Warning: Permanently added '10.128.0.228' (ECDSA) to the list of known hosts.
executing program
[   63.346759][   T23] audit: type=1400 audit(1673854420.369:73): avc:  denied  { execmem } for  pid=365 comm="syz-executor246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   63.351140][   T23] audit: type=1400 audit(1673854420.369:74): avc:  denied  { read write } for  pid=365 comm="syz-executor246" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   63.358950][   T23] audit: type=1400 audit(1673854420.369:75): avc:  denied  { open } for  pid=365 comm="syz-executor246" path="/dev/loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   63.364569][   T23] audit: type=1400 audit(1673854420.369:76): avc:  denied  { ioctl } for  pid=365 comm="syz-executor246" path="/dev/loop0" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   63.379424][   T23] audit: type=1400 audit(1673854420.389:77): avc:  denied  { mounton } for  pid=366 comm="syz-executor246" path="/root/file0" dev="sda1" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   63.394640][  T367] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   63.411220][   T23] audit: type=1400 audit(1673854420.439:78): avc:  denied  { mount } for  pid=366 comm="syz-executor246" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   63.433187][   T23] audit: type=1400 audit(1673854420.449:79): avc:  denied  { write } for  pid=366 comm="syz-executor246" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   63.455203][   T23] audit: type=1400 audit(1673854420.449:80): avc:  denied  { add_name } for  pid=366 comm="syz-executor246" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   63.475912][   T23] audit: type=1400 audit(1673854420.449:81): avc:  denied  { create } for  pid=366 comm="syz-executor246" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   63.496225][   T23] audit: type=1400 audit(1673854420.449:82): avc:  denied  { write open } for  pid=366 comm="syz-executor246" path="/root/file0/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
[   63.586927][   T24] ==================================================================
[   63.595021][   T24] BUG: KASAN: use-after-free in get_max_inline_xattr_value_size+0x387/0x530
[   63.603665][   T24] Read of size 4 at addr ffff8881051c1084 by task kworker/0:1/24
[   63.611349][   T24] 
[   63.613656][   T24] CPU: 0 PID: 24 Comm: kworker/0:1 Not tainted 5.10.161-syzkaller-00019-g416c4356f372 #0
[   63.623423][   T24] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   63.633455][   T24] Workqueue: events p9_write_work
[   63.638450][   T24] Call Trace:
[   63.641727][   T24]  dump_stack_lvl+0x1e2/0x24b
[   63.646397][   T24]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   63.651844][   T24]  ? panic+0x7d7/0x7d7
[   63.655895][   T24]  print_address_description+0x81/0x3c0
[   63.661502][   T24]  ? __kasan_check_write+0x14/0x20
[   63.666586][   T24]  kasan_report+0x1a4/0x1f0
[   63.671063][   T24]  ? __down_read+0xe0/0x2c0
[   63.675538][   T24]  ? get_max_inline_xattr_value_size+0x387/0x530
[   63.681836][   T24]  ? get_max_inline_xattr_value_size+0x387/0x530
[   63.688138][   T24]  __asan_report_load4_noabort+0x14/0x20
[   63.693745][   T24]  get_max_inline_xattr_value_size+0x387/0x530
[   63.699873][   T24]  ext4_get_max_inline_size+0x142/0x200
[   63.705388][   T24]  ? asan.module_dtor+0x20/0x20
[   63.710210][   T24]  ? page_ext_put+0x1c/0x30
[   63.714710][   T24]  ? __page_pinner_migration_failed+0xe5/0x250
