Warning: Permanently added '10.128.0.203' (ED25519) to the list of known hosts.
[  149.132876][   T27] audit: type=1400 audit(1703763818.045:83): avc:  denied  { execmem } for  pid=5071 comm="syz-executor243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  149.152957][   T27] audit: type=1400 audit(1703763818.055:84): avc:  denied  { read write } for  pid=5071 comm="syz-executor243" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
executing program
[  149.177971][   T27] audit: type=1400 audit(1703763818.065:85): avc:  denied  { open } for  pid=5071 comm="syz-executor243" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  149.222927][ T5072] loop0: detected capacity change from 0 to 2048
[  149.227512][   T27] audit: type=1400 audit(1703763818.065:86): avc:  denied  { ioctl } for  pid=5071 comm="syz-executor243" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  149.238481][ T5072] =======================================================
[  149.238481][ T5072] WARNING: The mand mount option has been deprecated and
[  149.238481][ T5072]          and is ignored by this kernel. Remove the mand
[  149.238481][ T5072]          option from the mount to silence this warning.
[  149.238481][ T5072] =======================================================
[  149.257537][   T27] audit: type=1400 audit(1703763818.125:87): avc:  denied  { append } for  pid=4494 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  149.313620][   T27] audit: type=1400 audit(1703763818.125:88): avc:  denied  { open } for  pid=4494 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  149.336523][   T27] audit: type=1400 audit(1703763818.125:89): avc:  denied  { getattr } for  pid=4494 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  149.360959][   T27] audit: type=1400 audit(1703763818.145:90): avc:  denied  { mounton } for  pid=5072 comm="syz-executor243" path="/root/syzkaller.hpbPQh/0/bus" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  149.408995][   T27] audit: type=1400 audit(1703763818.275:91): avc:  denied  { mount } for  pid=5072 comm="syz-executor243" name="/" dev="loop0" ino=1376 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  149.432876][   T27] audit: type=1400 audit(1703763818.275:92): avc:  denied  { mounton } for  pid=5072 comm="syz-executor243" path="/root/syzkaller.hpbPQh/0/bus/bus" dev="loop0" ino=1367 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=file permissive=1
executing program
[  149.822952][ T5074] loop0: detected capacity change from 0 to 2048
executing program
[  150.242390][ T5075] loop0: detected capacity change from 0 to 2048
executing program
[  150.671790][ T5076] loop0: detected capacity change from 0 to 2048
executing program
[  151.088246][ T5077] loop0: detected capacity change from 0 to 2048
executing program
[  151.513275][ T5078] loop0: detected capacity change from 0 to 2048
executing program
[  151.928992][ T5079] loop0: detected capacity change from 0 to 2048
[  152.216217][ T5071] ==================================================================
[  152.224341][ T5071] BUG: KASAN: slab-out-of-bounds in crc_itu_t+0xd7/0xe0
[  152.231446][ T5071] Read of size 1 at addr ffff888021f6b080 by task syz-executor243/5071
[  152.239730][ T5071] 
[  152.242085][ T5071] CPU: 1 PID: 5071 Comm: syz-executor243 Not tainted 6.7.0-rc7-syzkaller-00016-gf5837722ffec #0
[  152.252538][ T5071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[  152.262628][ T5071] Call Trace:
[  152.265915][ T5071]  <TASK>
[  152.268870][ T5071]  dump_stack_lvl+0xd9/0x1b0
[  152.273481][ T5071]  print_report+0xc4/0x620
[  152.277911][ T5071]  ? __virt_addr_valid+0x5e/0x2d0
[  152.282955][ T5071]  ? __phys_addr+0xc6/0x140
[  152.287477][ T5071]  kasan_report+0xda/0x110
[  152.291906][ T5071]  ? crc_itu_t+0xd7/0xe0
[  152.296168][ T5071]  ? crc_itu_t+0xd7/0xe0
[  152.300450][ T5071]  crc_itu_t+0xd7/0xe0
[  152.304557][ T5071]  udf_finalize_lvid+0xf2/0x1f0
[  152.309444][ T5071]  ? udf_mount+0x40/0x40
[  152.313708][ T5071]  udf_sync_fs+0xea/0x150
[  152.318079][ T5071]  ? udf_finalize_lvid+0x1f0/0x1f0
[  152.323212][ T5071]  sync_filesystem+0x109/0x280
[  152.328005][ T5071]  generic_shutdown_super+0x7e/0x3d0
[  152.333313][ T5071]  kill_block_super+0x3b/0x90
[  152.338011][ T5071]  deactivate_locked_super+0xbc/0x1a0
