Warning: Permanently added '10.128.1.136' (ED25519) to the list of known hosts.
2023/11/17 13:07:06 ignoring optional flag "sandboxArg"="0"
2023/11/17 13:07:06 parsed 1 programs
[  105.804231][   T27] kauditd_printk_skb: 74 callbacks suppressed
[  105.804243][   T27] audit: type=1400 audit(1700226426.521:199): avc:  denied  { getattr } for  pid=5404 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  105.834772][   T27] audit: type=1400 audit(1700226426.531:200): avc:  denied  { read } for  pid=5404 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  105.856681][   T27] audit: type=1400 audit(1700226426.531:201): avc:  denied  { open } for  pid=5404 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
2023/11/17 13:07:06 executed programs: 0
[  105.890485][   T27] audit: type=1400 audit(1700226426.611:202): avc:  denied  { mounton } for  pid=5410 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  105.939075][   T27] audit: type=1400 audit(1700226426.611:203): avc:  denied  { mount } for  pid=5410 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  107.094080][ T4456] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.103349][ T4456] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.111799][ T4456] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.120967][ T4456] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.129925][ T4456] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  107.137744][ T4456] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.164944][   T27] audit: type=1400 audit(1700226427.881:204): avc:  denied  { mounton } for  pid=5416 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  107.327000][ T5416] chnl_net:caif_netlink_parms(): no params data found
[  107.417594][ T5416] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.425033][ T5416] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.432872][ T5416] bridge_slave_0: entered allmulticast mode
[  107.440494][ T5416] bridge_slave_0: entered promiscuous mode
[  107.449424][ T5416] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.457024][ T5416] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.464367][ T5416] bridge_slave_1: entered allmulticast mode
[  107.472059][ T5416] bridge_slave_1: entered promiscuous mode
[  107.509170][ T5416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.524101][ T5416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.563391][ T5416] team0: Port device team_slave_0 added
[  107.572987][ T5416] team0: Port device team_slave_1 added
[  107.608619][ T5416] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.616145][ T5416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.643177][ T5416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.657548][ T5416] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.664726][ T5416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.691512][ T5416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.743572][ T5416] hsr_slave_0: entered promiscuous mode
[  107.750931][ T5416] hsr_slave_1: entered promiscuous mode
[  108.662616][ T5416] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.679872][ T5416] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.693740][ T5416] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.707712][ T5416] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.853835][ T5416] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.892392][ T5416] 8021q: adding VLAN 0 to HW filter on device team0
[  108.910571][ T1782] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.918022][ T1782] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.947406][ T1782] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.956569][ T1782] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.156641][ T5066] Bluetooth: hci0: command 0x0409 tx timeout
[  109.279606][ T5416] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.376372][ T5416] veth0_vlan: entered promiscuous mode
[  109.400494][ T5416] veth1_vlan: entered promiscuous mode
[  109.463906][ T5416] veth0_macvtap: entered promiscuous mode
[  109.488462][ T5416] veth1_macvtap: entered promiscuous mode
[  109.524491][ T5416] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.547396][ T5416] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.573486][ T5416] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.586301][ T5416] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.597920][ T5416] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.609012][ T5416] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.787631][  T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.817191][  T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.880424][ T2815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.893897][ T2815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.917112][   T27] audit: type=1400 audit(1700226430.631:205): avc:  denied  { mounton } for  pid=5416 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  110.064913][ T5481] loop0: detected capacity change from 0 to 32768
[  110.074526][   T27] audit: type=1400 audit(1700226430.791:206): avc:  denied  { mounton } for  pid=5479 comm="syz-executor.0" path="/root/syzkaller-testdir255522759/syzkaller.uweThY/0/file0" dev="sda1" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  110.132778][   T27] audit: type=1400 audit(1700226430.851:207): avc:  denied  { mount } for  pid=5479 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  110.193204][   T27] audit: type=1400 audit(1700226430.911:208): avc:  denied  { unmount } for  pid=5416 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  110.397181][ T5489] loop0: detected capacity change from 0 to 32768
[  110.614864][ T5498] loop0: detected capacity change from 0 to 32768
[  110.671517][ T5498] ea_get: invalid extended attribute
[  110.683780][ T5498] ffff88806e2e7730: 22 00 00 00 ff 05 66 00 69 00 6c 00 65 00 31 00  ".....f.i.l.e.1.
