program:
r0 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x598, &(0x7f0000000640)="$eJzs3c9vFFUcAPDvm24LtGCLMVHkYBMSIVFbWjAaYyJEvHnwB4knE2tbCGGBhtZEECMk+B/oH2DizYvxSIwh6sWrNxP/AEMkBnrxtma2s+0Cu6U/tgx2Pp8w9L15DN83u/3um307MxtAZe3M/8oi9kXEXIoYbmurRdE42vwTd+9cmV68c2U6RaPx/j8pUrGu9e9T8XOo2Dj/v3//OcWTfQ/Gnb90+exUvT57saiPL5ybG5+/dPmlM+emTs+enj0/OfHKxMtHj0wePdyT/dwTEb+OnahdP/Xm/u+nv937xY/f3UhxLHYX7e370SujMbr8mLTLH9dXex2sJH3F/rQ/xalWYodYl9bz1x8RT8dw9MXKkzccX75baueALdVIEQ2gopL8h4pqHQfk739bS7lHJMCjcvv40gTA3bQ0t7e4nP+15pxfxM7m3MDgYor2aZ0UEb2YmctjzD2fhvMltmgeDujs6rWIeKbT+J+auTmy9AlBDC5m9+R/FhHvFD/z9e9tMP7ofXX5D4/OZvL/o7b8/3iD8eU/AAAAAAAA9M7N4xHxYqfP/7Ll83+iw/k/QxFxrAfxH/75X3arB2GADm4fj3g9Ilrn/i225X9hpK+o7WmeD9CfTp2pzx6OiCci4lD078jrE6vEGN3/W3/Xtrbz//Ilj986F7Dox63ajnu3mZlamNrMPgNLbl+LeLbWKf/T8vifOoz/+evB3BpjNE688Uu3tofnP7BVGt9EHOw4/q/cuSKtfn+O8ebxwHjrqOBBn31444du8TeU/9mGdxdok4//g6vn/0hqv1/P/PpjfP73n5vI/87H/wPpZPOWMwPFuk+nFhYuTkQMpLcfXD+5/j7DdtTKh1a+5Pl/6EDn9/+rHf/vioira4x58qe3rndrc/wP5cnzf2Zd4//6Cwc++PrfbvHXNv4fbY7ph4o15v9gdWtN0LL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/R1lE7I6UjS2Xs2xsLGIoIp6Kwax+YX7hhVMXPjk/k7c1v/8/a33T7/BSPbW+/3+krT55X/1IROyNiK/6djXrY9MX6jNl7zwAAAAAAAAAAAAAAAAAAAA8Joa6XP+f+6uv7N4BW65WdgeA0sh/qC75D9Ul/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAANhW9j53848UEVdf29VccgNFW3+pPQO2WlZ2B4DSuMUPVJdTf6C6UtkdAEr3sNeBnRveEgAAAAAAAAAAAADolYP7XP8PVeX6f6iu7tf/uzMAbHeu/4fq8h4fcP0/AAAAAAAAAAAAADz+5i9dPjtVr89e3Ghhx+Y2V1BYe6H1W/u49GcthUZjZU2kHmTcIyqU+7oEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs+C8AAP//GHLz0Q==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x41)
getdents64(r1, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r3 = accept$alg(r2, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f000000a600)=[{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000540)="f4068901371aeb199421f93aff7eb604e099571c3c2fb9607fbb56138a3d69666d65d5e223dc4870d4ad2e22f8d5d27fa8b6c2810b9cf9ecd754327624cbb5291250f7f8a65b96bef975f80a51af3136922cd98eba5fa9959e4770b1cdd6610b0f7d88258ed840f9b6be567a24954b615ea5d096748df769ba3763388416864c9ce857bacf4c6f642f7b14eb97d9f3e13723522a20cf93d946849f", 0x9b}, {&(0x7f0000000600)="26a324863759bacc18496349b4e5cf671000c0c793f066c276fc5bb429a1b459c67d6075e3c1c7077f8cf70c13b4c420fec688a7969186f288112a52f4a18dfb45363eb973263a840baf807356f7e466b8e8945d79fbf038fc7aaab22815a5ff253bd324f0a20eba170c59eba1740e1036476edd6c66a53a7783cf935691544df2b60bc275497c9dc73a6655addc44546d64b2909bfc94ca713fb4efd8c1d70f809c03f1c8786d4950ec3f5db0d81fc93cc131c3bf0e09aeaab36134b6e246da0a2cbd5f96e3d84a", 