./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3455948726

<...>
Warning: Permanently added '10.128.1.157' (ED25519) to the list of known hosts.
execve("./syz-executor3455948726", ["./syz-executor3455948726"], 0x7ffecc080c00 /* 10 vars */) = 0
brk(NULL)                               = 0x555556be4000
brk(0x555556be4d00)                     = 0x555556be4d00
arch_prctl(ARCH_SET_FS, 0x555556be4380) = 0
set_tid_address(0x555556be4650)         = 5014
set_robust_list(0x555556be4660, 24)     = 0
rseq(0x555556be4ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3455948726", 4096) = 28
getrandom("\xff\x66\xae\x4b\x40\xc5\x2c\xf9", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556be4d00
brk(0x555556c05d00)                     = 0x555556c05d00
brk(0x555556c06000)                     = 0x555556c06000
mprotect(0x7f655d45b000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5015 attached
, child_tidptr=0x555556be4650) = 5015
[pid  5015] set_robust_list(0x555556be4660, 24) = 0
[pid  5015] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5015] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5015] setsid()                    = 1
[pid  5015] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5015] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5015] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5015] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5015] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5015] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5015] unshare(CLONE_NEWNS)        = 0
[pid  5015] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5015] unshare(CLONE_NEWIPC)       = 0
[pid  5015] unshare(CLONE_NEWCGROUP)    = 0
[pid  5015] unshare(CLONE_NEWUTS)       = 0
[pid  5015] unshare(CLONE_SYSVSEM)      = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "16777216", 8)     = 8
[pid  5015] close(3)                    = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "536870912", 9)    = 9
[pid  5015] close(3)                    = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "1024", 4)         = 4
[pid  5015] close(3)                    = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "8192", 4)         = 4
[pid  5015] close(3)                    = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "1024", 4)         = 4
[pid  5015] close(3)                    = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "1024", 4)         = 4
[pid  5015] close(3)                    = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5015] close(3)                    = 0
[pid  5015] getpid()                    = 1
[pid  5015] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5015] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5015] unshare(CLONE_NEWNET)       = 0
[pid  5015] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5015] write(3, "0 65535", 7)      = 7
[pid  5015] close(3)                    = 0
[pid  5015] mkdir("/dev/binderfs", 0777) = 0
[pid  5015] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5015] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5015] memfd_create("syzkaller", 0) = 3
[pid  5015] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6554f89000
[pid  5015] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid  5015] munmap(0x7f6554f89000, 1048576) = 0
[pid  5015] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5015] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5015] close(3)                    = 0
[pid  5015] mkdir("./bus", 0777)        = 0
[   56.062841][ T5015] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5015 'syz-executor345'
[   56.085902][ T5015] loop0: detected capacity change from 0 to 2048
[   56.095691][ T5015] =======================================================
[   56.095691][ T5015] WARNING: The mand mount option has been deprecated and
[pid  5015] mount("/dev/loop0", "./bus", "udf", MS_MANDLOCK|MS_NOATIME|MS_NODIRATIME|MS_RELATIME, "") = 0
[pid  5015] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5015] chdir("./bus")              = 0
[pid  5015] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5015] close(4)                    = 0
[pid  5015] rmdir(NULL)                 = -1 EFAULT (Bad address)
[pid  5015] memfd_create("syzkaller", 0) = 4
[pid  5015] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = -1 ENOMEM (Cannot allocate memory)
[pid  5015] close(4)                    = 0
[pid  5015] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4
[pid  5015] mount("/dev/loop0", "./bus", NULL, MS_NODIRATIME|MS_BIND|MS_I_VERSION, NULL) = 0
[pid  5015] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5
[pid  5015] pwritev2(5, [{iov_base="\x85\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x2f\x66\x69\x6c\x65\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=131072}], 1, 5120, RWF_SYNC) = 131072
[pid  5015] exit_group(1)               = ?
[   56.095691][ T5015]          and is ignored by this kernel. Remove the mand
[   56.095691][ T5015]          option from the mount to silence this warning.
[   56.095691][ T5015] =======================================================
[   56.135942][ T5015] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   56.209231][ T5015] ==================================================================
[   56.217394][ T5015] BUG: KASAN: use-after-free in crc_itu_t+0x21c/0x2a0
[   56.224203][ T5015] Read of size 1 at addr ffff88807615a000 by task syz-executor345/5015
[   56.232451][ T5015] 
[   56.234850][ T5015] CPU: 0 PID: 5015 Comm: syz-executor345 Not tainted 6.5.0-rc5-syzkaller-00296-gf8de32cc060b #0
[   56.245420][ T5015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   56.255467][ T5015] Call Trace:
[   56.258742][ T5015]  <TASK>
[   56.261668][ T5015]  dump_stack_lvl+0x1e7/0x2d0
[   56.266353][ T5015]  ? nf_tcp_handle_invalid+0x650/0x650
[   56.271803][ T5015]  ? panic+0x770/0x770
[   56.275868][ T5015]  ? _printk+0xd5/0x120
[   56.280020][ T5015]  print_report+0x163/0x540
[   56.284536][ T5015]  ? ktime_get_real_ts64+0x460/0x460
[   56.289821][ T5015]  ? time64_to_tm+0x331/0x4d0
[   56.294490][ T5015]  ? __virt_addr_valid+0x22f/0x2e0
[   56.299606][ T5015]  ? __phys_addr+0xba/0x170
[   56.304102][ T5015]  ? crc_itu_t+0x21c/0x2a0
[   56.308520][ T5015]  kasan_report+0x175/0x1b0
[   56.313200][ T5015]  ? crc_itu_t+0x21c/0x2a0
[   56.317622][ T5015]  ? pvclock_gtod_unregister_notifier+0x50/0x50
[   56.323949][ T5015]  crc_itu_t+0x21c/0x2a0
[   56.328216][ T5015]  udf_sync_fs+0x1d2/0x380
[   56.332651][ T5015]  ? udf_put_super+0x160/0x160
[   56.337452][ T5015]  ? get_nr_dirty_inodes+0x1c7/0x210
[   56.342752][ T5015]  sync_filesystem+0xec/0x220
[   56.347427][ T5015]  generic_shutdown_super+0x6f/0x340
[   56.352705][ T5015]  kill_block_super+0x68/0xa0
[   56.357380][ T5015]  deactivate_locked_super+0xa4/0x110
[   56.362749][ T5015]  cleanup_mnt+0x426/0x4c0
[   56.367175][ T5015]  ? _raw_spin_unlock_irq+0x23/0x50
[   56.372456][ T5015]  task_work_run+0x24a/0x300
[   56.377045][ T5015]  ? kasan_quarantine_put+0xd8/0x230
[   56.382331][ T5015]  ? task_work_cancel+0x2b0/0x2b0
[   56.387355][ T5015]  ? kmem_cache_free+0x292/0x500
[   56.392294][ T5015]  ? do_exit+0x68a/0x2290
[   56.396631][ T5015]  do_exit+0x68f/0x2290
[   56.400910][ T5015]  ? put_task_struct+0x80/0x80
[   56.405757][ T5015]  ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[   56.411818][ T5015]  ? print_irqtrace_events+0x220/0x220
[   56.417276][ T5015]  ? _raw_spin_unlock_irq+0x23/0x50
[   56.422644][ T5015]  ? lockdep_hardirqs_on+0x98/0x140
[   56.427840][ T5015]  do_group_exit+0x206/0x2c0
[   56.432431][ T5015]  __x64_sys_exit_group+0x3f/0x40
[   56.437452][ T5015]  do_syscall_64+0x41/0xc0
[   56.441891][ T5015]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.447796][ T5015] RIP: 0033:0x7f655d3c5a09
[   56.452209][ T5015] Code: Unable to access opcode bytes at 0x7f655d3c59df.