[  110.695434][ T5498] ffff88806e2e7740: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.705723][ T5498] ffff88806e2e7750: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.719739][ T5498] ffff88806e2e7760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.731160][ T5498] ffff88806e2e7770: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.742852][ T5498] ffff88806e2e7780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.753351][ T5498] ffff88806e2e7790: 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.769883][ T5498] ffff88806e2e77a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.781270][ T5498] ffff88806e2e77b0: 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.792696][ T5498] ffff88806e2e77c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.803286][ T5498] ffff88806e2e77d0: 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.821635][ T5498] ffff88806e2e77e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.832924][ T5498] ffff88806e2e77f0: ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.846484][ T5498] ffff88806e2e7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.857050][ T5498] ffff88806e2e7810: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.867657][ T5498] ffff88806e2e7820: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  110.880082][ T5498] ffff88806e2e7830: ed 41 08 00 00 00 00 00 00 00 00 00 00 00 00 00  .A..............
[  110.890923][ T5498] ffff88806e2e7840: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  110.903027][ T5498] ffff88806e2e7850: 00 a9 0a 8b ff ff ff ff 00 80 35 7e 80 88 ff ff  ..........5~....
[  110.919581][ T5498] ffff88806e2e7860: 58 7a 2e 6e 80 88 ff ff 80 dd e3 20 80 88 ff ff  Xz.n....... ....
[  110.929949][ T5498] ffff88806e2e7870: 20 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00   ...............
[  110.942256][ T5498] ffff88806e2e7880: 00 01 00 00 00 00 00 00 6e 1f 1f 63 00 00 00 00  ........n..c....
[  110.957444][ T5498] ffff88806e2e7890: 45 ef 28 21 00 00 00 00 6e 1f 1f 63 00 00 00 00  E.(!....n..c....
[  110.968465][ T5498] ffff88806e2e78a0: 45 ef 28 21 00 00 00 00 6e 1f 1f 63 00 00 00 00  E.(!....n..c....
[  110.980656][ T5498] ffff88806e2e78b0: 45 ef 28 21 00 00 00 00 00 00 00 00 ad 4e ad de  E.(!.........N..
[  110.991075][ T5498] ffff88806e2e78c0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  111.003608][ T5498] ffff88806e2e78d0: c8 62 53 8d ff ff ff ff d0 34 f8 91 ff ff ff ff  .bS......4......
[  111.016508][ T5498] ffff88806e2e78e0: 00 00 00 00 00 00 00 00 40 cf dc 8a ff ff ff ff  ........@.......
[  111.027899][ T5498] ffff88806e2e78f0: 00 02 00 00 00 00 00 00 00 00 0c 00 00 00 00 00  ................
[  111.039940][ T5498] ffff88806e2e7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.050524][ T5498] ffff88806e2e7910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.061840][ T5498] ffff88806e2e7920: 00 00 00 00 00 00 00 00 00 00 00 00 ad 4e ad de  .............N..
[  111.072717][ T5498] ffff88806e2e7930: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  111.086526][ T5498] ffff88806e2e7940: 20 69 b4 90 ff ff ff ff 00 00 00 00 00 00 00 00   i..............
[  111.098150][ T5498] ffff88806e2e7950: 00 00 00 00 00 00 00 00 00 9f cc 8a ff ff ff ff  ................
[  111.108737][ T5498] ffff88806e2e7960: 00 02 00 00 00 00 00 00 68 79 2e 6e 80 88 ff ff  ........hy.n....
[  111.120024][ T5498] ffff88806e2e7970: 68 79 2e 6e 80 88 ff ff 10 79 2e 6e 80 88 ff ff  hy.n.....y.n....
[  111.131492][ T5498] ffff88806e2e7980: f8 62 53 8d ff ff ff ff 00 00 00 00 00 00 00 00  .bS.............
[  111.142856][ T5498] ffff88806e2e7990: 00 00 00 00 00 00 00 00 40 d1 dc 8a ff ff ff ff  ........@.......