0xc8}, {&(0x7f0000000c00)="5baefe683b81968a1abc6ff0f60552e8540ae386f5f0d049bf0b0cbebedff85fc6e3b99252c248ebcc2f6726a8ab43b776af43c506b9e60a9720cd91a98fcc536e1835c2d3b425513b600da5d374c6ffd664614a278364ce4361cd43c90b590f60a758c437d105c0b0679e93c411b15da5d57b438db426d413af97c176dce638e8d2123e030958715534f60978fc0c47b21740c3ec534bd200023c236ca803b43373e571481040ed9b9dc1a4295aa17a44281831d2066cd9163f33355d504224a5bf4f78703bed516ee2cf62dceb33b433d90afcebdaeee457b8c3a3507e597c4bdb0e3fd803bd6ea217a5556815a9ed1dea88bd6531c7bbc5f628f4c73fd45b6fb561fcdfeac6157cd31291ab9f9b62a4e6eb67cfa8e66b6c3d98b861cab2800a4de0b5069ea793cacba705aa96332ad5eaae6fbb65133fe4728bfee5a2203cc1c75e75fc99e5bf985180762647d63c053cef97cde332ad76ca384d9f8a321c7afbf9adac86293465b8efc5ac8343bc48e5bedf11d4b95c7b7fb40ef8f48cc6493daf6f25c5d779ff347e2b9bbd6186edbe9c39e1288f8fcb0f010f52db45c12d827f50c4ad1bdfc366c4b21fc85c2d56e7ccacefa88624af62a440312167b52f094816f75bad026b9c31bc4687a236c548ba94aeaef56078a866da115c5f89ac183fc3e57f3867df48f0c01dfb308191f0da347aab28ae10b1d1bd62c2004a622bfabe04d40e34226b319f7896d22bedc30354b3eaad3b5ef870dacc11f5493ee83a59cc8239826700070af815b98b42e25c60520a8f700c3814f8f2eaf3e403f4b4eb30ed29d24dee2035b147d6d61e08a168a1b9f97ca3709ca05632d832ea03a52a18636d4c6ae6ba2f52f17386275e81ef9e7dcfe93f7276ada4a5e20a9f017711a259c0868ce3a65db93cac03758c03b5290bcf6e9accc527ba6710d09e238070ed0679cbf0d8b5d58418db1c258fcda7d4297c5e4191aa8ebe78d8bdd4aeac047df469368c4df66951e27f0d8baa4cd6ca1e30c0b2035ea8992dc08a09d886be9e06204b956fb2ded71da412a1ecdc2c163152386a1c6b5d6820b064f577612344bb98c34cd255fb17043d45727a5ccdc570ae247355a08ef0babb77ea3c3c738fa13b1b1e2e5b4cc6ffc6292249e52634ba66913b2ba45888519205665021346410783187b28d7c0d9bd711ce8bb11a1cf7a8eec876e3e87586a2458c8005805368cf754fb602483ff2947c18d66b74d3ffcfda89029e1bfa05727dd40713878d45119ab4e7772044d8d0b8f54e703276b598a4f917e18bffda786ecad402ff4e0ecb67c01a43ec6f91a4150c8dba4d531fb4ef952925545fb63556171f3c7a2dfd5de11730565712013520a2938dbdd83751e5b6405bee5edea9c84a3a1a719ca2972ff5312ef965fab3ae49a51168e62e96ec5b967e05ba1cded294203ca0d93210169f2fce8b25c54d064cc12451cccbdf4726f112861c7eb96c4ebb905428727319c1a512e71693f080c0a4d0ea228501b3c484086ca925897241620ccba56c2146da2cebc154b9d324f541849ce08dbe89e2586ff03f0ee63a3cc94ab6ee2b2bca5af9165b7f47b18f098fd4b96b00a42e6ec090ce5a353bd364533037f70c8137db910c9631b490b460306865911db51dd2c8e06a0a38bcd3adaa3aa11fa087e6921a4d93d2d6b197766c3ca4b9478a6fd85dbb9a1e47c38f19b2b8d2b1c16c1ed54f597845d23d5cb4990edbf8fce79d538dddfafcf40cd5211aa42f1698beddc85c9e152a0ae21f554df0437d6b1131fcba58e96176cb52d1c915fe6e5ff986c4106b031d9639046162c710c9559151a74abd8d03fd8322b5f8c6a24536026b951d5a64699b8b45169a925b725833261c1f4eab14d61df95846626ff143d096227663df8a4d372a5e1e8e23fcf8a58b63458954e2041dc89b5765c95779510a5b385486f47c5359b4999610279c509f20fb8706153abf9bcb4603645aa61cc25cc90d57ce205e5e1c4a7964f15e9ebc637fea94e8c3b9f7058165cd760a4e3dcf6045ee05e2498b5f5fc45699c88e4f5c7503c319751b3d177bed900c89bdda25dba5fb8cb3c4db6684278bd1819bf621746b537db7501163c8219c2009979b85cbad22d3cdad0123924c1be5af3db7f5aae79df0a379acf3574d3e5249d3d14c3fa7c87a058bd8e08b17681e234e8eb0ea64cbb953ec50239edcf40e2737a881fda2cf8f391e26b543b69fd9971bb8acf10cb9431264d57f310c2efd098728574b19b3a6c884679e6aae489d882f2b2da17c1dfc691fcc4b9abf68550d0e45ba31d1af1a2f0b698abfa8319536c178fb6dbe7105aee8a21545edbe829ab5114432e29e9906bb7f409c3026e95b59e0466536b67c5792a0c029151fd113a578e94f413e4dbbe7af398a1d455a349331963f5185fcec1c8654aa15b281c592e94972d0820acb0425cdec345891b0b72c9ab6aa0030c886292e96bb1e9853b877872e0b9c080e6cb142cb2db3b9d6276a646536b85a8fa05aab5d346cbb6c95cfd2433dba74a13aef1930fb0686dcb8ac2f08dac5103e95a58a985dc92a8b4224de0963aa9ef7b0a1ea3279d4f1f5c58b355ff89fc49b0e40405a73cc389875e3154a0737c42531b9226f748a9a0e3b84e3af357a2a711a5531b4681da8960ff43b98a49ab4366d812e13ab88bde75eb68f78bfd4ac9e51c0625062ee6797a2569556d2270d90f3ff3da7a05f17b6c1d13192def674b7ff13c6a30b2269baf27c57a945c003b482f0be4f4c1217769f08be72a323426b8383069e5474bfab3fee69eac546015045d11febba3c4ed264b2e4d179e6bdca66d06bd1508efead7213f6a70d78208e26a373a8fbad7c36101bf671c2f360c2067132a898a4bd0813f7cbaa543c9aa31bffb96fb4cd344abcf145d506572f90df516b06c0078f44b7dd87d4036778d41afb29b1232f4ac58163994a5ce161ef0913690bce9ade89914a57e382cb6c719c32d38d75587c75506a8efde8f7da3dd2251070aec6d36de088c48a78b080b649fae1481c8741f725bfdea0635deda187911f0b08bab0f58fe0b432484e0ecbc4070318f03c8583504e48a110153a716673304ad69d699fde181d4a4685bef91e9e7d75eca9aa99e51f1dd3c7422a2381cd8b7db8a21f26bc5a3a8f21be524ed50d43aed0e9ab80233b5c275ccbf4e9f35a160daa3dd703e4a9e5c66f13ec784aa76d9cf739ea588db9782c5e8ad0b22ee7cc89c7ccc121aef96a37b010ae47713ffb50eef3d85039a9361c2f5128b72970a9cf213692c73306641658112234b5ad3d9f5f52b74770529432d4342ffffd4891e5cfbc82033c0891a4e765efcea04bdf97be887105f3f5b08d9cdc5b0ccc489007f931c5114522adcbb75c99142deb550b7735a38b1a0f909e4f88ee155bd4923e124612831b04c8424a02559d4271c398dff9b07680c540add10ce91c0b046276e528d4fa6766984fd9d43a6c2a89e2a5d470aba523c2c852c470f7d94e4f52e6939440b98d21b8c16d7c7897a4b0e1370675897ddd4cd2f964ce5ca40e385ea59c38814dd7b9922f4f695be8e83002b66cc1f398d5153bc3bde4cbec8c114a79bf61f4ddd4e463beed613f53a3ed36199bdf4360296d6b0e5af37c31ca78dd4fc4ad9f183fa394fc6230a16e89495b630b6f08f77918d7defc15db8905217e8e2e5dff2a5a67f9a1abf5c355a271f18d934bf2921f337a54984728f53fd3f3783b7b9085fcbea005c9369e977bb31a56d1aa7b81038af7b422e7ec796698f21613067a5b69a2e49405c85d08108485b66e5d0c94e7b54e2523acf15eb1ab7d9233bd8341c1d7a9c2793d7e864ede91d8ce619d2465f5648147b3120c913bf9916ca7de8c2ee74c4002452641d32f986f6ed48b65786cc21b1f5a1dff28c3bbe9f1b76b195e927e1a47729920ac12514ee121bbd29b1f5ba2448adbc25c197ad953d660d2b0f35f82487cdde98a0a86362269fbdafcf2b72b001785c0212f6aeebbba06ffbb63fc8dcdad41523f0d26ae39702dc2539ccbf0c7571a94c99f5606a1e373eca05fde47f1e98e263072be76c818b68de3d393582b7ba8f23c6ffab85a546da18b8a6a2b65468f99353b23e16c14ccc92f32dbcf56f1eeaae7b555d97b67f5af8767a050c5451ba226a4375168cb4eeaadfdd4b8c834c75a51a26a5472f060499c7959368a137a91a991423b1aa4c376377164459fd44a4bcedfe58b099372e34613c01bdde0c83ff8e74670c61033f89bbf859cc9f15a8215666eabb68158a76a40af0d1e74f85f71ec5c9be3a12debdf9e3f5027318fa4240e883676b51c2238346f34777ff7054b3fbe4f49ff7c8395784524f340552b39ddf11aca622389fbb5b324a779af2971026671644538e44c8e5c615b29514f8a9db3c3e6babd057ce6cb1a5a234002c5cb56c3c7957b4902dc229b2bbcd51b377beb7dd8bcf68a72479181b96ace4bdf738995989db5970ef798c51ee2785a11128be88e0b2c0c6dc32e3d00f76077f343196149845e6fc75f469d66a0ce20c3a53365af68f5a851a79f7fae8c8a6acc4230fda06583807c17cef17eb209ba659d097eb7aa29bf35d8772e7c1f4b55d18623bab98515766d3ec7e302ca5a2fd7ebfe5a77406b9c9b7f538b6426fa6b069a1ddc08c315405cb966d2b90fd2a90aee7e8f5966e3eec38861b88da6b7de82b6e7579814da81179cb5b6e7898c884145d02af6288baa6be1b9486a1a81295bd24d5fef56c89cf6bed1d37fc478d8ed2ceb5828cf5f9676caa9a4d3f54afe61dbeb94e5a18d5925d78810a535e59c1b40a4a99a28672c3c625e6b1709a66025beb10ee7d396f37d297292983f2bef7b4a62444f9e9d70fa0b8466735f34b76738c0c458bccd80a938b4f5951a8c29174a49ba44bd71fecea6a63886f4c6ff92811cfb7e65f6d97ce5ffcafb567ec7d9c6fb8a520e060f0ae74333380d4c3ef5887e7592847459f210a7cd206aca330a26609f21af349ddd0e8f8c291e6c80d40e3c6625c52b189a6f381cc02c814b0e71ef90cd690cb2b9b6eff0e534a17c3a4d2a99341cdd1b6027cd008dd8f186bd6841f1eb0bf72194d8b89397b0c8857087b5973a2a212769f07d823ac49c968fca7d04e147fe32dda5cbef487723eac44ac7cefa55bb3e35b51ad0d562996f0dea12624a01c3c68e940b00909c3b31dbda8feea916abfda5828751ac6d34e03e17d87c710b5d92a8304e190b47689cf2e1bbc78a8882e9ff576ce08fc5afc77ed1f92054997e4e95b93955f0562d1c1adeee56fcdfd077fa594bc36c8e6e0acb7ecf1ce76fdd72f344a86d99ad064ad255244165d9d4b46efda675bac0a65a2ae22a97ff2789e44eeaec35d1e08d823c8a0ba31a62df200913a3b711a8fb41", 0xefe}], 0x3}], 0x1, 0x40)
recvmsg(r3, &(0x7f0000007140)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000002a00)=""/4096, 0x1000}], 0x1}, 0x40000102)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
getsockname$l2tp6(r4, &(0x7f0000000040), &(0x7f0000000080)=0x20)
open(&(0x7f00000001c0)='./file0\x00', 0x2600, 0x20)
mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x80)
[ 84.323821][ T5304] Bluetooth: hci0: command tx timeout
[ 84.518395][ T5326] loop0: detected capacity change from 0 to 1024
[ 84.569438][ T5326] EXT4-fs (loop0): inodes count not valid: 8 vs 32
[ 84.697662][ T5326] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 84.856654][ T5326] ==================================================================
[ 84.885125][ T5326] BUG: KASAN: slab-out-of-bounds in af_alg_pull_tsgl+0x1c6/0x740
[ 84.900416][ T5326] Read of size 8 at addr ffff888035745fe0 by task syz.0.0/5326
[ 84.904367][ T5326]
[ 84.905540][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 84.905564][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 84.905573][ T5326] Call Trace:
[ 84.905584][ T5326]
[ 84.905591][ T5326] dump_stack_lvl+0xe8/0x150
[ 84.905616][ T5326] print_report+0xba/0x230
[ 84.905632][ T5326] ? af_alg_pull_tsgl+0x1c6/0x740
[ 84.905648][ T5326] kasan_report+0x117/0x150
[ 84.905666][ T5326] ? af_alg_pull_tsgl+0x1c6/0x740
[ 84.905684][ T5326] af_alg_pull_tsgl+0x1c6/0x740
[ 84.905704][ T5326] skcipher_recvmsg+0x5df/0x1140
[ 84.905720][ T5326] ? __pfx_skcipher_recvmsg+0x10/0x10
[ 84.905731][ T5326] ? aa_sock_msg_perm+0xf1/0x1b0
[ 84.905748][ T5326] ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 84.905762][ T5326] ? security_socket_recvmsg+0x7e/0x2c0
[ 84.905777][ T5326] ? __pfx_skcipher_recvmsg+0x10/0x10
[ 84.905787][ T5326] sock_recvmsg+0x172/0x1b0
[ 84.905867][ T5326] ____sys_recvmsg+0x1e6/0x4a0
[ 84.905886][ T5326] ? __pfx_____sys_recvmsg+0x10/0x10
[ 84.905903][ T5326] ? import_iovec+0x73/0xa0
[ 84.905917][ T5326] ___sys_recvmsg+0x215/0x590
[ 84.905933][ T5326] ? __pfx____sys_recvmsg+0x10/0x10
[ 84.905951][ T5326] ? __fget_files+0x3a0/0x420
[ 84.905969][ T5326] __x64_sys_recvmsg+0x1ba/0x2a0
[ 84.905996][ T5326] ? __pfx___x64_sys_recvmsg+0x10/0x10
[ 84.906014][ T5326] ? rcu_is_watching+0x15/0xb0
[ 84.906039][ T5326] do_syscall_64+0x14d/0xf80
[ 84.906069][ T5326] ? trace_irq_disable+0x3b/0x150
[ 84.906084][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.906099][ T5326] ? clear_bhb_loop+0x40/0x90
[ 84.906115][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.906127][ T5326] RIP: 0033:0x7f9e8af9c819
[ 84.906143][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 84.906156][ T5326] RSP: 002b:00007f9e8beb6fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 84.906172][ T5326] RAX: ffffffffffffffda RBX: 00007f9e8b215fa0 RCX: 00007f9e8af9c819
[ 84.906183][ T5326] RDX: 0000000040000102 RSI: 0000200000007140 RDI: 0000000000000005
[ 84.906194][ T5326] RBP: 00007f9e8b032c91 R08: 0000000000000000 R09: 0000000000000000
[ 84.906202][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 84.906210][ T5326] R13: 00007f9e8b216038 R14: 00007f9e8b215fa0 R15: 00007ffc99d03f98
[ 84.906223][ T5326]
[ 84.906228][ T5326]
[ 85.199143][ T5326] Allocated by task 5326:
[ 85.223860][ T5326] kasan_save_track+0x3e/0x80
[ 85.226589][ T5326] __kasan_kmalloc+0x93/0xb0
[ 85.228904][ T5326] __kmalloc_noprof+0x35c/0x760
[ 85.231351][ T5326] sock_kmalloc+0xd6/0x160
[ 85.233311][ T5326] skcipher_recvmsg+0x54d/0x1140
[ 85.235469][ T5326] sock_recvmsg+0x172/0x1b0
[ 85.239302][ T5326] ____sys_recvmsg+0x1e6/0x4a0
[ 85.242440][ T5326] ___sys_recvmsg+0x215/0x590
[ 85.244618][ T5326] __x64_sys_recvmsg+0x1ba/0x2a0
[ 85.246699][ T5326] do_syscall_64+0x14d/0xf80
[ 85.248692][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.265159][ T5326]
[ 85.266222][ T5326] The buggy address belongs to the object at ffff888035745fc0
[ 85.266222][ T5326] which belongs to the cache kmalloc-32 of size 32
[ 85.288768][ T5326] The buggy address is located 0 bytes to the right of
[ 85.288768][ T5326] allocated 32-byte region [ffff888035745fc0, ffff888035745fe0)
[ 85.295762][ T5326]
[ 85.296913][ T5326] The buggy address belongs to the physical page:
[ 85.312340][ T5326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x35745
[ 85.316246][ T5326] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 85.357472][ T5326] page_type: f5(slab)
[ 85.359961][ T5326] raw: 04fff00000000000 ffff88801ac41780 dead000000000100 dead000000000122
[ 85.364562][ T5326] raw: 0000000000000000 0000000800400040 00000000f5000000 0000000000000000
[ 85.370057][ T5326] page dumped because: kasan: bad access detected
[ 85.376858][ T5326] page_owner tracks the page as allocated
[ 85.394155][ T5326] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 899, tgid 899 (kworker/u4:3), ts 16265105009, free_ts 16264683267
[ 85.405398][ T5326] post_alloc_hook+0x231/0x280
[ 85.408957][ T5326] get_page_from_freelist+0x24dc/0x2580
[ 85.412632][ T5326] __alloc_frozen_pages_noprof+0x18d/0x380
[ 85.415707][ T5326] allocate_slab+0x77/0x660
[ 85.417796][ T5326] refill_objects+0x331/0x3c0
[ 85.420082][ T5326] __pcs_replace_empty_main+0x2e6/0x730
[ 85.423076][ T5326] __kmalloc_cache_noprof+0x392/0x660
[ 85.426184][ T5326] kmem_cache_free+0x15b/0x630
[ 85.428794][ T5326] release_task+0xfeb/0x16f0
[ 85.432178][ T5326] do_exit+0x1674/0x23c0
[ 85.434723][ T5326] call_usermodehelper_exec_async+0x357/0x360
[ 85.443936][ T5326] ret_from_fork+0x51e/0xb90
[ 85.451215][ T5326] ret_from_fork_asm+0x1a/0x30
[ 85.454621][ T5326] page last free pid 37 tgid 37 stack trace:
[ 85.458517][ T5326] __free_frozen_pages+0xc2b/0xdb0
[ 85.461383][ T5326] __kasan_populate_vmalloc+0x1b2/0x1d0
[ 85.463911][ T5326] alloc_vmap_area+0xd73/0x14b0
[ 85.484495][ T5326] __get_vm_area_node+0x1f8/0x300
[ 85.486897][ T5326] __vmalloc_node_range_noprof+0x372/0x1730
[ 85.489763][ T5326] __vmalloc_node_noprof+0xc2/0x100
[ 85.492761][ T5326] dup_task_struct+0x275/0x9a0
[ 85.495122][ T5326] copy_process+0x508/0x3cd0
[ 85.497574][ T5326] kernel_clone+0x248/0x8e0
[ 85.516443][ T5326] user_mode_thread+0x110/0x180
[ 85.519037][ T5326] call_usermodehelper_exec_work+0x5c/0x230
[ 85.522000][ T5326] process_scheduled_works+0xb6e/0x18c0
[ 85.524928][ T5326] worker_thread+0xa53/0xfc0
[ 85.527067][ T5326] kthread+0x388/0x470
[ 85.528945][ T5326] ret_from_fork+0x51e/0xb90
[ 85.530972][ T5326] ret_from_fork_asm+0x1a/0x30
[ 85.532981][ T5326]
[ 85.533990][ T5326] Memory state around the buggy address:
[ 85.536157][ T5326] ffff888035745e80: 00 00 07 fc fc fc fc fc 00 00 00 00 fc fc fc fc
[ 85.539094][ T5326] ffff888035745f00: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc
[ 85.552804][ T5326] >ffff888035745f80: 00 00 00 fc fc fc fc fc 00 00 00 00 fc fc fc fc
[ 85.556161][ T5326] ^
[ 85.559516][ T5326] ffff888035746000: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc 00 00
[ 85.581236][ T5326] ffff888035746080: 00 00 00 00 00 00 00 00 fc fc fc fc 00 00 00 00
[ 85.584878][ T5326] ==================================================================
[ 86.101827][ T5326] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 86.106431][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.113044][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 86.119377][ T5326] Call Trace:
[ 86.121875][ T5326]
[ 86.124063][ T5326] vpanic+0x56c/0xa60
[ 86.126436][ T5326] ? __pfx_vpanic+0x10/0x10
[ 86.129296][ T5326] ? __pfx___schedule+0x10/0x10
[ 86.132850][ T5326] panic+0xc5/0xd0
[ 86.135378][ T5326] ? __pfx_panic+0x10/0x10
[ 86.138224][ T5326] ? preempt_schedule_common+0x82/0xd0
[ 86.141878][ T5326] ? af_alg_pull_tsgl+0x1c6/0x740
[ 86.145554][ T5326] check_panic_on_warn+0x89/0xb0
[ 86.149353][ T5326] ? af_alg_pull_tsgl+0x1c6/0x740
[ 86.155163][ T5326] end_report+0x73/0x180
[ 86.158243][ T5326] ? af_alg_pull_tsgl+0x1c6/0x740
[ 86.162604][ T5326] kasan_report+0x128/0x150
[ 86.167547][ T5326] ? af_alg_pull_tsgl+0x1c6/0x740
[ 86.172125][ T5326] af_alg_pull_tsgl+0x1c6/0x740
[ 86.175732][ T5326] skcipher_recvmsg+0x5df/0x1140
[ 86.178960][ T5326] ? __pfx_skcipher_recvmsg+0x10/0x10
[ 86.182372][ T5326] ? aa_sock_msg_perm+0xf1/0x1b0
[ 86.186176][ T5326] ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 86.191523][ T5326] ? security_socket_recvmsg+0x7e/0x2c0
[ 86.196589][ T5326] ? __pfx_skcipher_recvmsg+0x10/0x10
[ 86.200472][ T5326] sock_recvmsg+0x172/0x1b0
[ 86.203502][ T5326] ____sys_recvmsg+0x1e6/0x4a0
[ 86.206511][ T5326] ? __pfx_____sys_recvmsg+0x10/0x10
[ 86.210692][ T5326] ? import_iovec+0x73/0xa0
[ 86.212994][ T5326] ___sys_recvmsg+0x215/0x590
[ 86.215051][ T5326] ? __pfx____sys_recvmsg+0x10/0x10
[ 86.217269][ T5326] ? __fget_files+0x3a0/0x420
[ 86.219319][ T5326] __x64_sys_recvmsg+0x1ba/0x2a0
[ 86.222914][ T5326] ? __pfx___x64_sys_recvmsg+0x10/0x10
[ 86.226736][ T5326] ? rcu_is_watching+0x15/0xb0
[ 86.229702][ T5326] do_syscall_64+0x14d/0xf80
[ 86.232898][ T5326] ? trace_irq_disable+0x3b/0x150
[ 86.237111][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.241341][ T5326] ? clear_bhb_loop+0x40/0x90
[ 86.244543][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.247842][ T5326] RIP: 0033:0x7f9e8af9c819
[ 86.250060][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 86.266124][ T5326] RSP: 002b:00007f9e8beb6fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 86.274775][ T5326] RAX: ffffffffffffffda RBX: 00007f9e8b215fa0 RCX: 00007f9e8af9c819
[ 86.282348][ T5326] RDX: 0000000040000102 RSI: 0000200000007140 RDI: 0000000000000005
[ 86.289301][ T5326] RBP: 00007f9e8b032c91 R08: 0000000000000000 R09: 0000000000000000
[ 86.296228][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 86.302693][ T5326] R13: 00007f9e8b216038 R14: 00007f9e8b215fa0 R15: 00007ffc99d03f98
[ 86.308784][ T5326]
[ 86.312016][ T5326] Kernel Offset: disabled
[ 86.316829][ T5326] Rebooting in 86400 seconds..