Warning: Permanently added '10.128.0.172' (ED25519) to the list of known hosts. 2023/09/21 08:41:12 ignoring optional flag "sandboxArg"="0" 2023/09/21 08:41:12 parsed 1 programs 2023/09/21 08:41:12 executed programs: 0 [ 43.481357][ T1592] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.844660][ T2017] loop0: detected capacity change from 0 to 2048 [ 45.852204][ T2017] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 45.864043][ T2017] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 45.875637][ T2017] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 45.886699][ T2017] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 45.894464][ T2017] UDF-fs: Scanning with blocksize 512 failed [ 45.901584][ T2017] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 45.960834][ T1599] ================================================================== [ 45.969004][ T1599] BUG: KASAN: use-after-free in crc_itu_t+0x9c/0xc0 [ 45.975602][ T1599] Read of size 1 at addr ffff88806a7e4000 by task syz-executor.0/1599 [ 45.983892][ T1599] [ 45.986193][ T1599] CPU: 1 PID: 1599 Comm: syz-executor.0 Not tainted 5.15.132-syzkaller #0 [ 45.994652][ T1599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 46.005113][ T1599] Call Trace: [ 46.008550][ T1599] [ 46.011469][ T1599] dump_stack_lvl+0x41/0x5e [ 46.016038][ T1599] print_address_description.constprop.0.cold+0x6c/0x309 [ 46.023126][ T1599] ? crc_itu_t+0x9c/0xc0 [ 46.027457][ T1599] ? crc_itu_t+0x9c/0xc0 [ 46.031866][ T1599] kasan_report.cold+0x83/0xdf [ 46.036612][ T1599] ? crc_itu_t+0x9c/0xc0 [ 46.040920][ T1599] crc_itu_t+0x9c/0xc0 [ 46.045162][ T1599] udf_finalize_lvid+0xdb/0x1d0 [ 46.050103][ T1599] ? udf_mount+0x10/0x10 [ 46.054417][ T1599] ? __dentry_kill+0x3d5/0x5e0 [ 46.059240][ T1599] udf_sync_fs+0xc9/0x130 [ 46.063643][ T1599] sync_filesystem.part.0+0x63/0x170 [ 46.069173][ T1599] generic_shutdown_super+0x64/0x320 [ 46.074512][ T1599] kill_block_super+0x93/0xd0 [ 46.079182][ T1599] deactivate_locked_super+0x7b/0x130 [ 46.084709][ T1599] cleanup_mnt+0x2b8/0x3e0 [ 46.089196][ T1599] task_work_run+0xb8/0x140 [ 46.093773][ T1599] exit_to_user_mode_prepare+0x164/0x170 [ 46.099386][ T1599] syscall_exit_to_user_mode+0x12/0x30 [ 46.104811][ T1599] do_syscall_64+0x42/0x80 [ 46.109211][ T1599] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.115073][ T1599] RIP: 0033:0x7f9ac39dde57 [ 46.119473][ T1599] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 46.139495][ T1599] RSP: 002b:00007ffefadfcb58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 46.147882][ T1599] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f9ac39dde57 [ 46.156601][ T1599] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffefadfcc10 [ 46.164560][ T1599] RBP: 00007ffefadfcc10 R08: 0000000000000000 R09: 0000000000000000 [ 46.172621][ T1599] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffefadfdcd0 [ 46.180744][ T1599] R13: 00007f9ac3a273b9 R14: 000000000000b2e9 R15: 0000000000000006 [ 46.189438][ T1599] [ 46.192476][ T1599] [ 46.194775][ T1599] The buggy address belongs to the page: [ 46.200371][ T1599] page:ffffea0001a9f900 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6a7e4 [ 46.210654][ T1599] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 46.217823][ T1599] raw: 00fff00000000000 ffffea0001a9f0c8 ffffea0001a80888 0000000000000000 [ 46.226639][ T1599] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 46.235187][ T1599] page dumped because: kasan: bad access detected [ 46.241567][ T1599] page_owner tracks the page as freed [ 46.246904][ T1599] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 2016, ts 45929237217, free_ts 45954247884 [ 46.262574][ T1599] get_page_from_freelist+0x1334/0x2dc0 [ 46.268187][ T1599] __alloc_pages+0x1b2/0x440 [ 46.272744][ T1599] alloc_pages_vma+0xe0/0x650 [ 46.277391][ T1599] __handle_mm_fault+0x1ce9/0x3400 [ 46.282671][ T1599] handle_mm_fault+0x1c5/0x5b0 [ 46.287399][ T1599] do_user_addr_fault+0x298/0xcb0 [ 46.292416][ T1599] exc_page_fault+0x5a/0xb0 [ 46.297196][ T1599] asm_exc_page_fault+0x22/0x30 [ 46.302114][ T1599] page last free stack trace: [ 46.307063][ T1599] free_pcp_prepare+0x379/0x850 [ 46.311893][ T1599] free_unref_page_list+0x16f/0xca0 [ 46.317210][ T1599] release_pages+0xb3a/0x1480 [ 46.321989][ T1599] tlb_flush_mmu+0xbb/0x590 [ 46.326572][ T1599] unmap_page_range+0x11b6/0x1b70 [ 46.331579][ T1599] unmap_vmas+0x13e/0x250 [ 46.335891][ T1599] exit_mmap+0x19d/0x530 [ 46.340195][ T1599] mmput+0xd6/0x400 [ 46.344605][ T1599] do_exit+0x884/0x2250 [ 46.348745][ T1599] do_group_exit+0xe7/0x290 [ 46.353312][ T1599] get_signal+0x279/0x1f00 [ 46.357866][ T1599] arch_do_signal_or_restart+0x2b5/0x17c0 [ 46.363568][ T1599] exit_to_user_mode_prepare+0xf9/0x170 [ 46.369184][ T1599] syscall_exit_to_user_mode+0x12/0x30 [ 46.374625][ T1599] do_syscall_64+0x42/0x80 [ 46.379101][ T1599] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.384965][ T1599] [ 46.387347][ T1599] Memory state around the buggy address: [ 46.393058][ T1599] ffff88806a7e3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.401183][ T1599] ffff88806a7e3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.409318][ T1599] >ffff88806a7e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.417857][ T1599] ^ [ 46.422004][ T1599] ffff88806a7e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.430405][ T1599] ffff88806a7e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.438465][ T1599] ================================================================== [ 46.446592][ T1599] Disabling lock debugging due to kernel taint [ 46.453830][ T1599] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 46.464732][ T1599] Kernel Offset: disabled [ 46.469144][ T1599] Rebooting in 86400 seconds..