Warning: Permanently added '10.128.15.206' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 49.887075][ T5061] loop0: detected capacity change from 0 to 2048
[ 49.891561][ T5062] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 49.912346][ T5061] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 49.935953][ T27] audit: type=1800 audit(1672096998.124:2): pid=5061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor334" name="bus" dev="loop0" ino=1357 res=0 errno=0
[ 49.936447][ T5061] =======================================================
[ 49.936447][ T5061] WARNING: The mand mount option has been deprecated and
[ 49.936447][ T5061] and is ignored by this kernel. Remove the mand
[ 49.936447][ T5061] option from the mount to silence this warning.
[ 49.936447][ T5061] =======================================================
[ 50.051703][ T5060] ==================================================================
[ 50.059794][ T5060] BUG: KASAN: use-after-free in crc_itu_t+0x1dd/0x2b0
[ 50.066567][ T5060] Read of size 1 at addr ffff88802a823000 by task syz-executor334/5060
[ 50.074801][ T5060]
[ 50.077107][ T5060] CPU: 1 PID: 5060 Comm: syz-executor334 Not tainted 6.2.0-rc1-syzkaller #0
[ 50.085759][ T5060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 50.095794][ T5060] Call Trace:
[ 50.099059][ T5060]
[ 50.101983][ T5060] dump_stack_lvl+0x1b1/0x290
[ 50.106665][ T5060] ? nf_tcp_handle_invalid+0x630/0x630
[ 50.112118][ T5060] ? __wake_up_klogd+0xcd/0x100
[ 50.116965][ T5060] ? panic+0x710/0x710
[ 50.121027][ T5060] ? _printk+0xc0/0x100
[ 50.125177][ T5060] ? _raw_spin_lock_irqsave+0x8e/0x100
[ 50.130636][ T5060] print_address_description+0x74/0x340
[ 50.136180][ T5060] print_report+0x107/0x1f0
[ 50.140682][ T5060] ? time64_to_tm+0x329/0x4d0
[ 50.145354][ T5060] ? __virt_addr_valid+0x21b/0x2d0
[ 50.150461][ T5060] ? __phys_addr+0xb5/0x160
[ 50.154973][ T5060] ? crc_itu_t+0x1dd/0x2b0
[ 50.159387][ T5060] kasan_report+0xcd/0x100
[ 50.163805][ T5060] ? crc_itu_t+0x1dd/0x2b0
[ 50.168215][ T5060] crc_itu_t+0x1dd/0x2b0
[ 50.172452][ T5060] udf_sync_fs+0x1bc/0x360
[ 50.176862][ T5060] ? udf_put_super+0x160/0x160
[ 50.181625][ T5060] sync_filesystem+0xe8/0x220
[ 50.186297][ T5060] generic_shutdown_super+0x6b/0x310
[ 50.191581][ T5060] kill_block_super+0x79/0xd0
[ 50.196253][ T5060] deactivate_locked_super+0xa7/0xf0
[ 50.201535][ T5060] cleanup_mnt+0x494/0x520
[ 50.205943][ T5060] ? lockdep_hardirqs_on+0x8d/0x130
[ 50.211218][ T5060] task_work_run+0x243/0x300
[ 50.215805][ T5060] ? task_work_cancel+0x290/0x290
[ 50.220828][ T5060] ? exit_to_user_mode_loop+0x42/0x150
[ 50.226283][ T5060] exit_to_user_mode_loop+0x124/0x150
[ 50.231651][ T5060] exit_to_user_mode_prepare+0xb2/0x140
[ 50.237193][ T5060] syscall_exit_to_user_mode+0x26/0x60
[ 50.242641][ T5060] do_syscall_64+0x49/0xb0
[ 50.247054][ T5060] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.252951][ T5060] RIP: 0033:0x7fceb8082dc7
[ 50.257369][ T5060] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.276971][ T5060] RSP: 002b:00007ffeeddb2228 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6
