program:
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="009917593d44d685cf8176521846a9e90205b4b89c0ed49b3e1201fa4a79b0b9651316a89d7e4038e94e54fdffa25c529d1cb4e43bf7e12bd2a555681300b85d6621470c304d6ba5731161f3f1da1193a85525e8c9a5a95798070ca48fa7edcf62e37626480f673141bee1ea2522f8b61aac12f984c1216683ae80e6146169cfb7aa7c50dd4c52259faaee2fedc1077bda4c3e65d7005d0ab71db65617abeb3c51b056d955f1285ed9d26d7c910bf3291f6b349ce7eee33a31a484c31993effe39fcfa55e722a20bf90b2f43ffbfd19afaeb1d6e9683ce09f4c8eb9591f0772a12"], 0x1, 0xc3c, &(0x7f0000000d00)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1V+1nVVawSpIwA0Igoq0Ai7IDRIXXOQGCa0QirhZJECKQJUWgUSgabQSAmYFCysqYXRm3rHHbtK4+bLT/H5t/J8585w575n2OT4TzXsmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIL/30saGDaatHAQA8SK+NvzF02O9/AHiknPL+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA20tRxFuR4r2xVpps3+8YONGcO3d+YnTs5qsNpkhRiaJdX/4ZOHjo8JEXX3p5uJsfv/699rl4ffzUsdrx+dmFxcbSUmO6NjHXPD0/3dj0M9zt+hvtbb8Atdk3z02fObNUO3Tg8LqHz1dv7Hxsd/Xo8LP7nu/WToyOjY331PT13/HWPyLdu6fiU2RHFPHlSPGt/d9J9YioxN33wm2OHffbYPSV/dfeiYnRsfaOzDTrc8vlg6mSq/oiqj0rjXR75AH04l0ZibhQ/ncqB7y33L3xhfpifWqmUTtZX1xuLjfn51KlM9pyf6pRieEUsRARrWKrB8920x9FvBopbnzYSlMRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTx25Hi3cmhOJ37qt021yO+WOYrEW+VeSXFxXw/lQeI4Yjv+n0CD7W+KOJvIsV8aqXpbu+3zytPfLX2lbkz8z213fPKh/79wYPk3IRtbCCKmGqf8bfSnf9lFwAAAAAAAAAAAADwYBTxzUhxeXZPWojeOaXNubO1U/Wpmc6ngruf/a/ltVZWVlaqqZO1nEM5R3KezDmZcyHnhZwXc17KeTnnlZxXc17L2coZlbz9nLWcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhnmPQEAAAAAAAAAAAAAAAAAAHCPDUYRvxEp/v33v9b+Xulofy/9Z48OHz/xmd7vjH/mNs9T1h6IiG/G5r6Td0f+rvFUKf+59/sF3N5AFPH1/P1/v7zVgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALaFShTxK5HiG99rpUgRMRIxGZ28Vmz16AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0s5UxKuR4md/d2R1WV9EpPa/HXvKH0dipMj5RJmvxMjBdlZGjpU5EHFgC8YP3Lmlt995sz4z01h0ww033Fi9sdVHJgAAAAAAAAAAAAAAAAB4hKUi/j5S/OTvtVI1Is5Xb+x8bHf16PCz+54vomhfBCD11r8+fupY7fj87MJiY2mpMV2bmGuenp9ubHZzAyeac+fOT4yO3Zedua3B+zz+wYHj8wtvLzbP/sLyTR/fNXBsaml5sX765g/HYPRFDPUu2dse8MToWHvQM836XHvVVLnFAPsiapvdGR55u1IR/xsp3tv/7Xg8L8vX/+jv3Fvr/j/8xbV7P9y3Plf/d2wfPz57dPj4ruc2czttdqB7241XNsLYeM/ivjzKH+pZVs3j2vRzwyOq7P8XIsXP/1GRuj2U+/8HOveK1dr/+fpaTx3dkKu2qP+f6Fl2NB+1+vsiBpZnF/qfjhhYevud/c3Z+tnG2cbckUMvvzR85OUXj7zUvyNi4ExzpjG0dmvTrx0AAAAAAAAAAAAAAAAA3C/9qYgvRYpf+ru/XJ03nuf/faZzb23+X+/83z0bnqf3ugG3un3TuX63mdfXq9xmSkU8FSme/bNn2uNNscucd7hDu1IR3y/7afrL6Qt5We7/PLP/5v1/YUOu2qL5v4/3LLuQjxP/ESke/4Nn4gs9x4mNs3vLur+IFFM/8vlcFzvKuu7zdeZEdyYGl7VfixTvn1xf2503/cRa7cHN7hZspbL/ZyPFP/zW38aP5mXrr/9x8/7ftSFXbVH/P9m7TxGx9PY7b9ZnZhqLS5t+KeCRU/b/r0eKv/6Tb8dzednHXf+ne52fPc+tz8Fu0Rb1/1M9y6p5XD/2CV8LAAAAAAAAAAAAeFjsSkX8U6T48z/dl/bnZZv5/O/0hly1RZ//e7pn2fS6z//evxubfpEBAGCb6E9F/ESk+OPp66k7N/aW839fWZv/M7rxxL19Tv+D7Xn+n+hc/xPM/y+3mVIR/5fn9Q7dZl7vj0eKX/upfbku7S7rRrrDbf8ceG1+bv+xmZn50/Xl+tRMoza+UD/dKNfdGyn+9d8+n9ettOf5dudHd+YGr80J/p1I8XMfdGs7c4K7cymfXKs9WNbujxTff399bXfe1VNrtYfK2t+MFGP/ffPa3Wu1h8vaf4wU//lurVu7q6ztvp97eq32wOn5mY+8ZQMAAAAAAAAAAAAAAAAAAGDr9aciUqS48jOXVufGr7/+V/c6AOuv/7XR/fr+/+q92U0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCikKOK/IsV7Y610rSjvdwycaM6dOz8xOnbz1QZTpKhE0a4v/wwcPHT4yIsvvTzczY9f/177XLw+fupY7fj87MJiY2mpMV2bmGuenp9ubPoZ7nb9jfa2X4Da7Jvnps+cWaodOnB43cPnqzd2Pra7enT42X3Pd2snRsfGxntq+vrveOsfke7dU/EpsiOK+KtI8a3930n/XERU4u574TbHjvttMPrK/mvvxMToWHtHZpr1ueXywVTJVX0R1Z6VRro98gB68a6MRFyIiEo54L3l7o0v1BfrUzON2sn64nJzuTk/lyqd0Zb7U41KDKeIhYhoFVs9eLab/ijiSqS48WEr/UsRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTxZKR4d3Io3i86fdVum+sRXyzzlYi3yryS4mK+n8oDxHDEd/0+gYdaXxRxMlLMp1a6XuTeb59Xnvhq7StzZ+Z7arvnlQ/9+4MHybkJ29hAFPFB+4y/lT7w+xwAAAAAAAAAAAAAtrkiXo0Ul2f3pPb80NU5pc25s7VT9amZzsf6u5/9r+W1VlZWVqqpk7WcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhmVvP2ctZxDOUdynsw5mXMh54WcF3Neynk555WcV3Ney9nKGT4nDQAAAAAAAAAAAAAAAADAfVKJIn41Unzje620UnS+X3YyOnnNPFf4VPv/AAAA//84/iOE")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
write$P9_RRENAME(r2, &(0x7f0000000000)={0x7, 0x15, 0x2}, 0x7)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000180)={{}, 'syz1\x00', 0x51})
ioctl$UI_DEV_CREATE(r3, 0x5501)
readv(r3, 0x0, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x4c}}, 0x0)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x4, 0x0, 0x0, 0xffffffffffffffff)
write$input_event(r3, &(0x7f0000000000)={{0x77359400}, 0x2, 0x3, 0x1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='utf8=0,nonumtail=0,iocharset=iso8859-14,check=strict,uni_xlate=1,shortname=lower,shoru~ame=winnt,flush,\x00'], 0x1, 0x216, &(0x7f0000000e00)="$eJzs3bFqU1EYB/CvttVSkHQQiiJ4xcUpNBX3FKkgBhQlg04Wm6IksWAg0A6tTr6EvoKOroKDuPoCIkgVXOzWQYjUGxtb0jZS01vM77fkg3v+95zvEnLIkJN7Z+vV+cXGwvr6WoyNDcVIMYqxMRQTcSyGI/UkAID/yUarFd9bqazXAgAcDvs/AAyeHvf/m4e4JACgz3z/B4DBc/vO3eszpdLsrSQZi6g/a5ab5fQ1vT6zEA+jFpWYilz8iGhtSeur10qzU8mmLxNRrq+286vN8vD2fCFyMdE9X0hS2/OjMd7OfxyPSkxHLk51z093zR+Pixf+mD8fufhwPxajFvOxme3kVwpJcuVGaUf+xK9xAAAAAAAAAAAAAAAAAAAAAADQD/lkS9fze/L53a6n+d7PB9p5Ps9InBnJtncAAAAAAAAAAAAAAAAAAAA4KhpLy9W5Wq3yeK/i0fuXb/cb02Mx1J73oPc5eHHy/Ofnu495+jfP598Wb85l+Vh6LN6tPTh9qTF5+aisZ2m5OrrXW+tbLqJPs7/KtPffXe87ePJFce71yqevvd45gw8jAAAAAAAAAAAAAAAAAAAYcJ0f/Wa9EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADITuf///tXZN0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8DAAA///UmKDH")
