program:
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000500)=ANY=[], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x189040, 0x32)
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000080)='./file1\x00', 0x400000f030)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)

[   86.990571][ T5304] Bluetooth: hci0: command tx timeout
[   87.201242][ T5327] loop0: detected capacity change from 0 to 2048
[   87.272174][ T5327] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   87.295551][   T26] audit: type=1804 audit(1769823722.720:2): pid=5327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.0" name="/newroot/0/file0/file1" dev="loop0" ino=1367 res=1 errno=0
[   87.404584][ T5327] ------------[ cut here ]------------
[   87.407058][ T5327] le32_to_cpu(aed->lengthAllocDescs) != epos->offset - sizeof(struct allocExtDesc)
[   87.407086][ T5327] WARNING: fs/udf/inode.c:2088 at __udf_add_aext+0x524/0x6d0, CPU#0: syz.0.0/5327
[   87.415370][ T5327] Modules linked in:
[   87.417149][ T5327] CPU: 0 UID: 0 PID: 5327 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.421167][ T5327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.425101][ T5327] RIP: 0010:__udf_add_aext+0x524/0x6d0
[   87.427420][ T5327] Code: 6d e0 fe 49 8b 3e 4c 89 e6 e8 48 91 05 ff 31 c0 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 83 fd 4d 08 cc e8 0d 91 76 fe 90 <0f> 0b 90 e9 14 fc ff ff e8 ff 90 76 fe 90 0f 0b 90 e9 66 fd ff ff
[   87.435716][ T5327] RSP: 0018:ffffc90009c3f480 EFLAGS: 00010287
[   87.438430][ T5327] RAX: ffffffff834df5e3 RBX: dffffc0000000000 RCX: 0000000000100000
[   87.441922][ T5327] RDX: ffffc90020802000 RSI: 00000000000859c2 RDI: 00000000000859c3
[   87.445327][ T5327] RBP: 1ffff92001387ecb R08: ffff888000bdc980 R09: 0000000000000002
[   87.448634][ T5327] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000000
[   87.452046][ T5327] R13: 0000000000000004 R14: ffffc90009c3f650 R15: ffffc90009c3f658
[   87.455599][ T5327] FS:  00007f51b64fe6c0(0000) GS:ffff88808ccea000(0000) knlGS:0000000000000000
[   87.459431][ T5327] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.462327][ T5327] CR2: 000020000009e000 CR3: 0000000011df1000 CR4: 0000000000352ef0
[   87.465715][ T5327] Call Trace:
[   87.467225][ T5327]  <TASK>
[   87.468367][ T5327]  udf_map_block+0x340e/0x4330
[   87.470382][ T5327]  ? __pfx_udf_map_block+0x10/0x10
[   87.472448][ T5327]  ? do_raw_spin_unlock+0x4d/0x210
[   87.474850][ T5327]  __udf_get_block+0x52/0x250
[   87.477061][ T5327]  __block_write_begin_int+0x6c6/0x1910
[   87.479348][ T5327]  ? __pfx_udf_get_block+0x10/0x10
[   87.481427][ T5327]  ? __pfx___block_write_begin_int+0x10/0x10
[   87.483976][ T5327]  ? __pfx_udf_get_block+0x10/0x10
[   87.486133][ T5327]  block_write_begin+0x8d/0x120
[   87.488167][ T5327]  ? udf_write_begin+0x92/0x270
[   87.490719][ T5327]  udf_write_begin+0x118/0x270
[   87.492766][ T5327]  generic_perform_write+0x2e2/0x8f0
[   87.495080][ T5327]  ? __pfx_generic_perform_write+0x10/0x10
[   87.497692][ T5327]  ? file_update_time_flags+0x439/0x4d0
[   87.500214][ T5327]  ? __generic_file_write_iter+0xf9/0x230
[   87.502596][ T5327]  ? udf_file_write_iter+0x1a3/0x6b0
[   87.504929][ T5327]  udf_file_write_iter+0x2ca/0x6b0
[   87.507126][ T5327]  vfs_write+0x61d/0xb90
[   87.508965][ T5327]  ? __pfx_vfs_write+0x10/0x10
[   87.511165][ T5327]  ? __fget_files+0x2a/0x420
[   87.513236][ T5327]  ksys_write+0x150/0x270
[   87.515015][ T5327]  ? __pfx_ksys_write+0x10/0x10
[   87.517087][ T5327]  do_syscall_64+0xe2/0xf80
[   87.519079][ T5327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.521742][ T5327]  ? trace_irq_disable+0x37/0x100
[   87.523927][ T5327]  ? clear_bhb_loop+0x60/0xb0
[   87.525853][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.528369][ T5327] RIP: 0033:0x7f51b559aeb9
[   87.530419][ T5327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.538438][ T5327] RSP: 002b:00007f51b64fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   87.541973][ T5327] RAX: ffffffffffffffda RBX: 00007f51b5815fa0 RCX: 00007f51b559aeb9
[   87.545407][ T5327] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000005
[   87.548776][ T5327] RBP: 00007f51b5608c1f R08: 0000000000000000 R09: 0000000000000000
[   87.552312][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.555651][ T5327] R13: 00007f51b5816038 R14: 00007f51b5815fa0 R15: 00007ffd8b2b3e88
[   87.559360][ T5327]  </TASK>
[   87.560841][ T5327] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   87.563952][ T5327] CPU: 0 UID: 0 PID: 5327 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.567880][ T5327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.572151][ T5327] Call Trace:
[   87.573594][ T5327]  <TASK>
[   87.574861][ T5327]  vpanic+0x1e0/0x670
[   87.576652][ T5327]  panic+0xc5/0xd0
[   87.578263][ T5327]  ? __pfx_panic+0x10/0x10
[   87.580134][ T5327]  __warn+0x315/0x4a0
[   87.581845][ T5327]  ? __udf_add_aext+0x524/0x6d0
[   87.583978][ T5327]  ? __udf_add_aext+0x524/0x6d0
[   87.586030][ T5327]  __report_bug+0x29a/0x540
[   87.587981][ T5327]  ? __udf_add_aext+0x524/0x6d0
[   87.590141][ T5327]  ? __pfx___report_bug+0x10/0x10
[   87.592245][ T5327]  ? bdev_getblk+0xbe/0x6e0
[   87.594173][ T5327]  ? bdev_getblk+0x582/0x6e0
[   87.596130][ T5327]  ? __udf_add_aext+0x524/0x6d0
[   87.598259][ T5327]  report_bug+0x16a/0x220
[   87.600128][ T5327]  ? __udf_add_aext+0x524/0x6d0
[   87.602254][ T5327]  ? __udf_add_aext+0x526/0x6d0
[   87.604240][ T5327]  handle_bug+0x98/0x200
[   87.606036][ T5327]  exc_invalid_op+0x1a/0x50
[   87.607942][ T5327]  asm_exc_invalid_op+0x1a/0x20
[   87.610132][ T5327] RIP: 0010:__udf_add_aext+0x524/0x6d0
[   87.612425][ T5327] Code: 6d e0 fe 49 8b 3e 4c 89 e6 e8 48 91 05 ff 31 c0 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 83 fd 4d 08 cc e8 0d 91 76 fe 90 <0f> 0b 90 e9 14 fc ff ff e8 ff 90 76 fe 90 0f 0b 90 e9 66 fd ff ff
[   87.620476][ T5327] RSP: 0018:ffffc90009c3f480 EFLAGS: 00010287
[   87.623170][ T5327] RAX: ffffffff834df5e3 RBX: dffffc0000000000 RCX: 0000000000100000
[   87.626428][ T5327] RDX: ffffc90020802000 RSI: 00000000000859c2 RDI: 00000000000859c3
[   87.629840][ T5327] RBP: 1ffff92001387ecb R08: ffff888000bdc980 R09: 0000000000000002
[   87.633123][ T5327] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000000
[   87.636447][ T5327] R13: 0000000000000004 R14: ffffc90009c3f650 R15: ffffc90009c3f658
[   87.639822][ T5327]  ? __udf_add_aext+0x523/0x6d0
[   87.641923][ T5327]  udf_map_block+0x340e/0x4330
[   87.644122][ T5327]  ? __pfx_udf_map_block+0x10/0x10
[   87.646702][ T5327]  ? do_raw_spin_unlock+0x4d/0x210
[   87.648876][ T5327]  __udf_get_block+0x52/0x250
[   87.650902][ T5327]  __block_write_begin_int+0x6c6/0x1910
[   87.653281][ T5327]  ? __pfx_udf_get_block+0x10/0x10
[   87.655458][ T5327]  ? __pfx___block_write_begin_int+0x10/0x10
[   87.658046][ T5327]  ? __pfx_udf_get_block+0x10/0x10
[   87.660214][ T5327]  block_write_begin+0x8d/0x120
[   87.662315][ T5327]  ? udf_write_begin+0x92/0x270
[   87.664328][ T5327]  udf_write_begin+0x118/0x270
[   87.666360][ T5327]  generic_perform_write+0x2e2/0x8f0
[   87.668641][ T5327]  ? __pfx_generic_perform_write+0x10/0x10
[   87.671015][ T5327]  ? file_update_time_flags+0x439/0x4d0
[   87.673521][ T5327]  ? __generic_file_write_iter+0xf9/0x230
[   87.675920][ T5327]  ? udf_file_write_iter+0x1a3/0x6b0
[   87.678181][ T5327]  udf_file_write_iter+0x2ca/0x6b0
[   87.680377][ T5327]  vfs_write+0x61d/0xb90
[   87.682245][ T5327]  ? __pfx_vfs_write+0x10/0x10
[   87.684352][ T5327]  ? __fget_files+0x2a/0x420
[   87.686382][ T5327]  ksys_write+0x150/0x270
[   87.688212][ T5327]  ? __pfx_ksys_write+0x10/0x10
[   87.690273][ T5327]  do_syscall_64+0xe2/0xf80
[   87.692260][ T5327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.694760][ T5327]  ? trace_irq_disable+0x37/0x100
[   87.696854][ T5327]  ? clear_bhb_loop+0x60/0xb0
[   87.698934][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.701366][ T5327] RIP: 0033:0x7f51b559aeb9
[   87.703259][ T5327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.711276][ T5327] RSP: 002b:00007f51b64fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   87.714749][ T5327] RAX: ffffffffffffffda RBX: 00007f51b5815fa0 RCX: 00007f51b559aeb9
[   87.718090][ T5327] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000005
[   87.721502][ T5327] RBP: 00007f51b5608c1f R08: 0000000000000000 R09: 0000000000000000
[   87.724880][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.728225][ T5327] R13: 00007f51b5816038 R14: 00007f51b5815fa0 R15: 00007ffd8b2b3e88
[   87.731625][ T5327]  </TASK>
[   87.733239][ T5327] Kernel Offset: disabled
[   87.735035][ T5327] Rebooting in 86400 seconds..