Warning: Permanently added '[localhost]:2880' (ED25519) to the list of known hosts.
executing program
syzkaller login: [ 87.838367][ T5098] loop0: detected capacity change from 0 to 128
[ 87.882034][ T5098] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 87.954437][ T5098] loop0: detected capacity change from 128 to 0
[ 87.965229][ T5098] syz-executor195: attempt to access beyond end of device
[ 87.965229][ T5098] loop0: rw=0, sector=117, nr_sectors = 1 limit=0
[ 87.985390][ T5098] syz-executor195: attempt to access beyond end of device
[ 87.985390][ T5098] loop0: rw=0, sector=117, nr_sectors = 1 limit=0
[ 87.990066][ T5098] ==================================================================
[ 87.992866][ T5098] BUG: KASAN: slab-out-of-bounds in udf_get_filelongad+0x167/0x1b0
[ 87.995654][ T5098] Read of size 4 at addr ffff888032b5df30 by task syz-executor195/5098
[ 87.999617][ T5098]
[ 88.000579][ T5098] CPU: 0 UID: 0 PID: 5098 Comm: syz-executor195 Not tainted 6.11.0-rc6-syzkaller-00019-g67784a74e258 #0
[ 88.004624][ T5098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.008708][ T5098] Call Trace:
[ 88.010026][ T5098]
[ 88.011157][ T5098] dump_stack_lvl+0x241/0x360
[ 88.013012][ T5098] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.015014][ T5098] ? __pfx__printk+0x10/0x10
[ 88.016755][ T5098] ? _printk+0xd5/0x120
[ 88.018362][ T5098] ? __virt_addr_valid+0x183/0x530
[ 88.020295][ T5098] ? __virt_addr_valid+0x183/0x530
[ 88.022080][ T5098] print_report+0x169/0x550
[ 88.023818][ T5098] ? __virt_addr_valid+0x183/0x530
[ 88.025690][ T5098] ? __virt_addr_valid+0x183/0x530
[ 88.027603][ T5098] ? __virt_addr_valid+0x45f/0x530
[ 88.029460][ T5098] ? __phys_addr+0xba/0x170
[ 88.031073][ T5098] ? udf_get_filelongad+0x167/0x1b0
[ 88.032746][ T5098] kasan_report+0x143/0x180
[ 88.034399][ T5098] ? udf_get_filelongad+0x167/0x1b0
[ 88.036306][ T5098] udf_get_filelongad+0x167/0x1b0
[ 88.038269][ T5098] udf_current_aext+0x435/0x9e0
[ 88.040273][ T5098] udf_next_aext+0x8c/0x4a0
[ 88.041948][ T5098] udf_setsize+0xa8a/0x1280
[ 88.043558][ T5098] ? __pfx_udf_setsize+0x10/0x10
[ 88.045278][ T5098] ? __pfx_down_write+0x10/0x10
[ 88.046932][ T5098] ? current_time+0x203/0x2b0
[ 88.048508][ T5098] udf_setattr+0x3c7/0x5d0
[ 88.050011][ T5098] ? __pfx_udf_setattr+0x10/0x10
[ 88.051676][ T5098] notify_change+0xbca/0xe90
[ 88.053262][ T5098] do_ftruncate+0x46b/0x590
[ 88.054797][ T5098] ? __pfx_do_ftruncate+0x10/0x10
[ 88.056579][ T5098] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 88.058908][ T5098] __x64_sys_ftruncate+0x95/0xf0
[ 88.060706][ T5098] do_syscall_64+0xf3/0x230
[ 88.062268][ T5098] ? clear_bhb_loop+0x35/0x90
[ 88.064044][ T5098] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.066099][ T5098] RIP: 0033:0x7fce22771f19
[ 88.067780][ T5098] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 88.074808][ T5098] RSP: 002b:00007ffeb08602a8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[ 88.077863][ T5098] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fce22771f19
[ 88.080727][ T5098] RDX: 00007fce22771f19 RSI: 0000008002007ffb RDI: 0000000000000005
[ 88.083605][ T5098] RBP: 00007fce227e65f0 R08: 0000555590bd34c0 R09: 0000555590bd34c0
[ 88.086536][ T5098] R10: 0000555590bd34c0 R11: 0000000000000246 R12: 00007ffeb08602d0
[ 88.089359][ T5098] R13: 00007ffeb08604f8 R14: 431bde82d7b634db R15: 00007fce227bb03b
[ 88.092234][ T5098]
[ 88.093401][ T5098]
[ 88.094340][ T5098] Allocated by task 1:
[ 88.095884][ T5098] kasan_save_track+0x3f/0x80
[ 88.097737][ T5098] __kasan_kmalloc+0x98/0xb0
[ 88.099368][ T5098] __kmalloc_cache_noprof+0x19c/0x2c0
[ 88.101012][ T5098] device_add+0xc1/0xbf0
[ 88.102296][ T5098] tty_register_device_attr+0x437/0x960
[ 88.104192][ T5098] tty_register_driver+0x5f6/0xc30
[ 88.105998][ T5098] legacy_pty_init+0x3c7/0x610
[ 88.107686][ T5098] pty_init+0xe/0x20
[ 88.108982][ T5098] do_one_initcall+0x248/0x880
[ 88.110547][ T5098] do_initcall_level+0x157/0x210
[ 88.112265][ T5098] do_initcalls+0x3f/0x80
[ 88.113674][ T5098] kernel_init_freeable+0x435/0x5d0
[ 88.115344][ T5098] kernel_init+0x1d/0x2b0
[ 88.116702][ T5098] ret_from_fork+0x4b/0x80
[ 88.118568][ T5098] ret_from_fork_asm+0x1a/0x30
[ 88.120141][ T5098]
[ 88.121029][ T5098] The buggy address belongs to the object at ffff888032b5dc00
[ 88.121029][ T5098] which belongs to the cache kmalloc-512 of size 512
[ 88.125611][ T5098] The buggy address is located 544 bytes to the right of
[ 88.125611][ T5098] allocated 272-byte region [ffff888032b5dc00, ffff888032b5dd10)
[ 88.130811][ T5098]
[ 88.131664][ T5098] The buggy address belongs to the physical page:
[ 88.133947][ T5098] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x32b5c
[ 88.136865][ T5098] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 88.139677][ T5098] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 88.142465][ T5098] page_type: 0xfdffffff(slab)
[ 88.144277][ T5098] raw: 04fff00000000040 ffff88801ac41c80 dead000000000122 0000000000000000
[ 88.147487][ T5098] raw: 0000000000000000 0000000000080008 00000001fdffffff 0000000000000000
[ 88.150822][ T5098] head: 04fff00000000040 ffff88801ac41c80 dead000000000122 0000000000000000
[ 88.154111][ T5098] head: 0000000000000000 0000000000080008 00000001fdffffff 0000000000000000
[ 88.157176][ T5098] head: 04fff00000000001 ffffea0000cad701 ffffffffffffffff 0000000000000000
[ 88.160409][ T5098] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[ 88.163635][ T5098] page dumped because: kasan: bad access detected
[ 88.166094][ T5098] page_owner tracks the page as allocated
[ 88.168277][ T5098] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 9351108841, free_ts 0
[ 88.175253][ T5098] post_alloc_hook+0x1f3/0x230
[ 88.177106][ T5098] get_page_from_freelist+0x2e4c/0x2f10
[ 88.179218][ T5098] __alloc_pages_noprof+0x256/0x6c0
[ 88.181291][ T5098] alloc_slab_page+0x5f/0x120
[ 88.183103][ T5098] allocate_slab+0x5a/0x2f0
[ 88.184887][ T5098] ___slab_alloc+0xcd1/0x14b0
[ 88.186709][ T5098] __slab_alloc+0x58/0xa0
[ 88.188348][ T5098] __kmalloc_cache_noprof+0x1d5/0x2c0
[ 88.190381][ T5098] device_add+0xc1/0xbf0
[ 88.192025][ T5098] tty_register_device_attr+0x437/0x960
[ 88.194206][ T5098] tty_register_driver+0x5f6/0xc30
[ 88.196129][ T5098] legacy_pty_init+0x3c7/0x610
[ 88.198004][ T5098] pty_init+0xe/0x20
[ 88.199552][ T5098] do_one_initcall+0x248/0x880
[ 88.201461][ T5098] do_initcall_level+0x157/0x210
[ 88.203374][ T5098] do_initcalls+0x3f/0x80
[ 88.205072][ T5098] page_owner free stack trace missing
[ 88.207131][ T5098]
[ 88.208026][ T5098] Memory state around the buggy address:
[ 88.210173][ T5098] ffff888032b5de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 88.213224][ T5098] ffff888032b5de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 88.215975][ T5098] >ffff888032b5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 88.218559][ T5098] ^
[ 88.220499][ T5098] ffff888032b5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 88.223168][ T5098] ffff888032b5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 88.225672][ T5098] ==================================================================
[ 88.484515][ T5098] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 88.487362][ T5098] CPU: 0 UID: 0 PID: 5098 Comm: syz-executor195 Not tainted 6.11.0-rc6-syzkaller-00019-g67784a74e258 #0
