Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts. 2023/10/21 20:29:14 ignoring optional flag "sandboxArg"="0" 2023/10/21 20:29:14 parsed 1 programs 2023/10/21 20:29:14 executed programs: 0 [ 45.498436][ T1591] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 47.789818][ T2016] loop0: detected capacity change from 0 to 2048 [ 47.797578][ T2016] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 47.809170][ T2016] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 47.820218][ T2016] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 47.831201][ T2016] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 47.839095][ T2016] UDF-fs: Scanning with blocksize 512 failed [ 47.846984][ T2016] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.888004][ T1598] ================================================================== [ 47.896179][ T1598] BUG: KASAN: use-after-free in crc_itu_t+0x9c/0xc0 [ 47.902753][ T1598] Read of size 1 at addr ffff88806aa6d000 by task syz-executor.0/1598 [ 47.911062][ T1598] [ 47.913364][ T1598] CPU: 0 PID: 1598 Comm: syz-executor.0 Not tainted 5.15.136-syzkaller #0 [ 47.921841][ T1598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 47.932170][ T1598] Call Trace: [ 47.935603][ T1598] [ 47.938858][ T1598] dump_stack_lvl+0x41/0x5e [ 47.943606][ T1598] print_address_description.constprop.0.cold+0x6c/0x309 [ 47.950706][ T1598] ? crc_itu_t+0x9c/0xc0 [ 47.954936][ T1598] ? crc_itu_t+0x9c/0xc0 [ 47.959366][ T1598] kasan_report.cold+0x83/0xdf [ 47.964185][ T1598] ? crc_itu_t+0x9c/0xc0 [ 47.968568][ T1598] crc_itu_t+0x9c/0xc0 [ 47.972864][ T1598] udf_finalize_lvid+0xdb/0x1d0 [ 47.978291][ T1598] ? udf_mount+0x10/0x10 [ 47.982607][ T1598] ? __dentry_kill+0x3d5/0x5e0 [ 47.987540][ T1598] udf_sync_fs+0xc9/0x130 [ 47.992889][ T1598] sync_filesystem.part.0+0x63/0x170 [ 47.998264][ T1598] generic_shutdown_super+0x64/0x320 [ 48.003875][ T1598] kill_block_super+0x93/0xd0 [ 48.008515][ T1598] deactivate_locked_super+0x7b/0x130 [ 48.013850][ T1598] cleanup_mnt+0x2b8/0x3e0 [ 48.018428][ T1598] task_work_run+0xb8/0x140 [ 48.024144][ T1598] exit_to_user_mode_prepare+0x164/0x170 [ 48.029852][ T1598] syscall_exit_to_user_mode+0x12/0x30 [ 48.035670][ T1598] do_syscall_64+0x42/0x80 [ 48.040144][ T1598] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.046534][ T1598] RIP: 0033:0x7f49cb585e57 [ 48.050938][ T1598] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 48.071090][ T1598] RSP: 002b:00007ffd5bb9c0b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 48.079556][ T1598] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f49cb585e57 [ 48.087608][ T1598] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffd5bb9c170 [ 48.095652][ T1598] RBP: 00007ffd5bb9c170 R08: 0000000000000000 R09: 0000000000000000 [ 48.103612][ T1598] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5bb9d230 [ 48.111549][ T1598] R13: 00007f49cb5cf3b9 R14: 000000000000ba95 R15: 0000000000000006 [ 48.119855][ T1598] [ 48.123130][ T1598] [ 48.125620][ T1598] The buggy address belongs to the page: [ 48.131953][ T1598] page:ffffea0001aa9b40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6aa6d [ 48.142083][ T1598] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 48.149164][ T1598] raw: 00fff00000000000 ffffea0001aa94c8 ffffea0001aa96c8 0000000000000000 [ 48.157797][ T1598] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 48.166672][ T1598] page dumped because: kasan: bad access detected [ 48.173233][ T1598] page_owner tracks the page as freed [ 48.178769][ T1598] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 2015, ts 47856933276, free_ts 47883966137 [ 48.195059][ T1598] get_page_from_freelist+0x1334/0x2dc0 [ 48.200661][ T1598] __alloc_pages+0x1b2/0x440 [ 48.205321][ T1598] alloc_pages_vma+0xe0/0x650 [ 48.210414][ T1598] __handle_mm_fault+0x1ce9/0x3400 [ 48.215875][ T1598] handle_mm_fault+0x1c5/0x5b0 [ 48.220612][ T1598] do_user_addr_fault+0x298/0xcb0 [ 48.225623][ T1598] exc_page_fault+0x5a/0xb0 [ 48.230099][ T1598] asm_exc_page_fault+0x22/0x30 [ 48.235175][ T1598] page last free stack trace: [ 48.240246][ T1598] free_pcp_prepare+0x379/0x850 [ 48.245073][ T1598] free_unref_page_list+0x16f/0xca0 [ 48.250263][ T1598] release_pages+0xb3a/0x1480 [ 48.254922][ T1598] tlb_flush_mmu+0xbb/0x590 [ 48.259663][ T1598] unmap_page_range+0x11b6/0x1b70 [ 48.264651][ T1598] unmap_vmas+0x13e/0x250 [ 48.269135][ T1598] exit_mmap+0x19d/0x530 [ 48.273622][ T1598] mmput+0xd6/0x400 [ 48.277482][ T1598] do_exit+0x884/0x2250 [ 48.281691][ T1598] do_group_exit+0xe7/0x290 [ 48.286332][ T1598] get_signal+0x279/0x1f00 [ 48.290902][ T1598] arch_do_signal_or_restart+0x2b5/0x17c0 [ 48.296592][ T1598] exit_to_user_mode_prepare+0xf9/0x170 [ 48.302102][ T1598] syscall_exit_to_user_mode+0x12/0x30 [ 48.307874][ T1598] do_syscall_64+0x42/0x80 [ 48.312375][ T1598] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.318320][ T1598] [ 48.320613][ T1598] Memory state around the buggy address: [ 48.326210][ T1598] ffff88806aa6cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.334421][ T1598] ffff88806aa6cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.342571][ T1598] >ffff88806aa6d000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.350952][ T1598] ^ [ 48.355003][ T1598] ffff88806aa6d080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.363225][ T1598] ffff88806aa6d100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.371364][ T1598] ================================================================== [ 48.379848][ T1598] Disabling lock debugging due to kernel taint [ 48.386651][ T1598] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 48.394166][ T1598] Kernel Offset: disabled [ 48.398815][ T1598] Rebooting in 86400 seconds..