Warning: Permanently added '10.128.1.47' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [ 53.975312][ T5076] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5076 'syz-executor318'
[ 54.071810][ T5076] loop0: detected capacity change from 0 to 2048
[ 54.072287][ T5078] loop2: detected capacity change from 0 to 2048
[ 54.087081][ T5080] loop3: detected capacity change from 0 to 2048
[ 54.092396][ T5077] loop1: detected capacity change from 0 to 2048
[ 54.101547][ T5079] loop4: detected capacity change from 0 to 2048
[ 54.110185][ T5081] loop5: detected capacity change from 0 to 2048
[ 54.123293][ T5080] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.133292][ T5078] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.144143][ T5076] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.160149][ T5079] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.173212][ T5077] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.182445][ T5081] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.216119][ T5079] ==================================================================
[ 54.224243][ T5079] BUG: KASAN: use-after-free in udf_open_lvid.isra.0+0x24f/0x2a0
[ 54.232025][ T5079] Write of size 1 at addr ffff888094c48ac8 by task syz-executor318/5079
[ 54.240376][ T5079]
[ 54.242717][ T5079] CPU: 0 PID: 5079 Comm: syz-executor318 Not tainted 6.2.0-rc3-next-20230112-syzkaller #0
[ 54.252636][ T5079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 54.262716][ T5079] Call Trace:
[ 54.266039][ T5079]
[ 54.269518][ T5079] dump_stack_lvl+0xd1/0x138
[ 54.274162][ T5079] print_report+0x15e/0x45d
[ 54.278699][ T5079] ? __phys_addr+0xc8/0x140
[ 54.283244][ T5079] ? udf_open_lvid.isra.0+0x24f/0x2a0
[ 54.288666][ T5079] kasan_report+0xc0/0xf0
[ 54.293039][ T5079] ? udf_open_lvid.isra.0+0x24f/0x2a0
[ 54.298459][ T5079] udf_open_lvid.isra.0+0x24f/0x2a0
[ 54.303755][ T5079] udf_fill_super+0x1474/0x1a40
[ 54.308646][ T5079] ? udf_load_vrs+0xbe0/0xbe0
[ 54.313367][ T5079] ? vsprintf+0x30/0x30
[ 54.317557][ T5079] ? set_blocksize+0x2d2/0x370
[ 54.322456][ T5079] mount_bdev+0x351/0x410
[ 54.326826][ T5079] ? udf_load_vrs+0xbe0/0xbe0
[ 54.331539][ T5079] ? udf_get_pblock_meta25+0x3e0/0x3e0
[ 54.337011][ T5079] legacy_get_tree+0x109/0x220
[ 54.341805][ T5079] vfs_get_tree+0x8d/0x2f0
[ 54.346242][ T5079] path_mount+0x132a/0x1e20
[ 54.350771][ T5079] ? kmem_cache_free+0xec/0x4e0
[ 54.355632][ T5079] ? finish_automount+0x9b0/0x9b0
[ 54.360680][ T5079] ? putname+0x102/0x140
[ 54.364947][ T5079] __x64_sys_mount+0x283/0x300
[ 54.369734][ T5079] ? copy_mnt_ns+0xb30/0xb30
[ 54.374430][ T5079] ? syscall_enter_from_user_mode+0x26/0xb0
[ 54.380346][ T5079] do_syscall_64+0x39/0xb0
[ 54.384787][ T5079] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.390707][ T5079] RIP: 0033:0x7f58020fdf1a
[ 54.395147][ T5079] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.414959][ T5079] RSP: 002b:00007ffd5ab081b8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5
[ 54.423997][ T5079] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f58020fdf1a
[ 54.431985][ T5079] RDX: 0000000020000c00 RSI: 0000000020000c40 RDI: 00007ffd5ab081d0
[ 54.439965][ T5079] RBP: 00007ffd5ab081d0 R08: 00007ffd5ab08210 R09: 0000000000000bea
[ 54.447939][ T5079] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000004
[ 54.455913][ T5079] R13: 0000555555add2c0 R14: 0000000000000000 R15: 00007ffd5ab08210
[ 54.463989][ T5079]
[ 54.467009][ T5079]
[ 54.469330][ T5079] The buggy address belongs to the physical page:
[ 54.475736][ T5079] page:ffffea0002531200 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x94c48
[ 54.485892][ T5079] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 54.493018][ T5079] raw: 00fff00000000000 ffffea0002531208 ffffea0002531208 0000000000000000
[ 54.501611][ T5079] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 54.510276][ T5079] page dumped because: kasan: bad access detected
[ 54.516714][ T5079] page_owner info is not present (never set?)
