Warning: Permanently added '10.128.1.138' (ECDSA) to the list of known hosts.
[   42.481470][   T23] audit: type=1400 audit(1677115937.610:73): avc:  denied  { execmem } for  pid=365 comm="syz-executor115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   42.502823][   T23] audit: type=1400 audit(1677115937.630:74): avc:  denied  { setattr } for  pid=365 comm="syz-executor115" name="raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
executing program
[   42.527768][   T23] audit: type=1400 audit(1677115937.660:75): avc:  denied  { mounton } for  pid=366 comm="syz-executor115" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   42.551936][   T23] audit: type=1400 audit(1677115937.680:76): avc:  denied  { mount } for  pid=366 comm="syz-executor115" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   42.574539][   T23] audit: type=1400 audit(1677115937.680:77): avc:  denied  { mounton } for  pid=366 comm="syz-executor115" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   42.596363][   T23] audit: type=1400 audit(1677115937.700:78): avc:  denied  { mounton } for  pid=366 comm="syz-executor115" path="/dev/binderfs" dev="devtmpfs" ino=363 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   42.606761][  T366] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   42.619486][   T23] audit: type=1400 audit(1677115937.700:79): avc:  denied  { mount } for  pid=366 comm="syz-executor115" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   42.628379][  T366] ext4 filesystem being mounted at /root/syzkaller.6gkWXP/bus supports timestamps until 2038 (0x7fffffff)
[   42.651160][   T23] audit: type=1400 audit(1677115937.710:80): avc:  denied  { read write } for  pid=366 comm="syz-executor115" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   42.672484][  T366] ==================================================================
[   42.686605][   T23] audit: type=1400 audit(1677115937.710:81): avc:  denied  { open } for  pid=366 comm="syz-executor115" path="/dev/loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   42.694343][  T366] BUG: KASAN: use-after-free in crc16+0x235/0x2d0
[   42.718599][   T23] audit: type=1400 audit(1677115937.710:82): avc:  denied  { ioctl } for  pid=366 comm="syz-executor115" path="/dev/loop0" dev="devtmpfs" ino=115 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   42.724751][  T366] Read of size 1 at addr ffff88811d865000 by task syz-executor115/366
[   42.758356][  T366] 
[   42.760683][  T366] CPU: 1 PID: 366 Comm: syz-executor115 Not tainted 5.10.161-syzkaller-00019-g416c4356f372 #0
[   42.770892][  T366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   42.781020][  T366] Call Trace:
[   42.784301][  T366]  dump_stack_lvl+0x1e2/0x24b
[   42.788969][  T366]  ? printk+0xcf/0x10f
[   42.793016][  T366]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   42.798450][  T366]  ? wake_up_klogd+0xb8/0xf0
[   42.803018][  T366]  ? panic+0x7d7/0x7d7
[   42.807066][  T366]  print_address_description+0x81/0x3c0
[   42.812587][  T366]  kasan_report+0x1a4/0x1f0
[   42.817069][  T366]  ? crc16+0x235/0x2d0
[   42.821119][  T366]  ? crc16+0x235/0x2d0
[   42.825186][  T366]  __asan_report_load1_noabort+0x14/0x20
[   42.830812][  T366]  crc16+0x235/0x2d0
[   42.834692][  T366]  ext4_group_desc_csum+0x851/0xb50
[   42.839869][  T366]  ? __kasan_check_write+0x14/0x20
[   42.844954][  T366]  ? ext4_group_desc_csum_verify+0x2a0/0x2a0
[   42.850913][  T366]  ? __kasan_check_write+0x14/0x20
[   42.856010][  T366]  ? mb_test_and_clear_bits+0x232/0x250
[   42.861544][  T366]  ? ext4_block_bitmap_csum_set+0x1c3/0x500
[   42.867422][  T366]  ? __kasan_check_read+0x11/0x20
[   42.872431][  T366]  ? ext4_block_bitmap_csum_verify+0x540/0x540
[   42.878568][  T366]  ext4_group_desc_csum_set+0x1d6/0x270