[   63.720843][   T24]  ext4_try_to_write_inline_data+0xb1/0x570
[   63.726714][   T24]  ? PageUptodate+0xc0/0xc0
[   63.731194][   T24]  ? ext4_writepage_trans_blocks+0x2f2/0x370
[   63.737150][   T24]  ext4_write_begin+0x243/0x16f0
[   63.742062][   T24]  ? __getblk_gfp+0x3c/0x2a0
[   63.746632][   T24]  ? ext4_readahead+0x110/0x110
[   63.751482][   T24]  ? __ext4_get_inode_loc+0x44c/0xd20
[   63.756830][   T24]  ? unlock_page_memcg+0x10b/0x130
[   63.761926][   T24]  ? mark_buffer_dirty+0x1f2/0x310
[   63.767193][   T24]  ? mark_buffer_dirty+0x201/0x310
[   63.772301][   T24]  ? __ext4_handle_dirty_metadata+0x2d0/0x800
[   63.778345][   T24]  ? ext4_mark_iloc_dirty+0x2183/0x3350
[   63.783868][   T24]  ext4_da_write_begin+0x4a8/0xf10
[   63.788954][   T24]  ? ext4_set_page_dirty+0x1d0/0x1d0
[   63.794214][   T24]  ? ext4_blocks_for_truncate+0x240/0x240
[   63.799907][   T24]  ? load_balance+0x8d8/0x3360
[   63.804653][   T24]  ? iov_iter_fault_in_readable+0x261/0x500
[   63.810520][   T24]  ? __ext4_journal_stop+0x36/0x1c0
[   63.815695][   T24]  ? asan.module_dtor+0x20/0x20
[   63.820519][   T24]  ? ext4_dirty_inode+0xf0/0x120
[   63.825433][   T24]  ? __ext4_expand_extra_isize+0x3d0/0x3d0
[   63.831213][   T24]  ? __mark_inode_dirty+0x12f/0x930
[   63.836406][   T24]  generic_perform_write+0x309/0x5b0
[   63.841667][   T24]  ? file_remove_privs+0x640/0x640
[   63.846755][   T24]  ? grab_cache_page_write_begin+0xa0/0xa0
[   63.852535][   T24]  ? generic_write_checks+0x3d8/0x490
[   63.857883][   T24]  ext4_buffered_write_iter+0x47c/0x610
[   63.863406][   T24]  ext4_file_write_iter+0x192/0x1c70
[   63.868670][   T24]  ? avc_has_perm_noaudit+0x4c0/0x4c0
[   63.874019][   T24]  ? _raw_spin_lock+0xa3/0x1b0
[   63.878761][   T24]  ? kvm_sched_clock_read+0x18/0x40
[   63.883935][   T24]  ? sched_clock+0x3a/0x40
[   63.888329][   T24]  ? sched_clock_cpu+0x1b/0x3b0
[   63.893253][   T24]  ? ext4_file_read_iter+0x4d0/0x4d0
[   63.898518][   T24]  ? file_has_perm+0x4fd/0x6b0
[   63.903256][   T24]  ? iov_iter_kvec+0x3f/0x120
[   63.907927][   T24]  __kernel_write+0x5ad/0x9d0
[   63.912593][   T24]  ? vfs_read+0xbf0/0xbf0
[   63.916911][   T24]  ? fsnotify_perm+0x67/0x4e0
[   63.921572][   T24]  ? security_file_permission+0x9d/0xc0
[   63.927097][   T24]  ? security_file_permission+0xa8/0xc0
[   63.932620][   T24]  ? rw_verify_area+0x1c2/0x360
[   63.937449][   T24]  kernel_write+0x1e2/0x420
[   63.941935][   T24]  p9_write_work+0x5bc/0xce0
[   63.946504][   T24]  process_one_work+0x726/0xc10
[   63.951349][   T24]  worker_thread+0xb27/0x1550
[   63.956005][   T24]  ? __kthread_parkme+0xba/0x1d0
[   63.960917][   T24]  kthread+0x349/0x3d0
[   63.964961][   T24]  ? worker_clr_flags+0x180/0x180
[   63.969967][   T24]  ? kthread_blkcg+0xd0/0xd0
[   63.974536][   T24]  ret_from_fork+0x1f/0x30
[   63.978927][   T24] 
[   63.981268][   T24] Allocated by task 1:
[   63.985317][   T24]  __kasan_slab_alloc+0xb2/0xe0
[   63.990142][   T24]  kmem_cache_alloc+0x16c/0x300
[   63.994970][   T24]  acpi_ps_alloc_op+0x18d/0x38d
[   63.999800][   T24]  acpi_ps_create_op+0x3f4/0xc67
[   64.004712][   T24]  acpi_ps_parse_loop+0x635/0x1be0
[   64.009802][   T24]  acpi_ps_parse_aml+0x1d8/0x95d
[   64.014717][   T24]  acpi_ps_execute_method+0x5ad/0x6c4
[   64.020068][   T24]  acpi_ns_evaluate+0x637/0xa10
[   64.024897][   T24]  acpi_ut_evaluate_object+0x14d/0x479
[   64.030360][   T24]  acpi_ut_execute_STA+0xa8/0x1ae
