Warning: Permanently added '[localhost]:51112' (ED25519) to the list of known hosts.
2024/04/13 15:03:48 ignoring optional flag "sandboxArg"="0"
2024/04/13 15:03:48 parsed 1 programs
[ 72.714706][ T38] kauditd_printk_skb: 73 callbacks suppressed
[ 72.714717][ T38] audit: type=1400 audit(1713020628.753:207): avc: denied { getattr } for pid=5381 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 72.750547][ T38] audit: type=1400 audit(1713020628.783:208): avc: denied { mounton } for pid=5398 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 72.760774][ T38] audit: type=1400 audit(1713020628.783:209): avc: denied { mount } for pid=5398 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 72.769210][ T38] audit: type=1400 audit(1713020628.793:210): avc: denied { read write } for pid=5398 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 72.778715][ T38] audit: type=1400 audit(1713020628.793:211): avc: denied { open } for pid=5398 comm="syz-executor" path="/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 72.807068][ T38] audit: type=1400 audit(1713020628.843:212): avc: denied { unlink } for pid=5398 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 73.273971][ T38] audit: type=1400 audit(1713020629.303:213): avc: denied { relabelto } for pid=5407 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 74.228261][ T5398] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/04/13 15:03:50 executed programs: 0
[ 74.282593][ T5195] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 74.286170][ T5195] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 74.289315][ T5195] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 74.292686][ T5195] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 74.296208][ T5195] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 74.299201][ T5195] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 74.305283][ T38] audit: type=1400 audit(1713020630.343:214): avc: denied { mounton } for pid=5414 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 74.419826][ T5414] chnl_net:caif_netlink_parms(): no params data found
[ 74.512559][ T5414] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.515879][ T5414] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.518756][ T5414] bridge_slave_0: entered allmulticast mode
[ 74.522435][ T5414] bridge_slave_0: entered promiscuous mode
[ 74.528351][ T5414] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.531449][ T5414] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.534372][ T5414] bridge_slave_1: entered allmulticast mode
[ 74.539395][ T5414] bridge_slave_1: entered promiscuous mode
[ 74.590554][ T5414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.597535][ T5414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.641947][ T5414] team0: Port device team_slave_0 added
[ 74.646770][ T5414] team0: Port device team_slave_1 added
[ 74.688640][ T5414] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.691204][ T5414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.700420][ T5414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.708852][ T5414] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.711702][ T5414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.721121][ T5414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 74.763860][ T5414] hsr_slave_0: entered promiscuous mode
[ 74.766899][ T5414] hsr_slave_1: entered promiscuous mode
[ 74.999853][ T38] audit: type=1400 audit(1713020631.033:215): avc: denied { search } for pid=4663 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 75.306447][ T5414] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 75.313091][ T5414] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 75.319997][ T5414] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 75.325472][ T5414] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 75.346330][ T5414] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.349507][ T5414] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.352825][ T5414] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.356028][ T5414] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.405277][ T826] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.409258][ T826] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.424681][ T5414] 8021q: adding VLAN 0 to HW filter on device bond0
[ 75.442972][ T5414] 8021q: adding VLAN 0 to HW filter on device team0
[ 75.451798][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.455164][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.463275][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.465984][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.526263][ T38] audit: type=1400 audit(1713020631.563:216): avc: denied { sys_module } for pid=5414 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 75.599785][ T5414] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 75.641702][ T5414] veth0_vlan: entered promiscuous mode
[ 75.650529][ T5414] veth1_vlan: entered promiscuous mode
[ 75.675301][ T5414] veth0_macvtap: entered promiscuous mode
[ 75.681375][ T5414] veth1_macvtap: entered promiscuous mode
[ 75.696496][ T5414] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 75.704322][ T5414] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 75.710537][ T5414] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.714079][ T5414] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.719878][ T5414] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.722989][ T5414] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.760832][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.766913][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.798229][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.801728][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.091994][ T5466] loop0: detected capacity change from 0 to 32768
[ 76.105540][ T5466] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 76.109371][ T5466] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 76.128891][ T5466] gfs2: fsid=syz:syz.0: journal 0 mapped with 4 extents in 0ms
[ 76.133483][ T827] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 76.136411][ T827] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 76.195548][ T827] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 59ms
[ 76.198713][ T827] gfs2: fsid=syz:syz.0: jid=0: Done
[ 76.201308][ T5466] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 76.356146][ T4625] Bluetooth: hci0: command tx timeout
[ 76.426169][ T5466] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 76.469369][ T5414] syz-executor.0: attempt to access beyond end of device
[ 76.469369][ T5414] loop0: rw=1, sector=131324, nr_sectors = 4 limit=32768
[ 76.476675][ T5414] gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0
[ 76.480757][ T5414] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 77.079495][ T1354] ieee802154 phy0 wpan0: encryption failed: -22
[ 77.082444][ T1354] ieee802154 phy1 wpan1: encryption failed: -22
[ 78.434783][ T4625] Bluetooth: hci0: command tx timeout
[ 80.514885][ T4625] Bluetooth: hci0: command tx timeout
[ 81.558704][ T5414] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 81.562108][ T5414] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 81.565607][ T5414] gfs2: fsid=syz:syz.0: File system withdrawn
[ 81.567862][ T5414] CPU: 3 PID: 5414 Comm: syz-executor.0 Not tainted 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 81.571609][ T5414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 81.575115][ T5414] Call Trace:
[ 81.576316][ T5414]
[ 81.577390][ T5414] dump_stack_lvl+0x16c/0x1f0
[ 81.579043][ T5414] gfs2_withdraw+0xab8/0x1290
[ 81.580696][ T5414] ? __pfx_gfs2_withdraw+0x10/0x10
[ 81.582476][ T5414] ? gfs2_flush_revokes+0x7e/0x150
[ 81.584266][ T5414] ? __pfx_lock_release+0x10/0x10
[ 81.586030][ T5414] ? __pfx_autoremove_wake_function+0x10/0x10
[ 81.588184][ T5414] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 81.590093][ T5414] ? buf_lo_before_commit+0xa4/0xe0
[ 81.591930][ T5414] ? __pfx_revoke_lo_before_commit+0x10/0x10
[ 81.593986][ T5414] gfs2_flush_revokes+0x11e/0x150
[ 81.595753][ T5414] revoke_lo_before_commit+0x22/0x640
[ 81.597711][ T5414] ? do_raw_spin_unlock+0x172/0x230
[ 81.599544][ T5414] ? __pfx_revoke_lo_before_commit+0x10/0x10
[ 81.601653][ T5414] gfs2_log_flush+0x891/0x29e0
[ 81.603357][ T5414] ? __pfx_gfs2_log_flush+0x10/0x10
[ 81.605172][ T5414] ? kfree+0x129/0x390
[ 81.606605][ T5414] ? do_sync+0x4fa/0xd30
[ 81.608135][ T5414] do_sync+0x550/0xd30
[ 81.609564][ T5414] ? __pfx_do_sync+0x10/0x10
[ 81.611199][ T5414] ? gfs2_quota_sync+0x4ad/0x630
[ 81.612963][ T5414] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 81.614840][ T5414] ? qd_check_sync+0x3d8/0x4f0
[ 81.616522][ T5414] gfs2_quota_sync+0x419/0x630
[ 81.618537][ T5414] gfs2_sync_fs+0x44/0xb0
[ 81.620309][ T5414] ? __pfx_gfs2_sync_fs+0x10/0x10
[ 81.622058][ T5414] sync_filesystem+0x10d/0x290
[ 81.623742][ T5414] generic_shutdown_super+0x7e/0x3d0
[ 81.625868][ T5414] kill_block_super+0x3b/0x90
[ 81.627964][ T5414] gfs2_kill_sb+0x360/0x410
[ 81.630006][ T5414] deactivate_locked_super+0xbe/0x1a0
[ 81.632065][ T5414] deactivate_super+0xde/0x100
[ 81.633727][ T5414] cleanup_mnt+0x222/0x450
[ 81.635432][ T5414] task_work_run+0x14e/0x250
[ 81.637067][ T5414] ? __pfx_task_work_run+0x10/0x10
[ 81.638853][ T5414] syscall_exit_to_user_mode+0x278/0x2a0
[ 81.640828][ T5414] do_syscall_64+0xdc/0x260
[ 81.642446][ T5414] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.644547][ T5414] RIP: 0033:0x7f0c14c7f197
[ 81.646124][ T5414] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 81.652849][ T5414] RSP: 002b:00007ffd638aaec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 81.655926][ T5414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0c14c7f197
[ 81.658664][ T5414] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd638aaf80
[ 81.661400][ T5414] RBP: 00007ffd638aaf80 R08: 0000000000000000 R09: 0000000000000000
[ 81.664166][ T5414] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd638ac040
[ 81.666941][ T5414] R13: 00007f0c14cc93b9 R14: 000000000001278e R15: 0000000000000001
[ 81.669683][ T5414]
[ 81.671187][ T5414] bh: ffff88802f874110, bd: ffff88802f874150, trans_drain
[ 81.716366][ T5414] bh: ffff88802ffb5d98, bd: ffff88802f874150, gfs2_discard
[ 81.719046][ T5414] ==================================================================
[ 81.721813][ T5414] BUG: KASAN: slab-use-after-free in gfs2_invalidate_folio+0x731/0x840
[ 81.724723][ T5414] Read of size 8 at addr ffff88802f874168 by task syz-executor.0/5414
[ 81.729639][ T5414]
[ 81.730741][ T5414] CPU: 3 PID: 5414 Comm: syz-executor.0 Not tainted 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 81.735568][ T5414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 81.740017][ T5414] Call Trace:
[ 81.741494][ T5414]
[ 81.742801][ T5414] dump_stack_lvl+0x116/0x1f0
[ 81.744882][ T5414] print_report+0xc3/0x620
[ 81.746871][ T5414] ? __virt_addr_valid+0x5e/0x580
[ 81.749145][ T5414] ? __phys_addr+0xc6/0x150
[ 81.751185][ T5414] kasan_report+0xd9/0x110
[ 81.753192][ T5414] ? gfs2_invalidate_folio+0x731/0x840
[ 81.755627][ T5414] ? gfs2_invalidate_folio+0x731/0x840
[ 81.758011][ T5414] gfs2_invalidate_folio+0x731/0x840
[ 81.760331][ T5414] ? hlock_class+0x4e/0x130
[ 81.762324][ T5414] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 81.764917][ T5414] truncate_cleanup_folio+0x2ac/0x3e0
[ 81.767199][ T5414] truncate_inode_pages_range+0x271/0xe90
[ 81.769655][ T5414] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 81.772380][ T5414] ? mark_lock+0xb5/0xc60
[ 81.774312][ T5414] ? __pfx___lock_acquire+0x10/0x10
[ 81.776605][ T5414] ? __pfx_mark_lock+0x10/0x10
[ 81.778744][ T5414] ? __pfx_mark_lock+0x10/0x10
[ 81.780885][ T5414] ? mark_held_locks+0x9f/0xe0
[ 81.783003][ T5414] ? _raw_spin_unlock_irq+0x23/0x50
[ 81.785246][ T5414] ? lockdep_hardirqs_on+0x7c/0x110
[ 81.787541][ T5414] gfs2_evict_inode+0x75b/0x1460
[ 81.789671][ T5414] ? __pfx___lock_acquire+0x10/0x10
[ 81.791967][ T5414] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 81.794388][ T5414] ? find_held_lock+0x2d/0x110
[ 81.796460][ T5414] ? evict+0x2b7/0x6c0
[ 81.798144][ T5414] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 81.800470][ T5414] ? do_raw_spin_unlock+0x172/0x230
[ 81.802298][ T5414] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 81.804205][ T5414] evict+0x2ed/0x6c0
[ 81.805952][ T5414] iput.part.0+0x5a8/0x7f0
[ 81.807972][ T5414] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 81.810291][ T5414] iput+0x5c/0x80
[ 81.811916][ T5414] gfs2_put_super+0x2bd/0x760
[ 81.813911][ T5414] ? __pfx_gfs2_put_super+0x10/0x10
[ 81.815762][ T5414] generic_shutdown_super+0x159/0x3d0
[ 81.817748][ T5414] kill_block_super+0x3b/0x90
[ 81.819461][ T5414] gfs2_kill_sb+0x360/0x410
[ 81.821054][ T5414] deactivate_locked_super+0xbe/0x1a0
[ 81.822945][ T5414] deactivate_super+0xde/0x100
[ 81.824578][ T5414] cleanup_mnt+0x222/0x450
[ 81.826275][ T5414] task_work_run+0x14e/0x250
[ 81.828425][ T5414] ? __pfx_task_work_run+0x10/0x10
[ 81.830647][ T5414] syscall_exit_to_user_mode+0x278/0x2a0
[ 81.833096][ T5414] do_syscall_64+0xdc/0x260
[ 81.835094][ T5414] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.837680][ T5414] RIP: 0033:0x7f0c14c7f197
[ 81.839614][ T5414] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 81.847862][ T5414] RSP: 002b:00007ffd638aaec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 81.851524][ T5414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0c14c7f197
[ 81.854998][ T5414] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd638aaf80
[ 81.858434][ T5414] RBP: 00007ffd638aaf80 R08: 0000000000000000 R09: 0000000000000000
[ 81.861358][ T5414] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd638ac040
[ 81.864139][ T5414] R13: 00007f0c14cc93b9 R14: 000000000001278e R15: 0000000000000001
[ 81.867012][ T5414]
[ 81.868245][ T5414]
[ 81.869324][ T5414] Allocated by task 5414:
[ 81.871261][ T5414] kasan_save_stack+0x33/0x60
[ 81.873294][ T5414] kasan_save_track+0x14/0x30
[ 81.875083][ T5414] __kasan_slab_alloc+0x89/0x90
[ 81.877282][ T5414] kmem_cache_alloc+0x136/0x320
[ 81.879337][ T5414] gfs2_trans_add_data+0x4b3/0x7f0
[ 81.881637][ T5414] gfs2_unstuff_dinode+0xad9/0x1460
[ 81.883584][ T5414] gfs2_adjust_quota+0x124/0xb10
[ 81.885260][ T5414] do_sync+0xa73/0xd30
[ 81.886678][ T5414] gfs2_quota_sync+0x419/0x630
[ 81.888388][ T5414] gfs2_sync_fs+0x44/0xb0
[ 81.889912][ T5414] sync_filesystem+0x10d/0x290
[ 81.891610][ T5414] generic_shutdown_super+0x7e/0x3d0
[ 81.893468][ T5414] kill_block_super+0x3b/0x90
[ 81.895121][ T5414] gfs2_kill_sb+0x360/0x410
[ 81.896732][ T5414] deactivate_locked_super+0xbe/0x1a0
[ 81.898602][ T5414] deactivate_super+0xde/0x100
[ 81.900303][ T5414] cleanup_mnt+0x222/0x450
[ 81.901882][ T5414] task_work_run+0x14e/0x250
[ 81.903675][ T5414] syscall_exit_to_user_mode+0x278/0x2a0
[ 81.906185][ T5414] do_syscall_64+0xdc/0x260
[ 81.908170][ T5414] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.910251][ T5414]
[ 81.911115][ T5414] Freed by task 5414:
[ 81.912616][ T5414] kasan_save_stack+0x33/0x60
[ 81.914286][ T5414] kasan_save_track+0x14/0x30
[ 81.915980][ T5414] kasan_save_free_info+0x3b/0x60
[ 81.917774][ T5414] __kasan_slab_free+0x11d/0x1a0
[ 81.919532][ T5414] kmem_cache_free+0x12e/0x380
[ 81.921231][ T5414] gfs2_log_flush+0x14b8/0x29e0
[ 81.922955][ T5414] do_sync+0x550/0xd30
[ 81.924395][ T5414] gfs2_quota_sync+0x419/0x630
[ 81.926092][ T5414] gfs2_sync_fs+0x44/0xb0
[ 81.927635][ T5414] sync_filesystem+0x10d/0x290
[ 81.929327][ T5414] generic_shutdown_super+0x7e/0x3d0
[ 81.931204][ T5414] kill_block_super+0x3b/0x90
[ 81.932875][ T5414] gfs2_kill_sb+0x360/0x410
[ 81.934496][ T5414] deactivate_locked_super+0xbe/0x1a0
[ 81.936425][ T5414] deactivate_super+0xde/0x100
[ 81.938119][ T5414] cleanup_mnt+0x222/0x450
[ 81.939719][ T5414] task_work_run+0x14e/0x250
[ 81.941355][ T5414] syscall_exit_to_user_mode+0x278/0x2a0
[ 81.943348][ T5414] do_syscall_64+0xdc/0x260
[ 81.944958][ T5414] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.947047][ T5414]
[ 81.947907][ T5414] The buggy address belongs to the object at ffff88802f874150
[ 81.947907][ T5414] which belongs to the cache gfs2_bufdata of size 80
[ 81.952736][ T5414] The buggy address is located 24 bytes inside of
[ 81.952736][ T5414] freed 80-byte region [ffff88802f874150, ffff88802f8741a0)
[ 81.957486][ T5414]
[ 81.958346][ T5414] The buggy address belongs to the physical page:
[ 81.960615][ T5414] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2f874
[ 81.963691][ T5414] flags: 0xfff80000000800(slab|node=0|zone=1|lastcpupid=0xfff)
[ 81.966337][ T5414] page_type: 0xffffffff()
[ 81.967868][ T5414] raw: 00fff80000000800 ffff8880192d0a00 dead000000000122 0000000000000000
[ 81.970861][ T5414] raw: 0000000000000000 0000000080240024 00000001ffffffff 0000000000000000
[ 81.973853][ T5414] page dumped because: kasan: bad access detected
[ 81.976118][ T5414] page_owner tracks the page as allocated
[ 81.978117][ T5414] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 5414, tgid 5414 (syz-executor.0), ts 76465317912, free_ts 71995243169
[ 81.984969][ T5414] post_alloc_hook+0x2d4/0x350
[ 81.986665][ T5414] get_page_from_freelist+0xa28/0x3780
[ 81.988604][ T5414] __alloc_pages+0x22b/0x2460
[ 81.990286][ T5414] new_slab+0xcc/0x3a0
[ 81.991751][ T5414] ___slab_alloc+0x66d/0x1790
[ 81.993426][ T5414] __slab_alloc.constprop.0+0x56/0xb0
[ 81.995343][ T5414] kmem_cache_alloc+0x2e9/0x320
[ 81.997077][ T5414] gfs2_trans_add_meta+0xade/0xf50
[ 81.998917][ T5414] gfs2_alloc_blocks+0x46c/0x19c0
[ 82.000710][ T5414] gfs2_unstuff_dinode+0x499/0x1460
[ 82.002556][ T5414] gfs2_adjust_quota+0x124/0xb10
[ 82.004340][ T5414] do_sync+0xa73/0xd30
[ 82.005792][ T5414] gfs2_quota_sync+0x419/0x630
[ 82.007517][ T5414] gfs2_sync_fs+0x44/0xb0
[ 82.009060][ T5414] sync_filesystem+0x10d/0x290
[ 82.010980][ T5414] generic_shutdown_super+0x7e/0x3d0
[ 82.013290][ T5414] page last free pid 5364 tgid 5364 stack trace:
[ 82.016063][ T5414] free_unref_page_prepare+0x527/0xb10
[ 82.018434][ T5414] free_unref_page+0x33/0x3c0
[ 82.020507][ T5414] qlist_free_all+0x4e/0x140
[ 82.022530][ T5414] kasan_quarantine_reduce+0x192/0x1e0
[ 82.024910][ T5414] __kasan_slab_alloc+0x69/0x90
[ 82.027065][ T5414] __kmalloc+0x1bd/0x440
[ 82.028918][ T5414] load_elf_phdrs+0x103/0x210
[ 82.030827][ T5414] load_elf_binary+0x1fe/0x4e10
[ 82.032559][ T5414] bprm_execve+0x703/0x19b0
[ 82.034175][ T5414] do_execveat_common.isra.0+0x5cb/0x750
[ 82.036181][ T5414] __x64_sys_execve+0x8c/0xb0
[ 82.037842][ T5414] do_syscall_64+0xcf/0x260
[ 82.039460][ T5414] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 82.041496][ T5414]
[ 82.042313][ T5414] Memory state around the buggy address:
[ 82.044310][ T5414] ffff88802f874000: fa fb fb fb fb fb fb fb fb fb fc fc fc fc fa fb
[ 82.047140][ T5414] ffff88802f874080: fb fb fb fb fb fb fb fb fc fc fc fc fa fb fb fb
[ 82.049931][ T5414] >ffff88802f874100: fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb fb
[ 82.052619][ T5414] ^
[ 82.055113][ T5414] ffff88802f874180: fb fb fb fb fc fc fc fc fa fb fb fb fb fb fb fb
[ 82.057929][ T5414] ffff88802f874200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 82.060850][ T5414] ==================================================================
[ 82.063887][ T5414] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 82.066433][ T5414] CPU: 3 PID: 5414 Comm: syz-executor.0 Not tainted 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 82.070190][ T5414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 82.073727][ T5414] Call Trace:
[ 82.074938][ T5414]
[ 82.075996][ T5414] dump_stack_lvl+0x3d/0x1f0
[ 82.077628][ T5414] panic+0x6f5/0x7a0
[ 82.079035][ T5414] ? mark_held_locks+0x9f/0xe0
[ 82.080737][ T5414] ? __pfx_panic+0x10/0x10
[ 82.082317][ T5414] ? irqentry_exit+0x3b/0x90
[ 82.083971][ T5414] ? lockdep_hardirqs_on+0x7c/0x110
[ 82.085824][ T5414] ? check_panic_on_warn+0x1f/0xb0
[ 82.087523][ T5414] check_panic_on_warn+0xab/0xb0
[ 82.089168][ T5414] end_report+0x117/0x180
[ 82.090744][ T5414] kasan_report+0xe9/0x110
[ 82.092347][ T5414] ? gfs2_invalidate_folio+0x731/0x840
[ 82.094276][ T5414] ? gfs2_invalidate_folio+0x731/0x840
[ 82.096230][ T5414] gfs2_invalidate_folio+0x731/0x840
[ 82.098123][ T5414] ? hlock_class+0x4e/0x130
[ 82.099750][ T5414] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 82.101831][ T5414] truncate_cleanup_folio+0x2ac/0x3e0
[ 82.104269][ T5414] truncate_inode_pages_range+0x271/0xe90
[ 82.106396][ T5414] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 82.108616][ T5414] ? mark_lock+0xb5/0xc60
[ 82.110149][ T5414] ? __pfx___lock_acquire+0x10/0x10
[ 82.112007][ T5414] ? __pfx_mark_lock+0x10/0x10
[ 82.113704][ T5414] ? __pfx_mark_lock+0x10/0x10
[ 82.115426][ T5414] ? mark_held_locks+0x9f/0xe0
[ 82.117138][ T5414] ? _raw_spin_unlock_irq+0x23/0x50
[ 82.119275][ T5414] ? lockdep_hardirqs_on+0x7c/0x110
[ 82.121367][ T5414] gfs2_evict_inode+0x75b/0x1460
[ 82.123202][ T5414] ? __pfx___lock_acquire+0x10/0x10
[ 82.125048][ T5414] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 82.126956][ T5414] ? find_held_lock+0x2d/0x110
[ 82.128779][ T5414] ? evict+0x2b7/0x6c0
[ 82.130608][ T5414] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 82.132559][ T5414] ? do_raw_spin_unlock+0x172/0x230
[ 82.134393][ T5414] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 82.136320][ T5414] evict+0x2ed/0x6c0
[ 82.137700][ T5414] iput.part.0+0x5a8/0x7f0
[ 82.139599][ T5414] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 82.141895][ T5414] iput+0x5c/0x80
[ 82.143506][ T5414] gfs2_put_super+0x2bd/0x760
[ 82.145589][ T5414] ? __pfx_gfs2_put_super+0x10/0x10
[ 82.147810][ T5414] generic_shutdown_super+0x159/0x3d0
[ 82.150145][ T5414] kill_block_super+0x3b/0x90
[ 82.152267][ T5414] gfs2_kill_sb+0x360/0x410
[ 82.154295][ T5414] deactivate_locked_super+0xbe/0x1a0
[ 82.156630][ T5414] deactivate_super+0xde/0x100
[ 82.158785][ T5414] cleanup_mnt+0x222/0x450
[ 82.160495][ T5414] task_work_run+0x14e/0x250
[ 82.162263][ T5414] ? __pfx_task_work_run+0x10/0x10
[ 82.164575][ T5414] syscall_exit_to_user_mode+0x278/0x2a0
[ 82.166939][ T5414] do_syscall_64+0xdc/0x260
[ 82.168980][ T5414] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 82.171470][ T5414] RIP: 0033:0x7f0c14c7f197
[ 82.173468][ T5414] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 82.181226][ T5414] RSP: 002b:00007ffd638aaec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 82.184663][ T5414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0c14c7f197
[ 82.188137][ T5414] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd638aaf80
[ 82.191607][ T5414] RBP: 00007ffd638aaf80 R08: 0000000000000000 R09: 0000000000000000
[ 82.194644][ T5414] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd638ac040
[ 82.197446][ T5414] R13: 00007f0c14cc93b9 R14: 000000000001278e R15: 0000000000000001
[ 82.200233][ T5414]
[ 82.201998][ T5414] Kernel Offset: disabled
[ 82.203552][ T5414] Rebooting in 86400 seconds..