last executing test programs: 278.167908ms ago: executing program 3 (id=4): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 248.088523ms ago: executing program 2 (id=3): socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x11, 0x4, 0x3c8, 0x1d0, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gre0\x00', 'macvtap0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@arp={@loopback, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@random="2c54f7982756"}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'dummy0\x00', 'macvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="5fcc041336f0", @empty, @private}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x88000cc, 0x0) fcntl$setpipe(r1, 0x407, 0x100004) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) 172.811354ms ago: executing program 0 (id=1): unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x81) 158.746296ms ago: executing program 0 (id=6): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0), 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000040000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="250300000000000000006700000004003d72c554cff301000000000008"], 0x24}}, 0x0) symlink(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00') rename(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file0/file0\x00') r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) clock_settime(0x2, &(0x7f0000000040)) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) vmsplice(r5, &(0x7f0000000280)=[{0x0}], 0x1, 0x0) dup(0xffffffffffffffff) 68.06138ms ago: executing program 1 (id=2): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000180)=0x100003, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x200008c4, &(0x7f000072e000)={0xa, 0x0, 0x0, @loopback}, 0x1c) close(r0) 54.057002ms ago: executing program 4 (id=5): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x20000) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000380), 0x101bf) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x0, 0x0, 0x15}) 34.206255ms ago: executing program 1 (id=7): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x8, &(0x7f0000000040)=0x2, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x28011, r1, 0x0) ftruncate(r1, 0x796c) getsockopt$inet6_tcp_buf(r0, 0x6, 0x8, 0x0, &(0x7f0000001040)) 12.645948ms ago: executing program 1 (id=8): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) openat(0xffffffffffffff9c, &(0x7f0000000700)='mnt/encrypted_dir/file\x00', 0x42, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000100)={@id={0x2, 0x0, @a}}) 0s ago: executing program 3 (id=9): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) open(&(0x7f00000002c0)='./file0/file0\x00', 0x141840, 0x0) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) lstat(&(0x7f0000000b00)='./file0/file0\x00', &(0x7f0000000b40)) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.238' (ED25519) to the list of known hosts. [ 19.757080][ T23] audit: type=1400 audit(1719353266.399:66): avc: denied { mounton } for pid=340 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 19.758565][ T340] cgroup1: Unknown subsys name 'net' [ 19.779536][ T23] audit: type=1400 audit(1719353266.399:67): avc: denied { mount } for pid=340 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.784786][ T340] cgroup1: Unknown subsys name 'net_prio' [ 19.812830][ T340] cgroup1: Unknown subsys name 'devices' [ 19.819554][ T23] audit: type=1400 audit(1719353266.469:68): avc: denied { unmount } for pid=340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.990832][ T340] cgroup1: Unknown subsys name 'hugetlb' [ 19.996458][ T340] cgroup1: Unknown subsys name 'rlimit' [ 20.160795][ T23] audit: type=1400 audit(1719353266.809:69): avc: denied { setattr } for pid=340 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=9293 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 20.184132][ T23] audit: type=1400 audit(1719353266.809:70): avc: denied { mounton } for pid=340 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 20.208759][ T23] audit: type=1400 audit(1719353266.809:71): avc: denied { mount } for pid=340 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 20.214318][ T342] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 20.240193][ T23] audit: type=1400 audit(1719353266.889:72): avc: denied { relabelto } for pid=342 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.265361][ T23] audit: type=1400 audit(1719353266.889:73): avc: denied { write } for pid=342 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.299994][ T23] audit: type=1400 audit(1719353266.949:74): avc: denied { read } for pid=340 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.325287][ T23] audit: type=1400 audit(1719353266.949:75): avc: denied { open } for pid=340 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.351198][ T340] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 20.637476][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.644529][ T350] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.651938][ T350] device bridge_slave_0 entered promiscuous mode [ 20.677969][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.684845][ T350] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.692272][ T350] device bridge_slave_1 entered promiscuous mode [ 20.702348][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.709276][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.716331][ T352] device bridge_slave_0 entered promiscuous mode [ 20.724714][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.731723][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.739066][ T352] device bridge_slave_1 entered promiscuous mode [ 20.755921][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.762768][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.770263][ T351] device bridge_slave_0 entered promiscuous mode [ 20.797242][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.804227][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.811518][ T351] device bridge_slave_1 entered promiscuous mode [ 20.847074][ T349] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.854116][ T349] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.861342][ T349] device bridge_slave_0 entered promiscuous mode [ 20.883737][ T349] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.890605][ T349] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.897743][ T349] device bridge_slave_1 entered promiscuous mode [ 20.944492][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.951398][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.958740][ T353] device bridge_slave_0 entered promiscuous mode [ 20.989755][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.996579][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.004209][ T353] device bridge_slave_1 entered promiscuous mode [ 21.135597][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.142566][ T350] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.149725][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.156550][ T350] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.172881][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.179738][ T352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.186933][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.193802][ T352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.209271][ T349] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.216104][ T349] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.223260][ T349] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.230003][ T349] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.240157][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.246990][ T351] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.254215][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.260971][ T351] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.306657][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.313508][ T353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.320636][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.327378][ T353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.362975][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.370047][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.376989][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.385293][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.394258][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.401426][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.408485][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.415426][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.422343][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.429392][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.436987][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.444295][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.451577][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.458958][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.478880][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.486534][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.494607][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.501433][ T361] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.508774][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.516739][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.523586][ T361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.554598][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.563011][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.571466][ T354] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.578322][ T354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.586062][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.594764][ T354] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.601598][ T354] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.608803][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.616474][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.625128][ T354] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.631952][ T354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.639207][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.646888][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.659550][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.667496][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.674346][ T372] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.681477][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.702334][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.710729][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.718882][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.726720][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.758706][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.765905][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.773324][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.781480][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.789404][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.796204][ T361] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.803594][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.811674][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.819689][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.826497][ T361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.833691][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.841799][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.850010][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.858084][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.888502][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.896310][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.904278][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.912899][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.920948][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.928885][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.936609][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.944597][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.952418][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.960148][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.967737][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.975639][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.988574][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.996792][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.019184][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.027422][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.036139][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.043909][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.051637][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.059973][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.068007][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.075901][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.088224][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.096227][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.125910][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.133734][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.142396][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.150680][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.158744][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.166598][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.174696][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.182792][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.191031][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.199262][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.207368][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.215354][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.228339][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.236448][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.244914][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.252932][ T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.268734][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.276760][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.285258][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.293826][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.301964][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.309919][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.351377][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.359941][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.367962][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.373842][ T375] EXT4-fs (loop3): Ignoring removed orlov option [ 22.376643][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.383188][ T375] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 22.393269][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.409506][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.439695][ T375] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue [ 22.461977][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.480710][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.502066][ T375] EXT4-fs error (device loop3): get_max_inline_xattr_value_size:68: inode #12: comm syz.3.4: corrupt xattr in inline inode [ 22.515270][ T375] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2221: inode #12: comm syz.3.4: corrupted in-inode xattr [ 22.529297][ T387] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6'. [ 22.548967][ T387] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 22.618723][ T350] ================================================================== [ 22.626635][ T350] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc1f/0xc30 [ 22.634422][ T350] Read of size 4 at addr ffff8881d9b61000 by task syz-executor/350 [ 22.642134][ T350] [ 22.644323][ T350] CPU: 0 PID: 350 Comm: syz-executor Not tainted 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 22.654029][ T350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 22.663924][ T350] Call Trace: [ 22.667060][ T350] dump_stack+0x1d8/0x241 [ 22.671218][ T350] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 22.676861][ T350] ? printk+0xd1/0x111 [ 22.680766][ T350] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 22.686233][ T350] print_address_description+0x8c/0x600 [ 22.691619][ T350] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 22.697081][ T350] __kasan_report+0xf3/0x120 [ 22.701511][ T350] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 22.706976][ T350] kasan_report+0x30/0x60 [ 22.711142][ T350] ext4_xattr_delete_inode+0xc1f/0xc30 [ 22.716442][ T350] ? check_preemption_disabled+0x9f/0x320 [ 22.721993][ T350] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0 [ 22.727896][ T350] ? __ext4_journal_start_sb+0x295/0x460 [ 22.733362][ T350] ext4_evict_inode+0x1378/0x1ac0 [ 22.738226][ T350] ? ext4_truncate_restart_trans+0xe0/0xe0 [ 22.743864][ T350] ? wb_io_lists_depopulated+0x85/0x170 [ 22.749243][ T350] ? ext4_truncate_restart_trans+0xe0/0xe0 [ 22.754886][ T350] evict+0x29b/0x6a0 [ 22.758618][ T350] vfs_rmdir+0x24b/0x3c0 [ 22.762695][ T350] do_rmdir+0x2c1/0x580 [ 22.766690][ T350] ? d_delete_notify+0xc0/0xc0 [ 22.771289][ T350] ? _raw_spin_unlock_irq+0x4a/0x60 [ 22.776327][ T350] do_syscall_64+0xca/0x1c0 [ 22.780667][ T350] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 22.786495][ T350] RIP: 0033:0x7f9298faa167 [ 22.790729][ T350] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 22.810320][ T350] RSP: 002b:00007ffc0d807698 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 22.818595][ T350] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f9298faa167 [ 22.826384][ T350] RDX: 0000000000000200 RSI: 00007ffc0d808840 RDI: 00000000ffffff9c [ 22.834179][ T350] RBP: 00007f929901864a R08: 0000000000000000 R09: 0000000000000000 [ 22.841992][ T350] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffc0d808840 [ 22.849803][ T350] R13: 00007f929901864a R14: 000000000000572a R15: 00007ffc0d80aa20 [ 22.857792][ T350] [ 22.859955][ T350] Allocated by task 375: [ 22.864055][ T350] __kasan_kmalloc+0x171/0x210 [ 22.868646][ T350] kmem_cache_alloc+0xd9/0x250 [ 22.873239][ T350] mempool_alloc+0x11f/0x530 [ 22.877668][ T350] bio_alloc_bioset+0x1e0/0x650 [ 22.882354][ T350] submit_bh_wbc+0x1de/0x850 [ 22.886777][ T350] submit_bh+0x21/0x30 [ 22.890688][ T350] read_mmp_block+0x1a2/0x8a0 [ 22.895197][ T350] ext4_multi_mount_protect+0x1d4/0xa50 [ 22.900585][ T350] ext4_fill_super+0x5cf7/0x8d90 [ 22.905354][ T350] mount_bdev+0x267/0x370 [ 22.909519][ T350] legacy_get_tree+0xdf/0x170 [ 22.914029][ T350] vfs_get_tree+0x85/0x260 [ 22.918285][ T350] do_new_mount+0x292/0x570 [ 22.922622][ T350] do_mount+0x688/0xe10 [ 22.926614][ T350] ksys_mount+0xc2/0xf0 [ 22.930607][ T350] __x64_sys_mount+0xb1/0xc0 [ 22.935192][ T350] do_syscall_64+0xca/0x1c0 [ 22.939521][ T350] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 22.945242][ T350] [ 22.947413][ T350] Freed by task 10: [ 22.951063][ T350] __kasan_slab_free+0x1b5/0x270 [ 22.955836][ T350] kmem_cache_free+0x10b/0x2c0 [ 22.960437][ T350] blk_update_request+0x37f/0xe40 [ 22.965304][ T350] blk_mq_end_request+0x3a/0x70 [ 22.969982][ T350] blk_done_softirq+0x2f3/0x390 [ 22.974669][ T350] __do_softirq+0x23b/0x6b7 [ 22.979002][ T350] [ 22.981178][ T350] The buggy address belongs to the object at ffff8881d9b61000 [ 22.981178][ T350] which belongs to the cache bio-0 of size 216 [ 22.994548][ T350] The buggy address is located 0 bytes inside of [ 22.994548][ T350] 216-byte region [ffff8881d9b61000, ffff8881d9b610d8) [ 23.007741][ T350] The buggy address belongs to the page: [ 23.013215][ T350] page:ffffea000766d840 refcount:1 mapcount:0 mapping:ffff8881f1cf8c80 index:0x0 [ 23.022228][ T350] flags: 0x8000000000000200(slab) [ 23.027097][ T350] raw: 8000000000000200 dead000000000100 dead000000000122 ffff8881f1cf8c80 [ 23.035590][ T350] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000 [ 23.043925][ T350] page dumped because: kasan: bad access detected [ 23.050182][ T350] page_owner tracks the page as allocated [ 23.055731][ T350] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192880(GFP_NOWAIT|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL) [ 23.071187][ T350] prep_new_page+0x18f/0x370 [ 23.075607][ T350] get_page_from_freelist+0x2d13/0x2d90 [ 23.081001][ T350] __alloc_pages_nodemask+0x393/0x840 [ 23.086208][ T350] alloc_slab_page+0x39/0x3c0 [ 23.090708][ T350] new_slab+0x97/0x440 [ 23.094617][ T350] ___slab_alloc+0x2fe/0x490 [ 23.099043][ T350] __slab_alloc+0x62/0xa0 [ 23.103207][ T350] kmem_cache_alloc+0x109/0x250 [ 23.107893][ T350] mempool_alloc+0x11f/0x530 [ 23.112318][ T350] bio_alloc_bioset+0x1e0/0x650 [ 23.117006][ T350] do_mpage_readpage+0x14db/0x1b20 [ 23.121953][ T350] mpage_readpages+0x36e/0x500 [ 23.126554][ T350] read_pages+0x119/0x400 [ 23.130718][ T350] __do_page_cache_readahead+0x448/0x4f0 [ 23.136284][ T350] page_cache_sync_readahead+0x3f0/0x460 [ 23.141746][ T350] generic_file_read_iter+0x673/0x21f0 [ 23.147033][ T350] page_owner free stack trace missing [ 23.152238][ T350] [ 23.154408][ T350] Memory state around the buggy address: [ 23.159892][ T350] ffff8881d9b60f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.167847][ T350] ffff8881d9b60f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.175676][ T350] >ffff8881d9b61000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.183579][ T350] ^ [ 23.187480][ T350] ffff8881d9b61080: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 23.195377][ T350] ffff8881d9b61100: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 23.203273][ T350] ================================================================== [ 23.211171][ T350] Disabling lock debugging due to kernel taint [ 23.234421][ T393] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue [ 23.243261][ T399] EXT4-fs (loop1): Unsupported blocksize for fs encryption [ 23.272737][ T393] ext4 filesystem being mounted at /root/syzkaller.eZdtiq/0/file1 supports timestamps until 2038 (0x7fffffff) [ 23.293380][ T379] syz.2.3 (379) used greatest stack depth: 20408 bytes left [ 23.345435][ T399] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)" [ 23.354082][ T399] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 23.463596][ T399] fscrypt: sda1: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 1949