Warning: Permanently added '10.128.1.104' (ED25519) to the list of known hosts.
2024/07/06 12:25:57 ignoring optional flag "sandboxArg"="0"
2024/07/06 12:25:57 parsed 1 programs
2024/07/06 12:25:57 executed programs: 0
[   57.487866][   T27] audit: type=1400 audit(1720268757.635:95): avc:  denied  { unlink } for  pid=358 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   57.514777][  T358] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   57.568389][  T366] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.575530][  T366] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.583499][  T366] device bridge_slave_0 entered promiscuous mode
[   57.590711][  T366] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.597748][  T366] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.605027][  T366] device bridge_slave_1 entered promiscuous mode
[   57.648680][  T366] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.656081][  T366] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.663771][  T366] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.672005][  T366] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.692407][  T307] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.700496][  T307] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.708382][  T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.716456][  T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.726455][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   57.735343][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.742907][  T308] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.751984][  T307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.760674][  T307] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.767996][  T307] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.786455][  T366] device veth0_vlan entered promiscuous mode
[   57.793610][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   57.803705][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.811979][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.819684][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.827120][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   57.835522][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   57.848458][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.857588][  T366] device veth1_macvtap entered promiscuous mode
[   57.867139][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   57.875986][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   57.890869][   T27] audit: type=1400 audit(1720268758.035:96): avc:  denied  { mounton } for  pid=366 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   57.922765][   T27] audit: type=1400 audit(1720268758.065:97): avc:  denied  { mounton } for  pid=370 comm="syz-executor.0" path="/root/syzkaller-testdir1246305615/syzkaller.bMDuXl/0/bus" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1
[   57.954444][   T27] audit: type=1400 audit(1720268758.065:98): avc:  denied  { map } for  pid=370 comm="syz-executor.0" path="/root/syzkaller-testdir1246305615/syzkaller.bMDuXl/0/bus" dev="devtmpfs" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   57.988291][   T27] audit: type=1400 audit(1720268758.135:99): avc:  denied  { unmount } for  pid=366 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   58.018364][  T375] loop0: detected capacity change from 0 to 512
[   58.054983][  T384] loop0: detected capacity change from 0 to 512
[   58.055491][  T385] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 2
[   58.206090][  T429] loop0: detected capacity change from 0 to 512
[   58.206486][  T430] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   58.348025][  T471] loop0: detected capacity change from 0 to 512
[   58.425668][  T496] loop0: detected capacity change from 0 to 512
[   58.641430][  T568] loop0: detected capacity change from 0 to 512
[   58.676685][  T575] loop0: detected capacity change from 0 to 512
[   58.683600][  T576] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 2
[   58.769652][  T590] loop0: detected capacity change from 0 to 512
[   58.813154][  T602] loop0: detected capacity change from 0 to 512
[   58.813592][  T603] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   58.866462][  T605] loop0: detected capacity change from 0 to 512
[   58.921506][  T611] loop0: detected capacity change from 0 to 512
[   58.921994][  T612] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   59.010926][  T635] loop0: detected capacity change from 0 to 512
[   59.061365][  T638] loop0: detected capacity change from 0 to 512
[   59.159971][  T659] loop0: detected capacity change from 0 to 512
[   59.212687][  T662] loop0: detected capacity change from 0 to 512
[   59.256848][  T665] loop0: detected capacity change from 0 to 512
[   59.279861][  T668] loop0: detected capacity change from 0 to 512
[   59.355533][  T680] loop0: detected capacity change from 0 to 512
[   59.356148][  T681] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 2
[   59.403990][  T689] loop0: detected capacity change from 0 to 512
[   59.404415][  T690] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 2
[   59.550011][  T732] loop0: detected capacity change from 0 to 512
[   59.569342][  T735] loop0: detected capacity change from 0 to 512
[   59.576439][   T27] audit: type=1400 audit(1720268759.715:100): avc:  denied  { mounton } for  pid=734 comm="syz-executor.0" path="/root/syzkaller-testdir1246305615/syzkaller.bMDuXl/120/file0" dev="sda1" ino=1940 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   59.609578][  T735] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 12 (err -116)
[   59.622180][  T735] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   59.632113][   T27] audit: type=1400 audit(1720268759.775:101): avc:  denied  { mount } for  pid=734 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   59.665311][   T27] audit: type=1400 audit(1720268759.805:102): avc:  denied  { unmount } for  pid=366 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   59.688105][  T366] EXT4-fs (loop0): unmounting filesystem.
