x10/0x10
[   69.537722][ T5317]  udf_load_vrs+0xa83/0xf20
[   69.539657][ T5317]  ? __pfx_udf_load_vrs+0x10/0x10
[   69.541779][ T5317]  ? udf_get_last_session+0x100/0x200
[   69.544095][ T5317]  udf_fill_super+0x5ad/0x17a0
[   69.546132][ T5317]  ? __pfx_udf_fill_super+0x10/0x10
[   69.548383][ T5317]  ? set_blocksize+0x21e/0x500
[   69.550546][ T5317]  ? sb_set_blocksize+0x104/0x180
[   69.552850][ T5317]  ? setup_bdev_super+0x4c1/0x5b0
[   69.555109][ T5317]  get_tree_bdev_flags+0x40e/0x4d0
[   69.557225][ T5317]  ? __pfx_udf_fill_super+0x10/0x10
[   69.559453][ T5317]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   69.561957][ T5317]  vfs_get_tree+0x92/0x2b0
[   69.563974][ T5317]  do_new_mount+0x302/0xa10
[   69.566023][ T5317]  ? apparmor_capable+0x137/0x1b0
[   69.568171][ T5317]  ? __pfx_do_new_mount+0x10/0x10
[   69.570358][ T5317]  ? ns_capable+0x8a/0xf0
[   69.572234][ T5317]  ? kmem_cache_free+0x19b/0x690
[   69.574356][ T5317]  __se_sys_mount+0x313/0x410
[   69.576487][ T5317]  ? __pfx___se_sys_mount+0x10/0x10
[   69.578757][ T5317]  ? do_syscall_64+0xbe/0xfa0
[   69.580828][ T5317]  ? __x64_sys_mount+0x20/0xc0
[   69.582934][ T5317]  do_syscall_64+0xfa/0xfa0
[   69.584972][ T5317]  ? lockdep_hardirqs_on+0x9c/0x150
[   69.587249][ T5317]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.589932][ T5317]  ? clear_bhb_loop+0x60/0xb0
[   69.591971][ T5317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.594508][ T5317] RIP: 0033:0x7f1bf5d8eec9
[   69.596485][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.604675][ T5317] RSP: 002b:00007f1bf6c37038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.608317][ T5317] RAX: ffffffffffffffda RBX: 00007f1bf5fe6090 RCX: 00007f1bf5d8eec9
[   69.611741][ T5317] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[   69.615150][ T5317] RBP: 00007f1bf5e11f91 R08: 0000000000000000 R09: 0000000000000000
[   69.618557][ T5317] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000000
[   69.622006][ T5317] R13: 00007f1bf5fe6128 R14: 00007f1bf5fe6090 R15: 00007fff34317a58
[   69.625402][ T5317]  </TASK>
[   69.627058][ T5317] Kernel Offset: disabled
[   69.628961][ T5317] Rebooting in 86400 seconds..