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000001900)='./bus\x00', 0x0, 0x21002, 0x0)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x14, 0x1, 0x0, 0x3, 0x0, 0x2eef9daa, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4, 0x9, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r5, 0x4)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$FS_IOC_SETFLAGS(r4, 0x4c02, &(0x7f0000000140))
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f00000000c0)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000240)='./bus\x00', &(0x7f0000000340), &(0x7f0000000480)=@v2={0x2000000, [{0x5, 0x3}, {0x6, 0x3}]}, 0x14, 0x7)
syz_usb_connect(0x1, 0x5e1, &(0x7f0000000600)=ANY=[@ANYBLOB="1201e46923d9e6202d187c208f4e010203010902cf05030d00800809048605049c6f160009050c0000040d0509cc0f61020533cdd5ed5c25283c8b76aa0d1831a74e66cc2d21f4d829ecaebc60c58833c54cf63ca7ef9540607f738d5c6598e8597df8302c9dc99c9d930275b7097511beed8a9a5f79d4805a5e5ec3947b59a15287b239b21d7f6519340cdae6914fb7804322704a82114d4aebfaac4d2086e6713469fa5d65fd37cd2b8bb492f426adb9810a2f26e65660a60b20d9b5f9d30cfb4ebc50033cf3fd5ae8f4f15b2d3028b55cd302c4349274e3746dcbb84dd8fdc8ef2f21d13e0a68f749e6f397688bbfdf11ee39df1dc18e83020909050000080001050309050e002000030306090506100800050f01072501021ff30b0904ac010bccba75ff0a24060001cb13ea2a8405240003000d240f0100000000030007000706241a030000090503000004070657072501f50af5f63523d9bf2815bee77ab19b1472e957b972c66bb830ef5f22a270e683461180bdd4fa0ea87d2a43f9a8b532819d677787090580000004050c03470731d8dc88d9489471d2d57ae2a0684e7436b0259cd7cb86361b389cec3e4cc47c66bca46f40f40628420d34a163d58d89a15b7b4cc7752b6f95e786c1af9b0ac411982f6fb20905050020000005080905090008000300e507250180b00413090580000002002002aa040c0800980d48dbe4b41e70fe39e3bba3f216c81d9f045141a7a32b5bb4b39e04f9f37cc12dd05ab77ac4e1b80d7d66afff31c758b5723cf6f375c71a8b21889b85dc556e54f92c60a321531a9f2e469a0361bc0111e9cbc2b86656ff569bd230351ce08fbdf7b87c0e0d24be644fa0b35fc7b1c2b085412f252e9116726e9298f75f6dfcd8757ef636b56c3ac6d3c23c4404f37cb1a9b0d72f6eae5944a4d5b40bf5c7814921325d09050b00ff0306050209050500000408040807250100040900072501800306000905060000023d0e070905070cff0301020009050d0c100031a4040725010000ff7fec0a6ac9c0b93022f2a4498fc6c82ba4b48263cbd53d31423b211668eb77fa1746603fe85d519a6d3fbb6c8636cc593a82f86ca14184d327453d02802b78a6e6f8fde43990be9dd44d8f54d7e4b7258bf2360fccc3ecf7e4b1af638d19abe4c010f7a49722a1fe0107000d5dace08c0e59115879f21b145fd6b76221b2b57e6d36542a37ccfb51a3ba485e4c4674a90d308f449f2d3e92220c3668b339af0e3635890ca167ae2f16845b57822140a471584803a0a296617a33ca4a5ef2ee8a3c3185b8ec9d98419cc3e88c10fbbca6c2594f123fd07d9e867f8fb5087b5eeb5161ac9f979172316563eb78160905000240000a93050725010102090009043d33056f9bf83f0a2401020008020102092407046b8c035ae3092407020200033d670b240404cc47ac10d2e974072405010cea140924080500100561260a24040502adf890af5e09050200ff03094004090503030000f8086f0905