[ 54.523061][ T5079]
[ 54.525391][ T5079] Memory state around the buggy address:
[ 54.531112][ T5079] ffff888094c48980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 54.539178][ T5079] ffff888094c48a00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 54.547240][ T5079] >ffff888094c48a80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 54.555297][ T5079] ^
executing program
[ 54.561727][ T5079] ffff888094c48b00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 54.569807][ T5079] ffff888094c48b80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 54.577889][ T5079] ==================================================================
executing program
executing program
executing program
executing program
[ 54.667593][ T5083] loop3: detected capacity change from 0 to 2048
[ 54.697967][ T5084] loop5: detected capacity change from 0 to 2048
[ 54.714449][ T5083] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.735078][ T5085] loop1: detected capacity change from 0 to 2048
[ 54.743924][ T5086] loop2: detected capacity change from 0 to 2048
[ 54.751151][ T5088] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 54.762928][ T5079] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 54.766455][ T5084] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.778957][ T5079] CPU: 1 PID: 5079 Comm: syz-executor318 Not tainted 6.2.0-rc3-next-20230112-syzkaller #0
[ 54.785530][ T5087] loop0: detected capacity change from 0 to 2048
[ 54.795456][ T5079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 54.798610][ T5087] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 54.814280][ T5079] Call Trace:
[ 54.817610][ T5079]
[ 54.820558][ T5079] dump_stack_lvl+0xd1/0x138
[ 54.825359][ T5079] panic+0x2cc/0x626
[ 54.829294][ T5079] ? panic_print_sys_info.part.0+0x112/0x112
[ 54.835395][ T5079] ? preempt_schedule_thunk+0x1a/0x20
[ 54.840791][ T5079] ? preempt_schedule_common+0x59/0xc0
[ 54.846283][ T5079] check_panic_on_warn.cold+0x19/0x35
[ 54.851703][ T5079] end_report.part.0+0x36/0x73
[ 54.856664][ T5079] ? udf_open_lvid.isra.0+0x24f/0x2a0
[ 54.862067][ T5079] kasan_report.cold+0xa/0xf
[ 54.866667][ T5079] ? udf_open_lvid.isra.0+0x24f/0x2a0
[ 54.872059][ T5079] udf_open_lvid.isra.0+0x24f/0x2a0
[ 54.877285][ T5079] udf_fill_super+0x1474/0x1a40
[ 54.882201][ T5079] ? udf_load_vrs+0xbe0/0xbe0
[ 54.886908][ T5079] ? vsprintf+0x30/0x30
[ 54.892312][ T5079] ? set_blocksize+0x2d2/0x370
[ 54.897124][ T5079] mount_bdev+0x351/0x410
[ 54.901497][ T5079] ? udf_load_vrs+0xbe0/0xbe0
[ 54.906199][ T5079] ? udf_get_pblock_meta25+0x3e0/0x3e0
[ 54.911676][ T5079] legacy_get_tree+0x109/0x220
[ 54.916463][ T5079] vfs_get_tree+0x8d/0x2f0
[ 54.920893][ T5079] path_mount+0x132a/0x1e20
[ 54.925420][ T5079] ? kmem_cache_free+0xec/0x4e0
[ 54.930279][ T5079] ? finish_automount+0x9b0/0x9b0
[ 54.935322][ T5079] ? putname+0x102/0x140
[ 54.939591][ T5079] __x64_sys_mount+0x283/0x300
[ 54.944379][ T5079] ? copy_mnt_ns+0xb30/0xb30
[ 54.948988][ T5079] ? syscall_enter_from_user_mode+0x26/0xb0
[ 54.954992][ T5079] do_syscall_64+0x39/0xb0
[ 54.959427][ T5079] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.965335][ T5079] RIP: 0033:0x7f58020fdf1a
[ 54.969768][ T5079] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.989652][ T5079] RSP: 002b:00007ffd5ab081b8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5
[ 54.998072][ T5079] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f58020fdf1a
[ 55.006061][ T5079] RDX: 0000000020000c00 RSI: 0000000020000c40 RDI: 00007ffd5ab081d0
[ 55.014152][ T5079] RBP: 00007ffd5ab081d0 R08: 00007ffd5ab08210 R09: 0000000000000bea
[ 55.022147][ T5079] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000004
[ 55.030130][ T5079] R13: 0000555555add2c0 R14: 0000000000000000 R15: 00007ffd5ab08210
[ 55.038218][ T5079]
[ 55.041461][ T5079] Kernel Offset: disabled
[ 55.045783][ T5079] Rebooting in 86400 seconds..