program:
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000, &(0x7f0000001400)={[{@nombcache}, {@errors_continue}, {@stripe={'stripe', 0x3d, 0x7}}, {@discard}, {@max_dir_size_kb}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@max_batch_time}, {@test_dummy_encryption}]}, 0xd, 0x5f6, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvbH40aapJi6j1YBdEWtAmTdpKEQ/tVUqoP/DixdiktXbbhiaiqUJTqBdBvIgInjxYwT9Ci732pCB48OJJCkWlR8GV2cyk2exufmyTbOx8PrDNzHsz8950882befvebACFVU7/KUXsjYjpJGIwmV/M644ss7yw3b2/PzqdvpKoVl/7M4kkS8u3T7KfA9nOfRHx049J7OlqLHdm7sr5iUpl6nK2PjJ7YXpkZu7KwXMXJs5OnZ26OPbC2LGjR44eGz3U1nldbZJ28vq77w9+Mv7mN1/9k4x++9t4Esfj5WzDpecREb+U2iq1XjnKtf+TpDFr4NgGHH876Mp+T5a+xUl3ByvEuuTvX09EPBGD0RX337zB+PiVjlYO2FTVJKIKFFQi/qGg8uuA/N5+2X1wbMR9MLA93T2x0AHQGP/dC32D0VfrG9h5L4ml3TpJRLTXM1dvV0TcvjV+/cyt8evR2A8HbKL5axHxZLP4T2rxPxR9MVSL/1Jd/KfXBaeyn2n6q22Wv7yruDH+D7d5ZGA1C/Hft2L8R4v4f2tJ/L/dZvnl+4vv9NfFf3+7pwQAAAAAAACFdfNERDzf7PP/0uL4n2gy/mcgIo5vQPnlZeuNn/+X7mxAMUATd09EvNR0/G8pH/071JUtPVIbD9CTnDlXmToUEY9GxIHo2ZGuj65QxsFP93zZKq+cjf/LX2n5t7OxgFk97nTvqN9ncmJ24kHPG4i4ey3iqabjf5PF9j9p0v6nfw+m11jGnmdvnGqVt3r8A5ul+nXE/qbt//2nViQrP59jpHY9MJJfFTR6+sPPvm9Vfrvx7xET8ODS9n/nyvE/lCx9Xs/M+ss4PNddbZXX7vV/b/J67ZEzvVnaBxOzs5dHI3qTk11pal362PrrDA+jPB7yeEnj/8AzK/f/Nbv+74+I+WXHTv6qn1Oce/zfgd9b1cf1P3ROGv+T62r/178wdmPoh1blr639P1Jr6w9kKfr/YMEXeZj21qc3RuFiQNdlbXV9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBhUIqIXZGUhheXS6Xh4YiBiHgsdpYql2Zmnztz6b2Lk2le7fv/S/k3/Q4urCf59/8PLVkfW7Z+OCJ2R8TnXf219eHTlyqTnT55AAAAAAAAAAAAAAAAAAAA2CYGWsz/T/3R1enaAZuuu9MVADqmSfz/3Il6AFtP+w/FJf6huMQ/FJf4h+IS/1Bc4h+KS/xDcYl/AAAAAAB4qOzed/PXJCLmX+yvvVK9WV5PR2sGbLZSpysAdIxH/EBxGfoDxeUeH0hWye9rudNqe65k+vQD7AwAAAAAAAAAAAAAhbN/r/n/UFTm/0Nxmf8PxZXP/9/X4XoAW889PhCrzORvOv9/1b0AAAAAAAAAAAAAgI00M3fl/ESlMnV5Ixd2xBo3/m4zSm934Y3tUY2tXKhWq1fT34LtUp//+UI+FH6LS++OtW2cz/Vb25E79zcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo918AAAD//x99I+M=")
chdir(&(0x7f0000000140)='./file0\x00')
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x20007, 0x0, 0x200000, 0xd, "22536af39b7c7cb7435b0abd072dbc3a9ada34cc97af10fd4fcca15748328c5309c39fb6989ba743d30b59c491a7b3e74d938981061383374a1d79471a2d2dfe", "0410b1617b6217917d72322c0c5aa9263626c0240010f9db74161ccff2c5cf5e", [0x3, 0x800]})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
[ 85.162943][ T5316] Bluetooth: hci0: command tx timeout
[ 85.244301][ T5340] loop0: detected capacity change from 0 to 1024
[ 85.263629][ T5340] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 85.269462][ T5340] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 85.297459][ T5340] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 85.332504][ T5340] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[ 85.373274][ T5340] loop0: detected capacity change from 1024 to 767
[ 85.387444][ T5340] ==================================================================
[ 85.390772][ T5340] BUG: KASAN: slab-out-of-bounds in ext4_search_dir+0xf1/0x1b0
[ 85.394312][ T5340] Read of size 1 at addr ffff8880524cd6aa by task syz.0.0/5340
[ 85.397586][ T5340]
[ 85.398604][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.398619][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.398627][ T5340] Call Trace:
[ 85.398634][ T5340]
[ 85.398640][ T5340] dump_stack_lvl+0x189/0x250
[ 85.398661][ T5340] ? __virt_addr_valid+0x1c8/0x5c0
[ 85.398678][ T5340] ? rcu_is_watching+0x15/0xb0
[ 85.398691][ T5340] ? __pfx_dump_stack_lvl+0x10/0x10
[ 85.398704][ T5340] ? rcu_is_watching+0x15/0xb0
[ 85.398716][ T5340] ? lock_release+0x4b/0x3e0
[ 85.398726][ T5340] ? _raw_spin_lock_irqsave+0xb3/0xf0
[ 85.398786][ T5340] ? __virt_addr_valid+0x1c8/0x5c0
[ 85.398838][ T5340] ? __virt_addr_valid+0x4a5/0x5c0
[ 85.398855][ T5340] print_report+0xca/0x240
[ 85.398869][ T5340] ? ext4_search_dir+0xf1/0x1b0
[ 85.398880][ T5340] kasan_report+0x118/0x150
[ 85.398894][ T5340] ? ext4_search_dir+0xf1/0x1b0
[ 85.398906][ T5340] ext4_search_dir+0xf1/0x1b0
[ 85.398919][ T5340] ext4_find_inline_entry+0x492/0x5f0
[ 85.398932][ T5340] ? __pfx_ext4_find_inline_entry+0x10/0x10
[ 85.398944][ T5340] ? kasan_quarantine_put+0xdd/0x220
[ 85.398963][ T5340] __ext4_find_entry+0x2fd/0x1f20
[ 85.398981][ T5340] ? __pfx___ext4_find_entry+0x10/0x10
[ 85.398994][ T5340] ? ext4_fname_prepare_lookup+0x3b8/0x4c0
[ 85.399014][ T5340] ext4_lookup+0x13d/0x6c0
[ 85.399025][ T5340] ? apparmor_path_mknod+0x1b1/0x230
[ 85.399036][ T5340] ? __pfx_ext4_lookup+0x10/0x10
[ 85.399050][ T5340] ? inode_permission+0x149/0x470
[ 85.399064][ T5340] ? bpf_lsm_path_mknod+0x9/0x20
[ 85.399078][ T5340] ? bpf_lsm_inode_create+0x9/0x20
[ 85.399093][ T5340] path_openat+0x1101/0x3830
[ 85.399110][ T5340] ? __pfx_path_openat+0x10/0x10
[ 85.399119][ T5340] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.399134][ T5340] do_filp_open+0x1fa/0x410
[ 85.399143][ T5340] ? __lock_acquire+0xab9/0xd20
[ 85.399155][ T5340] ? __pfx_do_filp_open+0x10/0x10
[ 85.399169][ T5340] ? _raw_spin_unlock+0x28/0x50
[ 85.399216][ T5340] ? alloc_fd+0x64c/0x6c0
[ 85.399232][ T5340] do_sys_openat2+0x121/0x1c0
[ 85.399248][ T5340] ? __se_sys_futex+0x36f/0x400
[ 85.399265][ T5340] ? __pfx_do_sys_openat2+0x10/0x10
[ 85.399281][ T5340] ? rcu_is_watching+0x15/0xb0
[ 85.399294][ T5340] __x64_sys_creat+0x8f/0xc0
[ 85.399310][ T5340] do_syscall_64+0xfa/0x3b0
[ 85.399321][ T5340] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.399336][ T5340] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.399348][ T5340] ? clear_bhb_loop+0x60/0xb0
[ 85.399361][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.399371][ T5340] RIP: 0033:0x7fa6e0b8eec9
[ 85.399383][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.399392][ T5340] RSP: 002b:00007fa6e19bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 85.399405][ T5340] RAX: ffffffffffffffda RBX: 00007fa6e0de5fa0 RCX: 00007fa6e0b8eec9
[ 85.399414][ T5340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[ 85.399422][ T5340] RBP: 00007fa6e0c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.399430][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.399437][ T5340] R13: 00007fa6e0de6038 R14: 00007fa6e0de5fa0 R15: 00007ffc0ccd3ae8
[ 85.399450][ T5340]
[ 85.399454][ T5340]
[ 85.537905][ T5340] The buggy address belongs to the object at ffff8880524cc000
[ 85.537905][ T5340] which belongs to the cache kmalloc-4k of size 4096
[ 85.543669][ T5340] The buggy address is located 1706 bytes to the right of
[ 85.543669][ T5340] allocated 4096-byte region [ffff8880524cc000, ffff8880524cd000)
[ 85.549773][ T5340]
[ 85.550819][ T5340] The buggy address belongs to the physical page:
[ 85.553526][ T5340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x524c8
[ 85.557300][ T5340] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 85.560695][ T5340] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 85.563728][ T5340] page_type: f5(slab)
[ 85.565374][ T5340] raw: 04fff00000000040 ffff88801a042140 dead000000000122 0000000000000000
[ 85.568769][ T5340] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000
[ 85.572148][ T5340] head: 04fff00000000040 ffff88801a042140 dead000000000122 0000000000000000
[ 85.575702][ T5340] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000
[ 85.579295][ T5340] head: 04fff00000000003 ffffea0001493201 00000000ffffffff 00000000ffffffff
[ 85.582973][ T5340] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 85.586642][ T5340] page dumped because: kasan: bad access detected
[ 85.589525][ T5340] page_owner tracks the page as allocated
[ 85.592079][ T5340] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4728, tgid 4728 (udevd), ts 85381185114, free_ts 0
[ 85.600293][ T5340] post_alloc_hook+0x240/0x2a0
[ 85.602397][ T5340] get_page_from_freelist+0x21e4/0x22c0
[ 85.604769][ T5340] __alloc_frozen_pages_noprof+0x181/0x370
[ 85.607324][ T5340] alloc_pages_mpol+0x232/0x4a0
[ 85.609290][ T5340] allocate_slab+0x8a/0x370
[ 85.611082][ T5340] ___slab_alloc+0xbeb/0x1420
[ 85.612950][ T5340] __kmalloc_noprof+0x305/0x4f0
[ 85.614867][ T5340] tomoyo_realpath_from_path+0xe3/0x5d0
[ 85.617273][ T5340] tomoyo_check_open_permission+0x1c1/0x3b0
[ 85.619873][ T5340] security_file_open+0xb1/0x270
[ 85.621851][ T5340] do_dentry_open+0x384/0x13f0
[ 85.623797][ T5340] vfs_open+0x3b/0x340
[ 85.625492][ T5340] path_openat+0x2ee5/0x3830
[ 85.627299][ T5340] do_filp_open+0x1fa/0x410
[ 85.629134][ T5340] do_sys_openat2+0x121/0x1c0
[ 85.631147][ T5340] __x64_sys_openat+0x138/0x170
[ 85.633285][ T5340] page_owner free stack trace missing
[ 85.635631][ T5340]
[ 85.636693][ T5340] Memory state around the buggy address:
[ 85.639255][ T5340] ffff8880524cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.642638][ T5340] ffff8880524cd600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.645903][ T5340] >ffff8880524cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.649117][ T5340] ^
[ 85.651270][ T5340] ffff8880524cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.654459][ T5340] ffff8880524cd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.657824][ T5340] ==================================================================
[ 85.689131][ T5340] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 85.692470][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.696433][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.700630][ T5340] Call Trace:
[ 85.702045][ T5340]
[ 85.703268][ T5340] dump_stack_lvl+0x99/0x250
[ 85.705205][ T5340] ? __asan_memcpy+0x40/0x70
[ 85.707138][ T5340] ? __pfx_dump_stack_lvl+0x10/0x10
[ 85.709289][ T5340] ? __pfx__printk+0x10/0x10
[ 85.711248][ T5340] vpanic+0x281/0x750
[ 85.713008][ T5340] ? preempt_schedule+0xae/0xc0
[ 85.715106][ T5340] ? __pfx_vpanic+0x10/0x10
[ 85.717093][ T5340] ? preempt_schedule_common+0x83/0xd0
[ 85.719387][ T5340] ? preempt_schedule+0xae/0xc0
[ 85.721541][ T5340] ? __pfx_preempt_schedule+0x10/0x10
[ 85.723840][ T5340] panic+0xb9/0xc0
[ 85.725467][ T5340] ? __pfx_panic+0x10/0x10
[ 85.727453][ T5340] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 85.729911][ T5340] ? is_module_address+0x17/0xf0
[ 85.731943][ T5340] ? ext4_search_dir+0xf1/0x1b0
[ 85.733978][ T5340] check_panic_on_warn+0x89/0xb0
[ 85.736102][ T5340] ? ext4_search_dir+0xf1/0x1b0
[ 85.738174][ T5340] end_report+0x78/0x160
[ 85.740022][ T5340] kasan_report+0x129/0x150
[ 85.741941][ T5340] ? ext4_search_dir+0xf1/0x1b0
[ 85.743978][ T5340] ext4_search_dir+0xf1/0x1b0
[ 85.746060][ T5340] ext4_find_inline_entry+0x492/0x5f0
[ 85.748479][ T5340] ? __pfx_ext4_find_inline_entry+0x10/0x10
[ 85.751747][ T5340] ? kasan_quarantine_put+0xdd/0x220
[ 85.754614][ T5340] __ext4_find_entry+0x2fd/0x1f20
[ 85.757278][ T5340] ? __pfx___ext4_find_entry+0x10/0x10
[ 85.760182][ T5340] ? ext4_fname_prepare_lookup+0x3b8/0x4c0
[ 85.763025][ T5340] ext4_lookup+0x13d/0x6c0
[ 85.764927][ T5340] ? apparmor_path_mknod+0x1b1/0x230
[ 85.767079][ T5340] ? __pfx_ext4_lookup+0x10/0x10
[ 85.769193][ T5340] ? inode_permission+0x149/0x470
[ 85.771214][ T5340] ? bpf_lsm_path_mknod+0x9/0x20
[ 85.773051][ T5340] ? bpf_lsm_inode_create+0x9/0x20
[ 85.774847][ T5340] path_openat+0x1101/0x3830
[ 85.776552][ T5340] ? __pfx_path_openat+0x10/0x10
[ 85.778358][ T5340] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.780449][ T5340] do_filp_open+0x1fa/0x410
[ 85.782247][ T5340] ? __lock_acquire+0xab9/0xd20
[ 85.784193][ T5340] ? __pfx_do_filp_open+0x10/0x10
[ 85.786284][ T5340] ? _raw_spin_unlock+0x28/0x50
[ 85.788247][ T5340] ? alloc_fd+0x64c/0x6c0
[ 85.789999][ T5340] do_sys_openat2+0x121/0x1c0
[ 85.791886][ T5340] ? __se_sys_futex+0x36f/0x400
[ 85.793827][ T5340] ? __pfx_do_sys_openat2+0x10/0x10
[ 85.796057][ T5340] ? rcu_is_watching+0x15/0xb0
[ 85.797961][ T5340] __x64_sys_creat+0x8f/0xc0
[ 85.799931][ T5340] do_syscall_64+0xfa/0x3b0
[ 85.801914][ T5340] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.804263][ T5340] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.806733][ T5340] ? clear_bhb_loop+0x60/0xb0
[ 85.808668][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.811219][ T5340] RIP: 0033:0x7fa6e0b8eec9
[ 85.813030][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.820346][ T5340] RSP: 002b:00007fa6e19bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 85.823905][ T5340] RAX: ffffffffffffffda RBX: 00007fa6e0de5fa0 RCX: 00007fa6e0b8eec9
[ 85.827359][ T5340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[ 85.830593][ T5340] RBP: 00007fa6e0c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.833641][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.836645][ T5340] R13: 00007fa6e0de6038 R14: 00007fa6e0de5fa0 R15: 00007ffc0ccd3ae8
[ 85.839563][ T5340]
[ 85.841140][ T5340] Kernel Offset: disabled
[ 85.842966][ T5340] Rebooting in 86400 seconds..