Warning: Permanently added '10.128.1.33' (ED25519) to the list of known hosts. 2023/11/09 22:49:55 ignoring optional flag "sandboxArg"="0" 2023/11/09 22:49:55 parsed 1 programs 2023/11/09 22:49:55 executed programs: 0 [ 45.399376][ T2013] loop0: detected capacity change from 0 to 2048 [ 45.410951][ T2013] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 45.535178][ T2017] loop0: detected capacity change from 0 to 2048 [ 45.543679][ T2017] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 45.708093][ T2019] loop0: detected capacity change from 0 to 2048 [ 45.717269][ T2019] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 45.843654][ T2021] loop0: detected capacity change from 0 to 2048 [ 45.852081][ T2021] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 45.976619][ T2023] loop0: detected capacity change from 0 to 2048 [ 45.986352][ T2023] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 46.144757][ T2025] loop0: detected capacity change from 0 to 2048 [ 46.153155][ T2025] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 46.309967][ T2027] loop0: detected capacity change from 0 to 2048 [ 46.320161][ T2027] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 46.467531][ T2029] loop0: detected capacity change from 0 to 2048 [ 46.477818][ T2029] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 46.634341][ T2031] loop0: detected capacity change from 0 to 2048 [ 46.642778][ T2031] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 46.763244][ T2033] loop0: detected capacity change from 0 to 2048 [ 46.772564][ T2033] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 46.884569][ T2035] loop0: detected capacity change from 0 to 2048 [ 46.893671][ T2035] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.002194][ T2037] loop0: detected capacity change from 0 to 2048 [ 47.010117][ T2037] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.136162][ T2039] loop0: detected capacity change from 0 to 2048 [ 47.144141][ T2039] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.252624][ T2041] loop0: detected capacity change from 0 to 2048 [ 47.261491][ T2041] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.391705][ T2043] loop0: detected capacity change from 0 to 2048 [ 47.400550][ T2043] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.511873][ T2045] loop0: detected capacity change from 0 to 2048 [ 47.521566][ T2045] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.570320][ T1595] ================================================================== [ 47.578489][ T1595] BUG: KASAN: use-after-free in crc_itu_t+0x9c/0xc0 [ 47.585271][ T1595] Read of size 1 at addr ffff88806a100000 by task syz-executor.0/1595 [ 47.594335][ T1595] [ 47.596678][ T1595] CPU: 1 PID: 1595 Comm: syz-executor.0 Not tainted 5.15.138-syzkaller #0 [ 47.606186][ T1595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 47.616304][ T1595] Call Trace: [ 47.619806][ T1595] [ 47.623095][ T1595] dump_stack_lvl+0x41/0x5e [ 47.627840][ T1595] print_address_description.constprop.0.cold+0x6c/0x309 [ 47.638299][ T1595] ? crc_itu_t+0x9c/0xc0 [ 47.644891][ T1595] ? crc_itu_t+0x9c/0xc0 [ 47.649804][ T1595] kasan_report.cold+0x83/0xdf [ 47.656077][ T1595] ? crc_itu_t+0x9c/0xc0 [ 47.661589][ T1595] crc_itu_t+0x9c/0xc0 [ 47.665812][ T1595] udf_finalize_lvid+0xdb/0x1d0 [ 47.671716][ T1595] ? udf_mount+0x10/0x10 [ 47.676747][ T1595] udf_close_lvid+0x3db/0x590 [ 47.682329][ T1595] udf_put_super+0x167/0x1d0 [ 47.687513][ T1595] generic_shutdown_super+0x129/0x320 [ 47.693757][ T1595] kill_block_super+0x93/0xd0 [ 47.698857][ T1595] deactivate_locked_super+0x7b/0x130 [ 47.704822][ T1595] cleanup_mnt+0x2b8/0x3e0 [ 47.710404][ T1595] task_work_run+0xb8/0x140 [ 47.716072][ T1595] exit_to_user_mode_prepare+0x15a/0x160 [ 47.723425][ T1595] syscall_exit_to_user_mode+0x12/0x30 [ 47.729819][ T1595] do_syscall_64+0x42/0x80 [ 47.735166][ T1595] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.742151][ T1595] RIP: 0033:0x7f94d3b5cc87 [ 47.747040][ T1595] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 47.768392][ T1595] RSP: 002b:00007ffedebb3f48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 47.779394][ T1595] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f94d3b5cc87 [ 47.789002][ T1595] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffedebb4000 [ 47.798415][ T1595] RBP: 00007ffedebb4000 R08: 0000000000000000 R09: 0000000000000000 [ 47.808271][ T1595] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffedebb50c0 [ 47.816511][ T1595] R13: 00007f94d3bb6c5a R14: 000000000000b975 R15: 0000000000000006 [ 47.824825][ T1595] [ 47.828112][ T1595] [ 47.830505][ T1595] The buggy address belongs to the page: [ 47.836835][ T1595] page:ffffea0001a84000 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6a100 [ 47.848078][ T1595] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 47.855366][ T1595] raw: 00fff00000000000 ffffea0001a81a48 ffffea0001a83a08 0000000000000000 [ 47.864531][ T1595] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 47.873259][ T1595] page dumped because: kasan: bad access detected [ 47.879727][ T1595] page_owner tracks the page as freed [ 47.885237][ T1595] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 2045, ts 47508878547, free_ts 47511634833 [ 47.901517][ T1595] get_page_from_freelist+0x12d1/0x2d40 [ 47.907295][ T1595] __alloc_pages+0x1b2/0x440 [ 47.912145][ T1595] alloc_pages_vma+0xe0/0x650 [ 47.917153][ T1595] __handle_mm_fault+0x1ce9/0x33c0 [ 47.922502][ T1595] handle_mm_fault+0x1c5/0x5b0 [ 47.927324][ T1595] do_user_addr_fault+0x298/0xcb0 [ 47.932330][ T1595] exc_page_fault+0x5a/0xb0 [ 47.936974][ T1595] asm_exc_page_fault+0x22/0x30 [ 47.941965][ T1595] page last free stack trace: [ 47.946698][ T1595] free_pcp_prepare+0x379/0x850 [ 47.951604][ T1595] free_unref_page_list+0x16f/0xbd0 [ 47.956774][ T1595] release_pages+0xb3a/0x1480 [ 47.961516][ T1595] tlb_finish_mmu+0x127/0x790 [ 47.966159][ T1595] unmap_region+0x298/0x390 [ 47.970639][ T1595] __do_munmap+0x481/0x10c0 [ 47.975193][ T1595] __vm_munmap+0xd2/0x1a0 [ 47.979486][ T1595] __x64_sys_munmap+0x5d/0x80 [ 47.984220][ T1595] do_syscall_64+0x35/0x80 [ 47.988601][ T1595] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.994652][ T1595] [ 47.997053][ T1595] Memory state around the buggy address: [ 48.002827][ T1595] ffff88806a0fff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.010858][ T1595] ffff88806a0fff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.018895][ T1595] >ffff88806a100000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.027021][ T1595] ^ [ 48.031063][ T1595] ffff88806a100080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.039332][ T1595] ffff88806a100100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.047446][ T1595] ================================================================== [ 48.055846][ T1595] Disabling lock debugging due to kernel taint [ 48.062382][ T1595] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 48.069986][ T1595] Kernel Offset: disabled [ 48.074372][ T1595] Rebooting in 86400 seconds..