Warning: Permanently added '10.128.0.86' (ED25519) to the list of known hosts.
[   20.897983][   T24] audit: type=1400 audit(1733228203.910:66): avc:  denied  { execmem } for  pid=281 comm="syz-executor235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   20.921903][   T24] audit: type=1400 audit(1733228203.930:67): avc:  denied  { mounton } for  pid=281 comm="syz-executor235" path="/syzcgroup/unified" dev="sda1" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   20.923101][  T281] cgroup: Unknown subsys name 'net'
[   20.944909][   T24] audit: type=1400 audit(1733228203.930:68): avc:  denied  { mount } for  pid=281 comm="syz-executor235" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.972915][   T24] audit: type=1400 audit(1733228203.960:69): avc:  denied  { unmount } for  pid=281 comm="syz-executor235" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.973105][  T281] cgroup: Unknown subsys name 'devices'
[   21.118916][  T281] cgroup: Unknown subsys name 'hugetlb'
[   21.124698][  T281] cgroup: Unknown subsys name 'rlimit'
[   21.218685][   T24] audit: type=1400 audit(1733228204.230:70): avc:  denied  { mounton } for  pid=281 comm="syz-executor235" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   21.248473][   T24] audit: type=1400 audit(1733228204.230:71): avc:  denied  { mount } for  pid=281 comm="syz-executor235" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   21.272078][   T24] audit: type=1400 audit(1733228204.230:72): avc:  denied  { mounton } for  pid=292 comm="syz-executor235" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   21.293375][   T24] audit: type=1400 audit(1733228204.230:73): avc:  denied  { module_request } for  pid=292 comm="syz-executor235" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   21.327113][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.334027][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.341403][  T292] device bridge_slave_0 entered promiscuous mode
[   21.348946][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.355773][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.363067][  T292] device bridge_slave_1 entered promiscuous mode
[   21.374284][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.381202][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.388249][  T290] device bridge_slave_0 entered promiscuous mode
[   21.395845][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.402717][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.409905][  T290] device bridge_slave_1 entered promiscuous mode
[   21.447715][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.454569][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.461819][  T293] device bridge_slave_0 entered promiscuous mode
[   21.468629][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.475482][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.482807][  T293] device bridge_slave_1 entered promiscuous mode
[   21.500691][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.507727][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.514881][  T291] device bridge_slave_0 entered promiscuous mode
[   21.523354][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.530233][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.537474][  T291] device bridge_slave_1 entered promiscuous mode
[   21.570688][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.577633][  T289] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.584715][  T289] device bridge_slave_0 entered promiscuous mode
[   21.591614][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.598473][  T289] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.605669][  T289] device bridge_slave_1 entered promiscuous mode
[   21.647214][   T24] audit: type=1400 audit(1733228204.650:74): avc:  denied  { create } for  pid=292 comm="syz-executor235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.659025][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.675421][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.683004][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.691728][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.699877][   T24] audit: type=1400 audit(1733228204.650:75): avc:  denied  { write } for  pid=290 comm="syz-executor235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.772451][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.779311][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.786484][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.793282][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.806040][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.812900][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.819990][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.826764][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.836709][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.844078][  T289] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.851196][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.857956][  T289] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.874609][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.882198][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.889513][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.896908][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.904209][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.911399][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.918407][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.925333][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.932258][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.946353][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.954510][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.961360][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.968654][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.976827][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