Warning: Permanently added '10.128.0.54' (ED25519) to the list of known hosts.
[ 31.845236][ T24] audit: type=1400 audit(1730027800.940:66): avc: denied { execmem } for pid=292 comm="syz-executor697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 31.847578][ T292] cgroup: Unknown subsys name 'net'
[ 31.848500][ T24] audit: type=1400 audit(1730027800.950:67): avc: denied { mounton } for pid=292 comm="syz-executor697" path="/syzcgroup/unified" dev="sda1" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 31.852448][ T24] audit: type=1400 audit(1730027800.950:68): avc: denied { mount } for pid=292 comm="syz-executor697" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 31.852610][ T292] cgroup: Unknown subsys name 'devices'
[ 31.856016][ T24] audit: type=1400 audit(1730027800.950:69): avc: denied { unmount } for pid=292 comm="syz-executor697" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 32.007241][ T292] cgroup: Unknown subsys name 'hugetlb'
[ 32.012628][ T292] cgroup: Unknown subsys name 'rlimit'
[ 32.107758][ T24] audit: type=1400 audit(1730027801.210:70): avc: denied { mounton } for pid=292 comm="syz-executor697" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 32.132312][ T293] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 32.132561][ T24] audit: type=1400 audit(1730027801.210:71): avc: denied { mount } for pid=292 comm="syz-executor697" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 32.164124][ T24] audit: type=1400 audit(1730027801.210:72): avc: denied { setattr } for pid=292 comm="syz-executor697" name="raw-gadget" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[ 32.187299][ T24] audit: type=1400 audit(1730027801.250:73): avc: denied { relabelto } for pid=293 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 32.212439][ T24] audit: type=1400 audit(1730027801.250:74): avc: denied { write } for pid=293 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 32.237812][ T24] audit: type=1400 audit(1730027801.320:75): avc: denied { read } for pid=292 comm="syz-executor697" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 32.238107][ T292] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 32.350137][ T303] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.357025][ T303] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.364242][ T303] device bridge_slave_0 entered promiscuous mode
[ 32.371971][ T303] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.378950][ T303] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.386175][ T303] device bridge_slave_1 entered promiscuous mode
[ 32.418627][ T299] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.425607][ T299] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.432672][ T299] device bridge_slave_0 entered promiscuous mode
[ 32.441212][ T299] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.448142][ T299] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.455351][ T299] device bridge_slave_1 entered promiscuous mode
[ 32.469163][ T302] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.476048][ T302] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.483185][ T302] device bridge_slave_0 entered promiscuous mode
[ 32.490786][ T302] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.497660][ T302] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.504744][ T302] device bridge_slave_1 entered promiscuous mode
[ 32.549493][ T300] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.556414][ T300] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.563511][ T300] device bridge_slave_0 entered promiscuous mode
[ 32.573342][ T300] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.580289][ T300] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.587386][ T300] device bridge_slave_1 entered promiscuous mode
[ 32.624150][ T301] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.631026][ T301] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.638337][ T301] device bridge_slave_0 entered promiscuous mode
[ 32.645005][ T301] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.651954][ T301] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.659047][ T301] device bridge_slave_1 entered promiscuous mode
[ 32.750929][ T302] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.757790][ T302] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 32.764862][ T302] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.771684][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 32.783477][ T303] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.790344][ T303] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 32.797407][ T303] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.804284][ T303] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 32.830447][ T299] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.837319][ T299] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 32.844360][ T299] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.851204][ T299] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 32.863540][ T300] bridge0: port 2(bridge_slave_1) entered blocking state
[ 32.870389][ T300] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 32.877569][ T300] bridge0: port 1(bridge_slave_0) entered blocking state