[ 50.285381][ T5060] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fceb8082dc7
[ 50.293342][ T5060] RDX: 00007ffeeddb22e9 RSI: 000000000000000a RDI: 00007ffeeddb22e0
[ 50.301303][ T5060] RBP: 00007ffeeddb22e0 R08: 00000000ffffffff R09: 00007ffeeddb20c0
[ 50.309265][ T5060] R10: 0000555556f22653 R11: 0000000000000206 R12: 00007ffeeddb3350
[ 50.317227][ T5060] R13: 0000555556f225f0 R14: 00007ffeeddb2250 R15: 0000000000000001
[ 50.325194][ T5060]
[ 50.328200][ T5060]
[ 50.330512][ T5060] The buggy address belongs to the physical page:
[ 50.336910][ T5060] page:ffffea0000aa08c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a823
[ 50.347046][ T5060] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 50.354145][ T5060] raw: 00fff00000000000 ffffea0000880fc8 ffffea0000aa0908 0000000000000000
[ 50.362727][ T5060] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 50.371308][ T5060] page dumped because: kasan: bad access detected
[ 50.377721][ T5060] page_owner tracks the page as freed
[ 50.383078][ T5060] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x141cc0(GFP_USER|__GFP_COMP|__GFP_WRITE), pid 5061, tgid 5061 (syz-executor334), ts 50026993606, free_ts 50035209519
[ 50.401215][ T5060] get_page_from_freelist+0x742/0x7c0
[ 50.406586][ T5060] __alloc_pages+0x259/0x560
[ 50.411167][ T5060] folio_alloc+0x1a/0x50
[ 50.415402][ T5060] filemap_alloc_folio+0xca/0x2c0
[ 50.420418][ T5060] __filemap_get_folio+0x892/0x1250
[ 50.425611][ T5060] pagecache_get_page+0x28/0x250
[ 50.430539][ T5060] block_write_begin+0x2e/0x1e0
[ 50.435381][ T5060] generic_perform_write+0x2e4/0x5e0
[ 50.440659][ T5060] __generic_file_write_iter+0x29b/0x400
[ 50.446289][ T5060] blkdev_write_iter+0x3ea/0x720
[ 50.451215][ T5060] do_iter_write+0x6c2/0xc20
[ 50.455801][ T5060] iter_file_splice_write+0x7fc/0xfc0
[ 50.461168][ T5060] direct_splice_actor+0xe6/0x1c0
[ 50.466182][ T5060] splice_direct_to_actor+0x4e4/0xc00
[ 50.471542][ T5060] do_splice_direct+0x279/0x3d0
[ 50.476383][ T5060] do_sendfile+0x5fb/0xf80
[ 50.480788][ T5060] page last free stack trace:
[ 50.485442][ T5060] free_pcp_prepare+0x751/0x780
[ 50.490289][ T5060] free_unref_page_list+0xb2/0x830
[ 50.495395][ T5060] release_pages+0x233e/0x25e0
[ 50.500149][ T5060] __pagevec_release+0x7d/0xf0
[ 50.504900][ T5060] invalidate_mapping_pagevec+0x509/0x640
[ 50.510612][ T5060] __generic_file_write_iter+0x36e/0x400
[ 50.516243][ T5060] blkdev_write_iter+0x3ea/0x720
[ 50.521172][ T5060] do_iter_write+0x6c2/0xc20
[ 50.525756][ T5060] iter_file_splice_write+0x7fc/0xfc0
[ 50.531120][ T5060] direct_splice_actor+0xe6/0x1c0
[ 50.536140][ T5060] splice_direct_to_actor+0x4e4/0xc00
[ 50.541508][ T5060] do_splice_direct+0x279/0x3d0
[ 50.546350][ T5060] do_sendfile+0x5fb/0xf80
[ 50.550756][ T5060] __se_sys_sendfile64+0x14f/0x1b0
[ 50.555858][ T5060] do_syscall_64+0x3d/0xb0
[ 50.560282][ T5060] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.566169][ T5060]
[ 50.568480][ T5060] Memory state around the buggy address:
[ 50.574101][ T5060] ffff88802a822f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.582234][ T5060] ffff88802a822f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.590282][ T5060] >ffff88802a823000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 50.598326][ T5060] ^
[ 50.602378][ T5060] ffff88802a823080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 50.610423][ T5060] ffff88802a823100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 50.618464][ T5060] ==================================================================
[ 50.626821][ T5060] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 50.634028][ T5060] CPU: 1 PID: 5060 Comm: syz-executor334 Not tainted 6.2.0-rc1-syzkaller #0
[ 50.642714][ T5060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 50.652761][ T5060] Call Trace:
[ 50.656040][ T5060]
[ 50.658969][ T5060] dump_stack_lvl+0x1b1/0x290
[ 50.663655][ T5060] ? nf_tcp_handle_invalid+0x630/0x630
[ 50.669111][ T5060] ? panic+0x710/0x710
[ 50.673170][ T5060] ? lock_release+0x81/0x820
[ 50.677754][ T5060] ? vscnprintf+0x59/0x80
[ 50.682075][ T5060] panic+0x2d6/0x710
[ 50.685962][ T5060] ? check_panic_on_warn+0x1d/0xa0
[ 50.691066][ T5060] ? memcpy_page_flushcache+0x100/0x100
[ 50.696605][ T5060] ? _raw_spin_unlock_irqrestore+0x110/0x120
[ 50.702585][ T5060] ? _raw_spin_unlock+0x40/0x40
[ 50.707429][ T5060] ? print_report+0x1b4/0x1f0
[ 50.712105][ T5060] check_panic_on_warn+0x80/0xa0
[ 50.717059][ T5060] ? crc_itu_t+0x1dd/0x2b0
[ 50.721469][ T5060] end_report+0x47/0x90
[ 50.725620][ T5060] kasan_report+0xda/0x100
[ 50.730029][ T5060] ? crc_itu_t+0x1dd/0x2b0
[ 50.734440][ T5060] crc_itu_t+0x1dd/0x2b0
[ 50.738675][ T5060] udf_sync_fs+0x1bc/0x360
[ 50.743091][ T5060] ? udf_put_super+0x160/0x160
[ 50.747854][ T5060] sync_filesystem+0xe8/0x220
[ 50.752541][ T5060] generic_shutdown_super+0x6b/0x310
[ 50.757832][ T5060] kill_block_super+0x79/0xd0
[ 50.762587][ T5060] deactivate_locked_super+0xa7/0xf0
[ 50.767877][ T5060] cleanup_mnt+0x494/0x520
[ 50.772285][ T5060] ? lockdep_hardirqs_on+0x8d/0x130
[ 50.777476][ T5060] task_work_run+0x243/0x300
[ 50.782066][ T5060] ? task_work_cancel+0x290/0x290
[ 50.787089][ T5060] ? exit_to_user_mode_loop+0x42/0x150
[ 50.792543][ T5060] exit_to_user_mode_loop+0x124/0x150
[ 50.797912][ T5060] exit_to_user_mode_prepare+0xb2/0x140
[ 50.803451][ T5060] syscall_exit_to_user_mode+0x26/0x60
[ 50.808901][ T5060] do_syscall_64+0x49/0xb0
[ 50.813312][ T5060] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.819200][ T5060] RIP: 0033:0x7fceb8082dc7
[ 50.823604][ T5060] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.843200][ T5060] RSP: 002b:00007ffeeddb2228 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6
[ 50.851608][ T5060] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fceb8082dc7
[ 50.859577][ T5060] RDX: 00007ffeeddb22e9 RSI: 000000000000000a RDI: 00007ffeeddb22e0
[ 50.867536][ T5060] RBP: 00007ffeeddb22e0 R08: 00000000ffffffff R09: 00007ffeeddb20c0
[ 50.875498][ T5060] R10: 0000555556f22653 R11: 0000000000000206 R12: 00007ffeeddb3350
[ 50.883481][ T5060] R13: 0000555556f225f0 R14: 00007ffeeddb2250 R15: 0000000000000001
[ 50.891480][ T5060]
[ 50.894644][ T5060] Kernel Offset: disabled
[ 50.902141][ T5060] Rebooting in 86400 seconds..