Warning: Permanently added '10.128.0.225' (ED25519) to the list of known hosts.
executing program
[ 49.713970][ T3500] loop0: detected capacity change from 0 to 2048
[ 49.722651][ T3500] =======================================================
[ 49.722651][ T3500] WARNING: The mand mount option has been deprecated and
[ 49.722651][ T3500] and is ignored by this kernel. Remove the mand
[ 49.722651][ T3500] option from the mount to silence this warning.
[ 49.722651][ T3500] =======================================================
[ 49.799126][ T3500] UDF-fs: INFO Mounting volume 'Li�uxUDF', timestamp 2022/11/22 14:59 (1000)
[ 49.832543][ T3499] ==================================================================
[ 49.840991][ T3499] BUG: KASAN: slab-out-of-bounds in udf_readdir+0xcaa/0x2170
[ 49.848380][ T3499] Write of size 201 at addr ffff888012a2e036 by task syz-executor203/3499
[ 49.856867][ T3499]
[ 49.859363][ T3499] CPU: 1 PID: 3499 Comm: syz-executor203 Not tainted 5.15.163-syzkaller #0
[ 49.867935][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 49.878075][ T3499] Call Trace:
[ 49.881360][ T3499]
[ 49.884283][ T3499] dump_stack_lvl+0x1e3/0x2d0
[ 49.888978][ T3499] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 49.894775][ T3499] ? _printk+0xd1/0x120
[ 49.898927][ T3499] ? __wake_up_klogd+0xcc/0x100
[ 49.903772][ T3499] ? panic+0x860/0x860
[ 49.907829][ T3499] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 49.913300][ T3499] print_address_description+0x63/0x3b0
[ 49.918838][ T3499] ? udf_readdir+0xcaa/0x2170
[ 49.923505][ T3499] kasan_report+0x16b/0x1c0
[ 49.927996][ T3499] ? udf_readdir+0xcaa/0x2170
[ 49.932668][ T3499] kasan_check_range+0x27e/0x290
[ 49.937595][ T3499] ? udf_readdir+0xcaa/0x2170
[ 49.942269][ T3499] memcpy+0x3c/0x60
[ 49.946064][ T3499] udf_readdir+0xcaa/0x2170
[ 49.950568][ T3499] ? load_block_bitmap+0x4d0/0x4d0
[ 49.955698][ T3499] ? load_block_bitmap+0x4d0/0x4d0
[ 49.960812][ T3499] ? __fdget_pos+0x2cb/0x380
[ 49.965481][ T3499] ? end_current_label_crit_section+0x147/0x170
[ 49.971714][ T3499] ? iterate_dir+0x10a/0x570
[ 49.976309][ T3499] ? iterate_dir+0x10a/0x570
[ 49.980885][ T3499] ? fsnotify_perm+0x442/0x590
[ 49.985639][ T3499] iterate_dir+0x224/0x570
[ 49.990157][ T3499] ? load_block_bitmap+0x4d0/0x4d0
[ 49.995262][ T3499] __se_sys_getdents64+0x209/0x4f0
[ 50.000372][ T3499] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 50.006342][ T3499] ? __x64_sys_getdents64+0x80/0x80
[ 50.011529][ T3499] ? filldir+0x720/0x720
[ 50.015762][ T3499] ? syscall_enter_from_user_mode+0x2e/0x240
[ 50.021733][ T3499] ? lockdep_hardirqs_on+0x94/0x130
[ 50.026928][ T3499] ? syscall_enter_from_user_mode+0x2e/0x240
[ 50.032902][ T3499] do_syscall_64+0x3b/0xb0
[ 50.037306][ T3499] ? clear_bhb_loop+0x15/0x70
[ 50.041971][ T3499] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 50.047856][ T3499] RIP: 0033:0x7f9ec3eeafa3
[ 50.052261][ T3499] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 92 48 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[ 50.071866][ T3499] RSP: 002b:00007ffeb03b1118 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 50.080298][ T3499] RAX: ffffffffffffffda RBX: 0000555557548770 RCX: 00007f9ec3eeafa3