[   42.884100][  T366]  ext4_free_blocks+0x1b9e/0x2ad0
[   42.889131][  T366]  ? stack_trace_save+0x1f0/0x1f0
[   42.894159][  T366]  ? ext4_mb_release_context+0x17a0/0x17a0
[   42.899950][  T366]  ? stack_trace_snprint+0x100/0x100
[   42.905224][  T366]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[   42.911014][  T366]  ? stack_depot_save+0x433/0x4a0
[   42.916023][  T366]  ? _raw_read_unlock+0x25/0x40
[   42.920857][  T366]  ? ext4_is_pending+0x196/0x1d0
[   42.925780][  T366]  ext4_remove_blocks+0xaf1/0x1180
[   42.930908][  T366]  ext4_ext_rm_leaf+0xaa8/0x18c0
[   42.935835][  T366]  ext4_ext_remove_space+0xf25/0x22a0
[   42.941194][  T366]  ? __kasan_check_write+0x14/0x20
[   42.946293][  T366]  ? ext4_ext_index_trans_blocks+0x120/0x120
[   42.952266][  T366]  ? ext4_es_remove_extent+0x1a4/0x360
[   42.957724][  T366]  ? ext4_es_lookup_extent+0x9d0/0x9d0
[   42.963164][  T366]  ? __down_write+0x119/0x320
[   42.967839][  T366]  ext4_ext_truncate+0x18a/0x210
[   42.972760][  T366]  ext4_truncate+0xba0/0x1270
[   42.977424][  T366]  ? __ext4_mark_inode_dirty+0x780/0x780
[   42.983041][  T366]  ? __kasan_check_read+0x11/0x20
[   42.988149][  T366]  ? __ext4_journal_start_sb+0x2d9/0x480
[   42.993766][  T366]  ext4_evict_inode+0xf1e/0x1730
[   42.998689][  T366]  ? _raw_spin_unlock+0x4d/0x70
[   43.003526][  T366]  ? ext4_inode_is_fast_symlink+0x390/0x390
[   43.009415][  T366]  ? __kasan_check_write+0x14/0x20
[   43.014688][  T366]  ? _raw_spin_lock+0xa3/0x1b0
[   43.019444][  T366]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[   43.024805][  T366]  ? ext4_inode_is_fast_symlink+0x390/0x390
[   43.030695][  T366]  evict+0x2a3/0x6c0
[   43.034584][  T366]  iput+0x61f/0x7d0
[   43.038379][  T366]  do_unlinkat+0x51a/0x920
[   43.042780][  T366]  ? try_break_deleg+0x120/0x120
[   43.047702][  T366]  ? strncpy_from_user+0x179/0x2b0
[   43.052800][  T366]  ? getname_flags+0x1fb/0x510
[   43.057550][  T366]  __x64_sys_unlink+0x49/0x50
[   43.062210][  T366]  do_syscall_64+0x34/0x70
[   43.066610][  T366]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   43.072486][  T366] RIP: 0033:0x7f0a90ab5ea9
[   43.076901][  T366] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   43.096487][  T366] RSP: 002b:00007ffc38cbe7d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   43.104889][  T366] RAX: ffffffffffffffda RBX: 00007f0a90b1ded0 RCX: 00007f0a90ab5ea9
[   43.112851][  T366] RDX: ffffffffffffffc0 RSI: 0000000000000080 RDI: 0000000020000200
[   43.120809][  T366] RBP: 00007ffc38cbe7f8 R08: 0000000000000000 R09: 0000000000000000
[   43.128763][  T366] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc38cbe820
[   43.136720][  T366] R13: 00007ffc38cbe820 R14: 00007f0a90af30e8 R15: 00007ffc38cbe800
[   43.144677][  T366] 
[   43.146988][  T366] Allocated by task 368:
[   43.151217][  T366]  __kasan_slab_alloc+0xb2/0xe0
[   43.156050][  T366]  kmem_cache_alloc+0x16c/0x300
[   43.160889][  T366]  mempool_alloc_slab+0x1d/0x30
[   43.165727][  T366]  mempool_alloc+0x135/0x530
[   43.170302][  T366]  bio_alloc_bioset+0x1db/0x650
[   43.175136][  T366]  do_mpage_readpage+0x14e6/0x1b50
[   43.180227][  T366]  mpage_readahead+0x2d5/0x5f0
[   43.184971][  T366]  blkdev_readahead+0x1c/0x20
[   43.189641][  T366]  read_pages+0x160/0xb60
[   43.193959][  T366]  page_cache_ra_unbounded+0x6d0/0x8b0
[   43.199398][  T366]  force_page_cache_ra+0x3e6/0x440
[   43.204502][  T366]  page_cache_sync_ra+0x253/0x2c0
[   43.209510][  T366]  generic_file_buffered_read+0x65f/0x2850
[   43.215303][  T366]  generic_file_read_iter+0x106/0x6d0
[   43.220662][  T366]  blkdev_read_iter+0x135/0x190
[   43.225508][  T366]  vfs_read+0x9e2/0xbf0
[   43.229650][  T366]  ksys_read+0x198/0x2c0
[   43.233878][  T366]  __x64_sys_read+0x7b/0x90