[  111.153112][ T5498] ffff88806e2e79a0: 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.166628][ T5498] ffff88806e2e79b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.178117][ T5498] ffff88806e2e79c0: 80 ec e6 00 00 c9 ff ff c8 79 2e 6e 80 88 ff ff  .........y.n....
[  111.188622][ T5498] ffff88806e2e79d0: c8 79 2e 6e 80 88 ff ff 00 00 00 00 00 00 00 00  .y.n............
[  111.200037][ T5498] ffff88806e2e79e0: 00 00 00 00 00 00 00 00 e8 79 2e 6e 80 88 ff ff  .........y.n....
[  111.210488][ T5498] ffff88806e2e79f0: e8 79 2e 6e 80 88 ff ff b8 69 2e 6e 80 88 ff ff  .y.n.....i.n....
[  111.222733][ T5498] ffff88806e2e7a00: 80 89 35 7e 80 88 ff ff 08 7a 2e 6e 80 88 ff ff  ..5~.....z.n....
[  111.233506][ T5498] ffff88806e2e7a10: 08 7a 2e 6e 80 88 ff ff 00 00 00 00 00 00 00 00  .z.n............
[  111.244790][ T5498] ffff88806e2e7a20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.245656][ T5066] Bluetooth: hci0: command 0x041b tx timeout
[  111.254737][ T5498] ffff88806e2e7a30: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00  ................
[  111.273783][ T5498] ffff88806e2e7a40: 00 00 00 00 00 00 00 00 a0 a7 0a 8b ff ff ff ff  ................
[  111.286170][ T5498] ffff88806e2e7a50: 00 00 00 00 00 00 00 00 30 78 2e 6e 80 88 ff ff  ........0x.n....
[  111.296555][ T5498] ffff88806e2e7a60: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00  .....N..........
[  111.307732][ T5498] ffff88806e2e7a70: ff ff ff ff ff ff ff ff 60 65 82 92 ff ff ff ff  ........`e......
[  111.318361][ T5498] ffff88806e2e7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.329552][ T5498] ffff88806e2e7a90: 00 ce dc 8a ff ff ff ff 00 02 00 00 00 00 00 00  ................
[  111.340082][ T5498] ffff88806e2e7aa0: 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  !...............
[  111.351703][ T5498] ffff88806e2e7ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.362243][ T5498] ffff88806e2e7ac0: 00 00 00 00 00 00 00 00 00 00 00 00 ad 4e ad de  .............N..
[  111.374311][ T5498] ffff88806e2e7ad0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  111.386943][ T5498] ffff88806e2e7ae0: 20 69 b4 90 ff ff ff ff 00 00 00 00 00 00 00 00   i..............
[  111.397553][ T5498] ffff88806e2e7af0: 00 00 00 00 00 00 00 00 00 9f cc 8a ff ff ff ff  ................
[  111.408925][ T5498] ffff88806e2e7b00: 00 02 00 00 00 00 00 00 08 7b 2e 6e 80 88 ff ff  .........{.n....
[  111.419375][ T5498] ffff88806e2e7b10: 08 7b 2e 6e 80 88 ff ff b0 7a 2e 6e 80 88 ff ff  .{.n.....z.n....
[  111.431866][ T5498] ffff88806e2e7b20: e8 62 53 8d ff ff ff ff 00 00 00 00 00 00 00 00  .bS.............
[  111.442667][ T5498] ffff88806e2e7b30: 00 00 00 00 00 00 00 00 40 d0 dc 8a ff ff ff ff  ........@.......
[  111.454698][ T5498] ffff88806e2e7b40: 00 03 00 00 00 00 00 00 ca 0c 10 00 00 00 00 00  ................
[  111.466398][ T5498] ffff88806e2e7b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.479353][ T5498] ffff88806e2e7b60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.490949][ T5498] ffff88806e2e7b70: 00 00 00 00 00 00 00 00 e0 da dc 8a ff ff ff ff  ................
[  111.501630][ T5498] ffff88806e2e7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.512892][ T5498] ffff88806e2e7b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.523377][ T5498] ffff88806e2e7ba0: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00  .....N..........