[ 32.884343][ T300] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 32.920386][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.928046][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.934941][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 32.942427][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.949509][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.956473][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.963380][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 32.970500][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 32.977631][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 33.000029][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 33.008295][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 33.016408][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 33.023230][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 33.030806][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 33.039286][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 33.046130][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 33.053253][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 33.061144][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 33.067973][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 33.075135][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 33.083184][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 33.090037][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 33.097292][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 33.104992][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 33.136310][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 33.143863][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 33.152483][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 33.160229][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 33.167476][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 33.174608][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 33.182675][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 33.189520][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 33.196726][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 33.204700][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 33.211542][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 33.218677][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 33.226581][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 33.233395][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 33.240591][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 33.248742][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 33.255578][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 33.272726][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 33.280470][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 33.289262][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 33.301281][ T299] device veth0_vlan entered promiscuous mode
[ 33.312595][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 33.320495][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 33.327750][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 33.347195][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 33.355496][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 33.363165][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 33.371058][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 33.379464][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 33.386313][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 33.393453][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 33.401497][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 33.408441][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 33.415993][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 33.424860][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 33.432957][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 33.449689][ T299] device veth1_macvtap entered promiscuous mode
[ 33.456588][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 33.464025][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 33.472087][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 33.480030][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 33.487925][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 33.495681][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 33.503699][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 33.518102][ T303] device veth0_vlan entered promiscuous mode
[ 33.529758][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 33.537972][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 33.546707][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 33.554288][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 33.562099][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 33.570080][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 33.577898][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 33.586114][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 33.594081][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 33.602062][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 33.611315][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 33.618705][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 33.625938][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 33.633119][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 33.641311][ T302] device veth0_vlan entered promiscuous mode
[ 33.653195][ T300] device veth0_vlan entered promiscuous mode
