DUID 00:04:7c:8f:25:e4:1e:61:d4:15:b8:1c:50:2a:7f:f5:0b:01
forked to background, child pid 3209
[ 30.148102][ T3210] 8021q: adding VLAN 0 to HW filter on device bond0
[ 30.158327][ T3210] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.210' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 54.462090][ T3626] loop0: detected capacity change from 0 to 32768
[ 54.478971][ T3626] FAULT_INJECTION: forcing a failure.
[ 54.478971][ T3626] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 54.492366][ T3626] CPU: 0 PID: 3626 Comm: syz-executor272 Not tainted 6.1.0-rc8-syzkaller #0
[ 54.501052][ T3626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 54.511110][ T3626] Call Trace:
[ 54.514380][ T3626]
[ 54.517310][ T3626] dump_stack_lvl+0x1b1/0x28e
[ 54.522044][ T3626] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 54.527549][ T3626] ? panic+0x710/0x710
[ 54.531673][ T3626] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 54.537679][ T3626] should_fail_ex+0x395/0x4c0
[ 54.542359][ T3626] prepare_alloc_pages+0x1d7/0x5a0
[ 54.547495][ T3626] __alloc_pages+0x161/0x560
[ 54.552082][ T3626] ? zone_statistics+0x160/0x160
[ 54.557010][ T3626] ? free_unref_page+0x32e/0x5f0
[ 54.561944][ T3626] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 54.567912][ T3626] ? mark_free_pages+0x450/0x450
[ 54.572843][ T3626] __kmalloc_large_node+0x95/0x1e0
[ 54.577952][ T3626] kmalloc_large+0x1c/0x90
[ 54.582357][ T3626] ? diMount+0x16/0x870
[ 54.586698][ T3626] diMount+0x25/0x870
[ 54.590842][ T3626] ? diUnmount+0xef/0x100
[ 54.595171][ T3626] jfs_mount_rw+0x319/0x710
[ 54.599666][ T3626] ? chkSuper+0xf70/0xf70
[ 54.604161][ T3626] ? list_lru_walk_one_irq+0xe0/0xe0
[ 54.609434][ T3626] ? shrink_dentry_list+0x6a4/0x6c0
[ 54.614622][ T3626] ? sync_filesystem+0x103/0x220
[ 54.619565][ T3626] jfs_remount+0x3db/0x710
[ 54.623973][ T3626] ? jfs_statfs+0x510/0x510
[ 54.628478][ T3626] ? vfs_write+0x95d/0xc50
[ 54.632973][ T3626] ? hook_sb_remount+0x14/0xc0
[ 54.637725][ T3626] ? bpf_lsm_sb_remount+0x5/0x10
[ 54.642651][ T3626] reconfigure_super+0x3bc/0x7b0
[ 54.647583][ T3626] __se_sys_fsconfig+0xad5/0x1060
[ 54.652607][ T3626] ? __x64_sys_fsconfig+0xc0/0xc0
[ 54.657622][ T3626] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 54.663594][ T3626] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 54.669565][ T3626] ? lockdep_hardirqs_on+0x8d/0x130
[ 54.674755][ T3626] ? __x64_sys_fsconfig+0x1c/0xc0
[ 54.679856][ T3626] do_syscall_64+0x3d/0xb0
[ 54.684264][ T3626] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.690142][ T3626] RIP: 0033:0x7f6b066dc1e9
[ 54.694902][ T3626] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.714505][ T3626] RSP: 002b:00007ffe5d211798 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 54.722905][ T3626] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f6b066dc1e9
[ 54.730866][ T3626] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000004
[ 54.738827][ T3626] RBP: 00007ffe5d2117b0 R08: 0000000000000000 R09: 00007ffe5d211938
[ 54.746787][ T3626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 54.754745][ T3626] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 54.762717][ T3626]
[ 54.766173][ T3626] jfs_mount_rw: diMount failed!