[ 50.088260][ T3499] RDX: 0000000000008000 RSI: 0000555557548770 RDI: 0000000000000005
[ 50.096225][ T3499] RBP: 0000555557548744 R08: 0000000000000000 R09: 0000000000000000
[ 50.104197][ T3499] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[ 50.112163][ T3499] R13: 0000000000000016 R14: 0000555557548740 R15: 00007ffeb03b4480
[ 50.120138][ T3499]
[ 50.123292][ T3499]
[ 50.125615][ T3499] Allocated by task 3499:
[ 50.129944][ T3499] ____kasan_kmalloc+0xba/0xf0
[ 50.134721][ T3499] kmem_cache_alloc_trace+0x143/0x290
[ 50.140092][ T3499] udf_readdir+0xbc6/0x2170
[ 50.144583][ T3499] iterate_dir+0x224/0x570
[ 50.148998][ T3499] __se_sys_getdents64+0x209/0x4f0
[ 50.154120][ T3499] do_syscall_64+0x3b/0xb0
[ 50.158534][ T3499] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 50.164427][ T3499]
[ 50.166743][ T3499] The buggy address belongs to the object at ffff888012a2e000
[ 50.166743][ T3499] which belongs to the cache kmalloc-256 of size 256
[ 50.180796][ T3499] The buggy address is located 54 bytes inside of
[ 50.180796][ T3499] 256-byte region [ffff888012a2e000, ffff888012a2e100)
[ 50.194071][ T3499] The buggy address belongs to the page:
[ 50.199697][ T3499] page:ffffea00004a8b80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12a2e
[ 50.209835][ T3499] head:ffffea00004a8b80 order:1 compound_mapcount:0
[ 50.216409][ T3499] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 50.224390][ T3499] raw: 00fff00000010200 0000000000000000 0000000c00000001 ffff888011c41b40
[ 50.232968][ T3499] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 50.241542][ T3499] page dumped because: kasan: bad access detected
[ 50.247956][ T3499] page_owner tracks the page as allocated
[ 50.253745][ T3499] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 2319670283, free_ts 0
[ 50.271626][ T3499] get_page_from_freelist+0x322a/0x33c0
[ 50.277256][ T3499] __alloc_pages+0x272/0x700
[ 50.281934][ T3499] alloc_page_interleave+0x22/0x1c0
[ 50.287123][ T3499] new_slab+0xbb/0x4b0
[ 50.291186][ T3499] ___slab_alloc+0x6f6/0xe10
[ 50.295766][ T3499] __kmalloc_track_caller+0x1c7/0x300
[ 50.301135][ T3499] krealloc+0x4b/0xc0
[ 50.305107][ T3499] add_sysfs_param+0xca/0x7f0
[ 50.309766][ T3499] kernel_add_sysfs_param+0xb0/0x130
[ 50.315035][ T3499] param_sysfs_builtin+0x16a/0x1f0
[ 50.320132][ T3499] param_sysfs_init+0x66/0x70
[ 50.324792][ T3499] do_one_initcall+0x22b/0x7a0
[ 50.329542][ T3499] do_initcall_level+0x157/0x210
[ 50.334464][ T3499] do_initcalls+0x49/0x90
[ 50.338782][ T3499] kernel_init_freeable+0x425/0x5c0
[ 50.343962][ T3499] kernel_init+0x19/0x290
[ 50.348387][ T3499] page_owner free stack trace missing
[ 50.353758][ T3499]
[ 50.356065][ T3499] Memory state around the buggy address:
[ 50.361677][ T3499] ffff888012a2df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 50.369725][ T3499] ffff888012a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.377768][ T3499] >ffff888012a2e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06
[ 50.385811][ T3499] ^
[ 50.393775][ T3499] ffff888012a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 50.401820][ T3499] ffff888012a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 50.409862][ T3499] ==================================================================