[ 88.491416][ T5098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.495571][ T5098] Call Trace:
[ 88.496980][ T5098]
[ 88.498243][ T5098] dump_stack_lvl+0x241/0x360
[ 88.500054][ T5098] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.501960][ T5098] ? __pfx__printk+0x10/0x10
[ 88.503514][ T5098] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 88.505741][ T5098] ? vscnprintf+0x5d/0x90
[ 88.507418][ T5098] panic+0x349/0x860
[ 88.508929][ T5098] ? check_panic_on_warn+0x21/0xb0
[ 88.510876][ T5098] ? __pfx_panic+0x10/0x10
[ 88.512611][ T5098] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 88.514916][ T5098] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 88.517297][ T5098] check_panic_on_warn+0x86/0xb0
[ 88.519176][ T5098] ? udf_get_filelongad+0x167/0x1b0
[ 88.521189][ T5098] end_report+0x77/0x160
[ 88.522771][ T5098] kasan_report+0x154/0x180
[ 88.524483][ T5098] ? udf_get_filelongad+0x167/0x1b0
[ 88.526387][ T5098] udf_get_filelongad+0x167/0x1b0
[ 88.528264][ T5098] udf_current_aext+0x435/0x9e0
[ 88.529980][ T5098] udf_next_aext+0x8c/0x4a0
[ 88.531654][ T5098] udf_setsize+0xa8a/0x1280
[ 88.533395][ T5098] ? __pfx_udf_setsize+0x10/0x10
[ 88.535187][ T5098] ? __pfx_down_write+0x10/0x10
[ 88.537079][ T5098] ? current_time+0x203/0x2b0
[ 88.538886][ T5098] udf_setattr+0x3c7/0x5d0
[ 88.540507][ T5098] ? __pfx_udf_setattr+0x10/0x10
[ 88.542433][ T5098] notify_change+0xbca/0xe90
[ 88.544157][ T5098] do_ftruncate+0x46b/0x590
[ 88.545865][ T5098] ? __pfx_do_ftruncate+0x10/0x10
[ 88.547752][ T5098] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 88.550015][ T5098] __x64_sys_ftruncate+0x95/0xf0
[ 88.551813][ T5098] do_syscall_64+0xf3/0x230
[ 88.553428][ T5098] ? clear_bhb_loop+0x35/0x90
[ 88.555088][ T5098] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.557360][ T5098] RIP: 0033:0x7fce22771f19
[ 88.558980][ T5098] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 88.567656][ T5098] RSP: 002b:00007ffeb08602a8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[ 88.571412][ T5098] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fce22771f19
[ 88.574487][ T5098] RDX: 00007fce22771f19 RSI: 0000008002007ffb RDI: 0000000000000005
[ 88.577621][ T5098] RBP: 00007fce227e65f0 R08: 0000555590bd34c0 R09: 0000555590bd34c0
[ 88.580753][ T5098] R10: 0000555590bd34c0 R11: 0000000000000246 R12: 00007ffeb08602d0
[ 88.583591][ T5098] R13: 00007ffeb08604f8 R14: 431bde82d7b634db R15: 00007fce227bb03b
[ 88.586521][ T5098]
[ 88.587942][ T5098] Kernel Offset: disabled
[ 88.589418][ T5098] Rebooting in 86400 seconds..
VM DIAGNOSIS:
01:46:35 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000035 RBX=ffffffff9a668f20 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc90002c5f170
R8 =ffffffff85409ccb R9 =1ffff11003ddb046 R10=dffffc0000000000 R11=ffffffff85409c80
R12=dffffc0000000000 R13=0000000000000035 R14=0000000000000035 R15=00000000000003f8
RIP=ffffffff85409cfe RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555590bd2380 ffffffff 00c00000
GS =0000 ffff88801fe00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000562a37c913c0 CR3=0000000035024000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000440401 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeb08602b0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce227f2640 00007fce227e65d8
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce227d77e4 00007fce227eb260
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65723d73726f7272 6500747865003036 36396f7369007265 6c6c616b7a797300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40571856574a5757 4000515d40001513 131c4a564c005740 4949444e5f5c5600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000