[ 54.776094][ T3626] ==================================================================
[ 54.784191][ T3626] BUG: KASAN: double-free in __kmem_cache_free+0x71/0x110
[ 54.791302][ T3626] Free of addr ffff8880237a8000 by task syz-executor272/3626
[ 54.798657][ T3626]
[ 54.800973][ T3626] CPU: 1 PID: 3626 Comm: syz-executor272 Not tainted 6.1.0-rc8-syzkaller #0
[ 54.809632][ T3626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 54.819680][ T3626] Call Trace:
[ 54.822950][ T3626]
[ 54.825884][ T3626] dump_stack_lvl+0x1b1/0x28e
[ 54.830558][ T3626] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 54.836097][ T3626] ? __wake_up_klogd+0xcd/0x100
[ 54.840965][ T3626] ? panic+0x710/0x710
[ 54.845019][ T3626] ? _printk+0xc0/0x100
[ 54.849159][ T3626] ? _raw_spin_lock_irqsave+0x8e/0x100
[ 54.854603][ T3626] ? __kmem_cache_free+0x71/0x110
[ 54.859610][ T3626] print_address_description+0x74/0x340
[ 54.865182][ T3626] print_report+0x107/0x1f0
[ 54.869677][ T3626] ? _raw_spin_unlock+0x40/0x40
[ 54.874510][ T3626] ? __virt_addr_valid+0x21b/0x2d0
[ 54.879616][ T3626] ? __phys_addr+0xb5/0x160
[ 54.884136][ T3626] ? __kmem_cache_free+0x71/0x110
[ 54.889674][ T3626] ? __kmem_cache_free+0x71/0x110
[ 54.894694][ T3626] kasan_report_invalid_free+0xac/0xd0
[ 54.900152][ T3626] ? __kmem_cache_free+0x71/0x110
[ 54.905272][ T3626] ____kasan_slab_free+0xfb/0x120
[ 54.910291][ T3626] slab_free_freelist_hook+0x12e/0x1a0
[ 54.915778][ T3626] ? diUnmount+0xef/0x100
[ 54.920104][ T3626] __kmem_cache_free+0x71/0x110
[ 54.924958][ T3626] diUnmount+0xef/0x100
[ 54.929105][ T3626] jfs_umount+0x108/0x370
[ 54.933432][ T3626] jfs_put_super+0x86/0x190
[ 54.938026][ T3626] ? jfs_free_inode+0x20/0x20
[ 54.942807][ T3626] generic_shutdown_super+0x130/0x310
[ 54.948199][ T3626] kill_block_super+0x79/0xd0
[ 54.952895][ T3626] deactivate_locked_super+0xa7/0xf0
[ 54.958290][ T3626] cleanup_mnt+0x494/0x520
[ 54.962720][ T3626] ? lockdep_hardirqs_on+0x8d/0x130
[ 54.967922][ T3626] task_work_run+0x243/0x300
[ 54.972611][ T3626] ? task_work_cancel+0x290/0x290
[ 54.977659][ T3626] ? do_exit+0x65f/0x2070
[ 54.982277][ T3626] do_exit+0x664/0x2070
[ 54.986461][ T3626] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 54.992636][ T3626] ? mm_update_next_owner+0x6d0/0x6d0
[ 54.998293][ T3626] ? print_irqtrace_events+0x220/0x220
[ 55.003760][ T3626] ? _raw_spin_unlock_irq+0x1f/0x40
[ 55.008976][ T3626] ? lockdep_hardirqs_on+0x8d/0x130
[ 55.014184][ T3626] do_group_exit+0x1fd/0x2b0
[ 55.018781][ T3626] __x64_sys_exit_group+0x3b/0x40
[ 55.023828][ T3626] do_syscall_64+0x3d/0xb0
[ 55.028251][ T3626] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.034152][ T3626] RIP: 0033:0x7f6b066dad49
[ 55.038565][ T3626] Code: Unable to access opcode bytes at 0x7f6b066dad1f.