[   59.780046][  T767] loop0: detected capacity change from 0 to 512
[   59.958649][  T815] loop0: detected capacity change from 0 to 512
[   59.984103][  T821] loop0: detected capacity change from 0 to 512
[   60.080856][  T839] loop0: detected capacity change from 0 to 512
[   60.180094][  T860] loop0: detected capacity change from 0 to 512
[   60.232195][  T863] loop0: detected capacity change from 0 to 512
[   60.284419][  T866] loop0: detected capacity change from 0 to 512
[   60.293624][  T866] EXT4-fs (loop0): 1 truncate cleaned up
[   60.300111][  T866] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   60.340543][  T366] EXT4-fs (loop0): unmounting filesystem.
[   60.355524][  T870] loop0: detected capacity change from 0 to 512
[   60.356105][  T871] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   60.422953][  T876] loop0: detected capacity change from 0 to 512
[   60.602065][  T925] loop0: detected capacity change from 0 to 512
[   60.631493][  T931] loop0: detected capacity change from 0 to 512
[   60.631897][  T932] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   60.769762][  T961] loop0: detected capacity change from 0 to 512
[   60.791432][  T964] loop0: detected capacity change from 0 to 512
[   60.890914][  T985] loop0: detected capacity change from 0 to 512
[   60.891566][  T986] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   61.201580][ T1081] loop0: detected capacity change from 0 to 512
[   61.223401][ T1084] loop0: detected capacity change from 0 to 512
[   61.414140][ T1135] loop0: detected capacity change from 0 to 512
[   61.414854][ T1136] Buffer I/O error on dev loop0, logical block 1, async page read
[   61.445216][ T1139] loop0: detected capacity change from 0 to 512
[   61.492603][ T1142] loop0: detected capacity change from 0 to 512
[   61.549680][ T1145] loop0: detected capacity change from 0 to 512
[   61.570308][ T1148] loop0: detected capacity change from 0 to 512
[   61.570892][ T1149] Buffer I/O error on dev loop0, logical block 1, async page read
[   61.750479][ T1205] loop0: detected capacity change from 0 to 512
[   61.770903][ T1208] loop0: detected capacity change from 0 to 512
[   61.781190][ T1208] EXT4-fs (loop0): 1 truncate cleaned up
[   61.788138][ T1208] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   61.827557][  T366] EXT4-fs (loop0): unmounting filesystem.
[   61.851114][ T1216] loop0: detected capacity change from 0 to 512
[   61.851577][ T1215] Buffer I/O error on dev loop0, logical block 1, async page read
[   61.904390][ T1219] loop0: detected capacity change from 0 to 512
[   61.904806][ T1220] Buffer I/O error on dev loop0, logical block 1, async page read
[   62.173549][ T1306] loop0: detected capacity change from 0 to 512
[   62.173983][ T1307] Buffer I/O error on dev loop0, logical block 1, async page read
[   62.327560][ T1354] loop0: detected capacity change from 0 to 512
[   62.328029][ T1355] Buffer I/O error on dev loop0, logical block 1, async page read
2024/07/06 12:26:02 executed programs: 347
[   62.554583][ T1421] loop0: detected capacity change from 0 to 512
[   62.596801][ T1433] loop0: detected capacity change from 0 to 512
[   62.597311][ T1434] Buffer I/O error on dev loop0, logical block 1, async page read
[   62.622908][ T1436] loop0: detected capacity change from 0 to 512
[   62.649862][ T1442] loop0: detected capacity change from 0 to 512
[   62.650317][ T1443] Buffer I/O error on dev loop0, logical block 1, async page read
[   62.885966][ T1514] loop0: detected capacity change from 0 to 512
[   62.886349][ T1513] Buffer I/O error on dev loop0, logical block 0, async page read
[   62.941441][ T1517] loop0: detected capacity change from 0 to 512
[   62.950830][ T1517] EXT4-fs (loop0): 1 truncate cleaned up
[   62.956823][ T1517] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   62.998833][  T366] EXT4-fs (loop0): unmounting filesystem.