[  111.534967][ T5498] ffff88806e2e7bb0: ff ff ff ff ff ff ff ff 20 69 b4 90 ff ff ff ff  ........ i......
[  111.546724][ T5498] ffff88806e2e7bc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.567658][ T5498] ffff88806e2e7bd0: 00 9f cc 8a ff ff ff ff 00 02 00 00 00 00 00 00  ................
[  111.578186][ T5498] ffff88806e2e7be0: e0 7b 2e 6e 80 88 ff ff e0 7b 2e 6e 80 88 ff ff  .{.n.....{.n....
[  111.588886][ T5498] ffff88806e2e7bf0: 88 7b 2e 6e 80 88 ff ff e0 65 82 92 ff ff ff ff  .{.n.....e......
[  111.603425][ T5498] ffff88806e2e7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.614014][ T5498] ffff88806e2e7c10: 40 ce dc 8a ff ff ff ff 00 03 00 00 00 00 00 00  @...............
[  111.624430][ T5498] ffff88806e2e7c20: 00 00 00 00 00 00 00 00 00 00 00 00 ad 4e ad de  .............N..
[  111.636738][ T5498] ffff88806e2e7c30: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  111.647167][ T5498] ffff88806e2e7c40: a0 65 82 92 ff ff ff ff 00 00 00 00 00 00 00 00  .e..............
[  111.657530][ T5498] ffff88806e2e7c50: 00 00 00 00 00 00 00 00 80 ce dc 8a ff ff ff ff  ................
[  111.668199][ T5498] ffff88806e2e7c60: 00 02 00 00 00 00 00 00 68 7c 2e 6e 80 88 ff ff  ........h|.n....
[  111.678552][ T5498] ffff88806e2e7c70: 68 7c 2e 6e 80 88 ff ff 00 00 00 00 00 00 00 00  h|.n............
[  111.689946][ T5498] ffff88806e2e7c80: 80 7c 2e 6e 80 88 ff ff 80 7c 2e 6e 80 88 ff ff  .|.n.....|.n....
[  111.700415][ T5498] ffff88806e2e7c90: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00  ................
[  111.711043][ T5498] ffff88806e2e7ca0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.721840][ T5498] ffff88806e2e7cb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.732916][ T5498] ==================================================================
[  111.741081][ T5498] BUG: KASAN: slab-out-of-bounds in hex_dump_to_buffer+0xdea/0xe30
[  111.749603][ T5498] Read of size 1 at addr ffff88806e2e7cc0 by task syz-executor.0/5498
[  111.758333][ T5498] 
[  111.760652][ T5498] CPU: 1 PID: 5498 Comm: syz-executor.0 Not tainted 6.7.0-rc1-syzkaller-00125-g7475e51b8796 #0
[  111.771925][ T5498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  111.782420][ T5498] Call Trace:
[  111.785789][ T5498]  <TASK>
[  111.788746][ T5498]  dump_stack_lvl+0xd9/0x1b0
[  111.794165][ T5498]  print_report+0xc4/0x620
[  111.798667][ T5498]  ? __virt_addr_valid+0x5e/0x2d0
[  111.803869][ T5498]  ? __phys_addr+0xc6/0x140
[  111.808484][ T5498]  kasan_report+0xda/0x110
[  111.812902][ T5498]  ? hex_dump_to_buffer+0xdea/0xe30
[  111.818101][ T5498]  ? hex_dump_to_buffer+0xdea/0xe30
[  111.823484][ T5498]  hex_dump_to_buffer+0xdea/0xe30
[  111.828769][ T5498]  print_hex_dump+0x18c/0x260
[  111.833475][ T5498]  ? hex_dump_to_buffer+0xe30/0xe30
[  111.838673][ T5498]  ? __wake_up_klogd.part.0+0x99/0xf0
[  111.844056][ T5498]  ? lock_sync+0x190/0x190
[  111.848475][ T5498]  ? rwsem_read_trylock+0x12a/0x250
[  111.853683][ T5498]  ea_get+0x860/0x12c0
[  111.857841][ T5498]  ? down_read+0xc9/0x330
[  111.862261][ T5498]  ? ea_release+0x220/0x220
[  111.866798][ T5498]  ? kasan_save_stack+0x43/0x50
[  111.872114][ T5498]  ? kasan_save_stack+0x33/0x50
[  111.877255][ T5498]  ? kasan_set_track+0x25/0x30
[  111.882650][ T5498]  ? __kasan_kmalloc+0xa3/0xb0
[  111.888778][ T5498]  ? inode_doinit_use_xattr+0x54/0x410
[  111.894501][ T5498]  ? inode_doinit_with_dentry+0x51f/0x12c0
[  111.902438][ T5498]  __jfs_getxattr+0xfd/0x3e0
[  111.907684][ T5498]  ? do_syscall_64+0x40/0x110
[  111.912562][ T5498]  ? jfs_initxattrs+0x280/0x280
[  111.917715][ T5498]  ? __jfs_getxattr+0x3e0/0x3e0
[  111.922799][ T5498]  jfs_xattr_get+0x3c/0x50
[  111.927337][ T5498]  __vfs_getxattr+0x13b/0x1a0
[  111.932228][ T5498]  ? xattr_full_name+0x90/0x90
[  111.937270][ T5498]  inode_doinit_use_xattr+0xb5/0x410
[  111.943875][ T5498]  inode_doinit_with_dentry+0x51f/0x12c0
[  111.950531][ T5498]  ? selinux_sem_semctl+0x1a0/0x1a0
[  111.956501][ T5498]  ? jfs_iget+0x250/0x4c0
[  111.961311][ T5498]  selinux_d_instantiate+0x26/0x30
[  111.967071][ T5498]  security_d_instantiate+0x54/0xe0
[  111.972549][ T5498]  d_splice_alias+0x94/0xdf0
[  111.977415][ T5498]  jfs_lookup+0x233/0x370
[  111.981971][ T5498]  ? jfs_link+0x5c0/0x5c0
[  111.986668][ T5498]  ? d_alloc_parallel+0x6b9/0x12d0
[  111.991967][ T5498]  ? __d_lookup+0x285/0x4b0
[  111.996565][ T5498]  ? jfs_link+0x5c0/0x5c0
[  112.000927][ T5498]  lookup_open.isra.0+0x926/0x13b0
[  112.006149][ T5498]  ? try_lookup_one_len+0x1a0/0x1a0
[  112.011702][ T5498]  ? secondary_startup_64_no_verify+0x11b/0x16b
[  112.018084][ T5498]  ? secondary_startup_64_no_verify+0x11b/0x16b
[  112.024437][ T5498]  ? lookup_fast+0x155/0x520
[  112.029127][ T5498]  path_openat+0x922/0x2c50
[  112.033927][ T5498]  ? path_lookupat+0x770/0x770
[  112.038720][ T5498]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  112.045327][ T5498]  do_filp_open+0x1de/0x430
[  112.050204][ T5498]  ? may_open_dev+0xf0/0xf0
[  112.055605][ T5498]  ? find_held_lock+0x2d/0x110
[  112.060656][ T5498]  ? _raw_spin_unlock+0x28/0x40
[  112.065733][ T5498]  ? alloc_fd+0x2da/0x6c0
[  112.070084][ T5498]  do_sys_openat2+0x176/0x1e0
[  112.074877][ T5498]  ? build_open_flags+0x690/0x690
[  112.080108][ T5498]  ? xfd_validate_state+0x5d/0x180
[  112.085419][ T5498]  __x64_sys_open+0x154/0x1e0
[  112.090460][ T5498]  ? do_sys_open+0x160/0x160
[  112.095139][ T5498]  ? syscall_enter_from_user_mode+0x7f/0x120
[  112.101486][ T5498]  ? lockdep_hardirqs_on+0x7d/0x110
[  112.106776][ T5498]  do_syscall_64+0x40/0x110
[  112.111468][ T5498]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  112.117478][ T5498] RIP: 0033:0x7f9a9727ad39
[  112.121972][ T5498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  112.142042][ T5498] RSP: 002b:00007f9a984ae0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  112.150836][ T5498] RAX: ffffffffffffffda RBX: 00007f9a9739bf80 RCX: 00007f9a9727ad39
[  112.159419][ T5498] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000340
[  112.172249][ T5498] RBP: 00007f9a972d7567 R08: 0000000000000000 R09: 0000000000000000
[  112.180955][ T5498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.189117][ T5498] R13: 000000000000000b R14: 00007f9a9739bf80 R15: 00007fffe5c479e8
[  112.197202][ T5498]  </TASK>
[  112.200308][ T5498] 
[  112.202708][ T5498] Allocated by task 5498:
[  112.207114][ T5498]  kasan_save_stack+0x33/0x50
[  112.213287][ T5498]  kasan_set_track+0x25/0x30
[  112.218874][ T5498]  __kasan_slab_alloc+0x81/0x90
[  112.224816][ T5498]  kmem_cache_alloc_lru+0x202/0x630
[  112.230401][ T5498]  jfs_alloc_inode+0x25/0x60
[  112.235023][ T5498]  alloc_inode+0x5d/0x220
[  112.239764][ T5498]  iget_locked+0x1b3/0x700
[  112.244197][ T5498]  jfs_iget+0x1e/0x4c0
[  112.248292][ T5498]  jfs_lookup+0x2a4/0x370
[  112.252628][ T5498]  lookup_open.isra.0+0x926/0x13b0
[  112.257843][ T5498]  path_openat+0x922/0x2c50
[  112.262351][ T5498]  do_filp_open+0x1de/0x430
[  112.267048][ T5498]  do_sys_openat2+0x176/0x1e0
[  112.271743][ T5498]  __x64_sys_open+0x154/0x1e0
[  112.276419][ T5498]  do_syscall_64+0x40/0x110
[  112.281040][ T5498]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  112.287044][ T5498] 
[  112.289357][ T5498] The buggy address belongs to the object at ffff88806e2e7400
[  112.289357][ T5498]  which belongs to the cache jfs_ip of size 2240
[  112.303232][ T5498] The buggy address is located 0 bytes to the right of
[  112.303232][ T5498]  allocated 2240-byte region [ffff88806e2e7400, ffff88806e2e7cc0)
[  112.318005][ T5498] 
[  112.320506][ T5498] The buggy address belongs to the physical page:
[  112.327173][ T5498] page:ffffea0001b8b9c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88806e2e7fff pfn:0x6e2e7
[  112.339239][ T5498] memcg:ffff88807b413901
[  112.343649][ T5498] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[  112.351360][ T5498] page_type: 0x1()
[  112.355219][ T5498] raw: 00fff00000000800 ffff888141ed8a00 ffffea0001b8b990 ffff888014b3e450
[  112.364197][ T5498] raw: ffff88806e2e7fff ffff88806e2e7400 0000000100000001 ffff88807b413901
[  112.373133][ T5498] page dumped because: kasan: bad access detected
[  112.379884][ T5498] page_owner tracks the page as allocated
[  112.385762][ T5498] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x342050(__GFP_IO|__GFP_NOWARN|__GFP_COMP|__GFP_HARDWALL|__GFP_THISNODE|__GFP_RECLAIMABLE), pid 5498, tgid 5496 (syz-executor.0), ts 110669140848, free_ts 27340969466
[  112.409494][ T5498]  post_alloc_hook+0x2d0/0x350
[  112.414434][ T5498]  get_page_from_freelist+0xa25/0x36d0
[  112.419979][ T5498]  __alloc_pages+0x22e/0x2420
[  112.424763][ T5498]  cache_grow_begin+0x99/0x3a0
[  112.429563][ T5498]  cache_alloc_refill+0x295/0x3b0
[  112.434612][ T5498]  kmem_cache_alloc_lru+0x4cc/0x630
[  112.440373][ T5498]  jfs_alloc_inode+0x25/0x60
[  112.445766][ T5498]  alloc_inode+0x5d/0x220
[  112.450874][ T5498]  iget_locked+0x1b3/0x700
[  112.455577][ T5498]  jfs_iget+0x1e/0x4c0
[  112.460033][ T5498]  jfs_lookup+0x2a4/0x370
[  112.465368][ T5498]  lookup_open.isra.0+0x926/0x13b0
[  112.471126][ T5498]  path_openat+0x922/0x2c50
[  112.476790][ T5498]  do_filp_open+0x1de/0x430