[   43.238373][  T366]  do_syscall_64+0x34/0x70
[   43.242773][  T366]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   43.248640][  T366] 
[   43.250955][  T366] Freed by task 18:
[   43.254751][  T366]  kasan_set_track+0x4c/0x80
[   43.259326][  T366]  kasan_set_free_info+0x23/0x40
[   43.264246][  T366]  ____kasan_slab_free+0x121/0x160
[   43.269342][  T366]  __kasan_slab_free+0x11/0x20
[   43.274114][  T366]  slab_free_freelist_hook+0xcc/0x1a0
[   43.279489][  T366]  kmem_cache_free+0xa9/0x1f0
[   43.284150][  T366]  mempool_free_slab+0x1d/0x30
[   43.288917][  T366]  mempool_free+0xd5/0x310
[   43.293322][  T366]  bio_put+0x34e/0x420
[   43.297379][  T366]  mpage_end_io+0x325/0x5b0
[   43.301866][  T366]  bio_endio+0x465/0x5c0
[   43.306103][  T366]  blk_update_request+0x6d5/0x1250
[   43.311217][  T366]  blk_mq_end_request+0x42/0x80
[   43.316062][  T366]  lo_complete_rq+0x151/0x2e0
[   43.320721][  T366]  blk_done_softirq+0x372/0x410
[   43.325557][  T366]  __do_softirq+0x27e/0x596
[   43.330126][  T366] 
[   43.332444][  T366] The buggy address belongs to the object at ffff88811d865000
[   43.332444][  T366]  which belongs to the cache bio-0 of size 216
[   43.345961][  T366] The buggy address is located 0 bytes inside of
[   43.345961][  T366]  216-byte region [ffff88811d865000, ffff88811d8650d8)
[   43.359038][  T366] The buggy address belongs to the page:
[   43.364665][  T366] page:ffffea0004761940 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11d865
[   43.374883][  T366] flags: 0x8000000000000200(slab)
[   43.379984][  T366] raw: 8000000000000200 dead000000000100 dead000000000122 ffff88810017fb00
[   43.388557][  T366] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
[   43.397123][  T366] page dumped because: kasan: bad access detected
[   43.403516][  T366] page_owner tracks the page as allocated
[   43.409245][  T366] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x92880(GFP_NOWAIT|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC), pid 368, ts 42599737291, free_ts 0
[   43.426587][  T366]  get_page_from_freelist+0x755/0x810
[   43.431943][  T366]  __alloc_pages_nodemask+0x3b6/0x890
[   43.437301][  T366]  allocate_slab+0x78/0x540
[   43.441787][  T366]  ___slab_alloc+0x131/0x2e0
[   43.446360][  T366]  __slab_alloc+0x63/0xa0
[   43.450673][  T366]  kmem_cache_alloc+0x1ef/0x300
[   43.455511][  T366]  mempool_alloc_slab+0x1d/0x30
[   43.460350][  T366]  mempool_alloc+0x135/0x530
[   43.464922][  T366]  bio_alloc_bioset+0x1db/0x650
[   43.469762][  T366]  do_mpage_readpage+0x14e6/0x1b50
[   43.474858][  T366]  mpage_readahead+0x2d5/0x5f0
[   43.479713][  T366]  blkdev_readahead+0x1c/0x20
[   43.484379][  T366]  read_pages+0x160/0xb60
[   43.488709][  T366]  page_cache_ra_unbounded+0x6d0/0x8b0
[   43.494155][  T366]  force_page_cache_ra+0x3e6/0x440
[   43.499256][  T366]  page_cache_sync_ra+0x253/0x2c0
[   43.504445][  T366] page_owner free stack trace missing
[   43.509795][  T366] 
[   43.512131][  T366] Memory state around the buggy address:
[   43.517747][  T366]  ffff88811d864f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   43.525793][  T366]  ffff88811d864f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
[   43.533837][  T366] >ffff88811d865000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   43.541891][  T366]                    ^
[   43.545960][  T366]  ffff88811d865080: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc
[   43.554007][  T366]  ffff88811d865100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   43.562052][  T366] ==================================================================
[   43.570096][  T366] Disabling lock debugging due to kernel taint
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory