Warning: Permanently added '10.128.1.44' (ED25519) to the list of known hosts.
syzkaller login: [   71.759284][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.767734][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.779539][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   71.799790][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[   71.807859][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.815984][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   71.848963][ T4247] loop0: detected capacity change from 0 to 2048
[   71.861858][ T4247] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   71.875525][ T4247] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   72.229341][ T4247] ==================================================================
[   72.237456][ T4247] BUG: KASAN: slab-out-of-bounds in crc_itu_t+0x218/0x2a0
[   72.244626][ T4247] Read of size 1 at addr ffff888018b57028 by task syz-executor205/4247
[   72.252861][ T4247] 
[   72.255237][ T4247] CPU: 1 PID: 4247 Comm: syz-executor205 Not tainted 6.1.123-syzkaller #0
[   72.263730][ T4247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.273805][ T4247] Call Trace:
[   72.277081][ T4247]  <TASK>
[   72.280028][ T4247]  dump_stack_lvl+0x1e3/0x2cb
[   72.284718][ T4247]  ? nf_tcp_handle_invalid+0x642/0x642
[   72.290200][ T4247]  ? panic+0x764/0x764
[   72.294264][ T4247]  ? _printk+0xd1/0x111
[   72.298417][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   72.303549][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   72.308675][ T4247]  print_report+0x15f/0x4f0
[   72.313191][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   72.318305][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   72.323415][ T4247]  ? __virt_addr_valid+0x45b/0x530
[   72.328538][ T4247]  ? __phys_addr+0xb6/0x170
[   72.333064][ T4247]  ? crc_itu_t+0x218/0x2a0
[   72.337509][ T4247]  kasan_report+0x136/0x160
[   72.342017][ T4247]  ? crc_itu_t+0x218/0x2a0
[   72.346452][ T4247]  crc_itu_t+0x218/0x2a0
[   72.350715][ T4247]  udf_sync_fs+0x1ce/0x380
[   72.355143][ T4247]  ? udf_put_super+0x160/0x160
[   72.359926][ T4247]  ? get_nr_dirty_inodes+0x2ab/0x2e0
[   72.365308][ T4247]  sync_filesystem+0xe8/0x220
[   72.369990][ T4247]  generic_shutdown_super+0x6b/0x340
[   72.375284][ T4247]  kill_block_super+0x7a/0xe0
[   72.379966][ T4247]  deactivate_locked_super+0xa0/0x110
[   72.385355][ T4247]  cleanup_mnt+0x490/0x520
[   72.389780][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   72.394983][ T4247]  task_work_run+0x246/0x300
[   72.399583][ T4247]  ? kasan_quarantine_put+0xd4/0x220
[   72.404892][ T4247]  ? task_work_cancel+0x2e0/0x2e0
[   72.409931][ T4247]  ? kmem_cache_free+0x292/0x510
[   72.414876][ T4247]  ? do_exit+0xa69/0x26a0
[   72.419213][ T4247]  do_exit+0xa6e/0x26a0
[   72.423378][ T4247]  ? put_task_struct+0x80/0x80
[   72.428147][ T4247]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   72.434134][ T4247]  ? print_irqtrace_events+0x210/0x210
[   72.439597][ T4247]  ? _raw_spin_unlock_irq+0x1f/0x40
[   72.444799][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   72.449996][ T4247]  do_group_exit+0x202/0x2b0
[   72.454609][ T4247]  __x64_sys_exit_group+0x3b/0x40
[   72.459663][ T4247]  do_syscall_64+0x3b/0xb0
[   72.464100][ T4247]  ? clear_bhb_loop+0x45/0xa0
[   72.468773][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   72.474692][ T4247] RIP: 0033:0x7f02bb751a29
[   72.479116][ T4247] Code: Unable to access opcode bytes at 0x7f02bb7519ff.
[   72.486127][ T4247] RSP: 002b:00007ffd6438a4c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   72.494567][ T4247] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f02bb751a29
[   72.502536][ T4247] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   72.510506][ T4247] RBP: 00007f02bb7e9390 R08: ffffffffffffffb8 R09: 000000000001f675
[   72.518473][ T4247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f02bb7e9390
[   72.526462][ T4247] R13: 0000000000000000 R14: 00007f02bb7eb160 R15: 00007f02bb718340
[   72.534535][ T4247]  </TASK>
[   72.537560][ T4247] 
[   72.539878][ T4247] Allocated by task 3630:
[   72.544195][ T4247]  kasan_set_track+0x4b/0x70
[   72.548791][ T4247]  __kasan_slab_alloc+0x65/0x70
[   72.553652][ T4247]  slab_post_alloc_hook+0x52/0x3a0
[   72.558767][ T4247]  kmem_cache_alloc+0x10c/0x2d0
[   72.563623][ T4247]  debug_objects_fill_pool+0x4c9/0xa10
[   72.569088][ T4247]  __debug_object_init+0x29/0x450
[   72.574116][ T4247]  debug_init+0x26/0x290
[   72.578363][ T4247]  hrtimer_init+0x1e/0x30
[   72.582775][ T4247]  init_dl_inactive_task_timer+0x1a/0x50
[   72.588401][ T4247]  sched_fork+0x122/0x8b0
[   72.592732][ T4247]  copy_process+0x1702/0x4060
[   72.597406][ T4247]  kernel_clone+0x222/0x920
[   72.601904][ T4247]  __x64_sys_clone+0x231/0x280
[   72.606667][ T4247]  do_syscall_64+0x3b/0xb0
[   72.611089][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   72.616994][ T4247] 
[   72.619311][ T4247] The buggy address belongs to the object at ffff888018b57000
[   72.619311][ T4247]  which belongs to the cache debug_objects_cache of size 40
[   72.633976][ T4247] The buggy address is located 0 bytes to the right of
[   72.633976][ T4247]  40-byte region [ffff888018b57000, ffff888018b57028)
[   72.647504][ T4247] 
[   72.649820][ T4247] The buggy address belongs to the physical page:
[   72.656231][ T4247] page:ffffea000062d5c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888018b57af0 pfn:0x18b57
[   72.667686][ T4247] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[   72.675243][ T4247] raw: 00fff00000000200 ffffea0000919208 ffffea000074f048 ffff888017c4f8c0
[   72.683828][ T4247] raw: ffff888018b57af0 000000000049003f 00000001ffffffff 0000000000000000
[   72.692492][ T4247] page dumped because: kasan: bad access detected
[   72.698904][ T4247] page_owner tracks the page as allocated
[   72.704610][ T4247] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12020(__GFP_HIGH|__GFP_NOWARN|__GFP_NORETRY), pid 3477, tgid 3477 (cryptomgr_test), ts 21703477901, free_ts 21687347065
[   72.723097][ T4247]  post_alloc_hook+0x18d/0x1b0
[   72.727859][ T4247]  get_page_from_freelist+0x3731/0x38d0
[   72.733404][ T4247]  __alloc_pages+0x28d/0x770
[   72.737992][ T4247]  alloc_slab_page+0x6a/0x150
[   72.742671][ T4247]  new_slab+0x84/0x2d0
[   72.746743][ T4247]  ___slab_alloc+0xc20/0x1270
[   72.751855][ T4247]  kmem_cache_alloc+0x1a5/0x2d0
[   72.756710][ T4247]  debug_objects_fill_pool+0x559/0xa10
[   72.762192][ T4247]  debug_object_activate+0x32/0x4e0
[   72.767393][ T4247]  call_rcu+0x93/0xa10
[   72.771462][ T4247]  release_task+0xdc0/0x16d0
[   72.776059][ T4247]  do_exit+0x19fd/0x26a0
[   72.780307][ T4247]  kthread_exit+0x42/0x60
[   72.784640][ T4247]  __module_put_and_kthread_exit+0x16/0x20
[   72.790449][ T4247]  cryptomgr_test+0x21/0x30
[   72.794958][ T4247]  kthread+0x28d/0x320
[   72.799026][ T4247] page last free stack trace:
[   72.803692][ T4247]  free_unref_page_prepare+0x12a6/0x15b0
[   72.809322][ T4247]  free_unref_page+0x33/0x3e0
[   72.814004][ T4247]  __vunmap+0x873/0xa30
[   72.818163][ T4247]  free_work+0x57/0x80
[   72.822236][ T4247]  process_one_work+0x8a9/0x11d0
[   72.827179][ T4247]  worker_thread+0xa47/0x1200
[   72.831858][ T4247]  kthread+0x28d/0x320
[   72.835921][ T4247]  ret_from_fork+0x1f/0x30
[   72.840340][ T4247] 
[   72.842673][ T4247] Memory state around the buggy address:
[   72.848294][ T4247]  ffff888018b56f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.856353][ T4247]  ffff888018b56f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.864406][ T4247] >ffff888018b57000: 00 00 00 00 00 fc fc 00 00 00 00 00 fc fc 00 00
[   72.872565][ T4247]                                   ^
[   72.877928][ T4247]  ffff888018b57080: 00 00 00 fc fc 00 00 00 00 00 fc fc 00 00 00 00
[   72.885982][ T4247]  ffff888018b57100: 00 fc fc 00 00 00 00 00 fc fc 00 00 00 00 00 fc
[   72.894033][ T4247] ==================================================================
[   72.914742][ T4247] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   72.921963][ T4247] CPU: 0 PID: 4247 Comm: syz-executor205 Not tainted 6.1.123-syzkaller #0
[   72.930462][ T4247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.940513][ T4247] Call Trace:
[   72.943836][ T4247]  <TASK>
[   72.946779][ T4247]  dump_stack_lvl+0x1e3/0x2cb
[   72.951471][ T4247]  ? nf_tcp_handle_invalid+0x642/0x642
[   72.956940][ T4247]  ? panic+0x764/0x764
[   72.961018][ T4247]  ? preempt_schedule_common+0xa6/0xd0
[   72.966516][ T4247]  ? vscnprintf+0x59/0x80
[   72.970856][ T4247]  panic+0x318/0x764
[   72.974840][ T4247]  ? check_panic_on_warn+0x1d/0xa0
[   72.979953][ T4247]  ? memcpy_page_flushcache+0xfc/0xfc
[   72.985338][ T4247]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   72.991324][ T4247]  ? _raw_spin_unlock+0x40/0x40
[   72.996175][ T4247]  ? print_report+0x4a3/0x4f0
[   73.000859][ T4247]  check_panic_on_warn+0x7e/0xa0
[   73.005799][ T4247]  ? crc_itu_t+0x218/0x2a0
[   73.010220][ T4247]  end_report+0x66/0x110
[   73.014464][ T4247]  kasan_report+0x143/0x160
[   73.018971][ T4247]  ? crc_itu_t+0x218/0x2a0
[   73.023394][ T4247]  crc_itu_t+0x218/0x2a0
[   73.027736][ T4247]  udf_sync_fs+0x1ce/0x380
[   73.032160][ T4247]  ? udf_put_super+0x160/0x160
[   73.036931][ T4247]  ? get_nr_dirty_inodes+0x2ab/0x2e0
[   73.042224][ T4247]  sync_filesystem+0xe8/0x220
[   73.046909][ T4247]  generic_shutdown_super+0x6b/0x340
[   73.052199][ T4247]  kill_block_super+0x7a/0xe0
[   73.056893][ T4247]  deactivate_locked_super+0xa0/0x110
[   73.062269][ T4247]  cleanup_mnt+0x490/0x520
[   73.066692][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   73.071908][ T4247]  task_work_run+0x246/0x300
[   73.076525][ T4247]  ? kasan_quarantine_put+0xd4/0x220
[   73.081830][ T4247]  ? task_work_cancel+0x2e0/0x2e0
[   73.086952][ T4247]  ? kmem_cache_free+0x292/0x510
[   73.091981][ T4247]  ? do_exit+0xa69/0x26a0
[   73.096327][ T4247]  do_exit+0xa6e/0x26a0
[   73.100502][ T4247]  ? put_task_struct+0x80/0x80
[   73.105279][ T4247]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   73.111267][ T4247]  ? print_irqtrace_events+0x210/0x210
[   73.116747][ T4247]  ? _raw_spin_unlock_irq+0x1f/0x40
[   73.121971][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   73.127185][ T4247]  do_group_exit+0x202/0x2b0
[   73.131812][ T4247]  __x64_sys_exit_group+0x3b/0x40
[   73.136867][ T4247]  do_syscall_64+0x3b/0xb0
[   73.141303][ T4247]  ? clear_bhb_loop+0x45/0xa0
[   73.145981][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   73.151884][ T4247] RIP: 0033:0x7f02bb751a29
[   73.156302][ T4247] Code: Unable to access opcode bytes at 0x7f02bb7519ff.
[   73.163329][ T4247] RSP: 002b:00007ffd6438a4c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   73.171749][ T4247] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f02bb751a29
[   73.179730][ T4247] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   73.187698][ T4247] RBP: 00007f02bb7e9390 R08: ffffffffffffffb8 R09: 000000000001f675
[   73.195670][ T4247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f02bb7e9390
[   73.203640][ T4247] R13: 0000000000000000 R14: 00007f02bb7eb160 R15: 00007f02bb718340
[   73.211614][ T4247]  </TASK>
[   73.214916][ T4247] Kernel Offset: disabled
[   73.219239][ T4247] Rebooting in 86400 seconds..