.983778][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.009185][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.016499][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.025186][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.032330][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.054065][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.062162][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.070300][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.077209][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.084677][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.092776][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.100966][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.107812][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.114939][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.122617][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.133931][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.141944][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.148777][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.167329][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.175489][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.183612][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.191409][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.199408][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.206218][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.213540][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.221651][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.228488][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.242949][  T289] device veth0_vlan entered promiscuous mode
[   22.250137][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   22.258535][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.266611][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.274588][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.281978][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.289641][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.297396][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.310601][  T290] device veth0_vlan entered promiscuous mode
[   22.323882][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.331207][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.338668][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   22.346670][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.355105][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.361977][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.369192][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.376947][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.384723][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.392599][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.400369][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.408154][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.415781][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   22.423845][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.431788][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.438631][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.445740][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.453819][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.462174][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.469610][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.486670][  T293] device veth0_vlan entered promiscuous mode
[   22.494565][  T291] device veth0_vlan entered promiscuous mode
[   22.501504][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.509949][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.518332][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.526079][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.533962][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.542300][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.550443][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.558199][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.565857][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.573654][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.581527][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.588872][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.596018][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.603300][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.618477][  T293] device veth1_macvtap entered promiscuous mode
[   22.625080][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.633073][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.645687][  T289] device veth1_macvtap entered promiscuous mode
[   22.657133][  T290] device veth1_macvtap entered promiscuous mode
[   22.664963][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.673191][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.681355][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.689482][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.697606][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.705493][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.713703][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.721943][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.730073][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.738055][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.745449][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.753617][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.761818][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.770006][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.782739][  T291] device veth1_macvtap entered promiscuous mode
[   22.792274][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.799904][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.808374][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.816384][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.824517][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.843463][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.851564][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.860065][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.868067][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.875892][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.883376][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.891449][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.899695][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.908763][  T292] device veth0_vlan entered promiscuous mode
[   22.921720][  T293] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
executing program
[   22.938212][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.946328][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.954481][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.962660][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.971039][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.979249][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   22.988598][  T315] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   22.989763][  T292] device veth1_macvtap entered promiscuous mode
[   22.997496][  T315] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   23.024267][  T293] ==================================================================
[   23.032169][  T293] BUG: KASAN: slab-out-of-bounds in ext4_htree_fill_tree+0x1316/0x13e0
[   23.040220][  T293] Read of size 1 at addr ffff88810f7b9535 by task syz-executor235/293
[   23.048208][  T293] 
[   23.050887][  T293] CPU: 0 PID: 293 Comm: syz-executor235 Not tainted 5.10.226-syzkaller-00326-gab7c0abef9cf #0
[   23.060954][  T293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   23.070855][  T293] Call Trace:
[   23.073979][  T293]  dump_stack_lvl+0x1e2/0x24b
[   23.078494][  T293]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   23.083796][  T293]  ? panic+0x812/0x812
[   23.087711][  T293]  print_address_description+0x81/0x3b0
[   23.093086][  T293]  ? ext4_htree_store_dirent+0x19c/0x590
[   23.098563][  T293]  kasan_report+0x179/0x1c0
[   23.102923][  T293]  ? ext4_htree_fill_tree+0x1316/0x13e0
[   23.108269][  T293]  ? ext4_htree_fill_tree+0x1316/0x13e0
[   23.113644][  T293]  __asan_report_load1_noabort+0x14/0x20
[   23.119121][  T293]  ext4_htree_fill_tree+0x1316/0x13e0
[   23.124317][  T293]  ? ext4_handle_dirty_dirblock+0x6e0/0x6e0
[   23.130054][  T293]  ? __kasan_kmalloc+0x9/0x10
[   23.134555][  T293]  ? ext4_readdir+0x4df/0x37c0
[   23.139158][  T293]  ext4_readdir+0x2dde/0x37c0
[   23.143672][  T293]  ? handle_pte_fault+0x144a/0x3e10
[   23.148713][  T293]  ? ext4_dir_llseek+0x4c0/0x4c0
[   23.153481][  T293]  ? __kasan_check_write+0x14/0x20
[   23.158428][  T293]  ? down_read_killable+0x101/0x220
[   23.163461][  T293]  ? down_read_interruptible+0x220/0x220
[   23.168941][  T293]  ? security_file_permission+0x86/0xb0
[   23.174339][  T293]  iterate_dir+0x265/0x580
[   23.178572][  T293]  ? ext4_dir_llseek+0x4c0/0x4c0
[   23.183457][  T293]  __se_sys_getdents64+0x1c1/0x460
[   23.188386][  T293]  ? __x64_sys_getdents64+0x90/0x90
[   23.193414][  T293]  ? filldir+0x680/0x680
[   23.197489][  T293]  ? debug_smp_processor_id+0x17/0x20
[   23.202691][  T293]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   23.208597][  T293]  ? irqentry_exit_to_user_mode+0x41/0x80
[   23.214908][  T293]  __x64_sys_getdents64+0x7b/0x90
[   23.219752][  T293]  do_syscall_64+0x34/0x70
[   23.224000][  T293]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.229744][  T293] RIP: 0033:0x7fdc4c571923
[   23.233981][  T293] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 02 1d fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[   23.253516][  T293] RSP: 002b:00007ffeffa6f988 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   23.261863][  T293] RAX: ffffffffffffffda RBX: 00005555895a3730 RCX: 00007fdc4c571923
[   23.269837][  T293] RDX: 0000000000008000 RSI: 00005555895a3730 RDI: 0000000000000004
[   23.278075][  T293] RBP: 00005555895a3704 R08: 0000000000000000 R09: 0000000000000000
[   23.285996][  T293] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[   23.294493][  T293] R13: 0000000000000010 R14: 00005555895a3700 R15: 0000000000000001
[   23.302387][  T293] 
[   23.304547][  T293] Allocated by task 96:
[   23.308557][  T293]  ____kasan_kmalloc+0xdb/0x110
[   23.313236][  T293]  __kasan_kmalloc+0x9/0x10
[   23.317570][  T293]  kmem_cache_alloc_trace+0x18a/0x2e0
[   23.322787][  T293]  kobject_uevent_env+0x269/0x700
[   23.327633][  T293]  kobject_synth_uevent+0x4eb/0xae0
[   23.332665][  T293]  store_uevent+0x16/0x30
[   23.336833][  T293]  module_attr_store+0x5c/0x80
[   23.341433][  T293]  sysfs_kf_write+0x123/0x140
[   23.345954][  T293]  kernfs_fop_write_iter+0x2c4/0x410
[   23.351067][  T293]  vfs_write+0xb4c/0xe70
[   23.355150][  T293]  ksys_write+0x199/0x2c0
[   23.359311][  T293]  __x64_sys_write+0x7b/0x90
[   23.363821][  T293]  do_syscall_64+0x34/0x70
[   23.368078][  T293]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.373797][  T293] 
[   23.375969][  T293] Freed by task 48:
[   23.379622][  T293]  kasan_set_track+0x4b/0x70
[   23.384047][  T293]  kasan_set_free_info+0x23/0x40
[   23.388820][  T293]  ____kasan_slab_free+0x121/0x160
[   23.393769][  T293]  __kasan_slab_free+0x11/0x20
[   23.398367][  T293]  slab_free_freelist_hook+0xc0/0x190
[   23.403573][  T293]  kfree+0xc3/0x270
[   23.407225][  T293]  pskb_expand_head+0x390/0x1180
[   23.411997][  T293]  netlink_trim+0x19b/0x230
[   23.416364][  T293]  netlink_broadcast_filtered+0x66/0x1270
[   23.421887][  T293]  nlmsg_notify+0x101/0x1c0
[   23.426226][  T293]  rtmsg_ifinfo+0xe7/0x120
[   23.430481][  T293]  netdev_state_change+0x1be/0x250
