./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2875199735

<...>
Warning: Permanently added '10.128.0.205' (ED25519) to the list of known hosts.
execve("./syz-executor2875199735", ["./syz-executor2875199735"], 0x7ffd27e388e0 /* 10 vars */) = 0
brk(NULL)                               = 0x55555684b000
brk(0x55555684bd00)                     = 0x55555684bd00
arch_prctl(ARCH_SET_FS, 0x55555684b380) = 0
set_tid_address(0x55555684b650)         = 5059
set_robust_list(0x55555684b660, 24)     = 0
rseq(0x55555684bca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2875199735", 4096) = 28
getrandom("\xea\xca\x3f\x5c\xd9\x36\x5d\x68", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55555684bd00
brk(0x55555686cd00)                     = 0x55555686cd00
brk(0x55555686d000)                     = 0x55555686d000
mprotect(0x7fc927080000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5060 attached
, child_tidptr=0x55555684b650) = 5060
[pid  5060] set_robust_list(0x55555684b660, 24) = 0
[pid  5060] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5060] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5060] setsid()                    = 1
[pid  5060] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5060] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5060] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5060] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5060] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5060] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5060] unshare(CLONE_NEWNS)        = 0
[pid  5060] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5060] unshare(CLONE_NEWIPC)       = 0
[pid  5060] unshare(CLONE_NEWCGROUP)    = 0
[pid  5060] unshare(CLONE_NEWUTS)       = 0
[pid  5060] unshare(CLONE_SYSVSEM)      = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "16777216", 8)     = 8
[pid  5060] close(3)                    = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "536870912", 9)    = 9
[pid  5060] close(3)                    = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "1024", 4)         = 4
[pid  5060] close(3)                    = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "8192", 4)         = 4
[pid  5060] close(3)                    = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "1024", 4)         = 4
[pid  5060] close(3)                    = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "1024", 4)         = 4
[pid  5060] close(3)                    = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5060] close(3)                    = 0
[pid  5060] getpid()                    = 1
[pid  5060] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5060] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5060] unshare(CLONE_NEWNET)       = 0
[pid  5060] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "0 65535", 7)      = 7
[pid  5060] close(3)                    = 0
[pid  5060] mkdir("/dev/binderfs", 0777) = 0
[pid  5060] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5060] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5060] memfd_create("syzkaller", 0) = 3
[pid  5060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc91ebae000
[pid  5060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
[pid  5060] munmap(0x7fc91ebae000, 138412032) = 0
[pid  5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5060] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5060] close(3)                    = 0
[pid  5060] mkdir("./file0", 0777)      = 0
[   76.444318][ T5060] loop0: detected capacity change from 0 to 2048
[   76.465779][ T5060] =======================================================
[   76.465779][ T5060] WARNING: The mand mount option has been deprecated and
[   76.465779][ T5060]          and is ignored by this kernel. Remove the mand
[pid  5060] mount("/dev/loop0", "./file0", "udf", MS_NODEV|MS_MANDLOCK|MS_NOATIME|MS_REC|MS_POSIXACL, "iocharset=iso8859-6,uid=ignore,unhide,uid=forget,gid=00000000000000000000,session=00000") = 0
[pid  5060] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5060] chdir("./file0")            = 0
[pid  5060] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5060] close(4)                    = 0
[   76.465779][ T5060]          option from the mount to silence this warning.
[   76.465779][ T5060] =======================================================
[   76.518132][ T5060] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   76.531449][ T5060] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[pid  5060] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4
[pid  5060] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid  5060] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c) = 5
[pid  5060] mmap(0x20000000, 6291456, PROT_WRITE|PROT_GROWSUP, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000
[pid  5060] memfd_create("syzkaller", 0) = 6
[pid  5060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc91ebae000
[pid  5060] write(6, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid  5060] munmap(0x7fc91ebae000, 138412032) = 0
[pid  5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 7
[pid  5060] ioctl(7, LOOP_SET_FD, 6)    = -1 EBUSY (Device or resource busy)
[pid  5060] ioctl(7, LOOP_CLR_FD)       = 0
[pid  5060] ioctl(7, LOOP_SET_FD, 6)    = -1 EBUSY (Device or resource busy)
[pid  5060] close(7)                    = 0
[pid  5060] close(6)                    = 0
[pid  5060] exit_group(1)               = ?
[   76.786243][ T5060] ==================================================================
[   76.794796][ T5060] BUG: KASAN: use-after-free in udf_close_lvid+0x6a8/0x9a0
[   76.802023][ T5060] Write of size 1 at addr ffff88806ca074a0 by task syz-executor287/5060
[   76.811652][ T5060] 
[   76.813977][ T5060] CPU: 1 PID: 5060 Comm: syz-executor287 Not tainted 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0
[   76.824416][ T5060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   76.834518][ T5060] Call Trace:
[   76.837812][ T5060]  <TASK>
[   76.840800][ T5060]  dump_stack_lvl+0x1e7/0x2d0
[   76.845512][ T5060]  ? nf_tcp_handle_invalid+0x650/0x650
[   76.850980][ T5060]  ? panic+0x850/0x850
[   76.855078][ T5060]  ? _printk+0xd5/0x120
[   76.859254][ T5060]  print_report+0x163/0x540
[   76.863775][ T5060]  ? __lock_acquire+0x1fd0/0x1fd0
[   76.868815][ T5060]  ? __virt_addr_valid+0x22f/0x2e0
[   76.873949][ T5060]  ? __phys_addr+0xba/0x170
[   76.878496][ T5060]  ? udf_close_lvid+0x6a8/0x9a0
[   76.884175][ T5060]  kasan_report+0x142/0x170
[   76.888997][ T5060]  ? udf_close_lvid+0x6a8/0x9a0
[   76.894052][ T5060]  udf_close_lvid+0x6a8/0x9a0
[   76.898776][ T5060]  ? udf_open_lvid+0x5b0/0x5b0
[   76.903934][ T5060]  ? iput+0x384/0x900
[   76.907950][ T5060]  ? clear_inode+0x160/0x160
[   76.912554][ T5060]  ? module_put+0x13a/0x2b0
[   76.917062][ T5060]  udf_put_super+0xcd/0x160
[   76.921574][ T5060]  ? udf_free_in_core_inode+0x30/0x30
[   76.927317][ T5060]  generic_shutdown_super+0x13a/0x2c0
[   76.933160][ T5060]  kill_block_super+0x44/0x90
[   76.938319][ T5060]  deactivate_locked_super+0xc1/0x130
[   76.943986][ T5060]  cleanup_mnt+0x426/0x4c0
[   76.948664][ T5060]  ? _raw_spin_unlock_irq+0x23/0x50
[   76.953892][ T5060]  task_work_run+0x24a/0x300
[   76.958509][ T5060]  ? kasan_quarantine_put+0xd8/0x230
[   76.963931][ T5060]  ? task_work_cancel+0x2b0/0x2b0
[   76.969080][ T5060]  ? kmem_cache_free+0x299/0x470
[   76.974078][ T5060]  ? do_exit+0xa27/0x2740
[   76.978687][ T5060]  do_exit+0xa2c/0x2740
[   76.982860][ T5060]  ? put_task_struct+0xb0/0xb0
[   76.987836][ T5060]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[   76.994206][ T5060]  ? print_irqtrace_events+0x220/0x220
[   76.999786][ T5060]  ? _raw_spin_unlock_irq+0x23/0x50
[   77.004996][ T5060]  ? lockdep_hardirqs_on+0x98/0x140
[   77.010325][ T5060]  do_group_exit+0x206/0x2c0
[   77.015022][ T5060]  __x64_sys_exit_group+0x3f/0x40
[   77.020084][ T5060]  do_syscall_64+0x45/0x110
[   77.024708][ T5060]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   77.030846][ T5060] RIP: 0033:0x7fc926feacc9
[   77.035295][ T5060] Code: Unable to access opcode bytes at 0x7fc926feac9f.
[   77.042330][ T5060] RSP: 002b:00007fff70794dd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   77.051377][ T5060] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fc926feacc9
[   77.060942][ T5060] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   77.069147][ T5060] RBP: 00007fc927086390 R08: ffffffffffffffb8 R09: 000000000001f22a
[   77.077211][ T5060] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc927086390
[   77.085181][ T5060] R13: 0000000000000000 R14: 00007fc927087100 R15: 00007fc926fb8fa0
[   77.093879][ T5060]  </TASK>
[   77.097681][ T5060] 
[   77.100007][ T5060] The buggy address belongs to the physical page:
[   77.106415][ T5060] page:ffffea0001b281c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6ca07
[   77.116668][ T5060] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   77.124940][ T5060] page_type: 0xffffffff()
[   77.129385][ T5060] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[   77.139548][ T5060] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   77.148328][ T5060] page dumped because: kasan: bad access detected
[   77.154760][ T5060] page_owner tracks the page as freed
[   77.160244][ T5060] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, tgid 1 (swapper/0), ts 23408075543, free_ts 25695308748
[   77.175218][ T5060]  post_alloc_hook+0x1e6/0x210
[   77.179997][ T5060]  split_map_pages+0x24a/0x510
[   77.184768][ T5060]  isolate_freepages_range+0x476/0x4d0
[   77.190698][ T5060]  alloc_contig_range+0x62e/0x9a0
[   77.196796][ T5060]  alloc_contig_pages+0x3f4/0x4f0
[   77.201822][ T5060]  debug_vm_pgtable_alloc_huge_page+0xb9/0x110
[   77.208154][ T5060]  init_args+0x837/0xb10
[   77.212590][ T5060]  debug_vm_pgtable+0xe0/0x540
[   77.217557][ T5060]  do_one_initcall+0x234/0x810
[   77.222325][ T5060]  do_initcall_level+0x157/0x210
[   77.227264][ T5060]  do_initcalls+0x3f/0x80
[   77.231608][ T5060]  kernel_init_freeable+0x429/0x5c0
[   77.236822][ T5060]  kernel_init+0x1d/0x2a0
[   77.241172][ T5060]  ret_from_fork+0x48/0x80
[   77.245617][ T5060]  ret_from_fork_asm+0x11/0x20
[   77.250482][ T5060] page last free stack trace:
[   77.255151][ T5060]  free_unref_page_prepare+0x931/0xa60
[   77.260626][ T5060]  free_unref_page+0x37/0x3f0
[   77.265331][ T5060]  free_contig_range+0x9e/0x160
[   77.270201][ T5060]  destroy_args+0x8a/0x890
[   77.274677][ T5060]  debug_vm_pgtable+0x4ba/0x540
[   77.279557][ T5060]  do_one_initcall+0x234/0x810
[   77.284383][ T5060]  do_initcall_level+0x157/0x210
[   77.289363][ T5060]  do_initcalls+0x3f/0x80
[   77.293699][ T5060]  kernel_init_freeable+0x429/0x5c0
[   77.298994][ T5060]  kernel_init+0x1d/0x2a0
[   77.303345][ T5060]  ret_from_fork+0x48/0x80
[   77.307824][ T5060]  ret_from_fork_asm+0x11/0x20
[   77.312694][ T5060] 
[   77.315131][ T5060] Memory state around the buggy address:
[   77.320771][ T5060]  ffff88806ca07380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   77.329108][ T5060]  ffff88806ca07400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   77.337376][ T5060] >ffff88806ca07480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   77.345436][ T5060]                                ^
[   77.350547][ T5060]  ffff88806ca07500: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   77.359053][ T5060]  ffff88806ca07580: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   77.367134][ T5060] ==================================================================
[   77.376065][ T5060] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   77.383300][ T5060] CPU: 1 PID: 5060 Comm: syz-executor287 Not tainted 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0
[   77.393725][ T5060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   77.403912][ T5060] Call Trace:
[   77.407213][ T5060]  <TASK>
[   77.410247][ T5060]  dump_stack_lvl+0x1e7/0x2d0
[   77.415250][ T5060]  ? nf_tcp_handle_invalid+0x650/0x650
[   77.421012][ T5060]  ? panic+0x850/0x850
[   77.425498][ T5060]  ? vscnprintf+0x5d/0x80
[   77.429959][ T5060]  panic+0x349/0x850
[   77.434054][ T5060]  ? check_panic_on_warn+0x21/0xa0
[   77.439285][ T5060]  ? __memcpy_flushcache+0x2b0/0x2b0
[   77.444758][ T5060]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   77.451160][ T5060]  ? _raw_spin_unlock+0x40/0x40
[   77.456231][ T5060]  ? print_report+0x4fb/0x540
[   77.461542][ T5060]  check_panic_on_warn+0x82/0xa0
[   77.469204][ T5060]  ? udf_close_lvid+0x6a8/0x9a0
[   77.474556][ T5060]  end_report+0x6e/0x140
[   77.479084][ T5060]  kasan_report+0x153/0x170
[   77.484178][ T5060]  ? udf_close_lvid+0x6a8/0x9a0
[   77.489640][ T5060]  udf_close_lvid+0x6a8/0x9a0
[   77.495600][ T5060]  ? udf_open_lvid+0x5b0/0x5b0
[   77.502160][ T5060]  ? iput+0x384/0x900
[   77.507002][ T5060]  ? clear_inode+0x160/0x160
[   77.512200][ T5060]  ? module_put+0x13a/0x2b0
[   77.517271][ T5060]  udf_put_super+0xcd/0x160
[   77.521894][ T5060]  ? udf_free_in_core_inode+0x30/0x30
[   77.527971][ T5060]  generic_shutdown_super+0x13a/0x2c0
[   77.533665][ T5060]  kill_block_super+0x44/0x90
[   77.538771][ T5060]  deactivate_locked_super+0xc1/0x130
[   77.545130][ T5060]  cleanup_mnt+0x426/0x4c0
[   77.549803][ T5060]  ? _raw_spin_unlock_irq+0x23/0x50
[   77.555037][ T5060]  task_work_run+0x24a/0x300
[   77.559657][ T5060]  ? kasan_quarantine_put+0xd8/0x230
[   77.564968][ T5060]  ? task_work_cancel+0x2b0/0x2b0
[   77.570042][ T5060]  ? kmem_cache_free+0x299/0x470
[   77.575098][ T5060]  ? do_exit+0xa27/0x2740
[   77.579467][ T5060]  do_exit+0xa2c/0x2740
[   77.583653][ T5060]  ? put_task_struct+0xb0/0xb0
[   77.588435][ T5060]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[   77.594448][ T5060]  ? print_irqtrace_events+0x220/0x220
[   77.599932][ T5060]  ? _raw_spin_unlock_irq+0x23/0x50
[   77.605235][ T5060]  ? lockdep_hardirqs_on+0x98/0x140
[   77.610467][ T5060]  do_group_exit+0x206/0x2c0
[   77.615088][ T5060]  __x64_sys_exit_group+0x3f/0x40
[   77.620205][ T5060]  do_syscall_64+0x45/0x110
[   77.624772][ T5060]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   77.631678][ T5060] RIP: 0033:0x7fc926feacc9
[   77.636134][ T5060] Code: Unable to access opcode bytes at 0x7fc926feac9f.
[   77.645586][ T5060] RSP: 002b:00007fff70794dd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   77.654012][ T5060] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fc926feacc9
[   77.662005][ T5060] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   77.670174][ T5060] RBP: 00007fc927086390 R08: ffffffffffffffb8 R09: 000000000001f22a
[   77.678155][ T5060] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc927086390
[   77.686131][ T5060] R13: 0000000000000000 R14: 00007fc927087100 R15: 00007fc926fb8fa0
[   77.694291][ T5060]  </TASK>
[   77.697504][ T5060] Kernel Offset: disabled
[   77.701856][ T5060] Rebooting in 86400 seconds..