[ 33.663183][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 33.671462][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 33.679803][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 33.688257][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 33.696626][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 33.704190][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 33.712008][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 33.719838][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 33.727736][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 33.734910][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 33.742215][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 33.749808][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 33.762199][ T301] device veth0_vlan entered promiscuous mode
[ 33.770743][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 33.778738][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 33.791631][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 33.800093][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 33.810621][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 33.818878][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 33.827263][ T303] device veth1_macvtap entered promiscuous mode
[ 33.835758][ T302] device veth1_macvtap entered promiscuous mode
[ 33.843285][ T299] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
executing program
[ 33.846670][ T301] device veth1_macvtap entered promiscuous mode
[ 33.861777][ T300] device veth1_macvtap entered promiscuous mode
[ 33.869223][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 33.876832][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 33.880712][ T324] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 33.884281][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 33.897685][ T324] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 33.907871][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 33.917386][ T324] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[ 33.922566][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 33.929960][ T324] System zones: 1-12
[ 33.938131][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 33.949587][ T324] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2806: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 33.949829][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 33.962515][ T324] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.971089][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 33.975707][ T324] EXT4-fs (loop0): mounted filesystem without journal. Opts: nogrpid,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,,errors=continue
[ 34.009145][ T324] ==================================================================
[ 34.017031][ T324] BUG: KASAN: slab-out-of-bounds in ext4_search_dir+0xf7/0x1b0
[ 34.024389][ T324] Read of size 1 at addr ffff888110100900 by task syz-executor697/324
[ 34.032368][ T324]
[ 34.034544][ T324] CPU: 0 PID: 324 Comm: syz-executor697 Not tainted 5.10.226-syzkaller #0
[ 34.042883][ T324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 34.052770][ T324] Call Trace:
[ 34.055903][ T324] dump_stack_lvl+0x1e2/0x24b
[ 34.060408][ T324] ? bfq_pos_tree_add_move+0x43b/0x43b
[ 34.065700][ T324] ? panic+0x812/0x812
[ 34.069607][ T324] print_address_description+0x81/0x3b0
[ 34.074985][ T324] kasan_report+0x179/0x1c0
[ 34.079323][ T324] ? ext4_search_dir+0xf7/0x1b0
[ 34.084007][ T324] ? ext4_search_dir+0xf7/0x1b0
[ 34.088696][ T324] __asan_report_load1_noabort+0x14/0x20
[ 34.094159][ T324] ext4_search_dir+0xf7/0x1b0
[ 34.098676][ T324] ext4_find_inline_entry+0x4b6/0x5e0
[ 34.103882][ T324] ? __kasan_check_write+0x14/0x20
[ 34.108833][ T324] ? ext4_try_create_inline_dir+0x320/0x320
[ 34.114553][ T324] ? stack_trace_save+0x113/0x1c0
[ 34.119421][ T324] __ext4_find_entry+0x2b0/0x1990
[ 34.124364][ T324] ? __kasan_slab_alloc+0xc3/0xe0
[ 34.129220][ T324] ? __kasan_slab_alloc+0xb1/0xe0
[ 34.134081][ T324] ? __d_alloc+0x2d/0x6c0
[ 34.138246][ T324] ? d_alloc+0x4b/0x1d0
[ 34.142238][ T324] ? __lookup_hash+0xe7/0x290
[ 34.146749][ T324] ? do_syscall_64+0x34/0x70
[ 34.151178][ T324] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 34.157080][ T324] ? ext4_ci_compare+0x660/0x660
[ 34.161855][ T324] ? generic_set_encrypted_ci_d_ops+0x91/0xf0
[ 34.167752][ T324] ext4_lookup+0x3c6/0xaa0
[ 34.172009][ T324] ? ext4_add_entry+0x1280/0x1280
[ 34.176867][ T324] ? __kasan_check_write+0x14/0x20
[ 34.181811][ T324] ? _raw_spin_lock+0xa4/0x1b0
[ 34.186411][ T324] ? __d_alloc+0x4dd/0x6c0
[ 34.190663][ T324] ? _raw_spin_unlock+0x4d/0x70
[ 34.195346][ T324] ? d_alloc+0x199/0x1d0
[ 34.199428][ T324] __lookup_hash+0x143/0x290
[ 34.203852][ T324] filename_create+0x202/0x750
[ 34.208455][ T324] ? __check_object_size+0x2e6/0x3c0
[ 34.213572][ T324] ? kern_path_create+0x40/0x40
[ 34.218258][ T324] do_mknodat+0x187/0x450
[ 34.222423][ T324] ? may_open+0x3f0/0x3f0
[ 34.226694][ T324] ? debug_smp_processor_id+0x17/0x20
[ 34.231903][ T324] __x64_sys_mknod+0x80/0x90
[ 34.236410][ T324] do_syscall_64+0x34/0x70
[ 34.240666][ T324] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 34.246392][ T324] RIP: 0033:0x7f3c0185cf99
[ 34.250647][ T324] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 34.270082][ T324] RSP: 002b:00007ffdd7be8628 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 34.278328][ T324] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f3c0185cf99
[ 34.286221][ T324] RDX: 0000000000000701 RSI: 0000000000000000 RDI: 0000000020000000
[ 34.294033][ T324] RBP: 00007f3c018d3488 R08: 0000000000001501 R09: 0000000000000000
[ 34.301852][ T324] R10: 0000000000001505 R11: 0000000000000246 R12: 00007ffdd7be86b0
[ 34.309654][ T324] R13: 00007ffdd7be8670 R14: 0000000000000003 R15: 0000000000000000
[ 34.317461][ T324]
[ 34.319654][ T324] Allocated by task 0:
[ 34.323532][ T324] (stack is not available)
[ 34.327783][ T324]
[ 34.329955][ T324] Freed by task 24:
[ 34.333605][ T324] kasan_set_track+0x4b/0x70
[ 34.338030][ T324] kasan_set_free_info+0x23/0x40
[ 34.342804][ T324] ____kasan_slab_free+0x121/0x160
[ 34.347751][ T324] __kasan_slab_free+0x11/0x20
[ 34.352349][ T324] slab_free_freelist_hook+0xc0/0x190
[ 34.357555][ T324] kfree+0xc3/0x270
[ 34.361205][ T324] skb_release_data+0x5c6/0x6f0
[ 34.365889][ T324] kfree_skb+0xb9/0x320
[ 34.369882][ T324] kauditd_hold_skb+0x115/0x200
[ 34.374566][ T324] kauditd_send_queue+0x28d/0x2e0
[ 34.379428][ T324] kauditd_thread+0x523/0x890
[ 34.383937][ T324] kthread+0x34b/0x3d0
[ 34.387845][ T324] ret_from_fork+0x1f/0x30
[ 34.392090][ T324]
[ 34.394263][ T324] The buggy address belongs to the object at ffff888110100000
[ 34.394263][ T324] which belongs to the cache kmalloc-2k of size 2048
[ 34.408149][ T324] The buggy address is located 256 bytes to the right of
[ 34.408149][ T324] 2048-byte region [ffff888110100000, ffff888110100800)
[ 34.421860][ T324] The buggy address belongs to the page:
[ 34.427340][ T324] page:ffffea0004404000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x110100
[ 34.437606][ T324] head:ffffea0004404000 order:3 compound_mapcount:0 compound_pincount:0
[ 34.445766][ T324] flags: 0x4000000000010200(slab|head)
[ 34.451054][ T324] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042d80
[ 34.459478][ T324] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
[ 34.467882][ T324] page dumped because: kasan: bad access detected
[ 34.474136][ T324] page_owner tracks the page as allocated
[ 34.479696][ T324] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 299, ts 33857556654, free_ts 33834060065
[ 34.499913][ T324] prep_new_page+0x166/0x180
[ 34.504339][ T324] get_page_from_freelist+0x2d8c/0x2f30
[ 34.509732][ T324] __alloc_pages_nodemask+0x435/0xaf0
[ 34.514921][ T324] new_slab+0x80/0x400
[ 34.518823][ T324] ___slab_alloc+0x302/0x4b0
[ 34.523247][ T324] __slab_alloc+0x63/0xa0
[ 34.527413][ T324] __kmalloc+0x204/0x330
[ 34.531494][ T324] kvmalloc_node+0x82/0x130
[ 34.535837][ T324] xt_alloc_table_info+0x42/0xb0
[ 34.540609][ T324] ip6t_register_table+0xbe/0x4a0
[ 34.545464][ T324] ip6table_mangle_table_init+0x7b/0xa0
[ 34.550861][ T324] xt_find_table_lock+0x24a/0x3e0
[ 34.555725][ T324] xt_request_find_table_lock+0x27/0xf0
[ 34.561088][ T324] do_ip6t_get_ctl+0x86c/0x1890
[ 34.565777][ T324] nf_getsockopt+0x26c/0x290
[ 34.570199][ T324] ipv6_getsockopt+0x1dc1/0x3010
[ 34.574969][ T324] page last free stack trace:
[ 34.579487][ T324] __free_pages_ok+0x82c/0x850
[ 34.584088][ T324] free_the_page+0x76/0x370
[ 34.588426][ T324] __free_pages+0x67/0xc0
[ 34.592587][ T324] __free_slab+0xcf/0x190
[ 34.596751][ T324] unfreeze_partials+0x15e/0x190
[ 34.601528][ T324] put_cpu_partial+0xbf/0x180
[ 34.606045][ T324] __slab_free+0x2c8/0x3a0
[ 34.610294][ T324] ___cache_free+0x111/0x130
[ 34.614716][ T324] qlink_free+0x50/0x90
[ 34.618707][ T324] qlist_free_all+0x47/0xb0
[ 34.623045][ T324] kasan_quarantine_reduce+0x15a/0x170
[ 34.628340][ T324] __kasan_slab_alloc+0x2f/0xe0
[ 34.633027][ T324] slab_post_alloc_hook+0x61/0x2f0
[ 34.637974][ T324] kmem_cache_alloc_trace+0x163/0x2e0
[ 34.643181][ T324] ____ip_mc_inc_group+0x1fb/0x890
[ 34.648149][ T324] ip_mc_up+0x10f/0x1e0
[ 34.652110][ T324]
[ 34.654280][ T324] Memory state around the buggy address:
[ 34.659757][ T324] ffff888110100800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 34.667650][ T324] ffff888110100880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 34.675549][ T324] >ffff888110100900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 34.683445][ T324] ^
[ 34.687352][ T324] ffff888110100980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 34.695248][ T324] ffff888110100a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 34.703140][ T324] ==================================================================
[ 34.711034][ T324] Disabling lock debugging due to kernel taint
[ 34.719561][ T324] EXT4-fs error (device loop0): ext4_find_dest_de:2077: inode #12: block 7: comm syz-executor697: bad entry in directory: directory entry overrun - offset=0, inode=1793120026, rec_len=34652, size=56 fake=0
[ 34.733441][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 34.750740][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 34.758971][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 34.767235][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 34.775336][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 34.775781][ T299] EXT4-fs error (device loop0): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 34.784067][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 34.796800][ T299] EXT4-fs error (device loop0): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
executing program
[ 34.834369][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 34.842801][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 34.851142][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 34.862560][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 34.871339][ T332] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 34.873181][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 34.884324][ T332] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[ 34.889556][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 34.896818][ T332] System zones: 1-12
[ 34.904679][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 34.916222][ T332] EXT4-fs (loop2): 1 truncate cleaned up
[ 34.916418][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[ 34.921668][ T332] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,,errors=continue
[ 34.964825][ T332] EXT4-fs error (device loop2): ext4_find_dest_de:2077: inode #12: block 7: comm syz-executor697: bad entry in directory: directory entry overrun - offset=0, inode=1793120026, rec_len=34652, size=56 fake=0
executing program
executing program
[ 34.992813][ T302] EXT4-fs error (device loop2): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.020305][ T302] EXT4-fs error (device loop2): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.036850][ T339] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 35.049121][ T339] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[ 35.057180][ T339] System zones: 1-12
[ 35.061836][ T339] EXT4-fs (loop3): 1 truncate cleaned up
[ 35.067403][ T339] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,,errors=continue
[ 35.085179][ T343] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 35.096257][ T343] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[ 35.103981][ T343] System zones: 1-12
[ 35.108640][ T343] EXT4-fs (loop1): 1 truncate cleaned up
[ 35.114071][ T343] EXT4-fs (loop1): mounted filesystem without journal. Opts: nogrpid,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,,errors=continue
[ 35.142137][ T339] EXT4-fs error (device loop3): ext4_find_dest_de:2077: inode #12: block 7: comm syz-executor697: bad entry in directory: directory entry overrun - offset=0, inode=1793120026, rec_len=34652, size=56 fake=0
[ 35.162162][ T342] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 35.175384][ T343] EXT4-fs error (device loop1): ext4_find_dest_de:2077: inode #12: block 7: comm syz-executor697: bad entry in directory: directory entry overrun - offset=0, inode=1793120026, rec_len=34652, size=56 fake=0
[ 35.175815][ T342] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[ 35.206023][ T303] EXT4-fs error (device loop3): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.206236][ T342] System zones: 1-12
[ 35.219451][ T303] EXT4-fs error (device loop3): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.236916][ T342] EXT4-fs (loop4): 1 truncate cleaned up
[ 35.242369][ T342] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,,errors=continue
[ 35.259988][ T300] EXT4-fs error (device loop1): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.277504][ T300] EXT4-fs error (device loop1): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.291388][ T342] EXT4-fs error (device loop4): ext4_find_dest_de:2077: inode #12: block 7: comm syz-executor697: bad entry in directory: directory entry overrun - offset=0, inode=1793120026, rec_len=34652, size=56 fake=0
[ 35.321714][ T301] EXT4-fs error (device loop4): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.334966][ T301] EXT4-fs error (device loop4): ext4_lookup:1828: inode #11: comm syz-executor697: iget: bad extra_isize 62855 (inode size 256)
[ 35.546044][ T9] device bridge_slave_1 left promiscuous mode
[ 35.551950][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 35.559302][ T9] device bridge_slave_0 left promiscuous mode
[ 35.565214][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 35.572995][ T9] device veth1_macvtap left promiscuous mode
[ 35.578815][ T9] device veth0_vlan left promiscuous mode
[ 37.106150][ T9] device bridge_slave_1 left promiscuous mode
[ 37.112054][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 37.119352][ T9] device bridge_slave_0 left promiscuous mode
[ 37.125250][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 37.133118][ T9] device bridge_slave_1 left promiscuous mode
[ 37.139031][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 37.146349][ T9] device bridge_slave_0 left promiscuous mode
[ 37.152247][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 37.159821][ T9] device bridge_slave_1 left promiscuous mode
[ 37.165753][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 37.172844][ T9] device bridge_slave_0 left promiscuous mode
[ 37.178825][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 37.186495][ T9] device bridge_slave_1 left promiscuous mode
[ 37.192392][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 37.199788][ T9] device bridge_slave_0 left promiscuous mode
[ 37.205722][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 37.213702][ T9] device veth1_macvtap left promiscuous mode
[ 37.219543][ T9] device veth0_vlan left promiscuous mode
[ 37.225141][ T9] device veth1_macvtap left promiscuous mode
[ 37.230903][ T9] device veth0_vlan left promiscuous mode
[ 37.236531][ T9] device veth1_macvtap left promiscuous mode
[ 37.242220][ T9] device veth0_vlan left promiscuous mode
[ 37.248077][ T9] device veth1_macvtap left promiscuous mode
[ 37.253856][ T9] device veth0_vlan left promiscuous mode