Warning: Permanently added '[localhost]:11964' (ED25519) to the list of known hosts.
executing program
[ 70.591703][ T5309] loop0: detected capacity change from 0 to 2048
[ 70.620220][ T5309] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[ 70.626777][ T5309] UDF-fs: Scanning with blocksize 512 failed
[ 70.636908][ T5309] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 70.728289][ T5309] loop0: detected capacity change from 2048 to 2047
[ 70.745886][ T5309] UDF-fs: warning (device loop0): udf_truncate_tail_extent: Too long extent after EOF in inode 818: i_size: 134220898 lbcount: 141077504 extent 0+14745600
[ 70.756498][ T5309] ==================================================================
[ 70.759538][ T5309] BUG: KASAN: use-after-free in crc_itu_t+0x1d5/0x2b0
[ 70.763240][ T5309] Read of size 1 at addr ffff888041e7d000 by task syz-executor317/5309
[ 70.767110][ T5309]
[ 70.768069][ T5309] CPU: 0 UID: 0 PID: 5309 Comm: syz-executor317 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[ 70.772106][ T5309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 70.776129][ T5309] Call Trace:
[ 70.777414][ T5309]
[ 70.778552][ T5309] dump_stack_lvl+0x241/0x360
[ 70.780359][ T5309] ? __pfx_dump_stack_lvl+0x10/0x10
[ 70.782340][ T5309] ? __pfx__printk+0x10/0x10
[ 70.784080][ T5309] ? _printk+0xd5/0x120
[ 70.785675][ T5309] ? __virt_addr_valid+0x183/0x530
[ 70.787555][ T5309] ? __virt_addr_valid+0x183/0x530
[ 70.789408][ T5309] print_report+0x169/0x550
[ 70.791146][ T5309] ? __virt_addr_valid+0x183/0x530
[ 70.793034][ T5309] ? __virt_addr_valid+0x183/0x530
[ 70.794742][ T5309] ? __virt_addr_valid+0x45f/0x530
[ 70.796487][ T5309] ? __phys_addr+0xba/0x170
[ 70.798016][ T5309] ? crc_itu_t+0x1d5/0x2b0
[ 70.799540][ T5309] kasan_report+0x143/0x180
[ 70.801113][ T5309] ? crc_itu_t+0x1d5/0x2b0
[ 70.802680][ T5309] crc_itu_t+0x1d5/0x2b0
[ 70.804121][ T5309] udf_update_tag+0x70/0x6a0
[ 70.805734][ T5309] udf_write_aext+0x4d8/0x7b0
[ 70.807399][ T5309] extent_trunc+0x2f7/0x4a0
[ 70.808982][ T5309] ? __pfx_extent_trunc+0x10/0x10
[ 70.810883][ T5309] udf_truncate_tail_extent+0x527/0x7e0
[ 70.812809][ T5309] ? __pfx_udf_truncate_tail_extent+0x10/0x10
[ 70.815014][ T5309] ? down_write+0x18c/0x220
[ 70.816692][ T5309] ? down_read_killable+0xcc0/0xd30
[ 70.818619][ T5309] ? __pfx_call_rcu+0x10/0x10
[ 70.820333][ T5309] udf_release_file+0xc1/0x120
[ 70.822094][ T5309] ? __pfx_udf_release_file+0x10/0x10
[ 70.824048][ T5309] __fput+0x23f/0x880
[ 70.825586][ T5309] task_work_run+0x24f/0x310
[ 70.827311][ T5309] ? __pfx_task_work_run+0x10/0x10
[ 70.829248][ T5309] ? switch_task_namespaces+0xe4/0x110
[ 70.831218][ T5309] do_exit+0xa2f/0x28e0
[ 70.832763][ T5309] ? __pfx_do_exit+0x10/0x10
[ 70.834466][ T5309] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 70.836532][ T5309] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 70.838827][ T5309] ? _raw_spin_unlock_irq+0x23/0x50
[ 70.840756][ T5309] ? lockdep_hardirqs_on+0x99/0x150
[ 70.842677][ T5309] do_group_exit+0x207/0x2c0
[ 70.844315][ T5309] __x64_sys_exit_group+0x3f/0x40
[ 70.846157][ T5309] x64_sys_call+0x2634/0x2640
[ 70.847906][ T5309] do_syscall_64+0xf3/0x230
[ 70.849520][ T5309] ? clear_bhb_loop+0x35/0x90
[ 70.851262][ T5309] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.853274][ T5309] RIP: 0033:0x7ffbbd1e9f09
[ 70.854829][ T5309] Code: Unable to access opcode bytes at 0x7ffbbd1e9edf.
[ 70.857241][ T5309] RSP: 002b:00007fff6e953b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 70.860063][ T5309] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffbbd1e9f09
[ 70.862775][ T5309] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 70.865683][ T5309] RBP: 00007ffbbd286310 R08: ffffffffffffffb8 R09: 000055558cebc4c0
[ 70.868441][ T5309] R10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007ffbbd286310
[ 70.871324][ T5309] R13: 0000000000000000 R14: 00007ffbbd287080 R15: 00007ffbbd1b8100
[ 70.874249][ T5309]
[ 70.875391][ T5309]
[ 70.876380][ T5309] The buggy address belongs to the physical page:
[ 70.878842][ T5309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x55558cebb pfn:0x41e7d
[ 70.882339][ T5309] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 70.884975][ T5309] raw: 04fff00000000000 ffffea000118ba08 ffffea000118d7c8 0000000000000000
[ 70.888141][ T5309] raw: 000000055558cebb 0000000000000000 00000000ffffffff 0000000000000000
[ 70.891285][ T5309] page dumped because: kasan: bad access detected
[ 70.893627][ T5309] page_owner tracks the page as freed
[ 70.895666][ T5309] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5309, tgid 5309 (syz-executor317), ts 70568771998, free_ts 70739898657
[ 70.902706][ T5309] post_alloc_hook+0x1f3/0x230
[ 70.904565][ T5309] get_page_from_freelist+0x3045/0x3190
[ 70.906706][ T5309] __alloc_pages_noprof+0x292/0x710
[ 70.908728][ T5309] alloc_pages_mpol_noprof+0x3e8/0x680
[ 70.910912][ T5309] vma_alloc_folio_noprof+0x12e/0x230
[ 70.912937][ T5309] folio_prealloc+0x31/0x170
[ 70.914678][ T5309] do_wp_page+0x11c4/0x52d0
[ 70.916346][ T5309] handle_pte_fault+0x10e3/0x6800
[ 70.918309][ T5309] handle_mm_fault+0x1106/0x1bb0
[ 70.920188][ T5309] exc_page_fault+0x2b9/0x8c0
[ 70.921892][ T5309] asm_exc_page_fault+0x26/0x30
[ 70.923715][ T5309] page last free pid 5309 tgid 5309 stack trace:
[ 70.926118][ T5309] free_unref_folios+0xf12/0x18d0
[ 70.928004][ T5309] folios_put_refs+0x76c/0x860
[ 70.929723][ T5309] free_pages_and_swap_cache+0x2ea/0x690
[ 70.931743][ T5309] tlb_flush_mmu+0x3a3/0x680
[ 70.933443][ T5309] tlb_finish_mmu+0xd4/0x200
[ 70.935140][ T5309] exit_mmap+0x496/0xc40
[ 70.936716][ T5309] __mmput+0x115/0x390
[ 70.938248][ T5309] exit_mm+0x220/0x310
[ 70.939770][ T5309] do_exit+0x9b2/0x28e0
[ 70.941270][ T5309] do_group_exit+0x207/0x2c0
[ 70.942946][ T5309] __x64_sys_exit_group+0x3f/0x40
[ 70.944779][ T5309] x64_sys_call+0x2634/0x2640
[ 70.946561][ T5309] do_syscall_64+0xf3/0x230
[ 70.948250][ T5309] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.950543][ T5309]
[ 70.951578][ T5309] Memory state around the buggy address:
[ 70.953643][ T5309] ffff888041e7cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 70.956621][ T5309] ffff888041e7cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 70.959545][ T5309] >ffff888041e7d000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 70.962730][ T5309] ^
[ 70.964275][ T5309] ffff888041e7d080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 70.967215][ T5309] ffff888041e7d100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 70.970100][ T5309] ==================================================================
[ 70.977072][ T5309] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 70.979765][ T5309] CPU: 0 UID: 0 PID: 5309 Comm: syz-executor317 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[ 70.983741][ T5309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 70.987704][ T5309] Call Trace:
[ 70.988965][ T5309]
[ 70.990052][ T5309] dump_stack_lvl+0x241/0x360
[ 70.991845][ T5309] ? __pfx_dump_stack_lvl+0x10/0x10
[ 70.993804][ T5309] ? __pfx__printk+0x10/0x10
[ 70.995583][ T5309] ? preempt_schedule+0xe1/0xf0
[ 70.997454][ T5309] ? vscnprintf+0x5d/0x90
[ 70.999121][ T5309] panic+0x349/0x880
[ 71.000574][ T5309] ? check_panic_on_warn+0x21/0xb0
[ 71.002763][ T5309] ? __pfx_panic+0x10/0x10
[ 71.004385][ T5309] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 71.006639][ T5309] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 71.008875][ T5309] ? print_report+0x502/0x550
[ 71.010590][ T5309] check_panic_on_warn+0x86/0xb0
[ 71.012437][ T5309] ? crc_itu_t+0x1d5/0x2b0
[ 71.014149][ T5309] end_report+0x77/0x160
[ 71.015862][ T5309] kasan_report+0x154/0x180
[ 71.017545][ T5309] ? crc_itu_t+0x1d5/0x2b0
[ 71.019211][ T5309] crc_itu_t+0x1d5/0x2b0
[ 71.020824][ T5309] udf_update_tag+0x70/0x6a0
[ 71.022622][ T5309] udf_write_aext+0x4d8/0x7b0
[ 71.024526][ T5309] extent_trunc+0x2f7/0x4a0
[ 71.026275][ T5309] ? __pfx_extent_trunc+0x10/0x10
[ 71.028311][ T5309] udf_truncate_tail_extent+0x527/0x7e0
[ 71.030434][ T5309] ? __pfx_udf_truncate_tail_extent+0x10/0x10
[ 71.032765][ T5309] ? down_write+0x18c/0x220
[ 71.034440][ T5309] ? down_read_killable+0xcc0/0xd30
[ 71.036444][ T5309] ? __pfx_call_rcu+0x10/0x10
[ 71.038136][ T5309] udf_release_file+0xc1/0x120
[ 71.039912][ T5309] ? __pfx_udf_release_file+0x10/0x10
[ 71.042014][ T5309] __fput+0x23f/0x880
[ 71.043522][ T5309] task_work_run+0x24f/0x310
[ 71.045258][ T5309] ? __pfx_task_work_run+0x10/0x10
[ 71.047106][ T5309] ? switch_task_namespaces+0xe4/0x110
[ 71.049148][ T5309] do_exit+0xa2f/0x28e0
[ 71.050671][ T5309] ? __pfx_do_exit+0x10/0x10
[ 71.052425][ T5309] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 71.054788][ T5309] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 71.057215][ T5309] ? _raw_spin_unlock_irq+0x23/0x50
[ 71.059169][ T5309] ? lockdep_hardirqs_on+0x99/0x150
[ 71.061161][ T5309] do_group_exit+0x207/0x2c0
[ 71.062936][ T5309] __x64_sys_exit_group+0x3f/0x40
[ 71.064790][ T5309] x64_sys_call+0x2634/0x2640
[ 71.066540][ T5309] do_syscall_64+0xf3/0x230
[ 71.068199][ T5309] ? clear_bhb_loop+0x35/0x90
[ 71.069978][ T5309] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 71.072253][ T5309] RIP: 0033:0x7ffbbd1e9f09
[ 71.073919][ T5309] Code: Unable to access opcode bytes at 0x7ffbbd1e9edf.
[ 71.076527][ T5309] RSP: 002b:00007fff6e953b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 71.079849][ T5309] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffbbd1e9f09
[ 71.082807][ T5309] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 71.086347][ T5309] RBP: 00007ffbbd286310 R08: ffffffffffffffb8 R09: 000055558cebc4c0
[ 71.089877][ T5309] R10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007ffbbd286310
[ 71.092956][ T5309] R13: 0000000000000000 R14: 00007ffbbd287080 R15: 00007ffbbd1b8100
[ 71.096370][ T5309]
[ 71.098050][ T5309] Kernel Offset: disabled
[ 71.099897][ T5309] Rebooting in 86400 seconds..
VM DIAGNOSIS:
18:10:49 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000020 RBX=ffffffff9a718e80 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000d11f050
R8 =ffffffff854abd6b R9 =1ffff1100679e046 R10=dffffc0000000000 R11=ffffffff854abd20
R12=dffffc0000000000 R13=ffffffff9a413f04 R14=0000000000000020 R15=00000000000003f8
RIP=ffffffff854abd9e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffbbd234138 CR3=0000000049108000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000440401 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff6e953b70 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffbbd28c5c0 00007ffbbd2805d8
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffbbd2717e4 00007ffbbd2852a0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65723d73726f7272 6500747865003036 36396f7369007265 6c6c616b7a797300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40571856574a5757 4000515d40001513 131c4a564c005740 4949444e5f5c5600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000