[ 55.045674][ T3626] RSP: 002b:00007ffe5d211748 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 55.054102][ T3626] RAX: ffffffffffffffda RBX: 00007f6b067553f0 RCX: 00007f6b066dad49
[ 55.062087][ T3626] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[ 55.070070][ T3626] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 00007ffe5d211938
[ 55.078136][ T3626] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b067553f0
[ 55.086220][ T3626] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 55.094207][ T3626]
[ 55.097224][ T3626]
[ 55.099544][ T3626] Allocated by task 2979:
[ 55.103873][ T3626] kasan_set_track+0x3d/0x60
[ 55.108465][ T3626] __kasan_slab_alloc+0x65/0x70
[ 55.113583][ T3626] kmem_cache_alloc+0x1cc/0x300
[ 55.118433][ T3626] getname_flags+0xb8/0x4e0
[ 55.122933][ T3626] __se_sys_newfstatat+0xcb/0x7d0
[ 55.127946][ T3626] do_syscall_64+0x3d/0xb0
[ 55.132377][ T3626] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.138258][ T3626]
[ 55.140567][ T3626] Freed by task 2979:
[ 55.144531][ T3626] kasan_set_track+0x3d/0x60
[ 55.149110][ T3626] kasan_save_free_info+0x27/0x40
[ 55.154126][ T3626] ____kasan_slab_free+0xd6/0x120
[ 55.159146][ T3626] slab_free_freelist_hook+0x12e/0x1a0
[ 55.164602][ T3626] kmem_cache_free+0x94/0x1d0
[ 55.169283][ T3626] __se_sys_newfstatat+0xf7/0x7d0
[ 55.174319][ T3626] do_syscall_64+0x3d/0xb0
[ 55.178738][ T3626] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.184624][ T3626]
[ 55.186936][ T3626] The buggy address belongs to the object at ffff8880237a8000
[ 55.186936][ T3626] which belongs to the cache names_cache of size 4096
[ 55.201204][ T3626] The buggy address is located 0 bytes inside of
[ 55.201204][ T3626] 4096-byte region [ffff8880237a8000, ffff8880237a9000)
[ 55.214588][ T3626]
[ 55.216905][ T3626] The buggy address belongs to the physical page:
[ 55.223300][ T3626] page:ffffea00008dea00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x237a8
[ 55.233443][ T3626] head:ffffea00008dea00 order:3 compound_mapcount:0 compound_pincount:0
[ 55.241753][ T3626] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 55.249723][ T3626] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888140007640
[ 55.258300][ T3626] raw: 0000000000000000 0000000080070007 00000001ffffffff 0000000000000000
[ 55.266950][ T3626] page dumped because: kasan: bad access detected
[ 55.273374][ T3626] page_owner tracks the page as allocated
[ 55.279333][ T3626] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2979, tgid 2979 (syslogd), ts 54767068561, free_ts 54478845021
[ 55.300241][ T3626] get_page_from_freelist+0x742/0x7c0
[ 55.305614][ T3626] __alloc_pages+0x259/0x560
[ 55.310214][ T3626] alloc_slab_page+0xbd/0x190
[ 55.314884][ T3626] allocate_slab+0x5e/0x4b0
[ 55.319727][ T3626] ___slab_alloc+0x782/0xe20
[ 55.324307][ T3626] kmem_cache_alloc+0x24c/0x300
[ 55.329154][ T3626] getname_flags+0xb8/0x4e0
[ 55.333648][ T3626] __se_sys_newfstatat+0xcb/0x7d0
[ 55.338660][ T3626] do_syscall_64+0x3d/0xb0
[ 55.343067][ T3626] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.348957][ T3626] page last free stack trace:
[ 55.353822][ T3626] free_pcp_prepare+0x80c/0x8f0
[ 55.358662][ T3626] free_unref_page+0x7d/0x5f0
[ 55.363346][ T3626] free_large_kmalloc+0xfb/0x190
[ 55.368289][ T3626] diUnmount+0xef/0x100
[ 55.372447][ T3626] jfs_mount_rw+0x2f4/0x710
[ 55.376948][ T3626] jfs_remount+0x3db/0x710
[ 55.381365][ T3626] reconfigure_super+0x3bc/0x7b0
[ 55.386305][ T3626] __se_sys_fsconfig+0xad5/0x1060
[ 55.391414][ T3626] do_syscall_64+0x3d/0xb0
[ 55.395825][ T3626] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.401706][ T3626]
[ 55.404017][ T3626] Memory state around the buggy address:
[ 55.409632][ T3626] ffff8880237a7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 55.417677][ T3626] ffff8880237a7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 55.425724][ T3626] >ffff8880237a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 55.433779][ T3626] ^
[ 55.437837][ T3626] ffff8880237a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 55.445882][ T3626] ffff8880237a8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 55.453943][ T3626] ==================================================================
[ 55.462491][ T3626] Kernel panic - not syncing: panic_on_warn set ...
[ 55.469091][ T3626] CPU: 1 PID: 3626 Comm: syz-executor272 Not tainted 6.1.0-rc8-syzkaller #0
[ 55.477771][ T3626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 55.487828][ T3626] Call Trace:
[ 55.491275][ T3626]
[ 55.494199][ T3626] dump_stack_lvl+0x1b1/0x28e
[ 55.498869][ T3626] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 55.504316][ T3626] ? panic+0x710/0x710
[ 55.508374][ T3626] ? preempt_schedule_common+0xb7/0xe0
[ 55.513824][ T3626] ? vscnprintf+0x59/0x80
[ 55.518159][ T3626] ? __kmem_cache_free+0x40/0x110
[ 55.523188][ T3626] panic+0x2d6/0x710
[ 55.527078][ T3626] ? memcpy_page_flushcache+0xfc/0xfc
[ 55.532453][ T3626] ? _raw_spin_unlock_irqrestore+0x110/0x120
[ 55.538430][ T3626] ? print_report+0x1b4/0x1f0
[ 55.543106][ T3626] ? __kmem_cache_free+0x71/0x110
[ 55.548120][ T3626] ? __kmem_cache_free+0x71/0x110
[ 55.553133][ T3626] end_report+0x91/0xa0
[ 55.557281][ T3626] kasan_report_invalid_free+0xb7/0xd0
[ 55.562729][ T3626] ? __kmem_cache_free+0x71/0x110
[ 55.567745][ T3626] ____kasan_slab_free+0xfb/0x120
[ 55.572770][ T3626] slab_free_freelist_hook+0x12e/0x1a0
[ 55.578224][ T3626] ? diUnmount+0xef/0x100
[ 55.582549][ T3626] __kmem_cache_free+0x71/0x110
[ 55.587391][ T3626] diUnmount+0xef/0x100
[ 55.591895][ T3626] jfs_umount+0x108/0x370
[ 55.596217][ T3626] jfs_put_super+0x86/0x190
[ 55.600716][ T3626] ? jfs_free_inode+0x20/0x20
[ 55.605380][ T3626] generic_shutdown_super+0x130/0x310
[ 55.610741][ T3626] kill_block_super+0x79/0xd0
[ 55.615518][ T3626] deactivate_locked_super+0xa7/0xf0
[ 55.621170][ T3626] cleanup_mnt+0x494/0x520
[ 55.625670][ T3626] ? lockdep_hardirqs_on+0x8d/0x130
[ 55.630865][ T3626] task_work_run+0x243/0x300
[ 55.635453][ T3626] ? task_work_cancel+0x290/0x290
[ 55.640471][ T3626] ? do_exit+0x65f/0x2070
[ 55.644815][ T3626] do_exit+0x664/0x2070
[ 55.648974][ T3626] ? lockdep_hardirqs_on_prepare+0x428/0x790
[ 55.654947][ T3626] ? mm_update_next_owner+0x6d0/0x6d0
[ 55.660312][ T3626] ? print_irqtrace_events+0x220/0x220
[ 55.665767][ T3626] ? _raw_spin_unlock_irq+0x1f/0x40
[ 55.670972][ T3626] ? lockdep_hardirqs_on+0x8d/0x130
[ 55.676167][ T3626] do_group_exit+0x1fd/0x2b0
[ 55.680757][ T3626] __x64_sys_exit_group+0x3b/0x40
[ 55.685778][ T3626] do_syscall_64+0x3d/0xb0
[ 55.690187][ T3626] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.696068][ T3626] RIP: 0033:0x7f6b066dad49
[ 55.700481][ T3626] Code: Unable to access opcode bytes at 0x7f6b066dad1f.
[ 55.707830][ T3626] RSP: 002b:00007ffe5d211748 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 55.716236][ T3626] RAX: ffffffffffffffda RBX: 00007f6b067553f0 RCX: 00007f6b066dad49
[ 55.724197][ T3626] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[ 55.732157][ T3626] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 00007ffe5d211938
[ 55.740118][ T3626] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b067553f0
[ 55.748090][ T3626] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 55.756059][ T3626]
[ 55.759264][ T3626] Kernel Offset: disabled
[ 55.763577][ T3626] Rebooting in 86400 seconds..