SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7902 comm=syz-executor.0 ================================================================== netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. BUG: KASAN: use-after-free in __ext4_check_dir_entry+0x2f9/0x340 fs/ext4/dir.c:68 Read of size 2 at addr ffff88808cf3f003 by task syz-executor.1/7912 CPU: 0 PID: 7912 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7914 comm=syz-executor.0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 print_address_description.cold+0x54/0x1dc mm/kasan/report.c:252 kasan_report_error mm/kasan/report.c:351 [inline] kasan_report mm/kasan/report.c:409 [inline] kasan_report.cold+0xa9/0x2b9 mm/kasan/report.c:393 __ext4_check_dir_entry+0x2f9/0x340 fs/ext4/dir.c:68 ext4_readdir+0x819/0x27e0 fs/ext4/dir.c:240 iterate_dir+0x1a0/0x5e0 fs/readdir.c:52 SYSC_getdents64 fs/readdir.c:355 [inline] SyS_getdents64+0x130/0x240 fs/readdir.c:336 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45ca69 RSP: 002b:00007fbffbbe4c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 RAX: ffffffffffffffda RBX: 00000000004dcec0 RCX: 000000000045ca69 RDX: 00000000c0002521 RSI: 0000000000000000 RDI: 0000000000000004 RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000000f7 R14: 00000000004c3a1c R15: 00007fbffbbe56d4 The buggy address belongs to the page: page:ffffea000233cfc0 count:0 mapcount:-127 mapping: (null) index:0x0 flags: 0xfffe0000000000() raw: 00fffe0000000000 0000000000000000 0000000000000000 00000000ffffff80 raw: ffffea00022f83a0 ffffea00024ba320 0000000000000000 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff88808cf3ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff88808cf3ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff88808cf3f000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ^ ffff88808cf3f080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff88808cf3f100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ================================================================== SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7903 comm=syz-executor.5 netlink: 148 bytes leftover after parsing attributes in process `syz-executor.5'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7926 comm=syz-executor.5 netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7936 comm=syz-executor.0