[   63.349888][ T1638] loop0: detected capacity change from 0 to 512
[   63.386068][ T1647] loop0: detected capacity change from 0 to 512
[   63.468945][ T1672] loop0: detected capacity change from 0 to 512
[   63.490912][ T1675] loop0: detected capacity change from 0 to 512
[   63.568686][ T1690] loop0: detected capacity change from 0 to 512
[   63.603789][ T1699] loop0: detected capacity change from 0 to 512
[   63.604146][ T1700] blk_print_req_error: 18 callbacks suppressed
[   63.604154][ T1700] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 23 prio class 2
[   63.754449][ T1735] loop0: detected capacity change from 0 to 512
[   63.775190][ T1738] loop0: detected capacity change from 0 to 512
[   63.874730][ T1771] loop0: detected capacity change from 0 to 512
[   63.895600][ T1774] loop0: detected capacity change from 0 to 512
[   64.131971][ T1846] loop0: detected capacity change from 0 to 512
[   64.169495][ T1855] loop0: detected capacity change from 0 to 512
[   64.198244][ T1861] loop0: detected capacity change from 0 to 512
[   64.271713][ T1873] loop0: detected capacity change from 0 to 512
[   64.272208][ T1874] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 2
[   64.348279][ T1891] loop0: detected capacity change from 0 to 512
[   64.408557][ T1909] loop0: detected capacity change from 0 to 512
[   64.465918][ T1916] loop0: detected capacity change from 0 to 512
[   64.654290][ T1979] loop0: detected capacity change from 0 to 512
[   64.734136][ T2003] loop0: detected capacity change from 0 to 512
[   64.734544][ T2004] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 2
[   64.868120][ T2033] loop0: detected capacity change from 0 to 512
[   64.868598][ T2034] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 20 prio class 2
[   64.943661][ T2054] loop0: detected capacity change from 0 to 512
[   64.944005][ T2055] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 10 prio class 2
[   65.149061][ T2120] loop0: detected capacity change from 0 to 512
[   65.287771][ T2162] loop0: detected capacity change from 0 to 512
[   65.296928][ T2162] EXT4-fs (loop0): 1 truncate cleaned up
[   65.304147][ T2162] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   65.343500][  T366] EXT4-fs (loop0): unmounting filesystem.
[   65.374864][ T2173] loop0: detected capacity change from 0 to 512
[   65.375400][ T2174] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   65.449854][ T2195] loop0: detected capacity change from 0 to 512
[   65.450353][ T2196] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 29 prio class 2
[   65.496327][ T2204] loop0: detected capacity change from 0 to 512
[   65.611370][ T2240] loop0: detected capacity change from 0 to 512
[   65.769089][ T2279] loop0: detected capacity change from 0 to 512
[   65.838783][ T2300] loop0: detected capacity change from 0 to 512
[   66.018102][ T2360] loop0: detected capacity change from 0 to 512
[   66.262935][ T2444] loop0: detected capacity change from 0 to 512
[   66.384976][ T2486] loop0: detected capacity change from 0 to 512
[   66.385348][ T2487] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   66.468686][ T2508] loop0: detected capacity change from 0 to 512
[   66.469122][ T2509] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   67.278912][ T2841] loop0: detected capacity change from 0 to 512
2024/07/06 12:26:07 executed programs: 850
[   67.586087][ T2944] loop0: detected capacity change from 0 to 512
[   67.586440][ T2945] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   67.666644][ T2965] loop0: detected capacity change from 0 to 512
[   67.688276][ T2968] loop0: detected capacity change from 0 to 512
[   67.849573][ T3019] loop0: detected capacity change from 0 to 512
[   67.896466][ T3031] loop0: detected capacity change from 0 to 512
[   67.916676][ T3034] loop0: detected capacity change from 0 to 512
[   67.918181][ T3033] Buffer I/O error on dev loop0, logical block 1, async page read
[   67.969714][ T3037] loop0: detected capacity change from 0 to 512
[   68.071702][ T3058] loop0: detected capacity change from 0 to 512
[   68.116883][ T3061] loop0: detected capacity change from 0 to 512
[   68.217563][ T3085] loop0: detected capacity change from 0 to 512
[   68.244425][ T3091] loop0: detected capacity change from 0 to 512
[   68.262012][ T3094] loop0: detected capacity change from 0 to 512
[   68.271151][ T3094] ==================================================================
[   68.279316][ T3094] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x19b6/0x36c0
[   68.287679][ T3094] Read of size 18446744073709551584 at addr ffff88811b8f5fc8 by task syz-executor.0/3094
[   68.298726][ T3094] 
[   68.301148][ T3094] CPU: 0 PID: 3094 Comm: syz-executor.0 Not tainted 6.1.84-syzkaller #0
[   68.309734][ T3094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   68.321246][ T3094] Call Trace:
[   68.324353][ T3094]  <TASK>
[   68.327221][ T3094]  dump_stack_lvl+0x105/0x148
[   68.331747][ T3094]  ? panic+0x3b4/0x3b4
[   68.335821][ T3094]  ? nf_tcp_handle_invalid+0x30b/0x30b
[   68.341465][ T3094]  ? _printk+0xca/0x10a
[   68.345620][ T3094]  print_report+0x158/0x4e0
[   68.350217][ T3094]  ? kasan_addr_to_slab+0xd/0x80
[   68.355076][ T3094]  ? ext4_xattr_set_entry+0x19b6/0x36c0
[   68.360714][ T3094]  kasan_report+0x13c/0x170
[   68.365241][ T3094]  ? ext4_xattr_set_entry+0x19b6/0x36c0
[   68.371077][ T3094]  kasan_check_range+0x294/0x2a0
[   68.376386][ T3094]  ? ext4_xattr_set_entry+0x19b6/0x36c0
[   68.382496][ T3094]  memmove+0x2d/0x70
[   68.386378][ T3094]  ext4_xattr_set_entry+0x19b6/0x36c0
[   68.391571][ T3094]  ? __kasan_slab_free+0x11/0x20
[   68.396435][ T3094]  ? __kmem_cache_free+0x1fa/0x370
[   68.401579][ T3094]  ? ext4_xattr_block_set+0xbd9/0x2cf0
[   68.407047][ T3094]  ? ext4_xattr_ibody_set+0x320/0x320
[   68.412340][ T3094]  ? ext4_get_inode_loc+0x180/0x180
[   68.417710][ T3094]  ? ext4_xattr_block_find+0x2d0/0x2d0
[   68.423160][ T3094]  ext4_xattr_ibody_set+0xf6/0x320
[   68.428199][ T3094]  ext4_expand_extra_isize_ea+0x108c/0x1bf0
[   68.433952][ T3094]  ? unlock_page_memcg+0x146/0x160
[   68.438870][ T3094]  ? ext4_xattr_set+0x370/0x370
[   68.443570][ T3094]  ? rwsem_write_trylock+0x153/0x340
[   68.448864][ T3094]  __ext4_expand_extra_isize+0x20f/0x390
[   68.454417][ T3094]  __ext4_mark_inode_dirty+0x3ab/0x630
[   68.459712][ T3094]  ? sb_end_intwrite+0x100/0x100
[   68.464669][ T3094]  ? current_time+0x82/0x230
[   68.469231][ T3094]  ? atime_needs_update+0x7d0/0x7d0
[   68.474257][ T3094]  ? ext4_inline_data_truncate+0x405/0xba0
[   68.480002][ T3094]  ? memcpy+0x56/0x70
[   68.484545][ T3094]  ext4_inline_data_truncate+0x41e/0xba0
[   68.489970][ T3094]  ? ext4_inline_data_iomap+0x450/0x450
[   68.495542][ T3094]  ext4_truncate+0x463/0xe50
[   68.500043][ T3094]  ? __ext4_mark_inode_dirty+0x630/0x630
[   68.505743][ T3094]  ext4_process_orphan+0x190/0x2c0
[   68.510648][ T3094]  ext4_orphan_cleanup+0x88a/0xed0
[   68.515692][ T3094]  ? ext4_orphan_del+0xab0/0xab0
[   68.520655][ T3094]  ? ext4_register_sysfs+0x240/0x270
[   68.525812][ T3094]  ext4_fill_super+0x689e/0x71b0
[   68.530653][ T3094]  ? ext4_parse_test_dummy_encryption+0x80/0x80
[   68.536808][ T3094]  ? snprintf+0xcc/0x110
[   68.540945][ T3094]  ? sb_set_blocksize+0x45/0xc0
[   68.545936][ T3094]  get_tree_bdev+0x3c1/0x5e0
[   68.550362][ T3094]  ? ext4_parse_test_dummy_encryption+0x80/0x80
[   68.556824][ T3094]  ext4_get_tree+0x10/0x20
[   68.561129][ T3094]  vfs_get_tree+0x7c/0x170
[   68.565486][ T3094]  do_new_mount+0x21a/0x900
[   68.569992][ T3094]  ? do_move_mount_old+0x120/0x120
[   68.575299][ T3094]  ? security_capable+0x3c/0x90
[   68.580054][ T3094]  ? ns_capable+0x5b/0xc0
[   68.584229][ T3094]  path_mount+0x612/0xbe0
[   68.588472][ T3094]  ? user_path_at_empty+0xf3/0x150
[   68.593691][ T3094]  ? user_path_at_empty+0xf3/0x150
[   68.598788][ T3094]  __se_sys_mount+0x23e/0x2d0
[   68.603374][ T3094]  ? __x64_sys_mount+0xd0/0xd0
[   68.607970][ T3094]  ? debug_smp_processor_id+0x17/0x20
[   68.613310][ T3094]  __x64_sys_mount+0xba/0xd0
[   68.618259][ T3094]  do_syscall_64+0x3d/0xb0
[   68.622479][ T3094]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   68.628202][ T3094] RIP: 0033:0x7fc32627f46a
[   68.632470][ T3094] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   68.652699][ T3094] RSP: 002b:00007fc326f88ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   68.661380][ T3094] RAX: ffffffffffffffda RBX: 00007fc326f88f80 RCX: 00007fc32627f46a
[   68.670897][ T3094] RDX: 0000000020000180 RSI: 00000000200000c0 RDI: 00007fc326f88f40
[   68.678756][ T3094] RBP: 0000000020000180 R08: 00007fc326f88f80 R09: 0000000000000000
[   68.687030][ T3094] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[   68.695272][ T3094] R13: 00007fc326f88f40 R14: 000000000000046a R15: 0000000020000300
[   68.703406][ T3094]  </TASK>
[   68.706331][ T3094] 
[   68.708712][ T3094] The buggy address belongs to the physical page:
[   68.719633][ T3094] page:ffffea00046e3d40 refcount:3 mapcount:1 mapping:ffff888100549c50 index:0x1 pfn:0x11b8f5
[   68.733869][ T3094] memcg:ffff888121a16000
[   68.738029][ T3094] aops:def_blk_aops ino:700000
[   68.742886][ T3094] flags: 0x660000000002205e(referenced|uptodate|dirty|lru|workingset|private|mappedtodisk|zone=1)
[   68.753666][ T3094] raw: 660000000002205e ffff888121bbc290 ffffea0004673908 ffff888100549c50
[   68.762967][ T3094] raw: 0000000000000001 ffff8881251570a8 0000000300000000 ffff888121a16000
[   68.772158][ T3094] page dumped because: kasan: bad access detected
[   68.778763][ T3094] page_owner tracks the page as allocated
[   68.784305][ T3094] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 3095, tgid 3093 (syz-executor.0), ts 68269910177, free_ts 68261907144
[   68.804888][ T3094]  prep_new_page+0x512/0x5e0
[   68.809315][ T3094]  get_page_from_freelist+0x288b/0x2910
[   68.814771][ T3094]  __alloc_pages+0x39f/0x780
[   68.819196][ T3094]  __folio_alloc+0x15/0x40
[   68.823534][ T3094]  page_cache_ra_unbounded+0x283/0x5f0
[   68.829008][ T3094]  page_cache_ra_order+0x5fe/0x880
[   68.833957][ T3094]  do_sync_mmap_readahead+0x4c6/0xc70
[   68.839161][ T3094]  filemap_fault+0x6e1/0xec0
[   68.843679][ T3094]  do_fault+0x686/0x16b0
[   68.847940][ T3094]  handle_mm_fault+0x123b/0x2550
[   68.852723][ T3094]  __get_user_pages+0x28a/0xb60
[   68.857474][ T3094]  __mm_populate+0x280/0x400
[   68.862074][ T3094]  vm_mmap_pgoff+0x2fb/0x380
[   68.866596][ T3094]  ksys_mmap_pgoff+0xbc/0x140
[   68.871350][ T3094]  __x64_sys_mmap+0x103/0x120
[   68.875794][ T3094]  do_syscall_64+0x3d/0xb0
[   68.880207][ T3094] page last free stack trace:
[   68.885072][ T3094]  free_unref_page_prepare+0x794/0x7a0
[   68.890434][ T3094]  free_unref_page+0xb2/0x5b0
[   68.895047][ T3094]  __free_pages+0x67/0xd0
[   68.899208][ T3094]  free_pages+0x7c/0x90
[   68.903280][ T3094]  tlb_finish_mmu+0x322/0x3b0
[   68.907892][ T3094]  unmap_region+0x2a3/0x300
[   68.912220][ T3094]  do_mas_align_munmap+0xb63/0x1150
[   68.917350][ T3094]  do_mas_munmap+0x199/0x1e0
[   68.921861][ T3094]  __vm_munmap+0x24e/0x360
[   68.926194][ T3094]  __x64_sys_munmap+0x66/0x70
[   68.930935][ T3094]  do_syscall_64+0x3d/0xb0
[   68.935263][ T3094]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   68.941229][ T3094] 
[   68.943347][ T3094] Memory state around the buggy address:
[   68.948820][ T3094]  ffff88811b8f5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.957167][ T3094]  ffff88811b8f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.965175][ T3094] >ffff88811b8f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.973169][ T3094]                                               ^
[   68.979496][ T3094]  ffff88811b8f6000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   68.987591][ T3094]  ffff88811b8f6080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   68.995489][ T3094] ==================================================================
[   69.003932][ T3094] Disabling lock debugging due to kernel taint
[   69.010501][ T3094] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.0: corrupted in-inode xattr
[   69.023696][ T3094] EXT4-fs warning (device loop0): ext4_xattr_set_entry:1745: inode #12: comm syz-executor.0: unable to update i_inline_off
[   69.036729][ T3094] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2810: Unable to expand inode 12. Delete some EAs or run e2fsck.