[  112.481596][ T5498]  do_sys_openat2+0x176/0x1e0
[  112.486543][ T5498]  __x64_sys_open+0x154/0x1e0
[  112.491420][ T5498] page last free stack trace:
[  112.496145][ T5498]  free_unref_page_prepare+0x4fa/0xaa0
[  112.501742][ T5498]  free_unref_page+0x33/0x3b0
[  112.506573][ T5498]  free_contig_range+0xb6/0x190
[  112.511779][ T5498]  destroy_args+0xa69/0xe40
[  112.516463][ T5498]  debug_vm_pgtable+0x16fe/0x3250
[  112.522611][ T5498]  do_one_initcall+0x11c/0x650
[  112.527812][ T5498]  kernel_init_freeable+0x687/0xc10
[  112.533438][ T5498]  kernel_init+0x1c/0x2a0
[  112.538558][ T5498]  ret_from_fork+0x45/0x80
[  112.542973][ T5498]  ret_from_fork_asm+0x11/0x20
[  112.547912][ T5498] 
[  112.550228][ T5498] Memory state around the buggy address:
[  112.555935][ T5498]  ffff88806e2e7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  112.564448][ T5498]  ffff88806e2e7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  112.572685][ T5498] >ffff88806e2e7c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  112.580739][ T5498]                                            ^
[  112.587243][ T5498]  ffff88806e2e7d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  112.596695][ T5498]  ffff88806e2e7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  112.604928][ T5498] ==================================================================
[  112.656793][ T5498] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  112.664034][ T5498] CPU: 1 PID: 5498 Comm: syz-executor.0 Not tainted 6.7.0-rc1-syzkaller-00125-g7475e51b8796 #0
[  112.674381][ T5498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  112.684461][ T5498] Call Trace:
[  112.688023][ T5498]  <TASK>
[  112.691256][ T5498]  dump_stack_lvl+0xd9/0x1b0
[  112.696168][ T5498]  panic+0x6dc/0x790
[  112.700121][ T5498]  ? panic_smp_self_stop+0xa0/0xa0
[  112.705361][ T5498]  ? irqentry_exit+0x3b/0x80
[  112.709986][ T5498]  ? lockdep_hardirqs_on+0x7d/0x110
[  112.716562][ T5498]  ? preempt_schedule_thunk+0x1a/0x30
[  112.722343][ T5498]  ? preempt_schedule_common+0x45/0xc0
[  112.728193][ T5498]  ? check_panic_on_warn+0x1f/0xb0
[  112.733537][ T5498]  check_panic_on_warn+0xab/0xb0
[  112.738666][ T5498]  end_report+0x108/0x150
[  112.743899][ T5498]  kasan_report+0xea/0x110
[  112.748595][ T5498]  ? hex_dump_to_buffer+0xdea/0xe30
[  112.754016][ T5498]  ? hex_dump_to_buffer+0xdea/0xe30
[  112.759959][ T5498]  hex_dump_to_buffer+0xdea/0xe30
[  112.765024][ T5498]  print_hex_dump+0x18c/0x260
[  112.769931][ T5498]  ? hex_dump_to_buffer+0xe30/0xe30
[  112.775427][ T5498]  ? __wake_up_klogd.part.0+0x99/0xf0
[  112.780935][ T5498]  ? lock_sync+0x190/0x190
[  112.785487][ T5498]  ? rwsem_read_trylock+0x12a/0x250
[  112.790832][ T5498]  ea_get+0x860/0x12c0
[  112.795276][ T5498]  ? down_read+0xc9/0x330
[  112.799740][ T5498]  ? ea_release+0x220/0x220
[  112.804360][ T5498]  ? kasan_save_stack+0x43/0x50
[  112.809356][ T5498]  ? kasan_save_stack+0x33/0x50
[  112.814241][ T5498]  ? kasan_set_track+0x25/0x30
[  112.819032][ T5498]  ? __kasan_kmalloc+0xa3/0xb0
[  112.823834][ T5498]  ? inode_doinit_use_xattr+0x54/0x410