[   64.035360][   T24]  acpi_ns_get_device_callback+0x25d/0x5d1
[   64.041142][   T24]  acpi_ns_walk_namespace+0x242/0x4ad
[   64.046486][   T24]  acpi_get_devices+0x13b/0x18e
[   64.051313][   T24]  pnpacpi_init+0x84/0x11d
[   64.055705][   T24]  do_one_initcall+0x1b5/0x610
[   64.060445][   T24]  do_initcall_level+0x192/0x2f0
[   64.065355][   T24]  do_initcalls+0x50/0x94
[   64.069657][   T24]  do_basic_setup+0x88/0x91
[   64.074135][   T24]  kernel_init_freeable+0x2ba/0x3f1
[   64.079307][   T24]  kernel_init+0x11/0x290
[   64.083628][   T24]  ret_from_fork+0x1f/0x30
[   64.088021][   T24] 
[   64.090342][   T24] The buggy address belongs to the object at ffff8881051c1058
[   64.090342][   T24]  which belongs to the cache Acpi-Parse of size 56
[   64.104201][   T24] The buggy address is located 44 bytes inside of
[   64.104201][   T24]  56-byte region [ffff8881051c1058, ffff8881051c1090)
[   64.117271][   T24] The buggy address belongs to the page:
[   64.122883][   T24] page:ffffea0004147040 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8881051c1e70 pfn:0x1051c1
[   64.134391][   T24] flags: 0x8000000000000200(slab)
[   64.139394][   T24] raw: 8000000000000200 ffffea0004146e00 0000001200000012 ffff888100066a80
[   64.147965][   T24] raw: ffff8881051c1e70 00000000802e0000 00000001ffffffff 0000000000000000
[   64.156530][   T24] page dumped because: kasan: bad access detected
[   64.162926][   T24] page_owner tracks the page as allocated
[   64.168632][   T24] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 1699670540, free_ts 0
[   64.183443][   T24]  get_page_from_freelist+0x755/0x810
[   64.188789][   T24]  __alloc_pages_nodemask+0x3b6/0x890
[   64.194133][   T24]  allocate_slab+0x78/0x540
[   64.198609][   T24]  ___slab_alloc+0x131/0x2e0
[   64.203187][   T24]  __slab_alloc+0x63/0xa0
[   64.207491][   T24]  kmem_cache_alloc+0x1ef/0x300
[   64.212842][   T24]  acpi_ps_alloc_op+0x18d/0x38d
[   64.217684][   T24]  acpi_ps_create_op+0x3f4/0xc67
[   64.222596][   T24]  acpi_ps_parse_loop+0x635/0x1be0
[   64.227684][   T24]  acpi_ps_parse_aml+0x1d8/0x95d
[   64.232598][   T24]  acpi_ps_execute_method+0x5ad/0x6c4
[   64.237942][   T24]  acpi_ns_evaluate+0x637/0xa10
[   64.242768][   T24]  acpi_ut_evaluate_object+0x14d/0x479
[   64.248201][   T24]  acpi_ut_execute_STA+0xa8/0x1ae
[   64.253204][   T24]  acpi_ns_get_device_callback+0x25d/0x5d1
[   64.258985][   T24]  acpi_ns_walk_namespace+0x242/0x4ad
[   64.264324][   T24] page_owner free stack trace missing
[   64.269662][   T24] 
[   64.271970][   T24] Memory state around the buggy address:
[   64.277590][   T24]  ffff8881051c0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   64.285638][   T24]  ffff8881051c1000: fb fb fb fb fb fb fb fc fc fc fc fb fb fb fb fb
[   64.293679][   T24] >ffff8881051c1080: fb fb fc fc fc fc fb fb fb fb fb fb fb fc fc fc
[   64.301726][   T24]                    ^
[   64.305785][   T24]  ffff8881051c1100: fc fb fb fb fb fb fb fb fc fc fc fc fb fb fb fb
[   64.313843][   T24]  ffff8881051c1180: fb fb fb fc fc fc fc fb fb fb fb fb fb fb fc fc
[   64.321880][   T24] ==================================================================
[   64.329913][   T24] Disabling lock debugging due to kernel taint
executing program
[   64.339262][   T24] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2179: inode #18: comm kworker/0:1: corrupted in-inode xattr
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory