Warning: Permanently added '10.128.10.42' (ED25519) to the list of known hosts.
2023/09/08 04:04:38 ignoring optional flag "sandboxArg"="0"
2023/09/08 04:04:38 parsed 1 programs
[  103.449441][   T27] kauditd_printk_skb: 76 callbacks suppressed
[  103.449458][   T27] audit: type=1400 audit(1694145878.830:201): avc:  denied  { getattr } for  pid=5372 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  103.483701][   T27] audit: type=1400 audit(1694145878.830:202): avc:  denied  { read } for  pid=5372 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  103.506037][   T27] audit: type=1400 audit(1694145878.830:203): avc:  denied  { open } for  pid=5372 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
2023/09/08 04:04:38 executed programs: 0
[  103.555408][   T27] audit: type=1400 audit(1694145878.930:204): avc:  denied  { mounton } for  pid=5378 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  103.580525][   T27] audit: type=1400 audit(1694145878.930:205): avc:  denied  { mount } for  pid=5378 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  106.788219][ T5030] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  108.874931][ T4435] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  108.882381][ T4435] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  108.889706][ T4435] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  108.897207][ T4435] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  108.905415][ T4435] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  108.912646][ T4435] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  108.926401][   T27] audit: type=1400 audit(1694145884.310:206): avc:  denied  { mounton } for  pid=5386 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  109.063408][ T5386] chnl_net:caif_netlink_parms(): no params data found
[  109.131129][ T5386] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.138482][ T5386] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.145608][ T5386] bridge_slave_0: entered allmulticast mode
[  109.152924][ T5386] bridge_slave_0: entered promiscuous mode
[  109.161213][ T5386] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.168647][ T5386] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.175961][ T5386] bridge_slave_1: entered allmulticast mode
[  109.183225][ T5386] bridge_slave_1: entered promiscuous mode
[  109.217340][ T5386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.229546][ T5386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.262626][ T5386] team0: Port device team_slave_0 added
[  109.271431][ T5386] team0: Port device team_slave_1 added
[  109.300526][ T5386] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.307742][ T5386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.334013][ T5386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.346199][ T5386] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.353367][ T5386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.379881][ T5386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.423425][ T5386] hsr_slave_0: entered promiscuous mode
[  109.430238][ T5386] hsr_slave_1: entered promiscuous mode
[  110.353876][ T5386] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.366877][ T5386] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.383428][ T5386] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.397073][ T5386] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  110.537112][ T5386] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.575615][ T5386] 8021q: adding VLAN 0 to HW filter on device team0
[  110.595667][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.603035][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.633134][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.640575][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.772210][   T27] audit: type=1400 audit(1694145886.150:207): avc:  denied  { sys_module } for  pid=5386 comm="syz-executor.0" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  110.919830][ T5386] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.948525][ T4435] Bluetooth: hci0: command 0x0409 tx timeout
[  110.992660][ T5386] veth0_vlan: entered promiscuous mode
[  111.011867][ T5386] veth1_vlan: entered promiscuous mode
[  111.057315][ T5386] veth0_macvtap: entered promiscuous mode
[  111.071272][ T5386] veth1_macvtap: entered promiscuous mode
[  111.102069][ T5386] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.121409][ T5386] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.136156][ T5386] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.145479][ T5386] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.156453][ T5386] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.166502][ T5386] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.271024][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.287586][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.330352][ T1597] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.340076][ T1597] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.355444][   T27] audit: type=1400 audit(1694145886.730:208): avc:  denied  { mounton } for  pid=5386 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  111.461561][ T5455] loop0: detected capacity change from 0 to 32768
[  111.470593][   T27] audit: type=1400 audit(1694145886.850:209): avc:  denied  { mounton } for  pid=5454 comm="syz-executor.0" path="/root/syzkaller-testdir992075477/syzkaller.l4r3V5/0/file0" dev="sda1" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  111.477700][ T5455] ea_get: invalid extended attribute
[  111.504971][ T5455] ffff88806d5844b0: 22 00 00 00 ff 05 66 00 69 00 6c 00 65 00 31 00  ".....f.i.l.e.1.
[  111.516134][   T27] audit: type=1400 audit(1694145886.850:210): avc:  denied  { mount } for  pid=5454 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  111.536862][ T5455] ffff88806d5844c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.551525][ T5455] ffff88806d5844d0: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.563221][ T5455] ffff88806d5844e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.575780][ T5455] ffff88806d5844f0: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.587145][ T5455] ffff88806d584500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.600746][ T5455] ffff88806d584510: 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.628970][ T5455] ffff88806d584520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.639799][   T27] audit: type=1400 audit(1694145887.020:211): avc:  denied  { search } for  pid=4464 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  111.640392][ T5455] ffff88806d584530: 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.677055][ T5455] ffff88806d584540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.690133][ T5455] ffff88806d584550: 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.700453][ T5455] ffff88806d584560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.711428][ T5455] ffff88806d584570: ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.721432][ T5455] ffff88806d584580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.731963][ T5455] ffff88806d584590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.743373][ T5455] ffff88806d5845a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.755538][ T5455] ffff88806d5845b0: ed 41 08 00 00 00 00 00 00 00 00 00 00 00 00 00  .A..............
[  111.765552][ T5455] ffff88806d5845c0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  111.775970][ T5455] ffff88806d5845d0: 80 63 ca 8a ff ff ff ff 00 40 d1 73 80 88 ff ff  .c.......@.s....
[  111.786572][ T5455] ffff88806d5845e0: d8 47 58 6d 80 88 ff ff 40 fb b2 18 80 88 ff ff  .GXm....@.......
[  111.797330][ T5455] ffff88806d5845f0: 20 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00   ...............
[  111.807317][ T5455] ffff88806d584600: 00 01 00 00 00 00 00 00 6e 1f 1f 63 00 00 00 00  ........n..c....
[  111.817609][ T5455] ffff88806d584610: 45 ef 28 21 00 00 00 00 6e 1f 1f 63 00 00 00 00  E.(!....n..c....
[  111.832520][ T5455] ffff88806d584620: 45 ef 28 21 00 00 00 00 6e 1f 1f 63 00 00 00 00  E.(!....n..c....
[  111.842558][ T5455] ffff88806d584630: 45 ef 28 21 00 00 00 00 00 00 00 00 ad 4e ad de  E.(!.........N..
[  111.854855][ T5455] ffff88806d584640: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  111.865634][ T5455] ffff88806d584650: 48 db 12 8d ff ff ff ff 00 00 00 00 00 00 00 00  H...............
[  111.876347][ T5455] ffff88806d584660: 00 00 00 00 00 00 00 00 00 a7 9c 8a ff ff ff ff  ................
[  111.886440][ T5455] ffff88806d584670: 00 02 00 00 00 00 00 00 00 00 0c 00 00 00 00 00  ................
[  111.896989][ T5455] ffff88806d584680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.907203][ T5455] ffff88806d584690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  111.921221][ T5455] ffff88806d5846a0: 00 00 00 00 00 00 00 00 00 00 00 00 ad 4e ad de  .............N..
[  111.931295][ T5455] ffff88806d5846b0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  111.941682][ T5455] ffff88806d5846c0: 20 29 61 90 ff ff ff ff 00 00 00 00 00 00 00 00   )a.............
[  111.952039][ T5455] ffff88806d5846d0: 00 00 00 00 00 00 00 00 00 91 8c 8a ff ff ff ff  ................
[  111.964056][ T5455] ffff88806d5846e0: 00 02 00 00 00 00 00 00 e8 46 58 6d 80 88 ff ff  .........FXm....
[  111.974228][ T5455] ffff88806d5846f0: e8 46 58 6d 80 88 ff ff 90 46 58 6d 80 88 ff ff  .FXm.....FXm....
[  111.984647][ T5455] ffff88806d584700: 78 db 12 8d ff ff ff ff 00 00 00 00 00 00 00 00  x...............
[  111.996364][ T5455] ffff88806d584710: 00 00 00 00 00 00 00 00 00 a9 9c 8a ff ff ff ff  ................
[  112.006998][ T5455] ffff88806d584720: 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.017008][ T5455] ffff88806d584730: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.027486][ T5455] ffff88806d584740: 18 50 e7 00 00 c9 ff ff 48 47 58 6d 80 88 ff ff  .P......HGXm....
[  112.037388][ T5455] ffff88806d584750: 48 47 58 6d 80 88 ff ff 00 00 00 00 00 00 00 00  HGXm............
[  112.047769][ T5455] ffff88806d584760: 00 00 00 00 00 00 00 00 68 47 58 6d 80 88 ff ff  ........hGXm....
[  112.057754][ T5455] ffff88806d584770: 68 47 58 6d 80 88 ff ff 38 37 58 6d 80 88 ff ff  hGXm....87Xm....
[  112.068070][ T5455] ffff88806d584780: c0 49 d1 73 80 88 ff ff 88 47 58 6d 80 88 ff ff  .I.s.....GXm....
[  112.082235][ T5455] ffff88806d584790: 88 47 58 6d 80 88 ff ff 00 00 00 00 00 00 00 00  .GXm............
[  112.092380][ T5455] ffff88806d5847a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.102961][ T5455] ffff88806d5847b0: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00  ................
[  112.113343][ T5455] ffff88806d5847c0: 00 00 00 00 00 00 00 00 20 62 ca 8a ff ff ff ff  ........ b......
[  112.123634][ T5455] ffff88806d5847d0: 00 00 00 00 00 00 00 00 b0 45 58 6d 80 88 ff ff  .........EXm....
[  112.133526][ T5455] ffff88806d5847e0: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00  .....N..........
[  112.144207][ T5455] ffff88806d5847f0: ff ff ff ff ff ff ff ff 20 27 2f 92 ff ff ff ff  ........ '/.....
[  112.159352][ T5455] ffff88806d584800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.169461][ T5455] ffff88806d584810: c0 a5 9c 8a ff ff ff ff 00 02 00 00 00 00 00 00  ................
[  112.181164][ T5455] ffff88806d584820: 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  !...............
[  112.192594][ T5455] ffff88806d584830: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.203289][ T5455] ffff88806d584840: 00 00 00 00 00 00 00 00 00 00 00 00 ad 4e ad de  .............N..
[  112.213422][ T5455] ffff88806d584850: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  112.224072][ T5455] ffff88806d584860: 20 29 61 90 ff ff ff ff 00 00 00 00 00 00 00 00   )a.............
[  112.234652][ T5455] ffff88806d584870: 00 00 00 00 00 00 00 00 00 91 8c 8a ff ff ff ff  ................
[  112.245544][ T5455] ffff88806d584880: 00 02 00 00 00 00 00 00 88 48 58 6d 80 88 ff ff  .........HXm....
[  112.255702][ T5455] ffff88806d584890: 88 48 58 6d 80 88 ff ff 30 48 58 6d 80 88 ff ff  .HXm....0HXm....
[  112.266112][ T5455] ffff88806d5848a0: 68 db 12 8d ff ff ff ff 00 00 00 00 00 00 00 00  h...............
[  112.276439][ T5455] ffff88806d5848b0: 00 00 00 00 00 00 00 00 00 a8 9c 8a ff ff ff ff  ................
[  112.287379][ T5455] ffff88806d5848c0: 00 03 00 00 00 00 00 00 ca 0c 10 00 00 00 00 00  ................
[  112.297431][ T5455] ffff88806d5848d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.312945][ T5455] ffff88806d5848e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.323747][ T5455] ffff88806d5848f0: 00 00 00 00 00 00 00 00 a0 b2 9c 8a ff ff ff ff  ................
[  112.334891][ T5455] ffff88806d584900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.345432][ T5455] ffff88806d584910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.356462][ T5455] ffff88806d584920: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00  .....N..........
[  112.366708][ T5455] ffff88806d584930: ff ff ff ff ff ff ff ff 20 29 61 90 ff ff ff ff  ........ )a.....
[  112.377180][ T5455] ffff88806d584940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.387266][ T5455] ffff88806d584950: 00 91 8c 8a ff ff ff ff 00 02 00 00 00 00 00 00  ................
[  112.400671][ T5455] ffff88806d584960: 60 49 58 6d 80 88 ff ff 60 49 58 6d 80 88 ff ff  `IXm....`IXm....
[  112.412110][ T5455] ffff88806d584970: 08 49 58 6d 80 88 ff ff a0 27 2f 92 ff ff ff ff  .IXm.....'/.....
[  112.424214][ T5455] ffff88806d584980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.435651][ T5455] ffff88806d584990: 00 a6 9c 8a ff ff ff ff 00 03 00 00 00 00 00 00  ................
[  112.446377][ T5455] ffff88806d5849a0: 00 00 00 00 00 00 00 00 00 00 00 00 ad 4e ad de  .............N..
[  112.456951][ T5455] ffff88806d5849b0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................
[  112.467294][ T5455] ffff88806d5849c0: 60 27 2f 92 ff ff ff ff 00 00 00 00 00 00 00 00  `'/.............
[  112.482037][ T5455] ffff88806d5849d0: 00 00 00 00 00 00 00 00 40 a6 9c 8a ff ff ff ff  ........@.......
[  112.492150][ T5455] ffff88806d5849e0: 00 02 00 00 00 00 00 00 e8 49 58 6d 80 88 ff ff  .........IXm....
[  112.502617][ T5455] ffff88806d5849f0: e8 49 58 6d 80 88 ff ff 00 00 00 00 00 00 00 00  .IXm............
[  112.512798][ T5455] ffff88806d584a00: 00 4a 58 6d 80 88 ff ff 00 4a 58 6d 80 88 ff ff  .JXm.....JXm....
[  112.523520][ T5455] ffff88806d584a10: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00  ................
[  112.535418][ T5455] ffff88806d584a20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.545979][ T5455] ffff88806d584a30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  112.559018][ T5455] ==================================================================
[  112.567679][ T5455] BUG: KASAN: slab-out-of-bounds in hex_dump_to_buffer+0xdea/0xe30
[  112.575973][ T5455] Read of size 1 at addr ffff88806d584a40 by task syz-executor.0/5455
[  112.584176][ T5455] 
[  112.586515][ T5455] CPU: 0 PID: 5455 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-12728-ga48fa7efaf11 #0
[  112.596783][ T5455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  112.607039][ T5455] Call Trace:
[  112.610433][ T5455]  <TASK>
[  112.614179][ T5455]  dump_stack_lvl+0xd9/0x1b0
[  112.618906][ T5455]  print_report+0xc4/0x620
[  112.623443][ T5455]  ? __virt_addr_valid+0x5e/0x2d0
[  112.628501][ T5455]  ? __phys_addr+0xc6/0x140
[  112.633301][ T5455]  kasan_report+0xda/0x110
[  112.637844][ T5455]  ? hex_dump_to_buffer+0xdea/0xe30
[  112.643165][ T5455]  ? hex_dump_to_buffer+0xdea/0xe30
[  112.648436][ T5455]  hex_dump_to_buffer+0xdea/0xe30
[  112.653591][ T5455]  print_hex_dump+0x18c/0x260
[  112.658435][ T5455]  ? hex_dump_to_buffer+0xe30/0xe30
[  112.663763][ T5455]  ? vprintk_emit+0x12a/0x630
[  112.668705][ T5455]  ea_get+0x860/0x12c0
[  112.672802][ T5455]  ? down_read+0x13e/0x470
[  112.677333][ T5455]  ? ea_release+0x220/0x220
[  112.681865][ T5455]  ? kasan_save_stack+0x43/0x50
[  112.686741][ T5455]  ? kasan_save_stack+0x33/0x50
[  112.692050][ T5455]  ? kasan_set_track+0x25/0x30
[  112.696849][ T5455]  ? __kasan_kmalloc+0xa3/0xb0
[  112.701638][ T5455]  ? inode_doinit_use_xattr+0x54/0x410
[  112.707134][ T5455]  ? inode_doinit_with_dentry+0x51f/0x12c0
[  112.713358][ T5455]  __jfs_getxattr+0xfd/0x3e0
[  112.718067][ T5455]  ? do_syscall_64+0x38/0xb0
[  112.722800][ T5455]  ? jfs_initxattrs+0x280/0x280
[  112.727860][ T5455]  ? __jfs_getxattr+0x3e0/0x3e0
[  112.732824][ T5455]  jfs_xattr_get+0x3c/0x50
[  112.738502][ T5455]  __vfs_getxattr+0x13b/0x1a0
[  112.743218][ T5455]  ? xattr_full_name+0x90/0x90
[  112.748189][ T5455]  inode_doinit_use_xattr+0xb5/0x410
[  112.753524][ T5455]  inode_doinit_with_dentry+0x51f/0x12c0
[  112.759195][ T5455]  ? lock_acquire+0x464/0x510
[  112.764086][ T5455]  ? selinux_sem_semctl+0x1a0/0x1a0
[  112.769323][ T5455]  ? lock_release+0x4bf/0x680
[  112.774040][ T5455]  ? jfs_iget+0x250/0x4c0
[  112.778411][ T5455]  selinux_d_instantiate+0x26/0x30
[  112.783559][ T5455]  security_d_instantiate+0x54/0xe0
[  112.788819][ T5455]  d_splice_alias+0x94/0xdf0
[  112.793451][ T5455]  jfs_lookup+0x233/0x370
[  112.797906][ T5455]  ? jfs_link+0x570/0x570
[  112.802266][ T5455]  ? d_alloc_parallel+0x6c2/0x15f0
[  112.807512][ T5455]  ? __d_lookup+0x28c/0x4c0
[  112.812055][ T5455]  ? jfs_link+0x570/0x570
[  112.816440][ T5455]  lookup_open.isra.0+0x8dc/0x1360
[  112.821773][ T5455]  ? try_lookup_one_len+0x190/0x190
[  112.827016][ T5455]  ? lookup_fast+0x155/0x520
[  112.831657][ T5455]  path_openat+0x931/0x29c0
[  112.836292][ T5455]  ? path_lookupat+0x770/0x770
[  112.841185][ T5455]  do_filp_open+0x1de/0x430
[  112.845803][ T5455]  ? may_open_dev+0xf0/0xf0
[  112.850353][ T5455]  ? expand_files+0x442/0x910
[  112.855505][ T5455]  ? _raw_spin_unlock+0x28/0x40
[  112.860565][ T5455]  ? alloc_fd+0x2da/0x6c0
[  112.864938][ T5455]  do_sys_openat2+0x176/0x1e0
[  112.869648][ T5455]  ? build_open_flags+0x690/0x690
[  112.874712][ T5455]  ? xfd_validate_state+0x5d/0x180
[  112.879878][ T5455]  __x64_sys_open+0x154/0x1e0
[  112.884672][ T5455]  ? do_sys_open+0x160/0x160
[  112.889385][ T5455]  ? rcu_is_watching+0x12/0xb0
[  112.894346][ T5455]  ? trace_irq_enable.constprop.0+0xd0/0x100
[  112.900359][ T5455]  do_syscall_64+0x38/0xb0
[  112.904819][ T5455]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  112.910826][ T5455] RIP: 0033:0x7fc7e0c7ad39
[  112.915327][ T5455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  112.934960][ T5455] RSP: 002b:00007fc7e1e950c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  112.943409][ T5455] RAX: ffffffffffffffda RBX: 00007fc7e0d9bf80 RCX: 00007fc7e0c7ad39
[  112.951593][ T5455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000340
[  112.959678][ T5455] RBP: 00007fc7e0cd7567 R08: 0000000000000000 R09: 0000000000000000
[  112.967805][ T5455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.975982][ T5455] R13: 000000000000000b R14: 00007fc7e0d9bf80 R15: 00007fff6bab7ba8
[  112.984420][ T5455]  </TASK>
[  112.987459][ T5455] 
[  112.989790][ T5455] Allocated by task 5455:
[  112.994123][ T5455]  kasan_save_stack+0x33/0x50
[  112.998829][ T5455]  kasan_set_track+0x25/0x30
[  113.003447][ T5455]  __kasan_slab_alloc+0x81/0x90
[  113.008329][ T5455]  kmem_cache_alloc_lru+0x1ff/0x680
[  113.013596][ T5455]  jfs_alloc_inode+0x25/0x60
[  113.018209][ T5455]  alloc_inode+0x5d/0x220
[  113.022645][ T5455]  iget_locked+0x1b3/0x700
[  113.027093][ T5455]  jfs_iget+0x1e/0x4c0
[  113.028293][ T4435] Bluetooth: hci0: command 0x041b tx timeout
[  113.031256][ T5455]  jfs_lookup+0x2a4/0x370
[  113.041729][ T5455]  lookup_open.isra.0+0x8dc/0x1360
[  113.046964][ T5455]  path_openat+0x931/0x29c0
[  113.051505][ T5455]  do_filp_open+0x1de/0x430
[  113.056055][ T5455]  do_sys_openat2+0x176/0x1e0
[  113.060755][ T5455]  __x64_sys_open+0x154/0x1e0
[  113.065542][ T5455]  do_syscall_64+0x38/0xb0
[  113.070078][ T5455]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.076564][ T5455] 
[  113.078895][ T5455] The buggy address belongs to the object at ffff88806d584180
[  113.078895][ T5455]  which belongs to the cache jfs_ip of size 2240
[  113.092790][ T5455] The buggy address is located 0 bytes to the right of
[  113.092790][ T5455]  allocated 2240-byte region [ffff88806d584180, ffff88806d584a40)
[  113.107563][ T5455] 
[  113.109901][ T5455] The buggy address belongs to the physical page:
[  113.116488][ T5455] page:ffffea0001b56100 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88806d584fff pfn:0x6d584
[  113.127978][ T5455] memcg:ffff88807b57d401
[  113.132316][ T5455] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[  113.139971][ T5455] page_type: 0x1()
[  113.143707][ T5455] raw: 00fff00000000800 ffff8880153beb00 ffffea0001b560d0 ffff8880153eaf50
[  113.152402][ T5455] raw: ffff88806d584fff ffff88806d584180 0000000100000001 ffff88807b57d401
[  113.161010][ T5455] page dumped because: kasan: bad access detected
[  113.167433][ T5455] page_owner tracks the page as allocated
[  113.173161][ T5455] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x342050(__GFP_IO|__GFP_NOWARN|__GFP_COMP|__GFP_HARDWALL|__GFP_THISNODE|__GFP_RECLAIMABLE), pid 5455, tgid 5454 (syz-executor.0), ts 111477349663, free_ts 81678508955
[  113.195860][ T5455]  post_alloc_hook+0x2cf/0x340
[  113.200663][ T5455]  get_page_from_freelist+0xee0/0x2f20
[  113.206173][ T5455]  __alloc_pages+0x1d0/0x4a0
[  113.211146][ T5455]  cache_grow_begin+0x99/0x3a0
[  113.215949][ T5455]  cache_alloc_refill+0x294/0x3a0
[  113.221094][ T5455]  kmem_cache_alloc_lru+0x56c/0x680
[  113.226318][ T5455]  jfs_alloc_inode+0x25/0x60
[  113.231129][ T5455]  alloc_inode+0x5d/0x220
[  113.235478][ T5455]  iget_locked+0x1b3/0x700
[  113.239916][ T5455]  jfs_iget+0x1e/0x4c0
[  113.244011][ T5455]  jfs_lookup+0x2a4/0x370
[  113.248459][ T5455]  lookup_open.isra.0+0x8dc/0x1360
[  113.253604][ T5455]  path_openat+0x931/0x29c0
[  113.258240][ T5455]  do_filp_open+0x1de/0x430
[  113.262761][ T5455]  do_sys_openat2+0x176/0x1e0