[   56.459217][ T5015] RSP: 002b:00007ffd9560b9e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   56.467716][ T5015] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f655d3c5a09
[   56.475689][ T5015] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   56.483657][ T5015] RBP: 00007f655d4612d0 R08: ffffffffffffffb8 R09: 0000000000000004
[   56.492673][ T5015] R10: 0000000000001400 R11: 0000000000000246 R12: 00007f655d4612d0
[   56.500640][ T5015] R13: 0000000000000000 R14: 00007f655d462040 R15: 00007f655d393f30
[   56.508609][ T5015]  </TASK>
[   56.511704][ T5015] 
[   56.514013][ T5015] The buggy address belongs to the physical page:
[   56.520407][ T5015] page:ffffea0001d85680 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x7615a
[   56.530545][ T5015] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   56.537640][ T5015] page_type: 0xffffffff()
[   56.541959][ T5015] raw: 00fff00000000000 ffffea0001d85408 ffffea0001ce1548 0000000000000000
[   56.550621][ T5015] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   56.559188][ T5015] page dumped because: kasan: bad access detected
[   56.565723][ T5015] page_owner tracks the page as freed
[   56.571079][ T5015] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 4872, tgid 4872 (sshd), ts 47777475140, free_ts 47861737656
[   56.589046][ T5015]  post_alloc_hook+0x1e6/0x210
[   56.593814][ T5015]  get_page_from_freelist+0x31e8/0x3370
[   56.599346][ T5015]  __alloc_pages+0x255/0x670
[   56.603923][ T5015]  __folio_alloc+0x13/0x30
[   56.608332][ T5015]  vma_alloc_folio+0x48a/0x9a0
[   56.613087][ T5015]  handle_mm_fault+0x20c7/0x5410
[   56.618029][ T5015]  exc_page_fault+0x3cf/0x7c0
[   56.622701][ T5015]  asm_exc_page_fault+0x26/0x30
[   56.627548][ T5015] page last free stack trace:
[   56.632307][ T5015]  free_unref_page_prepare+0x903/0xa30
[   56.637757][ T5015]  free_unref_page_list+0x596/0x830
[   56.642955][ T5015]  release_pages+0x2193/0x2470
[   56.647713][ T5015]  tlb_flush_mmu+0x100/0x210
[   56.652345][ T5015]  tlb_finish_mmu+0xd4/0x1f0
[   56.656923][ T5015]  unmap_region+0x258/0x2a0
[   56.661413][ T5015]  do_vmi_align_munmap+0x135d/0x1630
[   56.666777][ T5015]  do_vmi_munmap+0x24d/0x2d0
[   56.671373][ T5015]  __vm_munmap+0x230/0x450
[   56.675775][ T5015]  __x64_sys_munmap+0x69/0x80
[   56.680547][ T5015]  do_syscall_64+0x41/0xc0
[   56.685042][ T5015]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.691985][ T5015] 
[   56.694308][ T5015] Memory state around the buggy address:
[   56.699938][ T5015]  ffff888076159f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   56.707989][ T5015]  ffff888076159f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   56.716123][ T5015] >ffff88807615a000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   56.724256][ T5015]                    ^
[   56.728306][ T5015]  ffff88807615a080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   56.736349][ T5015]  ffff88807615a100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   56.744483][ T5015] ==================================================================
[   56.760560][ T5015] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   56.767780][ T5015] CPU: 1 PID: 5015 Comm: syz-executor345 Not tainted 6.5.0-rc5-syzkaller-00296-gf8de32cc060b #0
[   56.778272][ T5015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   56.788429][ T5015] Call Trace:
[   56.791701][ T5015]  <TASK>
[   56.794613][ T5015]  dump_stack_lvl+0x1e7/0x2d0
[   56.799277][ T5015]  ? nf_tcp_handle_invalid+0x650/0x650
[   56.805416][ T5015]  ? panic+0x770/0x770
[   56.809480][ T5015]  ? vscnprintf+0x5d/0x80
[   56.813794][ T5015]  panic+0x30f/0x770
[   56.817676][ T5015]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   56.823834][ T5015]  ? check_panic_on_warn+0x21/0xa0
[   56.828949][ T5015]  ? __memcpy_flushcache+0x2b0/0x2b0
[   56.834222][ T5015]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   56.840276][ T5015]  ? _raw_spin_unlock+0x40/0x40
[   56.845109][ T5015]  check_panic_on_warn+0x82/0xa0
[   56.850046][ T5015]  ? crc_itu_t+0x21c/0x2a0
[   56.854478][ T5015]  end_report+0x6e/0x130
[   56.859252][ T5015]  kasan_report+0x186/0x1b0
[   56.863880][ T5015]  ? crc_itu_t+0x21c/0x2a0
[   56.868378][ T5015]  ? pvclock_gtod_unregister_notifier+0x50/0x50
[   56.874631][ T5015]  crc_itu_t+0x21c/0x2a0
[   56.878902][ T5015]  udf_sync_fs+0x1d2/0x380
[   56.883861][ T5015]  ? udf_put_super+0x160/0x160
[   56.889320][ T5015]  ? get_nr_dirty_inodes+0x1c7/0x210
[   56.894598][ T5015]  sync_filesystem+0xec/0x220
[   56.899261][ T5015]  generic_shutdown_super+0x6f/0x340
[   56.904563][ T5015]  kill_block_super+0x68/0xa0
[   56.909231][ T5015]  deactivate_locked_super+0xa4/0x110
[   56.914588][ T5015]  cleanup_mnt+0x426/0x4c0
[   56.919007][ T5015]  ? _raw_spin_unlock_irq+0x23/0x50
[   56.924223][ T5015]  task_work_run+0x24a/0x300
[   56.928976][ T5015]  ? kasan_quarantine_put+0xd8/0x230
[   56.934260][ T5015]  ? task_work_cancel+0x2b0/0x2b0
[   56.939272][ T5015]  ? kmem_cache_free+0x292/0x500
[   56.944193][ T5015]  ? do_exit+0x68a/0x2290
[   56.948507][ T5015]  do_exit+0x68f/0x2290
[   56.952741][ T5015]  ? put_task_struct+0x80/0x80
[   56.957489][ T5015]  ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[   56.963479][ T5015]  ? print_irqtrace_events+0x220/0x220
[   56.968923][ T5015]  ? _raw_spin_unlock_irq+0x23/0x50
[   56.974110][ T5015]  ? lockdep_hardirqs_on+0x98/0x140
[   56.979466][ T5015]  do_group_exit+0x206/0x2c0
[   56.984046][ T5015]  __x64_sys_exit_group+0x3f/0x40
[   56.989143][ T5015]  do_syscall_64+0x41/0xc0
[   56.994010][ T5015]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   57.000186][ T5015] RIP: 0033:0x7f655d3c5a09
[   57.005132][ T5015] Code: Unable to access opcode bytes at 0x7f655d3c59df.
[   57.012496][ T5015] RSP: 002b:00007ffd9560b9e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   57.020897][ T5015] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f655d3c5a09
[   57.028944][ T5015] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   57.036984][ T5015] RBP: 00007f655d4612d0 R08: ffffffffffffffb8 R09: 0000000000000004
[   57.045030][ T5015] R10: 0000000000001400 R11: 0000000000000246 R12: 00007f655d4612d0
[   57.053175][ T5015] R13: 0000000000000000 R14: 00007f655d462040 R15: 00007f655d393f30
[   57.061165][ T5015]  </TASK>
[   57.064286][ T5015] Kernel Offset: disabled
[   57.068599][ T5015] Rebooting in 86400 seconds..