[   23.435426][  T293]  linkwatch_do_dev+0x100/0x140
[   23.440202][  T293]  __linkwatch_run_queue+0x4ca/0x7f0
[   23.445522][  T293]  linkwatch_event+0x4c/0x60
[   23.450019][  T293]  process_one_work+0x6dc/0xbd0
[   23.454734][  T293]  worker_thread+0xaea/0x1510
[   23.459231][  T293]  kthread+0x34b/0x3d0
[   23.463291][  T293]  ret_from_fork+0x1f/0x30
[   23.467546][  T293] 
[   23.469772][  T293] The buggy address belongs to the object at ffff88810f7b8000
[   23.469772][  T293]  which belongs to the cache kmalloc-4k of size 4096
[   23.483775][  T293] The buggy address is located 1333 bytes to the right of
[   23.483775][  T293]  4096-byte region [ffff88810f7b8000, ffff88810f7b9000)
[   23.497592][  T293] The buggy address belongs to the page:
[   23.503073][  T293] page:ffffea00043dee00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10f7b8
[   23.513108][  T293] head:ffffea00043dee00 order:3 compound_mapcount:0 compound_pincount:0
[   23.521276][  T293] flags: 0x4000000000010200(slab|head)
[   23.526688][  T293] raw: 4000000000010200 ffffea00043de000 0000000200000002 ffff888100042c00
[   23.535080][  T293] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[   23.543494][  T293] page dumped because: kasan: bad access detected
[   23.549830][  T293] page_owner tracks the page as allocated
[   23.555630][  T293] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 96, ts 3915401879, free_ts 0
[   23.573518][  T293]  prep_new_page+0x166/0x180
[   23.577927][  T293]  get_page_from_freelist+0x2d8c/0x2f30
[   23.583306][  T293]  __alloc_pages_nodemask+0x435/0xaf0
[   23.588508][  T293]  new_slab+0x80/0x400
[   23.592415][  T293]  ___slab_alloc+0x302/0x4b0
[   23.596836][  T293]  __slab_alloc+0x63/0xa0
[   23.601008][  T293]  kmem_cache_alloc_trace+0x1bd/0x2e0
[   23.606214][  T293]  kobject_uevent_env+0x269/0x700
[   23.611076][  T293]  kobject_synth_uevent+0x4eb/0xae0
[   23.616105][  T293]  store_uevent+0x16/0x30
[   23.620285][  T293]  module_attr_store+0x5c/0x80
[   23.624881][  T293]  sysfs_kf_write+0x123/0x140
[   23.629398][  T293]  kernfs_fop_write_iter+0x2c4/0x410
[   23.634513][  T293]  vfs_write+0xb4c/0xe70
[   23.638595][  T293]  ksys_write+0x199/0x2c0
[   23.642750][  T293]  __x64_sys_write+0x7b/0x90
[   23.647183][  T293] page_owner free stack trace missing
[   23.652391][  T293] 
[   23.655081][  T293] Memory state around the buggy address:
[   23.660544][  T293]  ffff88810f7b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.668614][  T293]  ffff88810f7b9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.676541][  T293] >ffff88810f7b9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.684683][  T293]                                      ^
[   23.690152][  T293]  ffff88810f7b9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.698304][  T293]  ffff88810f7b9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.706281][  T293] ==================================================================
[   23.714181][  T293] Disabling lock debugging due to kernel taint
[   23.737074][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
executing program
[   23.745599][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.755230][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.774984][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.787963][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
executing program
[   23.788092][  T318] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   23.826007][  T318] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   23.882747][  T322] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   23.891555][  T322] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   23.909134][  T327] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   23.918044][  T327] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   23.944650][  T325] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   23.956969][  T325] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   24.268172][   T48] device bridge_slave_1 left promiscuous mode
[   24.274088][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.281516][   T48] device bridge_slave_0 left promiscuous mode
[   24.287465][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.294853][   T48] device veth1_macvtap left promiscuous mode
[   24.300781][   T48] device veth0_vlan left promiscuous mode
[   25.708037][   T48] device bridge_slave_1 left promiscuous mode
[   25.714377][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.721722][   T48] device bridge_slave_0 left promiscuous mode
[   25.727734][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.735453][   T48] device bridge_slave_1 left promiscuous mode
[   25.741511][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.748766][   T48] device bridge_slave_0 left promiscuous mode
[   25.754679][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.762195][   T48] device bridge_slave_1 left promiscuous mode
[   25.768186][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.775206][   T48] device bridge_slave_0 left promiscuous mode
[   25.781257][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.788705][   T48] device bridge_slave_1 left promiscuous mode
[   25.794598][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.801909][   T48] device bridge_slave_0 left promiscuous mode
[   25.808049][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.815776][   T48] device veth1_macvtap left promiscuous mode
[   25.822013][   T48] device veth0_vlan left promiscuous mode
[   25.827755][   T48] device veth1_macvtap left promiscuous mode
[   25.833715][   T48] device veth0_vlan left promiscuous mode
[   25.839655][   T48] device veth1_macvtap left promiscuous mode
[   25.845468][   T48] device veth0_vlan left promiscuous mode
[   25.851287][   T48] device veth1_macvtap left promiscuous mode
[   25.857222][   T48] device veth0_vlan left promiscuous mode