Warning: Permanently added '10.128.0.21' (ED25519) to the list of known hosts.
executing program
[   41.165117][ T3959] loop0: detected capacity change from 0 to 2048
[   41.247988][ T3959] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[   41.249881][ T3959] UDF-fs: Scanning with blocksize 512 failed
[   41.254732][ T3959] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 112: 0xb2 != 0xba
[   41.258053][ T3959] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   41.264506][ T3959] ==================================================================
[   41.266677][ T3959] BUG: KASAN: slab-out-of-bounds in udf_write_aext+0x578/0x668
[   41.268707][ T3959] Write of size 4 at addr ffff0000c8d8d7f8 by task syz-executor204/3959
[   41.270824][ T3959] 
[   41.271397][ T3959] CPU: 0 PID: 3959 Comm: syz-executor204 Not tainted 5.15.153-syzkaller #0
[   41.273735][ T3959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   41.276314][ T3959] Call trace:
[   41.277207][ T3959]  dump_backtrace+0x0/0x530
[   41.278374][ T3959]  show_stack+0x2c/0x3c
[   41.279501][ T3959]  dump_stack_lvl+0x108/0x170
[   41.280687][ T3959]  print_address_description+0x7c/0x3f0
[   41.282129][ T3959]  kasan_report+0x174/0x1e4
[   41.283385][ T3959]  __asan_report_store_n_noabort+0x40/0x4c
[   41.284820][ T3959]  udf_write_aext+0x578/0x668
[   41.286034][ T3959]  udf_add_entry+0x11e0/0x28b0
[   41.287204][ T3959]  udf_mkdir+0x158/0x7e0
[   41.288285][ T3959]  vfs_mkdir+0x350/0x514
[   41.289456][ T3959]  do_mkdirat+0x20c/0x610
[   41.290585][ T3959]  __arm64_sys_mkdirat+0x90/0xa8
[   41.291914][ T3959]  invoke_syscall+0x98/0x2b8
[   41.293073][ T3959]  el0_svc_common+0x138/0x258
[   41.294289][ T3959]  do_el0_svc+0x58/0x14c
[   41.295328][ T3959]  el0_svc+0x7c/0x1f0
[   41.296372][ T3959]  el0t_64_sync_handler+0x84/0xe4
[   41.297713][ T3959]  el0t_64_sync+0x1a0/0x1a4
[   41.298921][ T3959] 
[   41.299518][ T3959] Allocated by task 3959:
[   41.300629][ T3959]  ____kasan_kmalloc+0xbc/0xfc
[   41.301861][ T3959]  __kasan_kmalloc+0x10/0x1c
[   41.303030][ T3959]  __kmalloc+0x29c/0x4c8
[   41.304099][ T3959]  __udf_iget+0x988/0x3134
[   41.305297][ T3959]  udf_fill_super+0xfbc/0x1a7c
[   41.306525][ T3959]  mount_bdev+0x274/0x370
[   41.307655][ T3959]  udf_mount+0x44/0x58
[   41.308766][ T3959]  legacy_get_tree+0xd4/0x16c
[   41.309993][ T3959]  vfs_get_tree+0x90/0x274
[   41.311157][ T3959]  do_new_mount+0x278/0x8fc
[   41.312350][ T3959]  path_mount+0x594/0x101c
[   41.313549][ T3959]  __arm64_sys_mount+0x510/0x5e0
[   41.314866][ T3959]  invoke_syscall+0x98/0x2b8
[   41.316096][ T3959]  el0_svc_common+0x138/0x258
[   41.317313][ T3959]  do_el0_svc+0x58/0x14c
[   41.318360][ T3959]  el0_svc+0x7c/0x1f0
[   41.319441][ T3959]  el0t_64_sync_handler+0x84/0xe4
[   41.320777][ T3959]  el0t_64_sync+0x1a0/0x1a4
[   41.321940][ T3959] 
[   41.322553][ T3959] The buggy address belongs to the object at ffff0000c8d8d000
[   41.322553][ T3959]  which belongs to the cache kmalloc-1k of size 1024
[   41.326232][ T3959] The buggy address is located 1016 bytes to the right of
[   41.326232][ T3959]  1024-byte region [ffff0000c8d8d000, ffff0000c8d8d400)
[   41.329916][ T3959] The buggy address belongs to the page:
[   41.331352][ T3959] page:00000000f99219a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108d88
[   41.334051][ T3959] head:00000000f99219a2 order:3 compound_mapcount:0 compound_pincount:0
[   41.336187][ T3959] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   41.338351][ T3959] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c0002780
[   41.340621][ T3959] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   41.342890][ T3959] page dumped because: kasan: bad access detected
[   41.344679][ T3959] 
[   41.345262][ T3959] Memory state around the buggy address:
[   41.346755][ T3959]  ffff0000c8d8d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.348844][ T3959]  ffff0000c8d8d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.350994][ T3959] >ffff0000c8d8d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.353094][ T3959]                                                                 ^
[   41.355163][ T3959]  ffff0000c8d8d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   41.357274][ T3959]  ffff0000c8d8d880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   41.359397][ T3959] ==================================================================
[   41.361583][ T3959] Disabling lock debugging due to kernel taint