[ 50.417899][ T3499] Disabling lock debugging due to kernel taint
[ 50.424506][ T3499] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 50.431704][ T3499] CPU: 1 PID: 3499 Comm: syz-executor203 Tainted: G B 5.15.163-syzkaller #0
[ 50.441681][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 50.451725][ T3499] Call Trace:
[ 50.454989][ T3499]
[ 50.457995][ T3499] dump_stack_lvl+0x1e3/0x2d0
[ 50.462955][ T3499] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 50.468575][ T3499] ? panic+0x860/0x860
[ 50.472631][ T3499] ? preempt_schedule_common+0xa6/0xd0
[ 50.478076][ T3499] ? preempt_schedule+0xd9/0xe0
[ 50.482914][ T3499] panic+0x318/0x860
[ 50.486798][ T3499] ? check_panic_on_warn+0x1d/0xa0
[ 50.491898][ T3499] ? fb_is_primary_device+0xd0/0xd0
[ 50.497090][ T3499] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 50.503073][ T3499] ? _raw_spin_unlock+0x40/0x40
[ 50.507908][ T3499] ? print_memory_metadata+0xe2/0x140
[ 50.513272][ T3499] check_panic_on_warn+0x7e/0xa0
[ 50.518194][ T3499] ? udf_readdir+0xcaa/0x2170
[ 50.522858][ T3499] end_report+0x6d/0xf0
[ 50.527102][ T3499] kasan_report+0x18e/0x1c0
[ 50.531598][ T3499] ? udf_readdir+0xcaa/0x2170
[ 50.536271][ T3499] kasan_check_range+0x27e/0x290
[ 50.541203][ T3499] ? udf_readdir+0xcaa/0x2170
[ 50.545874][ T3499] memcpy+0x3c/0x60
[ 50.549687][ T3499] udf_readdir+0xcaa/0x2170
[ 50.554195][ T3499] ? load_block_bitmap+0x4d0/0x4d0
[ 50.559302][ T3499] ? load_block_bitmap+0x4d0/0x4d0
[ 50.564407][ T3499] ? __fdget_pos+0x2cb/0x380
[ 50.568997][ T3499] ? end_current_label_crit_section+0x147/0x170
[ 50.575237][ T3499] ? iterate_dir+0x10a/0x570
[ 50.579821][ T3499] ? iterate_dir+0x10a/0x570
[ 50.584513][ T3499] ? fsnotify_perm+0x442/0x590
[ 50.589284][ T3499] iterate_dir+0x224/0x570
[ 50.593703][ T3499] ? load_block_bitmap+0x4d0/0x4d0
[ 50.599122][ T3499] __se_sys_getdents64+0x209/0x4f0
[ 50.604231][ T3499] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 50.610264][ T3499] ? __x64_sys_getdents64+0x80/0x80
[ 50.615463][ T3499] ? filldir+0x720/0x720
[ 50.619703][ T3499] ? syscall_enter_from_user_mode+0x2e/0x240
[ 50.625674][ T3499] ? lockdep_hardirqs_on+0x94/0x130
[ 50.630859][ T3499] ? syscall_enter_from_user_mode+0x2e/0x240
[ 50.636831][ T3499] do_syscall_64+0x3b/0xb0
[ 50.641241][ T3499] ? clear_bhb_loop+0x15/0x70
[ 50.645902][ T3499] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 50.651798][ T3499] RIP: 0033:0x7f9ec3eeafa3
[ 50.656284][ T3499] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 92 48 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[ 50.675874][ T3499] RSP: 002b:00007ffeb03b1118 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 50.684275][ T3499] RAX: ffffffffffffffda RBX: 0000555557548770 RCX: 00007f9ec3eeafa3
[ 50.692233][ T3499] RDX: 0000000000008000 RSI: 0000555557548770 RDI: 0000000000000005
[ 50.700186][ T3499] RBP: 0000555557548744 R08: 0000000000000000 R09: 0000000000000000
[ 50.708333][ T3499] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[ 50.716287][ T3499] R13: 0000000000000016 R14: 0000555557548740 R15: 00007ffeb03b4480
[ 50.724250][ T3499]
[ 50.727620][ T3499] Kernel Offset: disabled
[ 50.731958][ T3499] Rebooting in 86400 seconds..