Warning: Permanently added '10.128.0.147' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 51.786372][ T5057] loop0: detected capacity change from 0 to 2048
[ 51.794155][ T5057] =======================================================
[ 51.794155][ T5057] WARNING: The mand mount option has been deprecated and
[ 51.794155][ T5057] and is ignored by this kernel. Remove the mand
[ 51.794155][ T5057] option from the mount to silence this warning.
[ 51.794155][ T5057] =======================================================
[ 51.833750][ T5057] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 51.856872][ T27] audit: type=1800 audit(1671928386.115:2): pid=5057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor104" name="bus" dev="loop0" ino=1357 res=0 errno=0
[ 51.924619][ T5057] ==================================================================
[ 51.933113][ T5057] BUG: KASAN: use-after-free in crc_itu_t+0xd2/0xe0
[ 51.939721][ T5057] Read of size 1 at addr ffff88807447f000 by task syz-executor104/5057
[ 51.947952][ T5057]
[ 51.950255][ T5057] CPU: 0 PID: 5057 Comm: syz-executor104 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0
[ 51.960291][ T5057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 51.970325][ T5057] Call Trace:
[ 51.973596][ T5057]
[ 51.976530][ T5057] dump_stack_lvl+0xd1/0x138
[ 51.981105][ T5057] print_report+0x15e/0x45d
[ 51.985590][ T5057] ? __phys_addr+0xc8/0x140
[ 51.990081][ T5057] ? crc_itu_t+0xd2/0xe0
[ 51.994755][ T5057] kasan_report+0xbf/0x1f0
[ 51.999240][ T5057] ? crc_itu_t+0xd2/0xe0
[ 52.003553][ T5057] crc_itu_t+0xd2/0xe0
[ 52.008127][ T5057] udf_finalize_lvid+0xe0/0x1d0
[ 52.012994][ T5057] ? udf_mount+0x40/0x40
[ 52.017395][ T5057] ? get_nr_dirty_inodes+0x11e/0x1b0
[ 52.022693][ T5057] udf_sync_fs+0xea/0x150
[ 52.027031][ T5057] ? udf_finalize_lvid+0x1d0/0x1d0
[ 52.032385][ T5057] sync_filesystem.part.0+0x75/0x1d0
[ 52.037658][ T5057] sync_filesystem+0x8f/0xc0
[ 52.042235][ T5057] generic_shutdown_super+0x74/0x410
[ 52.047686][ T5057] kill_block_super+0x9b/0xf0
[ 52.052357][ T5057] deactivate_locked_super+0x98/0x160
[ 52.057730][ T5057] deactivate_super+0xb1/0xd0
[ 52.062416][ T5057] cleanup_mnt+0x2ae/0x3d0
[ 52.066915][ T5057] task_work_run+0x16f/0x270
[ 52.071760][ T5057] ? task_work_cancel+0x30/0x30
[ 52.076608][ T5057] do_exit+0xaa8/0x2950
[ 52.080848][ T5057] ? lock_downgrade+0x6e0/0x6e0
[ 52.085773][ T5057] ? do_raw_spin_lock+0x124/0x2b0
[ 52.092272][ T5057] ? mm_update_next_owner+0x7b0/0x7b0
[ 52.097660][ T5057] ? rwlock_bug.part.0+0x90/0x90
[ 52.102587][ T5057] ? _raw_spin_unlock_irq+0x23/0x50
[ 52.107774][ T5057] do_group_exit+0xd4/0x2a0
[ 52.112272][ T5057] __x64_sys_exit_group+0x3e/0x50
[ 52.117291][ T5057] do_syscall_64+0x39/0xb0
[ 52.121703][ T5057] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 52.127583][ T5057] RIP: 0033:0x7f0377271759
[ 52.131976][ T5057] Code: Unable to access opcode bytes at 0x7f037727172f.
[ 52.138973][ T5057] RSP: 002b:00007ffd66a71298 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 52.147372][ T5057] RAX: ffffffffffffffda RBX: 00007f03772df330 RCX: 00007f0377271759
[ 52.155326][ T5057] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[ 52.163280][ T5057] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000120080522
[ 52.171255][ T5057] R10: 000080001d00c0d0 R11: 0000000000000246 R12: 00007f03772df330
[ 52.179214][ T5057] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 52.188478][ T5057]
[ 52.191480][ T5057]
[ 52.193783][ T5057] The buggy address belongs to the physical page:
[ 52.200192][ T5057] page:ffffea0001d11fc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x7447f
[ 52.210324][ T5057] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 52.217446][ T5057] raw: 00fff00000000000 ffffea0001d12008 ffffea0001cc2a08 0000000000000000
[ 52.226012][ T5057] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 52.234574][ T5057] page dumped because: kasan: bad access detected
[ 52.240964][ T5057] page_owner tracks the page as freed
[ 52.246307][ T5057] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 4940, tgid 4940 (sshd), ts 45132233703, free_ts 45228930709
[ 52.264439][ T5057] get_page_from_freelist+0x119c/0x2ce0
[ 52.269978][ T5057] __alloc_pages+0x1cb/0x5b0
[ 52.274559][ T5057] __folio_alloc+0x16/0x40
[ 52.278960][ T5057] vma_alloc_folio+0x155/0x870
[ 52.283714][ T5057] __handle_mm_fault+0x1822/0x3c90
[ 52.288813][ T5057] handle_mm_fault+0x1b6/0x850
[ 52.293564][ T5057] do_user_addr_fault+0x475/0x1210
[ 52.298660][ T5057] exc_page_fault+0x98/0x170
[ 52.303259][ T5057] asm_exc_page_fault+0x26/0x30
[ 52.308096][ T5057] page last free stack trace:
[ 52.312742][ T5057] free_pcp_prepare+0x65c/0xc00
[ 52.318618][ T5057] free_unref_page_list+0x176/0xcd0
[ 52.323819][ T5057] release_pages+0xcb1/0x1330
[ 52.328568][ T5057] tlb_batch_pages_flush+0xa8/0x1a0
[ 52.333766][ T5057] tlb_finish_mmu+0x14b/0x7e0
[ 52.338428][ T5057] unmap_region+0x22c/0x2b0
[ 52.342915][ T5057] do_mas_align_munmap+0xc44/0x1260
[ 52.348270][ T5057] do_mas_munmap+0x26e/0x2c0
[ 52.352841][ T5057] __vm_munmap+0x14f/0x290
[ 52.357242][ T5057] __x64_sys_munmap+0x59/0x80
[ 52.361918][ T5057] do_syscall_64+0x39/0xb0
[ 52.366343][ T5057] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 52.372238][ T5057]
[ 52.374544][ T5057] Memory state around the buggy address:
[ 52.380151][ T5057] ffff88807447ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 52.388193][ T5057] ffff88807447ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 52.396234][ T5057] >ffff88807447f000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 52.404278][ T5057] ^
[ 52.408326][ T5057] ffff88807447f080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 52.416384][ T5057] ffff88807447f100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 52.424432][ T5057] ==================================================================
[ 52.437212][ T5057] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 52.444419][ T5057] CPU: 0 PID: 5057 Comm: syz-executor104 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0
[ 52.454474][ T5057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 52.464534][ T5057] Call Trace:
[ 52.467797][ T5057]
[ 52.470714][ T5057] dump_stack_lvl+0xd1/0x138
[ 52.475295][ T5057] panic+0x2cc/0x626
[ 52.479181][ T5057] ? panic_print_sys_info.part.0+0x110/0x110
[ 52.485150][ T5057] ? preempt_schedule_thunk+0x1a/0x20
[ 52.490511][ T5057] ? preempt_schedule_common+0x59/0xc0
[ 52.495967][ T5057] check_panic_on_warn.cold+0x19/0x35
[ 52.501334][ T5057] end_report.part.0+0x36/0x73
[ 52.506092][ T5057] ? crc_itu_t+0xd2/0xe0
[ 52.510347][ T5057] kasan_report.cold+0xa/0xf
[ 52.514929][ T5057] ? crc_itu_t+0xd2/0xe0
[ 52.519167][ T5057] crc_itu_t+0xd2/0xe0
[ 52.523229][ T5057] udf_finalize_lvid+0xe0/0x1d0
[ 52.528085][ T5057] ? udf_mount+0x40/0x40
[ 52.532312][ T5057] ? get_nr_dirty_inodes+0x11e/0x1b0
[ 52.537592][ T5057] udf_sync_fs+0xea/0x150
[ 52.541904][ T5057] ? udf_finalize_lvid+0x1d0/0x1d0
[ 52.547000][ T5057] sync_filesystem.part.0+0x75/0x1d0
[ 52.552273][ T5057] sync_filesystem+0x8f/0xc0
[ 52.557108][ T5057] generic_shutdown_super+0x74/0x410
[ 52.562384][ T5057] kill_block_super+0x9b/0xf0
[ 52.567151][ T5057] deactivate_locked_super+0x98/0x160
[ 52.572514][ T5057] deactivate_super+0xb1/0xd0
[ 52.577185][ T5057] cleanup_mnt+0x2ae/0x3d0
[ 52.581590][ T5057] task_work_run+0x16f/0x270
[ 52.586175][ T5057] ? task_work_cancel+0x30/0x30
[ 52.591034][ T5057] do_exit+0xaa8/0x2950
[ 52.595233][ T5057] ? lock_downgrade+0x6e0/0x6e0
[ 52.600160][ T5057] ? do_raw_spin_lock+0x124/0x2b0
[ 52.605264][ T5057] ? mm_update_next_owner+0x7b0/0x7b0
[ 52.610625][ T5057] ? rwlock_bug.part.0+0x90/0x90
[ 52.615546][ T5057] ? _raw_spin_unlock_irq+0x23/0x50
[ 52.620733][ T5057] do_group_exit+0xd4/0x2a0
[ 52.625231][ T5057] __x64_sys_exit_group+0x3e/0x50
[ 52.630338][ T5057] do_syscall_64+0x39/0xb0
[ 52.634833][ T5057] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 52.640975][ T5057] RIP: 0033:0x7f0377271759
[ 52.645546][ T5057] Code: Unable to access opcode bytes at 0x7f037727172f.
[ 52.652545][ T5057] RSP: 002b:00007ffd66a71298 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 52.660958][ T5057] RAX: ffffffffffffffda RBX: 00007f03772df330 RCX: 00007f0377271759
[ 52.669278][ T5057] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[ 52.677341][ T5057] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000120080522
[ 52.685298][ T5057] R10: 000080001d00c0d0 R11: 0000000000000246 R12: 00007f03772df330
[ 52.693443][ T5057] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 52.701404][ T5057]
[ 52.705011][ T5057] Kernel Offset: disabled
[ 52.709353][ T5057] Rebooting in 86400 seconds..