800208000b81ad0725010008ff0109050b17000406016d2903ced0cbc2281801e2d13b1ccec439f1e91de43ade147897ab9411f948850967c3f52f09626c56b4a804c18aa75e05271763d8a249e3ceaeb0735b6fd688572387ecaa11f4ed192125a0d31158553e1c5c9fc663016d098753f5396717a80e94277ba3806dcf3fc99dce2bcc34a66a6871b24c7ea4823e0ab0211d56286909354c1e6a0000c5261305a7f452a61c27fbb71bc951e29f7bc0720f082eccb305e247bcaf30ce49f72d61208526c49df5364dd75b9243b7b35f9a7d10358af7c71efe72fd2a4a577e3ac257ad170fa0255809050808ff030b020107250181c8b000a50f99f8bfeaf3b8e224990a2dd499e248ca9b3dce5657a900e839b8ab815146893107e24d5ef899d35981835794489415ca59aa4db58082fa74c011a847d5b9b86b517d141004798d853fd3e72a2c2ab8836424503464c722dbd8e559982855010aa9b5c849a4a1618c1fba4d159b544955554d78d56059d260bc9c1efba5eccc27ebdcfa23290965de131539a96f38774a724ed9d73828ae3460"], &(0x7f0000000300)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x201, 0x5, 0xfd, 0x9, 0x20, 0x4}, 0x10, &(0x7f0000000180)={0x5, 0xf, 0x10, 0x1, [@wireless={0xb, 0x10, 0x1, 0xc, 0x1d2, 0x20, 0x55, 0x8, 0xfb}]}, 0x2, [{0x8c, &(0x7f00000003c0)=@string={0x8c, 0x3, "f5f49f7c67093e56502d1991df747325dd1e381c96a3f1d903edbece4b7c408eac31b7ae8cc97b47e21d2ef42812c459d1a5a9b204c5587e2d55af7be2dba6414bc65b67c403ea8f9b33402fc7b67e8f33a3115202477d80e6e5ddb5ac294fc7c9aa71d8ca7301c89d395953549b0c651a2c0018d360cc9a02f61fb1e5db8204a69d5417175f135640c9"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x80c}}]})

[   83.073549][ T4536] Bluetooth: hci0: command tx timeout
[   84.194694][ T5111] loop0: detected capacity change from 0 to 2048
[   84.248101][ T5111] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[   84.269857][ T5111] UDF-fs: Scanning with blocksize 512 failed
[   84.284493][ T5111] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   84.384693][ T5111] input: syz1 as /devices/virtual/input/input5
[   84.560374][ T5112] loop0: detected capacity change from 2048 to 2047
[   84.567752][ T5112] ==================================================================
[   84.570878][ T5112] BUG: KASAN: use-after-free in crc_itu_t+0x1d5/0x2b0
[   84.573878][ T5112] Read of size 1 at addr ffff88801178c000 by task syz.0.0/5112
[   84.578314][ T5112] 
[   84.579732][ T5112] CPU: 0 UID: 0 PID: 5112 Comm: syz.0.0 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[   84.584378][ T5112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.589025][ T5112] Call Trace:
[   84.590587][ T5112]  <TASK>
[   84.592008][ T5112]  dump_stack_lvl+0x241/0x360
[   84.594538][ T5112]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.597863][ T5112]  ? __pfx__printk+0x10/0x10
[   84.599865][ T5112]  ? _printk+0xd5/0x120
[   84.601537][ T5112]  ? __virt_addr_valid+0x183/0x530
[   84.603525][ T5112]  ? __virt_addr_valid+0x183/0x530
[   84.605527][ T5112]  print_report+0x169/0x550
[   84.607396][ T5112]  ? __virt_addr_valid+0x183/0x530
[   84.609716][ T5112]  ? __virt_addr_valid+0x183/0x530
[   84.612198][ T5112]  ? __virt_addr_valid+0x45f/0x530
[   84.614377][ T5112]  ? __phys_addr+0xba/0x170
[   84.616113][ T5112]  ? crc_itu_t+0x1d5/0x2b0
[   84.617716][ T5112]  kasan_report+0x143/0x180
[   84.619403][ T5112]  ? crc_itu_t+0x1d5/0x2b0
[   84.620994][ T5112]  crc_itu_t+0x1d5/0x2b0
[   84.622691][ T5112]  udf_update_tag+0x70/0x6a0
[   84.624799][ T5112]  udf_write_aext+0x4d8/0x7b0
[   84.627310][ T5112]  udf_map_block+0x3a58/0x5340
[   84.629596][ T5112]  ? __pfx_udf_map_block+0x10/0x10
[   84.631657][ T5112]  ? __wake_up_common_lock+0x18c/0x1e0
[   84.633826][ T5112]  ? validate_chain+0x11e/0x5920
[   84.635827][ T5112]  ? blk_mq_unfreeze_queue+0xa5/0x110
[   84.638326][ T5112]  ? __pfx_validate_chain+0x10/0x10
[   84.641273][ T5112]  ? validate_chain+0x11e/0x5920
[   84.643619][ T5112]  ? __pfx_validate_chain+0x10/0x10
[   84.645810][ T5112]  ? __lock_acquire+0x1384/0x2050
[   84.647829][ T5112]  __udf_get_block+0x126/0x410
[   84.649719][ T5112]  ? __pfx___udf_get_block+0x10/0x10
[   84.651735][ T5112]  __block_write_begin_int+0x50c/0x1a70
[   84.653931][ T5112]  ? __pfx_udf_get_block+0x10/0x10
[   84.656370][ T5112]  ? __pfx___block_write_begin_int+0x10/0x10
[   84.659034][ T5112]  ? __filemap_get_folio+0x745/0xbd0
[   84.660956][ T5112]  ? __pfx_udf_get_block+0x10/0x10
[   84.662824][ T5112]  block_write_begin+0x8f/0x120
[   84.664446][ T5112]  udf_write_begin+0x104/0x350
[   84.666315][ T5112]  generic_perform_write+0x344/0x6d0
[   84.668960][ T5112]  ? __pfx_generic_perform_write+0x10/0x10
[   84.672191][ T5112]  ? file_update_time+0x3be/0x430
[   84.674526][ T5112]  ? __generic_file_write_iter+0x102/0x230
[   84.677015][ T5112]  ? udf_file_write_iter+0x1bf/0x660
[   84.679499][ T5112]  udf_file_write_iter+0x2fc/0x660
[   84.681914][ T5112]  do_iter_readv_writev+0x600/0x880
[   84.684424][ T5112]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   84.687319][ T5112]  ? rcu_read_lock_any_held+0xb7/0x160
[   84.689751][ T5112]  vfs_writev+0x376/0xba0
[   84.691787][ T5112]  ? __pfx_lock_acquire+0x10/0x10
[   84.694088][ T5112]  ? __pfx_vfs_writev+0x10/0x10
[   84.696338][ T5112]  ? __might_fault+0xaa/0x120
[   84.698422][ T5112]  ? __fget_files+0x29/0x470
[   84.700236][ T5112]  ? __fget_files+0x29/0x470
[   84.701897][ T5112]  __se_sys_pwritev2+0x1ca/0x2d0
[   84.703550][ T5112]  ? __pfx___se_sys_pwritev2+0x10/0x10
[   84.705405][ T5112]  ? do_syscall_64+0x100/0x230
[   84.707076][ T5112]  ? __x64_sys_pwritev2+0x21/0xf0
