Warning: Permanently added '10.128.0.88' (ED25519) to the list of known hosts.
executing program
[   77.390496][ T4249] loop0: detected capacity change from 0 to 2048
[   77.403364][ T4249] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   77.415667][ T4249] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   77.465014][ T4247] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh
[   77.473737][ T4247] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh
[   77.541582][ T4247] ==================================================================
[   77.549703][ T4247] BUG: KASAN: use-after-free in crc_itu_t+0x218/0x2a0
[   77.556521][ T4247] Read of size 1 at addr ffff888020344000 by task syz-executor210/4247
[   77.564764][ T4247] 
[   77.567102][ T4247] CPU: 0 PID: 4247 Comm: syz-executor210 Not tainted 6.1.123-syzkaller #0
[   77.575590][ T4247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   77.585663][ T4247] Call Trace:
[   77.588935][ T4247]  <TASK>
[   77.591857][ T4247]  dump_stack_lvl+0x1e3/0x2cb
[   77.596547][ T4247]  ? nf_tcp_handle_invalid+0x642/0x642
[   77.602016][ T4247]  ? panic+0x764/0x764
[   77.606083][ T4247]  ? _printk+0xd1/0x111
[   77.610237][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   77.615354][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   77.620469][ T4247]  print_report+0x15f/0x4f0
[   77.624967][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   77.630076][ T4247]  ? __virt_addr_valid+0x17f/0x530
[   77.635191][ T4247]  ? __virt_addr_valid+0x45b/0x530
[   77.640303][ T4247]  ? __phys_addr+0xb6/0x170
[   77.644808][ T4247]  ? crc_itu_t+0x218/0x2a0
[   77.649224][ T4247]  kasan_report+0x136/0x160
[   77.653725][ T4247]  ? crc_itu_t+0x218/0x2a0
[   77.658141][ T4247]  crc_itu_t+0x218/0x2a0
[   77.662379][ T4247]  udf_sync_fs+0x1ce/0x380
[   77.666792][ T4247]  ? udf_put_super+0x160/0x160
[   77.671573][ T4247]  ? get_nr_dirty_inodes+0x2ab/0x2e0
[   77.676878][ T4247]  sync_filesystem+0xe8/0x220
[   77.681556][ T4247]  generic_shutdown_super+0x6b/0x340
[   77.686842][ T4247]  kill_block_super+0x7a/0xe0
[   77.691517][ T4247]  deactivate_locked_super+0xa0/0x110
[   77.696890][ T4247]  cleanup_mnt+0x490/0x520
[   77.701302][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   77.706494][ T4247]  task_work_run+0x246/0x300
[   77.711085][ T4247]  ? kasan_quarantine_put+0xd4/0x220
[   77.716368][ T4247]  ? task_work_cancel+0x2e0/0x2e0
[   77.721390][ T4247]  ? kmem_cache_free+0x292/0x510
[   77.726325][ T4247]  ? do_exit+0xa69/0x26a0
[   77.730658][ T4247]  do_exit+0xa6e/0x26a0
[   77.734823][ T4247]  ? put_task_struct+0x80/0x80
[   77.739584][ T4247]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   77.745568][ T4247]  ? print_irqtrace_events+0x210/0x210
[   77.751047][ T4247]  ? _raw_spin_unlock_irq+0x1f/0x40
[   77.756242][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   77.761430][ T4247]  do_group_exit+0x202/0x2b0
[   77.766034][ T4247]  __x64_sys_exit_group+0x3b/0x40
[   77.771064][ T4247]  do_syscall_64+0x3b/0xb0
[   77.775480][ T4247]  ? clear_bhb_loop+0x45/0xa0
[   77.780151][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   77.786051][ T4247] RIP: 0033:0x7fd70382e939
[   77.790472][ T4247] Code: Unable to access opcode bytes at 0x7fd70382e90f.
[   77.797484][ T4247] RSP: 002b:00007ffcb06d6798 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   77.805892][ T4247] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fd70382e939
[   77.813873][ T4247] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   77.821836][ T4247] RBP: 00007fd7038cf150 R08: ffffffffffffffb0 R09: 0000000000000000
[   77.829804][ T4247] R10: 0000000000000100 R11: 0000000000000246 R12: 00007fd7038cf150
[   77.837790][ T4247] R13: 0000000000000000 R14: 00007fd7038d1020 R15: 00007fd7037f81b0
[   77.845774][ T4247]  </TASK>
[   77.848784][ T4247] 
[   77.851110][ T4247] Allocated by task 4222:
[   77.855426][ T4247]  kasan_set_track+0x4b/0x70
[   77.860011][ T4247]  __kasan_slab_alloc+0x65/0x70
[   77.864875][ T4247]  slab_post_alloc_hook+0x52/0x3a0
[   77.869983][ T4247]  kmem_cache_alloc_bulk+0x3a2/0x4d0
[   77.875268][ T4247]  mas_alloc_nodes+0x3df/0x800
[   77.880031][ T4247]  mas_preallocate+0x12d/0x350
[   77.884795][ T4247]  mmap_region+0xfef/0x2660
[   77.889310][ T4247]  do_mmap+0x8c5/0xf60
[   77.893381][ T4247]  vm_mmap_pgoff+0x1ca/0x2d0
[   77.897974][ T4247]  ksys_mmap_pgoff+0x4f5/0x6d0
[   77.902744][ T4247]  do_syscall_64+0x3b/0xb0
[   77.907155][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   77.913044][ T4247] 
[   77.915387][ T4247] Freed by task 4222:
[   77.919352][ T4247]  kasan_set_track+0x4b/0x70
[   77.923928][ T4247]  kasan_save_free_info+0x27/0x40
[   77.928942][ T4247]  ____kasan_slab_free+0xd6/0x120
[   77.933961][ T4247]  kmem_cache_free_bulk+0x4fa/0x750
[   77.939157][ T4247]  mas_destroy+0x1c4c/0x2310
[   77.943748][ T4247]  mas_store_prealloc+0x34d/0x460
[   77.948775][ T4247]  mmap_region+0x167c/0x2660
[   77.953369][ T4247]  do_mmap+0x8c5/0xf60
[   77.957438][ T4247]  vm_mmap_pgoff+0x1ca/0x2d0
[   77.962038][ T4247]  ksys_mmap_pgoff+0x4f5/0x6d0
[   77.966828][ T4247]  do_syscall_64+0x3b/0xb0
[   77.971244][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   77.977139][ T4247] 
[   77.979454][ T4247] The buggy address belongs to the object at ffff888020344000
[   77.979454][ T4247]  which belongs to the cache maple_node of size 256
[   77.993408][ T4247] The buggy address is located 0 bytes inside of
[   77.993408][ T4247]  256-byte region [ffff888020344000, ffff888020344100)
[   78.006497][ T4247] 
[   78.008810][ T4247] The buggy address belongs to the physical page:
[   78.015214][ T4247] page:ffffea000080d100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20344
[   78.025362][ T4247] head:ffffea000080d100 order:1 compound_mapcount:0 compound_pincount:0
[   78.033671][ T4247] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   78.041673][ T4247] raw: 00fff00000010200 ffffea0001ef3880 dead000000000002 ffff888017cc5000
[   78.050252][ T4247] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   78.058842][ T4247] page dumped because: kasan: bad access detected
[   78.065243][ T4247] page_owner tracks the page as allocated
[   78.070945][ T4247] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3932, tgid 3932 (cmp), ts 41330635979, free_ts 38560907236
[   78.091521][ T4247]  post_alloc_hook+0x18d/0x1b0
[   78.096287][ T4247]  get_page_from_freelist+0x3731/0x38d0
[   78.101826][ T4247]  __alloc_pages+0x28d/0x770
[   78.106408][ T4247]  alloc_slab_page+0x6a/0x150
[   78.111084][ T4247]  new_slab+0x84/0x2d0
[   78.115154][ T4247]  ___slab_alloc+0xc20/0x1270
[   78.119828][ T4247]  kmem_cache_alloc_bulk+0x19d/0x4d0
[   78.125131][ T4247]  mas_alloc_nodes+0x3df/0x800
[   78.129895][ T4247]  mas_preallocate+0x12d/0x350
[   78.134662][ T4247]  __vma_adjust+0x8df/0x1f40
[   78.139249][ T4247]  __split_vma+0x36c/0x4c0
[   78.143657][ T4247]  do_mas_align_munmap+0x95f/0x15a0
[   78.148849][ T4247]  do_mas_munmap+0x246/0x2b0
[   78.153430][ T4247]  mmap_region+0x8d4/0x2660
[   78.157931][ T4247]  do_mmap+0x8c5/0xf60
[   78.161996][ T4247]  vm_mmap_pgoff+0x1ca/0x2d0
[   78.166583][ T4247] page last free stack trace:
[   78.171243][ T4247]  free_unref_page_prepare+0x12a6/0x15b0
[   78.176872][ T4247]  free_unref_page+0x33/0x3e0
[   78.181544][ T4247]  qlist_free_all+0x76/0xe0
[   78.186051][ T4247]  kasan_quarantine_reduce+0x156/0x170
[   78.191511][ T4247]  __kasan_slab_alloc+0x1f/0x70
[   78.196357][ T4247]  slab_post_alloc_hook+0x52/0x3a0
[   78.201467][ T4247]  kmem_cache_alloc_lru+0x10c/0x2d0
[   78.206666][ T4247]  __d_alloc+0x31/0x710
