Warning: Permanently added '10.128.0.141' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   49.638728][ T3500] loop0: detected capacity change from 0 to 2048
[   49.687882][ T3500] =======================================================
[   49.687882][ T3500] WARNING: The mand mount option has been deprecated and
[   49.687882][ T3500]          and is ignored by this kernel. Remove the mand
[   49.687882][ T3500]          option from the mount to silence this warning.
[   49.687882][ T3500] =======================================================
[   49.741404][ T3500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   49.862141][ T3500] ==================================================================
[   49.870513][ T3500] BUG: KASAN: use-after-free in crc_itu_t+0x218/0x2a0
[   49.877528][ T3500] Read of size 1 at addr ffff88807333b000 by task syz-executor251/3500
[   49.885872][ T3500] 
[   49.888216][ T3500] CPU: 1 PID: 3500 Comm: syz-executor251 Not tainted 5.15.156-syzkaller #0
[   49.896800][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   49.906855][ T3500] Call Trace:
[   49.910134][ T3500]  <TASK>
[   49.913056][ T3500]  dump_stack_lvl+0x1e3/0x2d0
[   49.917734][ T3500]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   49.923369][ T3500]  ? _printk+0xd1/0x120
[   49.927548][ T3500]  ? __wake_up_klogd+0xcc/0x100
[   49.932415][ T3500]  ? panic+0x860/0x860
[   49.936478][ T3500]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   49.941937][ T3500]  print_address_description+0x63/0x3b0
[   49.947496][ T3500]  ? crc_itu_t+0x218/0x2a0
[   49.951909][ T3500]  kasan_report+0x16b/0x1c0
[   49.956419][ T3500]  ? crc_itu_t+0x218/0x2a0
[   49.960856][ T3500]  ? pvclock_gtod_unregister_notifier+0x50/0x50
[   49.967193][ T3500]  crc_itu_t+0x218/0x2a0
[   49.971545][ T3500]  udf_sync_fs+0x1ce/0x380
[   49.975964][ T3500]  ? udf_put_super+0x160/0x160
[   49.980751][ T3500]  ? get_nr_dirty_inodes+0x25f/0x2e0
[   49.986060][ T3500]  sync_filesystem+0xe8/0x220
[   49.990739][ T3500]  generic_shutdown_super+0x6e/0x2c0
[   49.996023][ T3500]  kill_block_super+0x7a/0xe0
[   50.000699][ T3500]  deactivate_locked_super+0xa0/0x110
[   50.006068][ T3500]  cleanup_mnt+0x44e/0x500
[   50.010505][ T3500]  ? lockdep_hardirqs_on+0x94/0x130
[   50.015812][ T3500]  task_work_run+0x129/0x1a0
[   50.020421][ T3500]  do_exit+0x6a3/0x2480
[   50.024580][ T3500]  ? put_task_struct+0x80/0x80
[   50.029427][ T3500]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   50.035422][ T3500]  ? vtime_user_exit+0x2d1/0x400
[   50.040416][ T3500]  do_group_exit+0x144/0x310
[   50.045020][ T3500]  __x64_sys_exit_group+0x3b/0x40
[   50.050082][ T3500]  do_syscall_64+0x3b/0xb0
[   50.054502][ T3500]  ? clear_bhb_loop+0x15/0x70
[   50.059173][ T3500]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   50.065067][ T3500] RIP: 0033:0x7ffa6c5d7609
[   50.069505][ T3500] Code: Unable to access opcode bytes at RIP 0x7ffa6c5d75df.
[   50.076860][ T3500] RSP: 002b:00007fffb0288488 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   50.085368][ T3500] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007ffa6c5d7609
[   50.093453][ T3500] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   50.101466][ T3500] RBP: 00007ffa6c6812d0 R08: ffffffffffffffb0 R09: 0000000000000004
[   50.109552][ T3500] R10: 0000000000001400 R11: 0000000000000246 R12: 00007ffa6c6812d0
[   50.117554][ T3500] R13: 0000000000000000 R14: 00007ffa6c682040 R15: 00007ffa6c5a25c0
[   50.125566][ T3500]  </TASK>
[   50.128593][ T3500] 
[   50.130937][ T3500] The buggy address belongs to the page:
[   50.136558][ T3500] page:ffffea0001cccec0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x7333b
[   50.146721][ T3500] flags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)
[   50.153837][ T3500] raw: 00fff80000000000 ffffea0002d60508 ffffea0001c6b888 0000000000000000
[   50.162513][ T3500] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   50.171088][ T3500] page dumped because: kasan: bad access detected
[   50.177491][ T3500] page_owner tracks the page as freed
[   50.182849][ T3500] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 3500, ts 49757444759, free_ts 49786088375
[   50.198388][ T3500]  get_page_from_freelist+0x322a/0x33c0
[   50.204058][ T3500]  __alloc_pages+0x272/0x700
[   50.208665][ T3500]  alloc_pages_vma+0x39a/0x800
[   50.213440][ T3500]  handle_mm_fault+0x2f49/0x5950
[   50.218372][ T3500]  exc_page_fault+0x271/0x740
[   50.223042][ T3500]  asm_exc_page_fault+0x22/0x30
[   50.227887][ T3500] page last free stack trace:
[   50.232562][ T3500]  free_unref_page_prepare+0xc34/0xcf0
[   50.238104][ T3500]  free_unref_page_list+0x1f7/0x8e0
[   50.243294][ T3500]  release_pages+0x1bb9/0x1f40
[   50.248051][ T3500]  tlb_finish_mmu+0x177/0x320
[   50.252845][ T3500]  unmap_region+0x304/0x350
[   50.257350][ T3500]  __do_munmap+0x12db/0x1740
[   50.261952][ T3500]  __vm_munmap+0x134/0x230
[   50.266365][ T3500]  __x64_sys_munmap+0x67/0x70
[   50.271032][ T3500]  do_syscall_64+0x3b/0xb0
[   50.275444][ T3500]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   50.282155][ T3500] 
[   50.284466][ T3500] Memory state around the buggy address:
[   50.290170][ T3500]  ffff88807333af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.298237][ T3500]  ffff88807333af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.306735][ T3500] >ffff88807333b000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   50.314815][ T3500]                    ^
[   50.318918][ T3500]  ffff88807333b080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   50.326980][ T3500]  ffff88807333b100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   50.335914][ T3500] ==================================================================
[   50.343998][ T3500] Disabling lock debugging due to kernel taint
[   50.351029][ T3500] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   50.358256][ T3500] CPU: 0 PID: 3500 Comm: syz-executor251 Tainted: G    B             5.15.156-syzkaller #0
[   50.368327][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   50.378486][ T3500] Call Trace:
[   50.381758][ T3500]  <TASK>
[   50.384820][ T3500]  dump_stack_lvl+0x1e3/0x2d0
[   50.389515][ T3500]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   50.395353][ T3500]  ? panic+0x860/0x860
[   50.399455][ T3500]  ? preempt_schedule_common+0xa6/0xd0
[   50.404931][ T3500]  ? preempt_schedule+0xd9/0xe0
[   50.409827][ T3500]  panic+0x318/0x860
[   50.413747][ T3500]  ? check_panic_on_warn+0x1d/0xa0
[   50.418902][ T3500]  ? fb_is_primary_device+0xd0/0xd0
[   50.424142][ T3500]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   50.430314][ T3500]  ? _raw_spin_unlock+0x40/0x40
[   50.435270][ T3500]  ? print_memory_metadata+0xe2/0x140
[   50.440654][ T3500]  check_panic_on_warn+0x7e/0xa0
[   50.445613][ T3500]  ? crc_itu_t+0x218/0x2a0
[   50.450232][ T3500]  end_report+0x6d/0xf0
[   50.454386][ T3500]  kasan_report+0x18e/0x1c0
[   50.458918][ T3500]  ? crc_itu_t+0x218/0x2a0
[   50.463462][ T3500]  ? pvclock_gtod_unregister_notifier+0x50/0x50
[   50.469819][ T3500]  crc_itu_t+0x218/0x2a0
[   50.474075][ T3500]  udf_sync_fs+0x1ce/0x380
[   50.478486][ T3500]  ? udf_put_super+0x160/0x160
[   50.483249][ T3500]  ? get_nr_dirty_inodes+0x25f/0x2e0
[   50.488546][ T3500]  sync_filesystem+0xe8/0x220
[   50.493253][ T3500]  generic_shutdown_super+0x6e/0x2c0
[   50.498556][ T3500]  kill_block_super+0x7a/0xe0
[   50.503418][ T3500]  deactivate_locked_super+0xa0/0x110
[   50.508923][ T3500]  cleanup_mnt+0x44e/0x500
[   50.513529][ T3500]  ? lockdep_hardirqs_on+0x94/0x130
[   50.518725][ T3500]  task_work_run+0x129/0x1a0
[   50.523335][ T3500]  do_exit+0x6a3/0x2480
[   50.527490][ T3500]  ? put_task_struct+0x80/0x80
[   50.532250][ T3500]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   50.538230][ T3500]  ? vtime_user_exit+0x2d1/0x400
[   50.543362][ T3500]  do_group_exit+0x144/0x310
[   50.547997][ T3500]  __x64_sys_exit_group+0x3b/0x40
[   50.553201][ T3500]  do_syscall_64+0x3b/0xb0
[   50.557624][ T3500]  ? clear_bhb_loop+0x15/0x70
[   50.562307][ T3500]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   50.568307][ T3500] RIP: 0033:0x7ffa6c5d7609
[   50.572747][ T3500] Code: Unable to access opcode bytes at RIP 0x7ffa6c5d75df.
[   50.580204][ T3500] RSP: 002b:00007fffb0288488 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   50.588821][ T3500] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007ffa6c5d7609
[   50.596799][ T3500] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   50.604768][ T3500] RBP: 00007ffa6c6812d0 R08: ffffffffffffffb0 R09: 0000000000000004
[   50.613237][ T3500] R10: 0000000000001400 R11: 0000000000000246 R12: 00007ffa6c6812d0
[   50.621213][ T3500] R13: 0000000000000000 R14: 00007ffa6c682040 R15: 00007ffa6c5a25c0
[   50.629359][ T3500]  </TASK>
[   50.632684][ T3500] Kernel Offset: disabled
[   50.637009][ T3500] Rebooting in 86400 seconds..