[  112.829494][ T5498]  ? inode_doinit_with_dentry+0x51f/0x12c0
[  112.835602][ T5498]  __jfs_getxattr+0xfd/0x3e0
[  112.840249][ T5498]  ? do_syscall_64+0x40/0x110
[  112.845044][ T5498]  ? jfs_initxattrs+0x280/0x280
[  112.850194][ T5498]  ? __jfs_getxattr+0x3e0/0x3e0
[  112.855177][ T5498]  jfs_xattr_get+0x3c/0x50
[  112.859623][ T5498]  __vfs_getxattr+0x13b/0x1a0
[  112.864331][ T5498]  ? xattr_full_name+0x90/0x90
[  112.869122][ T5498]  inode_doinit_use_xattr+0xb5/0x410
[  112.874437][ T5498]  inode_doinit_with_dentry+0x51f/0x12c0
[  112.880195][ T5498]  ? selinux_sem_semctl+0x1a0/0x1a0
[  112.885691][ T5498]  ? jfs_iget+0x250/0x4c0
[  112.890071][ T5498]  selinux_d_instantiate+0x26/0x30
[  112.895315][ T5498]  security_d_instantiate+0x54/0xe0
[  112.900815][ T5498]  d_splice_alias+0x94/0xdf0
[  112.905534][ T5498]  jfs_lookup+0x233/0x370
[  112.909922][ T5498]  ? jfs_link+0x5c0/0x5c0
[  112.914463][ T5498]  ? d_alloc_parallel+0x6b9/0x12d0
[  112.919895][ T5498]  ? __d_lookup+0x285/0x4b0
[  112.924525][ T5498]  ? jfs_link+0x5c0/0x5c0
[  112.928975][ T5498]  lookup_open.isra.0+0x926/0x13b0
[  112.934122][ T5498]  ? try_lookup_one_len+0x1a0/0x1a0
[  112.939440][ T5498]  ? secondary_startup_64_no_verify+0x11b/0x16b
[  112.945806][ T5498]  ? secondary_startup_64_no_verify+0x11b/0x16b
[  112.952092][ T5498]  ? lookup_fast+0x155/0x520
[  112.956732][ T5498]  path_openat+0x922/0x2c50
[  112.961582][ T5498]  ? path_lookupat+0x770/0x770
[  112.966568][ T5498]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  112.973199][ T5498]  do_filp_open+0x1de/0x430
[  112.977748][ T5498]  ? may_open_dev+0xf0/0xf0
[  112.982309][ T5498]  ? find_held_lock+0x2d/0x110
[  112.987212][ T5498]  ? _raw_spin_unlock+0x28/0x40
[  112.992094][ T5498]  ? alloc_fd+0x2da/0x6c0
[  112.996557][ T5498]  do_sys_openat2+0x176/0x1e0
[  113.001523][ T5498]  ? build_open_flags+0x690/0x690
[  113.006665][ T5498]  ? xfd_validate_state+0x5d/0x180
[  113.011812][ T5498]  __x64_sys_open+0x154/0x1e0
[  113.016521][ T5498]  ? do_sys_open+0x160/0x160
[  113.021157][ T5498]  ? syscall_enter_from_user_mode+0x7f/0x120
[  113.027196][ T5498]  ? lockdep_hardirqs_on+0x7d/0x110
[  113.032544][ T5498]  do_syscall_64+0x40/0x110
[  113.037110][ T5498]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  113.043367][ T5498] RIP: 0033:0x7f9a9727ad39
[  113.047985][ T5498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  113.067805][ T5498] RSP: 002b:00007f9a984ae0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  113.076252][ T5498] RAX: ffffffffffffffda RBX: 00007f9a9739bf80 RCX: 00007f9a9727ad39
[  113.084255][ T5498] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000340
[  113.092682][ T5498] RBP: 00007f9a972d7567 R08: 0000000000000000 R09: 0000000000000000
[  113.101022][ T5498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.109016][ T5498] R13: 000000000000000b R14: 00007f9a9739bf80 R15: 00007fffe5c479e8
[  113.117104][ T5498]  </TASK>
[  113.120449][ T5498] Kernel Offset: disabled
[  113.124937][ T5498] Rebooting in 86400 seconds..