[  113.267462][ T5455]  __x64_sys_open+0x154/0x1e0
[  113.272163][ T5455] page last free stack trace:
[  113.276842][ T5455]  free_unref_page_prepare+0x476/0xa40
[  113.282331][ T5455]  free_unref_page_list+0xe6/0xb30
[  113.287472][ T5455]  release_pages+0x32a/0x14e0
[  113.292188][ T5455]  tlb_batch_pages_flush+0x9a/0x190
[  113.297500][ T5455]  unmap_page_range+0x19b7/0x2c10
[  113.302555][ T5455]  unmap_single_vma+0x194/0x2b0
[  113.307447][ T5455]  unmap_vmas+0x1e8/0x330
[  113.311892][ T5455]  exit_mmap+0x1ad/0xa60
[  113.316161][ T5455]  __mmput+0x12a/0x4d0
[  113.320252][ T5455]  mmput+0x62/0x70
[  113.323993][ T5455]  do_exit+0x9b4/0x2a20
[  113.328189][ T5455]  do_group_exit+0xd4/0x2a0
[  113.332726][ T5455]  __x64_sys_exit_group+0x3e/0x50
[  113.337784][ T5455]  do_syscall_64+0x38/0xb0
[  113.342232][ T5455]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.348319][ T5455] 
[  113.350641][ T5455] Memory state around the buggy address:
[  113.356379][ T5455]  ffff88806d584900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.364535][ T5455]  ffff88806d584980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.372614][ T5455] >ffff88806d584a00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  113.380689][ T5455]                                            ^
[  113.386860][ T5455]  ffff88806d584a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  113.395287][ T5455]  ffff88806d584b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  113.403454][ T5455] ==================================================================
[  113.442269][ T5455] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  113.449676][ T5455] CPU: 0 PID: 5455 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-12728-ga48fa7efaf11 #0
[  113.459766][ T5455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[  113.469938][ T5455] Call Trace:
[  113.473239][ T5455]  <TASK>
[  113.476264][ T5455]  dump_stack_lvl+0xd9/0x1b0
[  113.480901][ T5455]  panic+0x6a6/0x750
[  113.484999][ T5455]  ? panic_smp_self_stop+0xa0/0xa0
[  113.490135][ T5455]  ? trace_irq_enable.constprop.0+0xd0/0x100
[  113.496402][ T5455]  ? preempt_schedule_thunk+0x1a/0x30
[  113.501819][ T5455]  ? preempt_schedule_common+0x45/0xc0
[  113.507394][ T5455]  check_panic_on_warn+0xab/0xb0
[  113.512367][ T5455]  end_report+0x108/0x150
[  113.516744][ T5455]  kasan_report+0xea/0x110
[  113.521191][ T5455]  ? hex_dump_to_buffer+0xdea/0xe30
[  113.526532][ T5455]  ? hex_dump_to_buffer+0xdea/0xe30
[  113.531774][ T5455]  hex_dump_to_buffer+0xdea/0xe30
[  113.536934][ T5455]  print_hex_dump+0x18c/0x260
[  113.541646][ T5455]  ? hex_dump_to_buffer+0xe30/0xe30
[  113.546881][ T5455]  ? vprintk_emit+0x12a/0x630
[  113.551693][ T5455]  ea_get+0x860/0x12c0
[  113.555789][ T5455]  ? down_read+0x13e/0x470
[  113.560235][ T5455]  ? ea_release+0x220/0x220
[  113.564853][ T5455]  ? kasan_save_stack+0x43/0x50
[  113.569734][ T5455]  ? kasan_save_stack+0x33/0x50
[  113.574713][ T5455]  ? kasan_set_track+0x25/0x30
[  113.579591][ T5455]  ? __kasan_kmalloc+0xa3/0xb0
