Warning: Permanently added '10.128.1.141' (ED25519) to the list of known hosts.
executing program
[   43.214617][ T3967] loop0: detected capacity change from 0 to 2048
[   43.260809][ T3967] =======================================================
[   43.260809][ T3967] WARNING: The mand mount option has been deprecated and
[   43.260809][ T3967]          and is ignored by this kernel. Remove the mand
[   43.260809][ T3967]          option from the mount to silence this warning.
[   43.260809][ T3967] =======================================================
[   43.320982][ T3967] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   43.324907][ T3967] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   43.330468][ T3967] ==================================================================
[   43.332393][ T3967] BUG: KASAN: slab-out-of-bounds in udf_write_aext+0x578/0x668
[   43.334014][ T3967] Write of size 4 at addr ffff0000da1d73f8 by task syz-executor140/3967
[   43.335754][ T3967] 
[   43.336203][ T3967] CPU: 0 PID: 3967 Comm: syz-executor140 Not tainted 5.15.147-syzkaller #0
[   43.338014][ T3967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   43.340139][ T3967] Call trace:
[   43.340826][ T3967]  dump_backtrace+0x0/0x530
[   43.341745][ T3967]  show_stack+0x2c/0x3c
[   43.342653][ T3967]  dump_stack_lvl+0x108/0x170
[   43.343604][ T3967]  print_address_description+0x7c/0x3f0
[   43.344843][ T3967]  kasan_report+0x174/0x1e4
[   43.345817][ T3967]  __asan_report_store_n_noabort+0x40/0x4c
[   43.347036][ T3967]  udf_write_aext+0x578/0x668
[   43.348073][ T3967]  udf_add_entry+0x11e0/0x28b0
[   43.349124][ T3967]  udf_mkdir+0x158/0x7e0
[   43.350087][ T3967]  vfs_mkdir+0x350/0x514
[   43.350975][ T3967]  do_mkdirat+0x20c/0x610
[   43.351894][ T3967]  __arm64_sys_mkdirat+0x90/0xa8
[   43.353011][ T3967]  invoke_syscall+0x98/0x2b8
[   43.354032][ T3967]  el0_svc_common+0x138/0x258
[   43.355111][ T3967]  do_el0_svc+0x58/0x14c
[   43.356003][ T3967]  el0_svc+0x7c/0x1f0
[   43.356875][ T3967]  el0t_64_sync_handler+0x84/0xe4
[   43.357942][ T3967]  el0t_64_sync+0x1a0/0x1a4
[   43.358879][ T3967] 
[   43.359384][ T3967] Allocated by task 3596:
[   43.360394][ T3967]  ____kasan_kmalloc+0xbc/0xfc
[   43.361423][ T3967]  __kasan_kmalloc+0x10/0x1c
[   43.362400][ T3967]  __kmalloc_node_track_caller+0x234/0x448
[   43.363714][ T3967]  kmalloc_reserve+0xe8/0x270
[   43.364777][ T3967]  __alloc_skb+0x1a4/0x584
[   43.365773][ T3967]  netlink_sendmsg+0x644/0xb38
[   43.366847][ T3967]  ____sys_sendmsg+0x584/0x870
[   43.367972][ T3967]  ___sys_sendmsg+0x214/0x294
[   43.369065][ T3967]  __arm64_sys_sendmsg+0x1ac/0x25c
[   43.370267][ T3967]  invoke_syscall+0x98/0x2b8
[   43.371308][ T3967]  el0_svc_common+0x138/0x258
[   43.372438][ T3967]  do_el0_svc+0x58/0x14c
[   43.373418][ T3967]  el0_svc+0x7c/0x1f0
[   43.374218][ T3967]  el0t_64_sync_handler+0x84/0xe4
[   43.375356][ T3967]  el0t_64_sync+0x1a0/0x1a4
[   43.376380][ T3967] 
[   43.376894][ T3967] The buggy address belongs to the object at ffff0000da1d7000
[   43.376894][ T3967]  which belongs to the cache kmalloc-512 of size 512
[   43.379876][ T3967] The buggy address is located 504 bytes to the right of
[   43.379876][ T3967]  512-byte region [ffff0000da1d7000, ffff0000da1d7200)
[   43.382930][ T3967] The buggy address belongs to the page:
[   43.384131][ T3967] page:00000000686002cb refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000da1d7000 pfn:0x11a1d4
[   43.386621][ T3967] head:00000000686002cb order:2 compound_mapcount:0 compound_pincount:0
[   43.388431][ T3967] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   43.390142][ T3967] raw: 05ffc00000010200 fffffc00032a2000 0000000400000004 ffff0000c0002600
[   43.392024][ T3967] raw: ffff0000da1d7000 0000000080100008 00000001ffffffff 0000000000000000
[   43.393894][ T3967] page dumped because: kasan: bad access detected
[   43.395356][ T3967] 
[   43.395834][ T3967] Memory state around the buggy address:
[   43.397061][ T3967]  ffff0000da1d7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   43.398788][ T3967]  ffff0000da1d7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   43.400678][ T3967] >ffff0000da1d7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   43.402463][ T3967]                                                                 ^
[   43.404197][ T3967]  ffff0000da1d7400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   43.405953][ T3967]  ffff0000da1d7480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   43.407718][ T3967] ==================================================================
[   43.409356][ T3967] Disabling lock debugging due to kernel taint