[  152.343406][ T5071]  deactivate_super+0xde/0x100
[  152.348216][ T5071]  cleanup_mnt+0x222/0x450
[  152.352655][ T5071]  task_work_run+0x14d/0x240
[  152.357359][ T5071]  ? task_work_cancel+0x30/0x30
[  152.362233][ T5071]  ? __x64_sys_umount+0x128/0x1a0
[  152.367296][ T5071]  exit_to_user_mode_prepare+0x217/0x240
[  152.372951][ T5071]  syscall_exit_to_user_mode+0x1e/0x60
[  152.378453][ T5071]  do_syscall_64+0x4d/0x110
[  152.383031][ T5071]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  152.388977][ T5071] RIP: 0033:0x7f5e46fd9647
[  152.393424][ T5071] Code: 09 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[  152.413137][ T5071] RSP: 002b:00007ffe42f91e68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[  152.421568][ T5071] RAX: 0000000000000000 RBX: 0000000000025117 RCX: 00007f5e46fd9647
[  152.429598][ T5071] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe42f91f20
[  152.437616][ T5071] RBP: 00007ffe42f91f20 R08: 0000000000000000 R09: 0000000000000000
[  152.445602][ T5071] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffe42f92f90
[  152.453691][ T5071] R13: 00005555571216c0 R14: 431bde82d7b634db R15: 00007ffe42f92fb0
[  152.461681][ T5071]  </TASK>
[  152.464705][ T5071] 
[  152.467030][ T5071] Allocated by task 4513:
[  152.471370][ T5071]  kasan_save_stack+0x33/0x50
[  152.476060][ T5071]  kasan_set_track+0x25/0x30
[  152.480664][ T5071]  __kasan_slab_alloc+0x81/0x90
[  152.485523][ T5071]  kmem_cache_alloc+0x159/0x360
[  152.490461][ T5071]  security_inode_alloc+0x38/0x180
[  152.495608][ T5071]  inode_init_always+0xc2f/0xf50
[  152.500574][ T5071]  alloc_inode+0x7a/0x220
[  152.504937][ T5071]  iget_locked+0x1b3/0x700
[  152.509433][ T5071]  kernfs_get_inode+0x48/0x450
[  152.514215][ T5071]  kernfs_iop_lookup+0x1e9/0x330
[  152.519202][ T5071]  lookup_open.isra.0+0x926/0x13b0
[  152.524343][ T5071]  path_openat+0x922/0x2c50
[  152.528874][ T5071]  do_filp_open+0x1de/0x430
[  152.533440][ T5071]  do_sys_openat2+0x176/0x1e0
[  152.538168][ T5071]  __x64_sys_openat+0x175/0x210
[  152.543032][ T5071]  do_syscall_64+0x40/0x110
[  152.547554][ T5071]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  152.553665][ T5071] 
[  152.556002][ T5071] The buggy address belongs to the object at ffff888021f6b000
[  152.556002][ T5071]  which belongs to the cache lsm_inode_cache of size 128
[  152.570436][ T5071] The buggy address is located 0 bytes to the right of
[  152.570436][ T5071]  allocated 128-byte region [ffff888021f6b000, ffff888021f6b080)
[  152.584950][ T5071] 
[  152.587300][ T5071] The buggy address belongs to the physical page:
[  152.593706][ T5071] page:ffffea000087dac0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21f6b
[  152.603865][ T5071] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[  152.611413][ T5071] page_type: 0x15()
[  152.615230][ T5071] raw: 00fff00000000800 ffff888140051a00 ffffea0000958190 ffffea00009829d0
[  152.623840][ T5071] raw: 0000000000000000 ffff888021f6b000 0000000100000015 0000000000000000
[  152.632438][ T5071] page dumped because: kasan: bad access detected
[  152.638852][ T5071] page_owner tracks the page as allocated
[  152.644586][ T5071] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x242040(__GFP_IO|__GFP_NOWARN|__GFP_COMP|__GFP_THISNODE), pid 4513, tgid 4513 (udevadm), ts 43633194969, free_ts 43531418633
[  152.663530][ T5071]  post_alloc_hook+0x2d0/0x350
[  152.668320][ T5071]  get_page_from_freelist+0xa25/0x36d0
[  152.674070][ T5071]  __alloc_pages+0x22e/0x2420
[  152.678849][ T5071]  cache_grow_begin+0x99/0x3a0
[  152.683644][ T5071]  cache_alloc_refill+0x295/0x3b0
[  152.688701][ T5071]  kmem_cache_alloc+0x307/0x360
[  152.693594][ T5071]  security_inode_alloc+0x38/0x180
[  152.698728][ T5071]  inode_init_always+0xc2f/0xf50
[  152.703690][ T5071]  alloc_inode+0x7a/0x220
[  152.708043][ T5071]  iget_locked+0x1b3/0x700
[  152.712484][ T5071]  kernfs_get_inode+0x48/0x450
[  152.717276][ T5071]  kernfs_iop_lookup+0x1e9/0x330
[  152.722246][ T5071]  lookup_open.isra.0+0x926/0x13b0
[  152.727377][ T5071]  path_openat+0x922/0x2c50
[  152.731903][ T5071]  do_filp_open+0x1de/0x430
[  152.736428][ T5071]  do_sys_openat2+0x176/0x1e0
[  152.741116][ T5071] page last free stack trace:
[  152.745785][ T5071]  free_unref_page_prepare+0x4fa/0xaa0
[  152.751289][ T5071]  free_unref_page+0x33/0x3b0
[  152.755984][ T5071]  slabs_destroy+0x85/0xc0
[  152.760419][ T5071]  ___cache_free+0x2b7/0x420
[  152.765029][ T5071]  qlist_free_all+0x4c/0x1b0
[  152.769665][ T5071]  kasan_quarantine_reduce+0x18e/0x1d0
[  152.775168][ T5071]  __kasan_slab_alloc+0x65/0x90
[  152.780162][ T5071]  __kmem_cache_alloc_node+0x163/0x460
[  152.785649][ T5071]  kmalloc_trace+0x25/0x60
[  152.790076][ T5071]  inode_doinit_use_xattr+0x54/0x410
[  152.795375][ T5071]  inode_doinit_with_dentry+0x10c2/0x12c0
[  152.801120][ T5071]  selinux_d_instantiate+0x26/0x30
[  152.806277][ T5071]  security_d_instantiate+0x54/0xe0
[  152.811573][ T5071]  d_splice_alias+0x94/0xdf0
[  152.816185][ T5071]  kernfs_iop_lookup+0x283/0x330
[  152.821221][ T5071]  lookup_open.isra.0+0x926/0x13b0
[  152.826354][ T5071] 
[  152.828697][ T5071] Memory state around the buggy address:
[  152.834412][ T5071]  ffff888021f6af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  152.842584][ T5071]  ffff888021f6b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  152.850650][ T5071] >ffff888021f6b080: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[  152.858714][ T5071]                    ^
[  152.862782][ T5071]  ffff888021f6b100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  152.870935][ T5071]  ffff888021f6b180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  152.879000][ T5071] ==================================================================
[  152.890885][ T5071] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  152.898111][ T5071] CPU: 0 PID: 5071 Comm: syz-executor243 Not tainted 6.7.0-rc7-syzkaller-00016-gf5837722ffec #0
[  152.908561][ T5071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[  152.918647][ T5071] Call Trace:
[  152.921936][ T5071]  <TASK>
[  152.924874][ T5071]  dump_stack_lvl+0xd9/0x1b0
[  152.929500][ T5071]  panic+0x6dc/0x790
[  152.933429][ T5071]  ? panic_smp_self_stop+0xa0/0xa0
[  152.938558][ T5071]  ? irqentry_exit+0x3b/0x80
[  152.943175][ T5071]  ? lockdep_hardirqs_on+0x7d/0x110
[  152.948398][ T5071]  ? preempt_schedule_thunk+0x1a/0x30
[  152.953813][ T5071]  ? preempt_schedule_common+0x45/0xc0
[  152.959316][ T5071]  ? check_panic_on_warn+0x1f/0xb0
[  152.964456][ T5071]  check_panic_on_warn+0xab/0xb0
[  152.969412][ T5071]  end_report+0x108/0x150
[  152.973751][ T5071]  kasan_report+0xea/0x110
[  152.978197][ T5071]  ? crc_itu_t+0xd7/0xe0
[  152.982481][ T5071]  ? crc_itu_t+0xd7/0xe0
[  152.986749][ T5071]  crc_itu_t+0xd7/0xe0
[  152.990840][ T5071]  udf_finalize_lvid+0xf2/0x1f0
[  152.995795][ T5071]  ? udf_mount+0x40/0x40
[  153.000053][ T5071]  udf_sync_fs+0xea/0x150
[  153.004409][ T5071]  ? udf_finalize_lvid+0x1f0/0x1f0
[  153.009623][ T5071]  sync_filesystem+0x109/0x280
[  153.014432][ T5071]  generic_shutdown_super+0x7e/0x3d0
[  153.019739][ T5071]  kill_block_super+0x3b/0x90
[  153.024487][ T5071]  deactivate_locked_super+0xbc/0x1a0
[  153.029890][ T5071]  deactivate_super+0xde/0x100
[  153.034774][ T5071]  cleanup_mnt+0x222/0x450
[  153.039218][ T5071]  task_work_run+0x14d/0x240
[  153.043890][ T5071]  ? task_work_cancel+0x30/0x30
[  153.048800][ T5071]  ? __x64_sys_umount+0x128/0x1a0
[  153.053861][ T5071]  exit_to_user_mode_prepare+0x217/0x240
[  153.059522][ T5071]  syscall_exit_to_user_mode+0x1e/0x60
[  153.065019][ T5071]  do_syscall_64+0x4d/0x110
[  153.069665][ T5071]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  153.075596][ T5071] RIP: 0033:0x7f5e46fd9647
[  153.080024][ T5071] Code: 09 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[  153.099663][ T5071] RSP: 002b:00007ffe42f91e68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[  153.108103][ T5071] RAX: 0000000000000000 RBX: 0000000000025117 RCX: 00007f5e46fd9647
[  153.116296][ T5071] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe42f91f20
[  153.124288][ T5071] RBP: 00007ffe42f91f20 R08: 0000000000000000 R09: 0000000000000000
[  153.132278][ T5071] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffe42f92f90
[  153.140265][ T5071] R13: 00005555571216c0 R14: 431bde82d7b634db R15: 00007ffe42f92fb0
[  153.148256][ T5071]  </TASK>
[  153.151678][ T5071] Kernel Offset: disabled
[  153.156014][ T5071] Rebooting in 86400 seconds..