[   78.210822][ T4247]  d_alloc_parallel+0xdd/0x1590
[   78.215677][ T4247]  path_openat+0x90a/0x2e60
[   78.220179][ T4247]  do_filp_open+0x230/0x480
[   78.224682][ T4247]  do_sys_openat2+0x13b/0x4f0
[   78.229358][ T4247]  __x64_sys_openat+0x243/0x290
[   78.234206][ T4247]  do_syscall_64+0x3b/0xb0
[   78.238621][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   78.244514][ T4247] 
[   78.246829][ T4247] Memory state around the buggy address:
[   78.252455][ T4247]  ffff888020343f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   78.260507][ T4247]  ffff888020343f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   78.268565][ T4247] >ffff888020344000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   78.276662][ T4247]                    ^
[   78.280748][ T4247]  ffff888020344080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   78.288817][ T4247]  ffff888020344100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   78.296877][ T4247] ==================================================================
[   78.306417][ T4247] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   78.313629][ T4247] CPU: 0 PID: 4247 Comm: syz-executor210 Not tainted 6.1.123-syzkaller #0
[   78.322125][ T4247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   78.332173][ T4247] Call Trace:
[   78.335451][ T4247]  <TASK>
[   78.338377][ T4247]  dump_stack_lvl+0x1e3/0x2cb
[   78.343059][ T4247]  ? nf_tcp_handle_invalid+0x642/0x642
[   78.348513][ T4247]  ? panic+0x764/0x764
[   78.352578][ T4247]  ? preempt_schedule_common+0xa6/0xd0
[   78.358028][ T4247]  ? vscnprintf+0x59/0x80
[   78.362376][ T4247]  panic+0x318/0x764
[   78.366268][ T4247]  ? check_panic_on_warn+0x1d/0xa0
[   78.371373][ T4247]  ? memcpy_page_flushcache+0xfc/0xfc
[   78.376762][ T4247]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   78.382747][ T4247]  ? _raw_spin_unlock+0x40/0x40
[   78.387590][ T4247]  ? print_report+0x4a3/0x4f0
[   78.392255][ T4247]  check_panic_on_warn+0x7e/0xa0
[   78.397184][ T4247]  ? crc_itu_t+0x218/0x2a0
[   78.401597][ T4247]  end_report+0x66/0x110
[   78.405827][ T4247]  kasan_report+0x143/0x160
[   78.410325][ T4247]  ? crc_itu_t+0x218/0x2a0
[   78.414762][ T4247]  crc_itu_t+0x218/0x2a0
[   78.419005][ T4247]  udf_sync_fs+0x1ce/0x380
[   78.423419][ T4247]  ? udf_put_super+0x160/0x160
[   78.428178][ T4247]  ? get_nr_dirty_inodes+0x2ab/0x2e0
[   78.433463][ T4247]  sync_filesystem+0xe8/0x220
[   78.438135][ T4247]  generic_shutdown_super+0x6b/0x340
[   78.443432][ T4247]  kill_block_super+0x7a/0xe0
[   78.448104][ T4247]  deactivate_locked_super+0xa0/0x110
[   78.453473][ T4247]  cleanup_mnt+0x490/0x520
[   78.457885][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   78.463075][ T4247]  task_work_run+0x246/0x300
[   78.467664][ T4247]  ? kasan_quarantine_put+0xd4/0x220
[   78.472942][ T4247]  ? task_work_cancel+0x2e0/0x2e0
[   78.477959][ T4247]  ? kmem_cache_free+0x292/0x510
[   78.482890][ T4247]  ? do_exit+0xa69/0x26a0
[   78.487213][ T4247]  do_exit+0xa6e/0x26a0
[   78.491375][ T4247]  ? put_task_struct+0x80/0x80
[   78.496136][ T4247]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   78.502114][ T4247]  ? print_irqtrace_events+0x210/0x210
[   78.507568][ T4247]  ? _raw_spin_unlock_irq+0x1f/0x40
[   78.512761][ T4247]  ? lockdep_hardirqs_on+0x94/0x130
[   78.517951][ T4247]  do_group_exit+0x202/0x2b0
[   78.522548][ T4247]  __x64_sys_exit_group+0x3b/0x40
[   78.527591][ T4247]  do_syscall_64+0x3b/0xb0
[   78.532003][ T4247]  ? clear_bhb_loop+0x45/0xa0
[   78.536671][ T4247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   78.542559][ T4247] RIP: 0033:0x7fd70382e939
[   78.546962][ T4247] Code: Unable to access opcode bytes at 0x7fd70382e90f.
[   78.553965][ T4247] RSP: 002b:00007ffcb06d6798 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   78.562367][ T4247] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fd70382e939
[   78.570332][ T4247] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   78.578307][ T4247] RBP: 00007fd7038cf150 R08: ffffffffffffffb0 R09: 0000000000000000
[   78.586379][ T4247] R10: 0000000000000100 R11: 0000000000000246 R12: 00007fd7038cf150
[   78.594342][ T4247] R13: 0000000000000000 R14: 00007fd7038d1020 R15: 00007fd7037f81b0
[   78.602306][ T4247]  </TASK>
[   78.605700][ T4247] Kernel Offset: disabled
[   78.610025][ T4247] Rebooting in 86400 seconds..