[   69.050333][ T3094] EXT4-fs (loop0): 1 truncate cleaned up
[   69.056242][ T3094] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   69.074137][  T366] EXT4-fs (loop0): unmounting filesystem.
[   69.120650][ T3112] loop0: detected capacity change from 0 to 512
[   69.441724][ T3208] loop0: detected capacity change from 0 to 512
[   69.470415][ T3214] loop0: detected capacity change from 0 to 512
[   69.470811][ T3215] blk_print_req_error: 2 callbacks suppressed
[   69.470821][ T3215] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   69.536099][ T3217] loop0: detected capacity change from 0 to 512
[   69.705410][ T3265] loop0: detected capacity change from 0 to 512
[   69.778188][ T3286] loop0: detected capacity change from 0 to 512
[   69.849408][ T3307] loop0: detected capacity change from 0 to 512
[   69.898694][ T3310] loop0: detected capacity change from 0 to 512
[   69.998583][ T3334] loop0: detected capacity change from 0 to 512
[   70.098567][ T3362] loop0: detected capacity change from 0 to 512
[   70.174666][ T3374] loop0: detected capacity change from 0 to 512
[   70.175128][ T3375] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   70.213680][ T3380] loop0: detected capacity change from 0 to 512
[   70.214058][ T3381] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   70.299043][ T3395] loop0: detected capacity change from 0 to 512
[   70.381092][ T3422] loop0: detected capacity change from 0 to 512
[   70.402841][ T3425] loop0: detected capacity change from 0 to 512
[   70.403323][ T3426] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   70.502657][ T3455] loop0: detected capacity change from 0 to 512
[   70.659684][ T3509] loop0: detected capacity change from 0 to 512
[   70.675859][ T3512] loop0: detected capacity change from 0 to 512
[   70.682629][ T3513] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   70.776148][ T3533] loop0: detected capacity change from 0 to 512
[   70.776583][ T3534] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   70.909339][ T3575] loop0: detected capacity change from 0 to 512
[   70.909698][ T3576] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[   71.090376][ T3633] loop0: detected capacity change from 0 to 512
[   71.144071][ T3648] loop0: detected capacity change from 0 to 512
[   71.174291][ T3654] loop0: detected capacity change from 0 to 512
[   71.210148][ T3663] loop0: detected capacity change from 0 to 512
[   71.219230][ T3663] EXT4-fs (loop0): 1 truncate cleaned up
[   71.225251][ T3663] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   71.268008][  T366] EXT4-fs (loop0): unmounting filesystem.
[   71.289968][ T3670] loop0: detected capacity change from 0 to 512
[   71.299677][ T3670] EXT4-fs (loop0): 1 truncate cleaned up
[   71.306915][ T3670] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   71.342503][  T366] EXT4-fs (loop0): unmounting filesystem.
[   71.375178][ T3680] loop0: detected capacity change from 0 to 512
[   71.395864][ T3683] loop0: detected capacity change from 0 to 512
[   71.444844][ T3686] loop0: detected capacity change from 0 to 512
[   71.445250][ T3687] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 29 prio class 2
[   71.610683][ T3740] loop0: detected capacity change from 0 to 512
[   71.630317][ T3743] loop0: detected capacity change from 0 to 512
[   71.647248][ T3746] loop0: detected capacity change from 0 to 512
[   71.661078][ T3746] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 12 (err -116)
[   71.673305][ T3746] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   71.698730][  T366] EXT4-fs (loop0): unmounting filesystem.
[   71.789994][ T3778] loop0: detected capacity change from 0 to 512
[   71.808231][ T3781] loop0: detected capacity change from 0 to 512
[   71.818350][  T371] general protection fault, probably for non-canonical address 0xeeabe9acae8e6f2e: 0000 [#1] PREEMPT SMP KASAN
[   71.830165][  T371] KASAN: maybe wild-memory-access in range [0x755f6d6574737970-0x755f6d6574737977]
[   71.840150][  T371] CPU: 1 PID: 371 Comm: udevd Tainted: G    B              6.1.84-syzkaller #0
[   71.841682][    C0] BUG: TASK stack guard page was hit at ffffc90003a07ff8 (stack is ffffc90003a08000..ffffc90003a10000)
[   71.860465][  T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   71.870695][  T371] RIP: 0010:strcmp+0x43/0xa0
[   71.875133][  T371] Code: 00 fc ff df 31 db 49 8d 3c 1c 48 89 f8 48 c1 e8 03 42 0f b6 04 38 84 c0 75 29 45 0f b6 2c 1c 49 8d 3c 1e 48 89 f8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 20 45 3a 2c 1e 75 2a 48 ff c3 45 84 ed 75
[   71.895258][  T371] RSP: 0018:ffffc90000d978d0 EFLAGS: 00010206
[   71.901283][  T371] RAX: 0eabedacae8e6f2e RBX: 0000000000000000 RCX: 0000000000000001
[   71.909238][  T371] RDX: 0000000000000001 RSI: 755f6d6574737973 RDI: 755f6d6574737973
[   71.917176][  T371] RBP: ffffc90000d978f8 R08: dffffc0000000000 R09: 0000000000000003
[   71.925183][  T371] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffc90000d97c60
[   71.933521][  T371] R13: 0000000000000073 R14: 755f6d6574737973 R15: dffffc0000000000
[   71.941589][  T371] FS:  00007f3243c92c80(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000
[   71.951057][  T371] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   71.957479][  T371] CR2: 0000555557132818 CR3: 000000011b38d000 CR4: 00000000003506a0
[   71.965909][  T371] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   71.973823][  T371] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   71.981908][  T371] Call Trace:
[   71.985111][  T371]  <TASK>
[   71.987974][  T371]  ? __die_body+0x62/0xb0
[   71.992229][  T371]  ? die_addr+0x9f/0xd0
[   71.996219][  T371]  ? exc_general_protection+0x317/0x4c0
[   72.001957][  T371]  ? asm_exc_general_protection+0x27/0x30
[   72.007611][  T371]  ? strcmp+0x43/0xa0
[   72.011413][  T371]  simple_xattr_set+0x14c/0x4f0
[   72.016279][  T371]  shmem_xattr_handler_set+0x3c/0xd0
[   72.021397][  T371]  __vfs_setxattr+0x343/0x3a0
[   72.025927][  T371]  __vfs_setxattr_noperm+0xfe/0x4b0
[   72.031252][  T371]  __vfs_setxattr_locked+0x197/0x1b0
[   72.037025][  T371]  vfs_setxattr+0x1cf/0x350
[   72.041578][  T371]  ? xattr_permission+0x3b0/0x3b0
[   72.046394][  T371]  ? __kasan_check_write+0x14/0x20
[   72.051525][  T371]  setxattr+0x1a2/0x200
[   72.055969][  T371]  ? path_setxattr+0x220/0x220
[   72.060846][  T371]  ? __mnt_want_write+0x166/0x1d0
[   72.065903][  T371]  ? mnt_want_write+0x131/0x2a0
[   72.071024][  T371]  path_setxattr+0x179/0x220
[   72.075841][  T371]  ? simple_xattr_list_add+0x110/0x110
[   72.081123][  T371]  ? debug_smp_processor_id+0x17/0x20
[   72.086752][  T371]  __x64_sys_lsetxattr+0xbd/0xd0
[   72.091607][  T371]  do_syscall_64+0x3d/0xb0
[   72.095862][  T371]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   72.101600][  T371]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   72.107330][  T371] RIP: 0033:0x7f3243d71c1a
[   72.111756][  T371] Code: 48 8b 0d 11 12 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 bd 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d de 11 0d 00 f7 d8 64 89 01 48
[   72.131638][  T371] RSP: 002b:00007ffdc13b6f08 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   72.140662][  T371] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3243d71c1a
[   72.148468][  T371] RDX: 0000563cb496a190 RSI: 00007f3243e9a638 RDI: 00007ffdc13b7a38
[   72.156393][  T371] RBP: 0000563cb496a190 R08: 0000000000000000 R09: a8fdd17f4435d632
[   72.164558][  T371] R10: 000000000000001b R11: 0000000000000246 R12: 00000000ffffffff
[   72.172545][  T371] R13: 0000000000000001 R14: 00007ffdc13b7a38 R15: 00007ffdc13b7a46
[   72.181603][  T371]  </TASK>
[   72.184559][  T371] Modules linked in:
[   72.188620][    C0] stack guard page: 0000 [#2] PREEMPT SMP KASAN
[   72.188634][    C0] CPU: 0 PID: 3782 Comm: syz-executor.0 Tainted: G    B D            6.1.84-syzkaller #0
[   72.188641][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   72.188646][    C0] RIP: 0010:__bad_area_nosemaphore+0x42/0x470
[   72.188662][    C0] Code: 49 89 f5 48 89 fb 48 b9 00 00 00 00 00 fc ff df 65 48 8b 05 70 c9 d2 7e 48 89 45 98 4c 8d a7 88 00 00 00 4d 89 e6 49 c1 ee 03 <41> 80 3c 0e 00 74 14 4c 89 e7 49 89 df 48 89 d3 e8 99 af 72 00 48
[   72.188667][    C0] RSP: 0000:ffffc90003a08008 EFLAGS: 00010802
[   72.188674][    C0] RAX: ffff888118a7d000 RBX: ffffc90003a08118 RCX: dffffc0000000000
[   72.188679][    C0] RDX: fffff5200074106c RSI: 0000000000000000 RDI: ffffc90003a08118
[   72.188684][    C0] RBP: ffffc90003a08070 R08: 0000000000000001 R09: 0000000000000000
[   72.188687][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90003a081a0
[   72.188691][    C0] R13: 0000000000000000 R14: 1ffff92000741034 R15: ffffc90003a08118
[   72.188695][    C0] FS:  00007fc326f686c0(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
[   72.188701][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   72.188705][    C0] CR2: ffffc90003a07ff8 CR3: 00000001278cb000 CR4: 00000000003506b0
[   72.188713][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   72.188716][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   72.188720][    C0] Call Trace:
[   72.188730][    C0] BUG: unable to handle page fault for address: fffff5200074100f
[   72.188734][    C0] #PF: supervisor read access in kernel mode
[   72.188738][    C0] #PF: error_code(0x0000) - not-present page
[   72.188742][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188757][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188760][    C0] #PF: supervisor read access in kernel mode
[   72.188763][    C0] #PF: error_code(0x0000) - not-present page
[   72.188766][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188777][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188780][    C0] #PF: supervisor read access in kernel mode
[   72.188782][    C0] #PF: error_code(0x0000) - not-present page
[   72.188784][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188794][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188798][    C0] #PF: supervisor read access in kernel mode
[   72.188801][    C0] #PF: error_code(0x0000) - not-present page
[   72.188803][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188813][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188816][    C0] #PF: supervisor read access in kernel mode
[   72.188819][    C0] #PF: error_code(0x0000) - not-present page
[   72.188821][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188835][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188838][    C0] #PF: supervisor read access in kernel mode
[   72.188841][    C0] #PF: error_code(0x0000) - not-present page
[   72.188844][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188857][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188860][    C0] #PF: supervisor read access in kernel mode
[   72.188863][    C0] #PF: error_code(0x0000) - not-present page
[   72.188866][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188877][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188880][    C0] #PF: supervisor read access in kernel mode
[   72.188883][    C0] #PF: error_code(0x0000) - not-present page
[   72.188886][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188900][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188903][    C0] #PF: supervisor read access in kernel mode
[   72.188906][    C0] #PF: error_code(0x0000) - not-present page
[   72.188909][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188921][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188923][    C0] #PF: supervisor read access in kernel mode
[   72.188926][    C0] #PF: error_code(0x0000) - not-present page
[   72.188929][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188942][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188945][    C0] #PF: supervisor read access in kernel mode
[   72.188948][    C0] #PF: error_code(0x0000) - not-present page
[   72.188951][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188963][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188966][    C0] #PF: supervisor read access in kernel mode
[   72.188969][    C0] #PF: error_code(0x0000) - not-present page
[   72.188972][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.188984][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.188987][    C0] #PF: supervisor read access in kernel mode
[   72.188990][    C0] #PF: error_code(0x0000) - not-present page
[   72.188993][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.189006][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.189009][    C0] #PF: supervisor read access in kernel mode
[   72.189012][    C0] #PF: error_code(0x0000) - not-present page
[   72.189015][    C0] PGD 23ffef067 P4D 23ffef067 PUD 100131067 PMD 1129b5067 PTE 0
[   72.189025][    C0] BUG: unable to handle page fault for address: fffff52000741000
[   72.189029][    C0] #PF: supervisor read access in kernel mode
[   72.189031][    C0] #PF: error_code(0x0000) - not-present page