Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts.
executing program
[   82.585405][ T5039] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5039 'syz-executor329'
[   82.616236][ T5039] loop0: detected capacity change from 0 to 2048
[   82.624994][ T5039] =======================================================
[   82.624994][ T5039] WARNING: The mand mount option has been deprecated and
[   82.624994][ T5039]          and is ignored by this kernel. Remove the mand
[   82.624994][ T5039]          option from the mount to silence this warning.
[   82.624994][ T5039] =======================================================
executing program
[   82.918333][ T5041] loop0: detected capacity change from 0 to 2048
executing program
[   83.160678][ T5042] loop0: detected capacity change from 0 to 2048
executing program
[   83.442862][ T5043] loop0: detected capacity change from 0 to 2048
executing program
[   83.681164][ T5044] loop0: detected capacity change from 0 to 2048
[   83.860037][ T5038] ==================================================================
[   83.868145][ T5038] BUG: KASAN: use-after-free in crc_itu_t+0xd7/0xe0
[   83.874760][ T5038] Read of size 1 at addr ffff888072aa6000 by task syz-executor329/5038
[   83.883025][ T5038] 
[   83.885350][ T5038] CPU: 1 PID: 5038 Comm: syz-executor329 Not tainted 6.5.0-rc5-next-20230809-syzkaller #0
[   83.895245][ T5038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   83.905303][ T5038] Call Trace:
[   83.908592][ T5038]  <TASK>
[   83.911524][ T5038]  dump_stack_lvl+0xd9/0x1b0
[   83.916140][ T5038]  print_report+0xc4/0x620
[   83.920571][ T5038]  ? __virt_addr_valid+0x5e/0x2d0
[   83.925604][ T5038]  ? __phys_addr+0xc6/0x140
[   83.930117][ T5038]  kasan_report+0xda/0x110
[   83.934558][ T5038]  ? crc_itu_t+0xd7/0xe0
[   83.938810][ T5038]  ? crc_itu_t+0xd7/0xe0
[   83.943069][ T5038]  crc_itu_t+0xd7/0xe0
[   83.947227][ T5038]  udf_finalize_lvid+0xf2/0x1f0
[   83.952098][ T5038]  ? udf_mount+0x40/0x40
[   83.956350][ T5038]  udf_sync_fs+0xea/0x150
[   83.960691][ T5038]  ? udf_finalize_lvid+0x1f0/0x1f0
[   83.965810][ T5038]  sync_filesystem+0x109/0x280
[   83.970584][ T5038]  generic_shutdown_super+0x74/0x480
[   83.975881][ T5038]  kill_block_super+0x3b/0x70
[   83.980568][ T5038]  deactivate_locked_super+0x9a/0x170
[   83.985951][ T5038]  deactivate_super+0xde/0x100
[   83.990727][ T5038]  cleanup_mnt+0x222/0x3d0
[   83.995159][ T5038]  task_work_run+0x14d/0x240
[   83.999773][ T5038]  ? task_work_cancel+0x30/0x30
[   84.004645][ T5038]  ? __x64_sys_umount+0x128/0x1a0
[   84.009699][ T5038]  exit_to_user_mode_prepare+0x210/0x240
[   84.015338][ T5038]  syscall_exit_to_user_mode+0x1d/0x50
[   84.020807][ T5038]  do_syscall_64+0x44/0xb0
[   84.025243][ T5038]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.031166][ T5038] RIP: 0033:0x7fa43fe11647
[   84.035669][ T5038] Code: 09 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[   84.055282][ T5038] RSP: 002b:00007ffca44dcf58 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   84.063699][ T5038] RAX: 0000000000000000 RBX: 000000000001468d RCX: 00007fa43fe11647
[   84.071673][ T5038] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffca44dd010
[   84.079646][ T5038] RBP: 00007ffca44dd010 R08: 0000000000000000 R09: 0000000000000000
[   84.087789][ T5038] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffca44de080
[   84.095759][ T5038] R13: 0000555556d566c0 R14: 431bde82d7b634db R15: 00007ffca44de0a0
[   84.103740][ T5038]  </TASK>
[   84.106756][ T5038] 
[   84.109071][ T5038] The buggy address belongs to the physical page:
[   84.115478][ T5038] page:ffffea0001caa980 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x72aa6
[   84.125722][ T5038] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   84.132827][ T5038] page_type: 0xffffffff()
[   84.137156][ T5038] raw: 00fff00000000000 ffffea0001d30988 ffffea0001ff2108 0000000000000000
[   84.145748][ T5038] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   84.154323][ T5038] page dumped because: kasan: bad access detected
[   84.160724][ T5038] page_owner tracks the page as freed
[   84.166081][ T5038] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5044, tgid 5044 (syz-executor329), ts 83732675716, free_ts 83752353263
[   84.184092][ T5038]  post_alloc_hook+0x2d2/0x350
[   84.188882][ T5038]  get_page_from_freelist+0x10d7/0x31b0
[   84.194444][ T5038]  __alloc_pages+0x1d0/0x4a0
[   84.199032][ T5038]  __folio_alloc+0x16/0x40
[   84.203459][ T5038]  vma_alloc_folio+0x156/0x890
[   84.208244][ T5038]  shmem_alloc_folio+0xb5/0x170
[   84.213104][ T5038]  shmem_alloc_and_acct_folio+0xcb/0x140
[   84.218832][ T5038]  shmem_get_folio_gfp+0xbca/0x1850
[   84.224052][ T5038]  shmem_write_begin+0x15c/0x390
[   84.229007][ T5038]  generic_perform_write+0x278/0x600
[   84.234302][ T5038]  __generic_file_write_iter+0x1f9/0x240
[   84.240041][ T5038]  generic_file_write_iter+0xe3/0x350
[   84.245448][ T5038]  vfs_write+0x650/0xe40
[   84.249782][ T5038]  ksys_write+0x12f/0x250
[   84.254130][ T5038]  do_syscall_64+0x38/0xb0
[   84.258579][ T5038]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.264503][ T5038] page last free stack trace:
[   84.269172][ T5038]  free_unref_page_prepare+0x508/0xb90
[   84.274652][ T5038]  free_unref_page_list+0xe6/0xb30
[   84.279798][ T5038]  release_pages+0x32a/0x14e0
[   84.284486][ T5038]  __folio_batch_release+0x77/0xe0
[   84.289604][ T5038]  shmem_undo_range+0x580/0x1140
[   84.294636][ T5038]  shmem_evict_inode+0x334/0xb00
[   84.299581][ T5038]  evict+0x2ed/0x6b0
[   84.303486][ T5038]  iput.part.0+0x55e/0x7a0
[   84.307919][ T5038]  iput+0x5c/0x80
[   84.311571][ T5038]  dentry_unlink_inode+0x292/0x430
[   84.316709][ T5038]  __dentry_kill+0x3b8/0x640
[   84.321315][ T5038]  dput+0x8dd/0xfd0
[   84.325135][ T5038]  __fput+0x536/0xac0
[   84.329125][ T5038]  __fput_sync+0x47/0x50
[   84.333376][ T5038]  __x64_sys_close+0x87/0xf0
[   84.337971][ T5038]  do_syscall_64+0x38/0xb0
[   84.342492][ T5038] 
[   84.344811][ T5038] Memory state around the buggy address:
[   84.350440][ T5038]  ffff888072aa5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.358501][ T5038]  ffff888072aa5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.366562][ T5038] >ffff888072aa6000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   84.374615][ T5038]                    ^
[   84.378676][ T5038]  ffff888072aa6080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   84.388383][ T5038]  ffff888072aa6100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   84.396449][ T5038] ==================================================================
[   84.408395][ T5038] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   84.415617][ T5038] CPU: 1 PID: 5038 Comm: syz-executor329 Not tainted 6.5.0-rc5-next-20230809-syzkaller #0
[   84.425521][ T5038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   84.435579][ T5038] Call Trace:
[   84.438907][ T5038]  <TASK>
[   84.441845][ T5038]  dump_stack_lvl+0xd9/0x1b0
[   84.446474][ T5038]  panic+0x6a6/0x750
[   84.450387][ T5038]  ? panic_smp_self_stop+0xa0/0xa0
[   84.455526][ T5038]  ? preempt_schedule_thunk+0x1a/0x30
[   84.460924][ T5038]  ? preempt_schedule_common+0x45/0xc0
[   84.466415][ T5038]  check_panic_on_warn+0xab/0xb0
[   84.471386][ T5038]  end_report+0x108/0x150
[   84.475754][ T5038]  kasan_report+0xea/0x110
[   84.480364][ T5038]  ? crc_itu_t+0xd7/0xe0
[   84.484618][ T5038]  ? crc_itu_t+0xd7/0xe0
[   84.488868][ T5038]  crc_itu_t+0xd7/0xe0
[   84.492956][ T5038]  udf_finalize_lvid+0xf2/0x1f0
[   84.497912][ T5038]  ? udf_mount+0x40/0x40
[   84.502170][ T5038]  udf_sync_fs+0xea/0x150
[   84.506515][ T5038]  ? udf_finalize_lvid+0x1f0/0x1f0
[   84.511637][ T5038]  sync_filesystem+0x109/0x280
[   84.516411][ T5038]  generic_shutdown_super+0x74/0x480
[   84.521710][ T5038]  kill_block_super+0x3b/0x70
[   84.526403][ T5038]  deactivate_locked_super+0x9a/0x170
[   84.531787][ T5038]  deactivate_super+0xde/0x100
[   84.536575][ T5038]  cleanup_mnt+0x222/0x3d0
[   84.541012][ T5038]  task_work_run+0x14d/0x240
[   84.545621][ T5038]  ? task_work_cancel+0x30/0x30
[   84.550576][ T5038]  ? __x64_sys_umount+0x128/0x1a0
[   84.555613][ T5038]  exit_to_user_mode_prepare+0x210/0x240
[   84.561254][ T5038]  syscall_exit_to_user_mode+0x1d/0x50
[   84.566726][ T5038]  do_syscall_64+0x44/0xb0
[   84.571157][ T5038]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.577069][ T5038] RIP: 0033:0x7fa43fe11647
[   84.581484][ T5038] Code: 09 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[   84.601097][ T5038] RSP: 002b:00007ffca44dcf58 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   84.609513][ T5038] RAX: 0000000000000000 RBX: 000000000001468d RCX: 00007fa43fe11647
[   84.617481][ T5038] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffca44dd010
[   84.625459][ T5038] RBP: 00007ffca44dd010 R08: 0000000000000000 R09: 0000000000000000
[   84.633432][ T5038] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffca44de080
[   84.641489][ T5038] R13: 0000555556d566c0 R14: 431bde82d7b634db R15: 00007ffca44de0a0
[   84.649479][ T5038]  </TASK>
[   84.652731][ T5038] Kernel Offset: disabled
[   84.657042][ T5038] Rebooting in 86400 seconds..