[  113.584573][ T5455]  ? inode_doinit_use_xattr+0x54/0x410
[  113.590063][ T5455]  ? inode_doinit_with_dentry+0x51f/0x12c0
[  113.595900][ T5455]  __jfs_getxattr+0xfd/0x3e0
[  113.600519][ T5455]  ? do_syscall_64+0x38/0xb0
[  113.605161][ T5455]  ? jfs_initxattrs+0x280/0x280
[  113.610138][ T5455]  ? __jfs_getxattr+0x3e0/0x3e0
[  113.615108][ T5455]  jfs_xattr_get+0x3c/0x50
[  113.619919][ T5455]  __vfs_getxattr+0x13b/0x1a0
[  113.625328][ T5455]  ? xattr_full_name+0x90/0x90
[  113.630225][ T5455]  inode_doinit_use_xattr+0xb5/0x410
[  113.635742][ T5455]  inode_doinit_with_dentry+0x51f/0x12c0
[  113.641425][ T5455]  ? lock_acquire+0x464/0x510
[  113.646511][ T5455]  ? selinux_sem_semctl+0x1a0/0x1a0
[  113.652011][ T5455]  ? lock_release+0x4bf/0x680
[  113.656896][ T5455]  ? jfs_iget+0x250/0x4c0
[  113.661352][ T5455]  selinux_d_instantiate+0x26/0x30
[  113.666589][ T5455]  security_d_instantiate+0x54/0xe0
[  113.671841][ T5455]  d_splice_alias+0x94/0xdf0
[  113.676481][ T5455]  jfs_lookup+0x233/0x370
[  113.680858][ T5455]  ? jfs_link+0x570/0x570
[  113.685361][ T5455]  ? d_alloc_parallel+0x6c2/0x15f0
[  113.690705][ T5455]  ? __d_lookup+0x28c/0x4c0
[  113.695260][ T5455]  ? jfs_link+0x570/0x570
[  113.699719][ T5455]  lookup_open.isra.0+0x8dc/0x1360
[  113.705052][ T5455]  ? try_lookup_one_len+0x190/0x190
[  113.710299][ T5455]  ? lookup_fast+0x155/0x520
[  113.714949][ T5455]  path_openat+0x931/0x29c0
[  113.719505][ T5455]  ? path_lookupat+0x770/0x770
[  113.724315][ T5455]  do_filp_open+0x1de/0x430
[  113.728888][ T5455]  ? may_open_dev+0xf0/0xf0
[  113.733515][ T5455]  ? expand_files+0x442/0x910
[  113.738318][ T5455]  ? _raw_spin_unlock+0x28/0x40
[  113.743293][ T5455]  ? alloc_fd+0x2da/0x6c0
[  113.747656][ T5455]  do_sys_openat2+0x176/0x1e0
[  113.752800][ T5455]  ? build_open_flags+0x690/0x690
[  113.758118][ T5455]  ? xfd_validate_state+0x5d/0x180
[  113.763444][ T5455]  __x64_sys_open+0x154/0x1e0
[  113.768152][ T5455]  ? do_sys_open+0x160/0x160
[  113.772771][ T5455]  ? rcu_is_watching+0x12/0xb0
[  113.778167][ T5455]  ? trace_irq_enable.constprop.0+0xd0/0x100
[  113.784346][ T5455]  do_syscall_64+0x38/0xb0
[  113.788996][ T5455]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.795443][ T5455] RIP: 0033:0x7fc7e0c7ad39
[  113.800018][ T5455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  113.819665][ T5455] RSP: 002b:00007fc7e1e950c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  113.828101][ T5455] RAX: ffffffffffffffda RBX: 00007fc7e0d9bf80 RCX: 00007fc7e0c7ad39
[  113.836182][ T5455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000340
[  113.844261][ T5455] RBP: 00007fc7e0cd7567 R08: 0000000000000000 R09: 0000000000000000
[  113.852346][ T5455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.860548][ T5455] R13: 000000000000000b R14: 00007fc7e0d9bf80 R15: 00007fff6bab7ba8
[  113.868634][ T5455]  </TASK>
[  113.871977][ T5455] Kernel Offset: disabled
[  113.876313][ T5455] Rebooting in 86400 seconds..