Warning: Permanently added '10.128.1.235' (ED25519) to the list of known hosts.
2024/09/20 02:30:17 ignoring optional flag "sandboxArg"="0"
2024/09/20 02:30:17 parsed 1 programs
[ 51.918396][ T27] audit: type=1400 audit(1726799417.676:95): avc: denied { unlink } for pid=352 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
2024/09/20 02:30:17 executed programs: 0
[ 51.966809][ T352] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 52.015538][ T358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.022641][ T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.030541][ T358] device bridge_slave_0 entered promiscuous mode
[ 52.037699][ T358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.046999][ T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.056232][ T358] device bridge_slave_1 entered promiscuous mode
[ 52.101714][ T358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.109341][ T358] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.117319][ T358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.124446][ T358] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.146897][ T36] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.154521][ T36] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.162553][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 52.171270][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 52.181900][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 52.189914][ T23] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.197353][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.216717][ T358] device veth0_vlan entered promiscuous mode
[ 52.223905][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 52.232883][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 52.241204][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 52.249094][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 52.256955][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 52.264950][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.271814][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.279234][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 52.287175][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 52.299972][ T358] device veth1_macvtap entered promiscuous mode
[ 52.308555][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 52.318455][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 52.332214][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 52.342105][ T27] audit: type=1400 audit(1726799418.096:96): avc: denied { mounton } for pid=358 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 52.372883][ T27] audit: type=1400 audit(1726799418.126:97): avc: denied { mounton } for pid=363 comm="syz-executor.0" path="/root/syzkaller-testdir3565354753/syzkaller.rznp43/0/bus" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1
[ 52.402775][ T27] audit: type=1400 audit(1726799418.126:98): avc: denied { map } for pid=363 comm="syz-executor.0" path="/root/syzkaller-testdir3565354753/syzkaller.rznp43/0/bus" dev="devtmpfs" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 52.432566][ T27] audit: type=1400 audit(1726799418.126:99): avc: denied { unmount } for pid=358 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 52.551263][ T405] loop0: detected capacity change from 0 to 512
[ 52.551637][ T404] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 52.609527][ T408] loop0: detected capacity change from 0 to 512
[ 52.677748][ T420] loop0: detected capacity change from 0 to 512
[ 52.684807][ T421] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 52.973802][ T504] loop0: detected capacity change from 0 to 512
[ 52.992682][ T507] loop0: detected capacity change from 0 to 512
[ 52.999757][ T508] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 27 prio class 2
[ 53.199892][ T567] loop0: detected capacity change from 0 to 512
[ 53.200325][ T568] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 2
[ 53.480138][ T658] loop0: detected capacity change from 0 to 512
[ 53.480457][ T659] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 29 prio class 2
[ 53.536945][ T662] loop0: detected capacity change from 0 to 512
[ 53.537299][ T663] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 27 prio class 2
[ 53.565602][ T665] loop0: detected capacity change from 0 to 512
[ 53.612713][ T668] loop0: detected capacity change from 0 to 512
[ 53.619500][ T27] audit: type=1400 audit(1726799419.376:100): avc: denied { mounton } for pid=667 comm="syz-executor.0" path="/root/syzkaller-testdir3565354753/syzkaller.rznp43/100/file0" dev="sda1" ino=1940 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 53.650046][ T668] ==================================================================
[ 53.658281][ T668] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x19b6/0x36c0
[ 53.666085][ T668] Read of size 18446744073709551584 at addr ffff888121376fc8 by task syz-executor.0/668
[ 53.675635][ T668]
[ 53.677897][ T668] CPU: 1 PID: 668 Comm: syz-executor.0 Not tainted 6.1.93-syzkaller #0
[ 53.686055][ T668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 53.695963][ T668] Call Trace:
[ 53.699067][ T668]
[ 53.701843][ T668] dump_stack_lvl+0x105/0x148
[ 53.706358][ T668] ? panic+0x3bb/0x3bb
[ 53.710493][ T668] ? nf_tcp_handle_invalid+0x30b/0x30b
[ 53.715786][ T668] ? _printk+0xca/0x10a
[ 53.719783][ T668] print_report+0x158/0x4e0
[ 53.724115][ T668] ? kasan_addr_to_slab+0xd/0x80
[ 53.728888][ T668] ? ext4_xattr_set_entry+0x19b6/0x36c0
[ 53.734289][ T668] kasan_report+0x13c/0x170
[ 53.739009][ T668] ? ext4_xattr_set_entry+0x19b6/0x36c0
[ 53.744469][ T668] kasan_check_range+0x294/0x2a0
[ 53.749238][ T668] ? ext4_xattr_set_entry+0x19b6/0x36c0
[ 53.754838][ T668] memmove+0x2d/0x70
[ 53.758881][ T668] ext4_xattr_set_entry+0x19b6/0x36c0
[ 53.764261][ T668] ? __kasan_slab_free+0x11/0x20
[ 53.769218][ T668] ? __kmem_cache_free+0x1fa/0x370
[ 53.774176][ T668] ? ext4_xattr_block_set+0xbd9/0x2cf0
[ 53.779569][ T668] ? ext4_xattr_ibody_set+0x320/0x320
[ 53.784832][ T668] ? ext4_get_inode_loc+0x180/0x180
[ 53.789893][ T668] ? ext4_xattr_block_find+0x2d0/0x2d0
[ 53.795336][ T668] ext4_xattr_ibody_set+0xf6/0x320
[ 53.800281][ T668] ext4_expand_extra_isize_ea+0x108c/0x1bf0
[ 53.806285][ T668] ? unlock_page_memcg+0x146/0x160
[ 53.811310][ T668] ? ext4_xattr_set+0x370/0x370
[ 53.816095][ T668] ? rwsem_write_trylock+0x153/0x340
[ 53.821396][ T668] __ext4_expand_extra_isize+0x20f/0x390
[ 53.826940][ T668] __ext4_mark_inode_dirty+0x3ab/0x630
[ 53.832329][ T668] ? sb_end_intwrite+0x100/0x100
[ 53.837521][ T668] ? current_time+0x82/0x230
[ 53.842037][ T668] ? atime_needs_update+0x7d0/0x7d0
[ 53.847166][ T668] ? ext4_inline_data_truncate+0x405/0xba0
[ 53.852972][ T668] ? memcpy+0x56/0x70
[ 53.856800][ T668] ext4_inline_data_truncate+0x41e/0xba0
[ 53.862518][ T668] ? ext4_inline_data_iomap+0x450/0x450
[ 53.867899][ T668] ext4_truncate+0x463/0xe50
[ 53.872335][ T668] ? __ext4_mark_inode_dirty+0x630/0x630
[ 53.877794][ T668] ext4_process_orphan+0x190/0x2c0
[ 53.883031][ T668] ext4_orphan_cleanup+0x88a/0xed0
[ 53.888152][ T668] ? ext4_orphan_del+0xab0/0xab0
[ 53.893069][ T668] ? ext4_register_sysfs+0x240/0x270
[ 53.898300][ T668] ext4_fill_super+0x689e/0x71b0
[ 53.903170][ T668] ? ext4_parse_test_dummy_encryption+0x80/0x80
[ 53.909367][ T668] ? snprintf+0xcc/0x110
[ 53.913534][ T668] ? sb_set_blocksize+0x45/0xc0
[ 53.918222][ T668] get_tree_bdev+0x3c1/0x5e0
[ 53.923200][ T668] ? ext4_parse_test_dummy_encryption+0x80/0x80
[ 53.929552][ T668] ext4_get_tree+0x10/0x20
[ 53.934152][ T668] vfs_get_tree+0x7c/0x170
[ 53.938588][ T668] do_new_mount+0x21a/0x900
[ 53.943249][ T668] ? do_move_mount_old+0x120/0x120
[ 53.948484][ T668] ? security_capable+0x3c/0x90
[ 53.953754][ T668] ? ns_capable+0x5b/0xc0
[ 53.957903][ T668] path_mount+0x612/0xbe0
[ 53.962150][ T668] ? user_path_at_empty+0xf3/0x150
[ 53.970261][ T668] ? user_path_at_empty+0xf3/0x150
[ 53.975682][ T668] __se_sys_mount+0x23e/0x2d0
[ 53.980268][ T668] ? __x64_sys_mount+0xd0/0xd0
[ 53.984960][ T668] __x64_sys_mount+0xba/0xd0
[ 53.989983][ T668] x64_sys_call+0x49d/0x9a0
[ 53.994505][ T668] do_syscall_64+0x3b/0xb0
[ 53.998954][ T668] ? clear_bhb_loop+0x55/0xb0
[ 54.004172][ T668] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 54.010159][ T668] RIP: 0033:0x7f19e127f46a
[ 54.014505][ T668] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 54.034945][ T668] RSP: 002b:00007f19e1f35ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 54.044414][ T668] RAX: ffffffffffffffda RBX: 00007f19e1f35f80 RCX: 00007f19e127f46a
[ 54.052907][ T668] RDX: 0000000020000180 RSI: 00000000200000c0 RDI: 00007f19e1f35f40
[ 54.061479][ T668] RBP: 0000000020000180 R08: 00007f19e1f35f80 R09: 0000000000000000
[ 54.069824][ T668] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[ 54.078174][ T668] R13: 00007f19e1f35f40 R14: 000000000000046a R15: 0000000020000300
[ 54.086688][ T668]
[ 54.089787][ T668]
[ 54.092129][ T668] The buggy address belongs to the physical page:
[ 54.098575][ T668] page:ffffea000484dd80 refcount:4 mapcount:1 mapping:ffff88810ae6a3d0 index:0x1 pfn:0x121376
[ 54.109430][ T668] memcg:ffff8881225ce000
[ 54.113689][ T668] aops:def_blk_aops ino:700000
[ 54.118669][ T668] flags: 0x460000000002204e(referenced|uptodate|dirty|workingset|private|mappedtodisk|zone=1)
[ 54.128884][ T668] raw: 460000000002204e 0000000000000000 dead000000000122 ffff88810ae6a3d0
[ 54.137414][ T668] raw: 0000000000000001 ffff88811c789d20 0000000400000000 ffff8881225ce000
[ 54.145931][ T668] page dumped because: kasan: bad access detected
[ 54.152202][ T668] page_owner tracks the page as allocated
[ 54.157819][ T668] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 668, tgid 667 (syz-executor.0), ts 53648512704, free_ts 52717176109
[ 54.178597][ T668] prep_new_page+0x512/0x5e0
[ 54.183092][ T668] get_page_from_freelist+0x288b/0x2910
[ 54.188473][ T668] __alloc_pages+0x39f/0x780
[ 54.192991][ T668] __folio_alloc+0x15/0x40
[ 54.197777][ T668] __filemap_get_folio+0x53b/0x6a0
[ 54.202710][ T668] pagecache_get_page+0x15/0xb0
[ 54.207483][ T668] __getblk_gfp+0x1ac/0x590
[ 54.211822][ T668] __ext4_get_inode_loc+0x40f/0xc00
[ 54.217034][ T668] __ext4_iget+0x440/0x3d30
[ 54.222165][ T668] ext4_fill_super+0x566e/0x71b0
[ 54.227197][ T668] get_tree_bdev+0x3c1/0x5e0
[ 54.231650][ T668] ext4_get_tree+0x10/0x20
[ 54.235945][ T668] vfs_get_tree+0x7c/0x170
[ 54.240211][ T668] do_new_mount+0x21a/0x900
[ 54.244714][ T668] path_mount+0x612/0xbe0
[ 54.249163][ T668] __se_sys_mount+0x23e/0x2d0
[ 54.253833][ T668] page last free stack trace:
[ 54.258377][ T668] free_unref_page_prepare+0x794/0x7a0
[ 54.263948][ T668] free_unref_page_list+0xf1/0x790
[ 54.269057][ T668] release_pages+0xcfc/0xd50
[ 54.273481][ T668] __pagevec_release+0x66/0xe0
[ 54.278093][ T668] shmem_undo_range+0x4a7/0x1150
[ 54.283027][ T668] shmem_evict_inode+0x34e/0x840
[ 54.287902][ T668] evict+0x262/0x620
[ 54.291707][ T668] iput+0x4b6/0x4e0
[ 54.295582][ T668] dentry_unlink_inode+0x2d8/0x3c0
[ 54.300635][ T668] __dentry_kill+0x37e/0x5e0
[ 54.305069][ T668] dentry_kill+0xc4/0x1f0
[ 54.309201][ T668] dput+0x10a/0x250
[ 54.312883][ T668] __fput+0x475/0x6a0
[ 54.316754][ T668] ____fput+0x9/0x10
[ 54.320485][ T668] task_work_run+0x208/0x260
[ 54.325093][ T668] exit_to_user_mode_loop+0x94/0xa0
[ 54.330133][ T668]
[ 54.332314][ T668] Memory state around the buggy address:
[ 54.338083][ T668] ffff888121376e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 54.346181][ T668] ffff888121376f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 54.354161][ T668] >ffff888121376f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 54.362209][ T668] ^
[ 54.368647][ T668] ffff888121377000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 54.377238][ T668] ffff888121377080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 54.385485][ T668] ==================================================================
[ 54.396613][ T668] Disabling lock debugging due to kernel taint
[ 54.403040][ T668] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.0: corrupted in-inode xattr
[ 54.415766][ T668] EXT4-fs warning (device loop0): ext4_xattr_set_entry:1745: inode #12: comm syz-executor.0: unable to update i_inline_off
[ 54.428871][ T668] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2810: Unable to expand inode 12. Delete some EAs or run e2fsck.
[ 54.442029][ T668] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.448281][ T668] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 54.457465][ T27] audit: type=1400 audit(1726799420.206:101): avc: denied { mount } for pid=667 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 54.482290][ T27] audit: type=1400 audit(1726799420.236:102): avc: denied { unmount } for pid=358 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 54.485102][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 54.584157][ T695] loop0: detected capacity change from 0 to 512
[ 54.622002][ T704] loop0: detected capacity change from 0 to 512
[ 54.663099][ T716] loop0: detected capacity change from 0 to 512
[ 54.663472][ T717] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 54.726291][ T722] loop0: detected capacity change from 0 to 512
[ 54.772942][ T725] loop0: detected capacity change from 0 to 512
[ 54.861110][ T746] loop0: detected capacity change from 0 to 512
[ 54.861547][ T747] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 2
[ 54.903146][ T755] loop0: detected capacity change from 0 to 512
[ 54.965459][ T773] loop0: detected capacity change from 0 to 512
[ 54.985773][ T776] loop0: detected capacity change from 0 to 512
[ 54.986142][ T777] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 2
[ 55.171184][ T836] loop0: detected capacity change from 0 to 512
[ 55.171662][ T837] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 24 prio class 2
[ 55.226324][ T839] loop0: detected capacity change from 0 to 512
[ 55.226740][ T840] Buffer I/O error on dev loop0, logical block 0, async page read
[ 55.280595][ T842] loop0: detected capacity change from 0 to 512
[ 55.280975][ T843] Buffer I/O error on dev loop0, logical block 0, async page read
[ 55.367452][ T857] loop0: detected capacity change from 0 to 512
[ 55.772805][ T1002] loop0: detected capacity change from 0 to 512
[ 55.773148][ T1001] Buffer I/O error on dev loop0, logical block 1, async page read
[ 55.894811][ T1032] loop0: detected capacity change from 0 to 512
[ 55.895209][ T1033] Buffer I/O error on dev loop0, logical block 0, async page read
[ 56.038400][ T1068] loop0: detected capacity change from 0 to 512
[ 56.057091][ T1071] loop0: detected capacity change from 0 to 512
[ 56.057535][ T1072] Buffer I/O error on dev loop0, logical block 0, async page read
[ 56.127973][ T1080] loop0: detected capacity change from 0 to 512
[ 56.370165][ T1155] loop0: detected capacity change from 0 to 512
[ 56.407439][ T1164] loop0: detected capacity change from 0 to 512
[ 56.425475][ T1167] loop0: detected capacity change from 0 to 512
[ 56.585239][ T1213] loop0: detected capacity change from 0 to 512
[ 56.604691][ T1216] loop0: detected capacity change from 0 to 512
[ 56.605046][ T1217] Buffer I/O error on dev loop0, logical block 0, async page read
[ 56.861707][ T1294] loop0: detected capacity change from 0 to 512
[ 56.880541][ T1297] loop0: detected capacity change from 0 to 512
[ 56.880891][ T1298] Buffer I/O error on dev loop0, logical block 1, async page read
2024/09/20 02:30:22 executed programs: 318
[ 56.970320][ T1324] loop0: detected capacity change from 0 to 512
[ 57.040517][ T1336] loop0: detected capacity change from 0 to 512
[ 57.051057][ T1336] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 12 (err -116)
[ 57.065802][ T1336] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 57.110426][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 57.239559][ T1383] loop0: detected capacity change from 0 to 512
[ 57.266868][ T1389] loop0: detected capacity change from 0 to 512
[ 57.421191][ T1434] loop0: detected capacity change from 0 to 512
[ 57.439795][ T1437] loop0: detected capacity change from 0 to 512
[ 57.560467][ T1480] loop0: detected capacity change from 0 to 512
[ 57.665936][ T1513] loop0: detected capacity change from 0 to 512
[ 57.691722][ T1519] loop0: detected capacity change from 0 to 512
[ 57.779376][ T1546] loop0: detected capacity change from 0 to 512
[ 57.796661][ T1549] loop0: detected capacity change from 0 to 512
[ 57.797001][ T1550] blk_print_req_error: 14 callbacks suppressed
[ 57.797009][ T1550] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 57.917298][ T1576] loop0: detected capacity change from 0 to 512
[ 57.943287][ T1582] loop0: detected capacity change from 0 to 512
[ 58.119998][ T1636] loop0: detected capacity change from 0 to 512
[ 58.120347][ T1637] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 2
[ 58.173090][ T1639] loop0: detected capacity change from 0 to 512
[ 58.216722][ T1642] loop0: detected capacity change from 0 to 512
[ 58.217089][ T1643] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 58.270112][ T1645] loop0: detected capacity change from 0 to 512
[ 58.404133][ T1681] loop0: detected capacity change from 0 to 512
[ 58.421466][ T1684] loop0: detected capacity change from 0 to 512
[ 58.516353][ T1706] loop0: detected capacity change from 0 to 512
[ 58.516662][ T1707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 2
[ 58.544469][ T1709] loop0: detected capacity change from 0 to 512
[ 58.553165][ T1709] EXT4-fs (loop0): 1 truncate cleaned up
[ 58.560291][ T1709] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 58.601967][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 58.624130][ T1717] loop0: detected capacity change from 0 to 512
[ 58.684715][ T1726] loop0: detected capacity change from 0 to 512
[ 58.833431][ T1777] loop0: detected capacity change from 0 to 512
[ 58.953534][ T1819] loop0: detected capacity change from 0 to 512
[ 58.970505][ T1822] loop0: detected capacity change from 0 to 512
[ 58.983786][ T97] BUG: unable to handle page fault for address: ffffc90000607710
[ 58.991635][ T97] #PF: supervisor read access in kernel mode
[ 58.997720][ T97] #PF: error_code(0x0000) - not-present page
[ 59.003795][ T97] PGD 100000067 P4D 100000067 PUD 100139067 PMD 10ee29067 PTE 0
[ 59.011346][ T97] Oops: 0000 [#1] PREEMPT SMP KASAN
[ 59.016468][ T97] CPU: 0 PID: 97 Comm: udevd Tainted: G B 6.1.93-syzkaller #0
[ 59.025595][ T97] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 59.029103][ T1822] Kernel panic - not syncing: corrupted stack end detected inside scheduler
[ 59.035472][ T97] RIP: 0010:rb_erase+0x127/0xd90
[ 59.035499][ T97] Code: 8d 73 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 4c 89 f7 e8 71 5a 8c fd 4c 8d 7b 08 48 8b 45 d0 <48> 39 43 10 4d 0f 44 fe 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00
[ 59.035505][ T97] RSP: 0000:ffffc9000031f920 EFLAGS: 00010046
[ 59.035513][ T97] RAX: ffffc9000031fac0 RBX: ffffc90000607700 RCX: dffffc0000000000
[ 59.035518][ T97] RDX: dffffc0000000000 RSI: ffff8881f7229ce0 RDI: ffffc9000031fac8
[ 59.035522][ T97] RBP: ffffc9000031f980 R08: 0000000000000000 R09: 0000000000000003
[ 59.035526][ T97] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffc90000607700
[ 59.035531][ T97] R13: 0000000000000000 R14: ffffc90000607710 R15: ffffc90000607708
[ 59.035535][ T97] FS: 00007f0afe3d0c80(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
[ 59.035541][ T97] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 59.035545][ T97] CR2: ffffc90000607710 CR3: 000000010edc5000 CR4: 00000000003506b0
[ 59.035552][ T97] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 59.035556][ T97] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 59.035560][ T97] Call Trace:
[ 59.035563][ T97]
[ 59.035568][ T97] ? __die_body+0x62/0xb0
[ 59.035574][ T97] ? __die+0x7e/0x90
[ 59.035580][ T97] ? page_fault_oops+0x675/0x870
[ 59.035588][ T97] ? kernelmode_fixup_or_oops+0x50/0x50
[ 59.035595][ T97] ? update_load_avg+0x513/0x1510
[ 59.035602][ T97] ? __update_load_avg_cfs_rq+0xb1/0x2f0
[ 59.035610][ T97] ? kernelmode_fixup_or_oops+0x43/0x50
[ 59.035616][ T97] ? __bad_area_nosemaphore+0x8e/0x3f0
[ 59.035621][ T97] ? __kasan_check_write+0x14/0x20
[ 59.035628][ T97] ? __switch_to+0x621/0x1170
[ 59.035636][ T97] ? bad_area_nosemaphore+0x11/0x20
[ 59.035641][ T97] ? do_kern_addr_fault+0x2f/0x40
[ 59.035647][ T97] ? exc_page_fault+0x505/0x6d0
[ 59.035655][ T97] ? asm_exc_page_fault+0x27/0x30
[ 59.035664][ T97] ? rb_erase+0x127/0xd90
[ 59.035671][ T97] ? _raw_spin_lock_irqsave+0xf9/0x210
[ 59.035678][ T97] timerqueue_del+0x69/0xb0
[ 59.035685][ T97] remove_hrtimer+0x14f/0x420
[ 59.035693][ T97] hrtimer_try_to_cancel+0x26e/0x2d0
[ 59.035700][ T97] schedule_hrtimeout_range_clock+0x1de/0x300
[ 59.035706][ T97] ? hrtimer_nanosleep_restart+0x170/0x170
[ 59.035713][ T97] ? enqueue_hrtimer+0x190/0x190
[ 59.035719][ T97] ? _raw_write_lock_irq+0xa5/0x170
[ 59.035725][ T97] ? _raw_write_lock_irqsave+0x1e0/0x1e0
[ 59.035731][ T97] ? ep_done_scan+0x3b6/0x3d0
[ 59.035739][ T97] schedule_hrtimeout_range+0xe/0x10
[ 59.035745][ T97] do_epoll_wait+0x14a8/0x1610
[ 59.035756][ T97] ? ep_destroy_wakeup_source+0x70/0x70
[ 59.035762][ T97] ? __fput+0x4ee/0x6a0
[ 59.035769][ T97] ? do_epoll_wait+0x1610/0x1610
[ 59.035777][ T97] __x64_sys_epoll_wait+0x236/0x280
[ 59.035783][ T97] ? unlock_page_memcg+0x160/0x160
[ 59.035790][ T97] ? __ia32_sys_epoll_ctl+0x170/0x170
[ 59.035796][ T97] ? debug_smp_processor_id+0x17/0x20
[ 59.035803][ T97] ? exit_to_user_mode_prepare+0x39/0xa0
[ 59.035809][ T97] x64_sys_call+0x617/0x9a0
[ 59.035815][ T97] do_syscall_64+0x3b/0xb0
[ 59.035820][ T97] ? clear_bhb_loop+0x55/0xb0
[ 59.035826][ T97] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 59.035832][ T97] RIP: 0033:0x7f0afdf23457
[ 59.035843][ T97] Code: 73 01 c3 48 8b 0d d1 d9 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 76 48 8b 15 a2 d9 0c 00 f7 d8 64 89 02 48 83
[ 59.035847][ T97] RSP: 002b:00007ffe6c819038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8
[ 59.035854][ T97] RAX: ffffffffffffffda RBX: 00007ffe6c819138 RCX: 00007f0afdf23457
[ 59.035858][ T97] RDX: 0000000000000008 RSI: 00007ffe6c819138 RDI: 000000000000000b
[ 59.035862][ T97] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 59.035865][ T97] R10: 0000000000000bb8 R11: 0000000000000246 R12: 0000000000000bb8
[ 59.035869][ T97] R13: 000055d880ec6040 R14: 0000000000000000 R15: 0000000000000000
[ 59.035875][ T97]
[ 59.035878][ T97] Modules linked in:
[ 59.035890][ T97] CR2: ffffc90000607710
[ 59.044357][ T97] ---[ end trace 0000000000000000 ]---
[ 59.044362][ T97] RIP: 0010:rb_erase+0x127/0xd90
[ 59.044370][ T97] Code: 8d 73 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 4c 89 f7 e8 71 5a 8c fd 4c 8d 7b 08 48 8b 45 d0 <48> 39 43 10 4d 0f 44 fe 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00
[ 59.044374][ T97] RSP: 0000:ffffc9000031f920 EFLAGS: 00010046
[ 59.044380][ T97] RAX: ffffc9000031fac0 RBX: ffffc90000607700 RCX: dffffc0000000000
[ 59.044384][ T97] RDX: dffffc0000000000 RSI: ffff8881f7229ce0 RDI: ffffc9000031fac8
[ 59.044388][ T97] RBP: ffffc9000031f980 R08: 0000000000000000 R09: 0000000000000003
[ 59.044392][ T97] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffc90000607700
[ 59.044396][ T97] R13: 0000000000000000 R14: ffffc90000607710 R15: ffffc90000607708
[ 59.044400][ T97] FS: 00007f0afe3d0c80(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
[ 59.044405][ T97] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 59.044413][ T97] CR2: ffffc90000607710 CR3: 000000010edc5000 CR4: 00000000003506b0
[ 59.044421][ T97] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 59.044424][ T97] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 60.210073][ T1822] Shutting down cpus with NMI
[ 60.737865][ T1822] Kernel Offset: disabled
[ 60.742346][ T1822] Rebooting in 86400 seconds..