Warning: Permanently added '10.128.1.188' (ED25519) to the list of known hosts. 2024/07/27 12:34:22 ignoring optional flag "sandboxArg"="0" 2024/07/27 12:34:22 parsed 1 programs 2024/07/27 12:34:22 executed programs: 0 [ 51.984102][ T1927] loop0: detected capacity change from 0 to 2048 [ 51.991787][ T1927] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 52.002836][ T1927] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 52.013968][ T1927] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 52.024493][ T1927] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 52.032116][ T1927] UDF-fs: Scanning with blocksize 512 failed [ 52.039613][ T1927] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 52.079576][ T1509] ================================================================== [ 52.087630][ T1509] BUG: KASAN: use-after-free in crc_itu_t+0x9c/0xc0 [ 52.094196][ T1509] Read of size 1 at addr ffff8880799b9000 by task syz-executor.0/1509 [ 52.102306][ T1509] [ 52.104596][ T1509] CPU: 0 PID: 1509 Comm: syz-executor.0 Not tainted 5.15.164-syzkaller #0 [ 52.113054][ T1509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 52.123166][ T1509] Call Trace: [ 52.126421][ T1509] [ 52.129319][ T1509] dump_stack_lvl+0x41/0x5e [ 52.133788][ T1509] print_address_description.constprop.0.cold+0x6c/0x309 [ 52.140774][ T1509] ? crc_itu_t+0x9c/0xc0 [ 52.144990][ T1509] ? crc_itu_t+0x9c/0xc0 [ 52.149279][ T1509] kasan_report.cold+0x83/0xdf [ 52.154004][ T1509] ? crc_itu_t+0x9c/0xc0 [ 52.158206][ T1509] crc_itu_t+0x9c/0xc0 [ 52.162234][ T1509] udf_finalize_lvid+0xdb/0x1d0 [ 52.167131][ T1509] ? udf_mount+0x10/0x10 [ 52.171332][ T1509] ? __dentry_kill+0x3d5/0x5e0 [ 52.176058][ T1509] udf_sync_fs+0xc9/0x130 [ 52.180349][ T1509] sync_filesystem.part.0+0x63/0x170 [ 52.185890][ T1509] generic_shutdown_super+0x64/0x320 [ 52.191151][ T1509] kill_block_super+0x93/0xd0 [ 52.195798][ T1509] deactivate_locked_super+0x7b/0x130 [ 52.201135][ T1509] cleanup_mnt+0x2b8/0x3e0 [ 52.205522][ T1509] task_work_run+0xb8/0x140 [ 52.210082][ T1509] exit_to_user_mode_prepare+0x15d/0x160 [ 52.215680][ T1509] syscall_exit_to_user_mode+0x12/0x30 [ 52.221105][ T1509] do_syscall_64+0x40/0x80 [ 52.225481][ T1509] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 52.231347][ T1509] RIP: 0033:0x7fc3dfd59c87 [ 52.235730][ T1509] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 52.255296][ T1509] RSP: 002b:00007ffde686a388 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 52.263665][ T1509] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc3dfd59c87 [ 52.271598][ T1509] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffde686a440 [ 52.279528][ T1509] RBP: 00007ffde686a440 R08: 0000000000000000 R09: 0000000000000000 [ 52.287463][ T1509] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffde686b500 [ 52.295393][ T1509] R13: 00007fc3dfdb3c5a R14: 000000000000caec R15: 0000000000000006 [ 52.303324][ T1509] [ 52.306307][ T1509] [ 52.308593][ T1509] The buggy address belongs to the page: [ 52.314185][ T1509] page:ffffea0001e66e40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x799b9 [ 52.324295][ T1509] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 52.331362][ T1509] raw: 00fff00000000000 ffffea0001e66708 ffffea0001e231c8 0000000000000000 [ 52.339903][ T1509] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 52.348444][ T1509] page dumped because: kasan: bad access detected [ 52.354815][ T1509] page_owner tracks the page as freed [ 52.360147][ T1509] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 1927, ts 51976296330, free_ts 52075002138 [ 52.375640][ T1509] get_page_from_freelist+0x12d1/0x2d40 [ 52.381154][ T1509] __alloc_pages+0x1b2/0x440 [ 52.385702][ T1509] alloc_pages_vma+0xe0/0x650 [ 52.390340][ T1509] __handle_mm_fault+0x1ce9/0x33c0 [ 52.395409][ T1509] handle_mm_fault+0x1c5/0x5b0 [ 52.400133][ T1509] do_user_addr_fault+0x298/0xc80 [ 52.405116][ T1509] exc_page_fault+0x5a/0xb0 [ 52.409579][ T1509] asm_exc_page_fault+0x22/0x30 [ 52.414390][ T1509] page last free stack trace: [ 52.419022][ T1509] free_pcp_prepare+0x379/0x850 [ 52.423831][ T1509] free_unref_page_list+0x16f/0xbd0 [ 52.428986][ T1509] release_pages+0xb3a/0x1480 [ 52.433622][ T1509] tlb_finish_mmu+0x127/0x790 [ 52.438258][ T1509] exit_mmap+0x1b7/0x530 [ 52.442464][ T1509] mmput+0xd6/0x400 [ 52.446319][ T1509] do_exit+0x884/0x2200 [ 52.450441][ T1509] do_group_exit+0xe7/0x290 [ 52.454898][ T1509] get_signal+0x279/0x1f00 [ 52.459271][ T1509] arch_do_signal_or_restart+0x2b5/0x17b0 [ 52.464946][ T1509] exit_to_user_mode_prepare+0xf2/0x160 [ 52.470451][ T1509] syscall_exit_to_user_mode+0x12/0x30 [ 52.475870][ T1509] do_syscall_64+0x40/0x80 [ 52.480245][ T1509] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 52.486095][ T1509] [ 52.488382][ T1509] Memory state around the buggy address: [ 52.493969][ T1509] ffff8880799b8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 52.501988][ T1509] ffff8880799b8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 52.510008][ T1509] >ffff8880799b9000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 52.518027][ T1509] ^ [ 52.522053][ T1509] ffff8880799b9080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 52.530082][ T1509] ffff8880799b9100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 52.538109][ T1509] ================================================================== [ 52.546132][ T1509] Disabling lock debugging due to kernel taint [ 52.552630][ T1509] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 52.559993][ T1509] Kernel Offset: disabled [ 52.564296][ T1509] Rebooting in 86400 seconds..