[   84.708809][ T5112]  do_syscall_64+0xf3/0x230
[   84.710332][ T5112]  ? clear_bhb_loop+0x35/0x90
[   84.711980][ T5112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.714123][ T5112] RIP: 0033:0x7faa51f7dff9
[   84.715862][ T5112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.723256][ T5112] RSP: 002b:00007faa52d2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   84.726695][ T5112] RAX: ffffffffffffffda RBX: 00007faa52136058 RCX: 00007faa51f7dff9
[   84.729574][ T5112] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000006
[   84.732408][ T5112] RBP: 00007faa51ff0296 R08: 0000000000000000 R09: 0000000000000000
[   84.735589][ T5112] R10: 0000000000000e7b R11: 0000000000000246 R12: 0000000000000000
[   84.739346][ T5112] R13: 0000000000000000 R14: 00007faa52136058 R15: 00007ffdb1fd0a68
[   84.742640][ T5112]  </TASK>
[   84.743777][ T5112] 
[   84.744628][ T5112] The buggy address belongs to the physical page:
[   84.746889][ T5112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7 pfn:0x1178c
[   84.750157][ T5112] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   84.753214][ T5112] page_type: f0(buddy)
[   84.754952][ T5112] raw: 00fff00000000000 ffffea0000395208 ffffea00004bd308 0000000000000000
[   84.758242][ T5112] raw: 0000000000000007 0000000000000002 00000000f0000000 0000000000000000
[   84.761575][ T5112] page dumped because: kasan: bad access detected
[   84.764354][ T5112] page_owner tracks the page as freed
[   84.766975][ T5112] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 4581, tgid 4581 (syslogd), ts 32928138783, free_ts 79891879585
[   84.773852][ T5112]  post_alloc_hook+0x1f3/0x230
[   84.775838][ T5112]  get_page_from_freelist+0x3045/0x3190
[   84.778569][ T5112]  __alloc_pages_noprof+0x292/0x710
[   84.781132][ T5112]  alloc_pages_mpol_noprof+0x3e8/0x680
[   84.783329][ T5112]  folio_alloc_mpol_noprof+0x36/0x50
[   84.785411][ T5112]  shmem_alloc_and_add_folio+0x49b/0x13d0
[   84.787685][ T5112]  shmem_get_folio_gfp+0x5a9/0x20a0
[   84.789799][ T5112]  shmem_write_begin+0x17e/0x460
[   84.791880][ T5112]  generic_perform_write+0x344/0x6d0
[   84.794073][ T5112]  shmem_file_write_iter+0xf9/0x120
[   84.796285][ T5112]  vfs_write+0xa6d/0xc90
[   84.797938][ T5112]  ksys_write+0x183/0x2b0
[   84.799326][ T5112]  do_syscall_64+0xf3/0x230
[   84.800781][ T5112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.802831][ T5112] page last free pid 79 tgid 79 stack trace:
[   84.804787][ T5112]  free_unref_folios+0xf12/0x18d0
[   84.806397][ T5112]  shrink_folio_list+0x2d3d/0x8cc0
[   84.808212][ T5112]  evict_folios+0x549b/0x7b50
[   84.809993][ T5112]  try_to_shrink_lruvec+0x9ab/0xbb0
[   84.811971][ T5112]  shrink_one+0x3b9/0x850
[   84.813481][ T5112]  shrink_node+0x3799/0x3de0
[   84.814981][ T5112]  kswapd+0x1ca3/0x3700
[   84.816222][ T5112]  kthread+0x2f0/0x390
[   84.817449][ T5112]  ret_from_fork+0x4b/0x80
[   84.818738][ T5112]  ret_from_fork_asm+0x1a/0x30
[   84.820242][ T5112] 
[   84.821110][ T5112] Memory state around the buggy address:
[   84.823288][ T5112]  ffff88801178bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.826430][ T5112]  ffff88801178bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.828941][ T5112] >ffff88801178c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   84.831369][ T5112]                    ^
[   84.832641][ T5112]  ffff88801178c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   84.834934][ T5112]  ffff88801178c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   84.837641][ T5112] ==================================================================
[   85.144159][ T4536] Bluetooth: hci0: command tx timeout
[   85.269356][    T9] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[   85.314234][ T5112] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   85.316745][ T5112] CPU: 0 UID: 0 PID: 5112 Comm: syz.0.0 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[   85.321193][ T5112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.326423][ T5112] Call Trace:
[   85.327766][ T5112]  <TASK>
[   85.328956][ T5112]  dump_stack_lvl+0x241/0x360
[   85.330840][ T5112]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.332826][ T5112]  ? __pfx__printk+0x10/0x10
[   85.334792][ T5112]  ? preempt_schedule+0xe1/0xf0
[   85.337146][ T5112]  ? vscnprintf+0x5d/0x90
[   85.339222][ T5112]  panic+0x349/0x880
[   85.340934][ T5112]  ? check_panic_on_warn+0x21/0xb0
[   85.343131][ T5112]  ? __pfx_panic+0x10/0x10
[   85.344878][ T5112]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   85.347409][ T5112]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   85.350189][ T5112]  ? print_report+0x502/0x550
[   85.352429][ T5112]  check_panic_on_warn+0x86/0xb0
[   85.355026][ T5112]  ? crc_itu_t+0x1d5/0x2b0
[   85.356734][ T5112]  end_report+0x77/0x160
[   85.358165][ T5112]  kasan_report+0x154/0x180
[   85.359759][ T5112]  ? crc_itu_t+0x1d5/0x2b0
[   85.361380][ T5112]  crc_itu_t+0x1d5/0x2b0
[   85.362713][ T5112]  udf_update_tag+0x70/0x6a0
[   85.364408][ T5112]  udf_write_aext+0x4d8/0x7b0
[   85.366400][ T5112]  udf_map_block+0x3a58/0x5340
[   85.368425][ T5112]  ? __pfx_udf_map_block+0x10/0x10
[   85.370440][ T5112]  ? __wake_up_common_lock+0x18c/0x1e0
[   85.372513][ T5112]  ? validate_chain+0x11e/0x5920
[   85.374485][ T5112]  ? blk_mq_unfreeze_queue+0xa5/0x110
[   85.376563][ T5112]  ? __pfx_validate_chain+0x10/0x10
[   85.378582][ T5112]  ? validate_chain+0x11e/0x5920
[   85.380464][ T5112]  ? __pfx_validate_chain+0x10/0x10
[   85.382574][ T5112]  ? __lock_acquire+0x1384/0x2050
[   85.384453][ T5112]  __udf_get_block+0x126/0x410
[   85.386255][ T5112]  ? __pfx___udf_get_block+0x10/0x10
[   85.388513][ T5112]  __block_write_begin_int+0x50c/0x1a70
[   85.391289][ T5112]  ? __pfx_udf_get_block+0x10/0x10
[   85.394089][ T5112]  ? __pfx___block_write_begin_int+0x10/0x10
[   85.396528][ T5112]  ? __filemap_get_folio+0x745/0xbd0
[   85.398589][ T5112]  ? __pfx_udf_get_block+0x10/0x10
[   85.400575][ T5112]  block_write_begin+0x8f/0x120
[   85.402473][ T5112]  udf_write_begin+0x104/0x350
[   85.404440][ T5112]  generic_perform_write+0x344/0x6d0
[   85.406912][ T5112]  ? __pfx_generic_perform_write+0x10/0x10
[   85.409950][ T5112]  ? file_update_time+0x3be/0x430
[   85.412417][ T5112]  ? __generic_file_write_iter+0x102/0x230
[   85.415109][ T5112]  ? udf_file_write_iter+0x1bf/0x660
[   85.417332][ T5112]  udf_file_write_iter+0x2fc/0x660
[   85.419351][ T5112]  do_iter_readv_writev+0x600/0x880
[   85.421361][ T5112]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   85.423632][ T5112]  ? rcu_read_lock_any_held+0xb7/0x160
[   85.426288][ T5112]  vfs_writev+0x376/0xba0
[   85.429102][ T5112]  ? __pfx_lock_acquire+0x10/0x10
[   85.431705][ T5112]  ? __pfx_vfs_writev+0x10/0x10
[   85.434023][ T5112]  ? __might_fault+0xaa/0x120
[   85.435846][ T5112]  ? __fget_files+0x29/0x470
[   85.437641][ T5112]  ? __fget_files+0x29/0x470
[   85.440134][ T5112]  __se_sys_pwritev2+0x1ca/0x2d0
[   85.442298][ T5112]  ? __pfx___se_sys_pwritev2+0x10/0x10
[   85.444488][ T5112]  ? do_syscall_64+0x100/0x230
[   85.446465][ T5112]  ? __x64_sys_pwritev2+0x21/0xf0
[   85.448514][ T5112]  do_syscall_64+0xf3/0x230
[   85.450342][ T5112]  ? clear_bhb_loop+0x35/0x90
[   85.451989][ T5112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.453911][ T5112] RIP: 0033:0x7faa51f7dff9
[   85.455426][ T5112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.463294][ T5112] RSP: 002b:00007faa52d2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   85.466385][ T5112] RAX: ffffffffffffffda RBX: 00007faa52136058 RCX: 00007faa51f7dff9
[   85.469012][ T5112] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000006
[   85.471679][ T5112] RBP: 00007faa51ff0296 R08: 0000000000000000 R09: 0000000000000000
[   85.474516][ T5112] R10: 0000000000000e7b R11: 0000000000000246 R12: 0000000000000000
[   85.477021][ T5112] R13: 0000000000000000 R14: 00007faa52136058 R15: 00007ffdb1fd0a68
[   85.480937][ T5112]  </TASK>
[   85.482761][ T5112] Kernel Offset: disabled
[   85.484424][ T5112] Rebooting in 86400 seconds..