Warning: Permanently added '10.128.0.44' (ED25519) to the list of known hosts.
2024/12/29 18:09:05 ignoring optional flag "sandboxArg"="0"
2024/12/29 18:09:05 ignoring optional flag "type"="gce"
2024/12/29 18:09:05 parsed 1 programs
[ 94.685564][ T4582] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 95.404662][ T4605] syz-executor.0 (4605) used greatest stack depth: 19128 bytes left
[ 96.098681][ T4282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.119886][ T4282] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.144773][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 96.156053][ T318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.165016][ T318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.175319][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 96.395083][ T4625] chnl_net:caif_netlink_parms(): no params data found
[ 96.455795][ T4625] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.463271][ T4625] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.471435][ T4625] device bridge_slave_0 entered promiscuous mode
[ 96.482395][ T4625] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.489537][ T4625] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.499595][ T4625] device bridge_slave_1 entered promiscuous mode
[ 96.527175][ T4625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 96.540035][ T4625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 96.567470][ T4625] team0: Port device team_slave_0 added
[ 96.576275][ T4625] team0: Port device team_slave_1 added
[ 96.601440][ T4625] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 96.608494][ T4625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.634880][ T4625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 96.647990][ T4625] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 96.655446][ T4625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.682678][ T4625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 96.714512][ T4625] device hsr_slave_0 entered promiscuous mode
[ 96.721227][ T4625] device hsr_slave_1 entered promiscuous mode
[ 97.408878][ T4625] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 97.419637][ T4625] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 97.452944][ T4625] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 97.464756][ T4625] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 97.597211][ T4625] 8021q: adding VLAN 0 to HW filter on device bond0
[ 97.634080][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 97.643552][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 97.655523][ T4625] 8021q: adding VLAN 0 to HW filter on device team0
[ 97.666905][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 97.676132][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 97.686907][ T4282] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.694173][ T4282] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 97.704346][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 97.731373][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 97.741021][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 97.751539][ T4282] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.758798][ T4282] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 97.782750][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 97.795033][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 97.805132][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 97.817353][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 97.826513][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 97.837489][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 97.847158][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 97.862943][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 97.872266][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 97.903030][ T4625] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 97.915944][ T4625] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 97.927385][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 97.936988][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 98.097821][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 98.106649][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 98.123813][ T4625] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 98.177686][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 98.188273][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 98.216695][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 98.226338][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 98.237647][ T4625] device veth0_vlan entered promiscuous mode
[ 98.246518][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 98.255437][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 98.276626][ T4625] device veth1_vlan entered promiscuous mode
[ 98.330176][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 98.344119][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 98.368570][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 98.383707][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 98.414808][ T4625] device veth0_macvtap entered promiscuous mode
[ 98.433590][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 98.450382][ T4625] device veth1_macvtap entered promiscuous mode
[ 98.495330][ T4625] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 98.506429][ T4625] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 98.532840][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 98.552292][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 98.568927][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 98.580273][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 98.596789][ T4625] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.606222][ T4625] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.616104][ T4625] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.626101][ T4625] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2024/12/29 18:09:11 executed programs: 0
[ 99.703762][ T4746] chnl_net:caif_netlink_parms(): no params data found
[ 99.839167][ T4746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.846542][ T4746] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.856165][ T4746] device bridge_slave_0 entered promiscuous mode
[ 99.866021][ T4746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.873883][ T4746] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.882674][ T4746] device bridge_slave_1 entered promiscuous mode
[ 99.929417][ T4746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.949043][ T4746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.997377][ T4746] team0: Port device team_slave_0 added
[ 100.014292][ T4746] team0: Port device team_slave_1 added
[ 100.074069][ T4746] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.081087][ T4746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.141766][ T4746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.163627][ T4746] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.170592][ T4746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.201716][ T4746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.277215][ T4746] device hsr_slave_0 entered promiscuous mode
[ 100.292711][ T4746] device hsr_slave_1 entered promiscuous mode
[ 100.311668][ T4746] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 100.319368][ T4746] Cannot create hsr debugfs directory
[ 100.469016][ T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.472556][ T4255] Bluetooth: hci0: command 0x0409 tx timeout
[ 103.552427][ T4596] Bluetooth: hci0: command 0x041b tx timeout
[ 103.946789][ T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.006914][ T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.067728][ T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.912634][ T4746] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 104.924926][ T4746] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 104.943912][ T4746] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 104.953109][ T4746] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 104.987659][ T144] device hsr_slave_0 left promiscuous mode
[ 104.994790][ T144] device hsr_slave_1 left promiscuous mode
[ 105.001137][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 105.009126][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 105.017798][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 105.026199][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 105.034089][ T144] device bridge_slave_1 left promiscuous mode
[ 105.040336][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.049199][ T144] device bridge_slave_0 left promiscuous mode
[ 105.056070][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.067533][ T144] device veth1_macvtap left promiscuous mode
[ 105.073770][ T144] device veth0_macvtap left promiscuous mode
[ 105.079818][ T144] device veth1_vlan left promiscuous mode
[ 105.085947][ T144] device veth0_vlan left promiscuous mode
[ 105.230472][ T144] team0 (unregistering): Port device team_slave_1 removed
[ 105.246557][ T144] team0 (unregistering): Port device team_slave_0 removed
[ 105.258795][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 105.275776][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 105.331879][ T144] bond0 (unregistering): Released all slaves
[ 105.429731][ T4746] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.447132][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 105.455889][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 105.478110][ T4746] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.488510][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 105.497468][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 105.506351][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.513673][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.521540][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 105.533208][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 105.542946][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 105.554916][ T318] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.562066][ T318] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.573501][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 105.585760][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 105.606308][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 105.626973][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 105.636528][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 105.641803][ T7] Bluetooth: hci0: command 0x040f tx timeout
[ 105.646254][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 105.659121][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 105.667943][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 105.678343][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 105.686579][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 105.695607][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 105.713031][ T4746] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 105.824674][ T4746] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.832019][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 105.839489][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 105.863751][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 105.872947][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 105.896403][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 105.907394][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 105.918350][ T4746] device veth0_vlan entered promiscuous mode
[ 105.927012][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 105.935891][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 105.950629][ T4746] device veth1_vlan entered promiscuous mode
[ 105.976467][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 105.986230][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 105.996349][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 106.005277][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 106.017624][ T4746] device veth0_macvtap entered promiscuous mode
[ 106.029189][ T4746] device veth1_macvtap entered promiscuous mode
[ 106.051038][ T4746] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 106.058932][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 106.068940][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 106.077218][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 106.086067][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 106.099316][ T4746] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 106.109275][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 106.118574][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 106.130949][ T4746] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.140158][ T4746] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.150953][ T4746] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.159927][ T4746] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.229424][ T4282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.250878][ T4282] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.271408][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.274981][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 106.288012][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.300817][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 106.382621][ T5038] loop0: detected capacity change from 0 to 1024
[ 106.439463][ T5038] EXT4-fs (loop0): Ignoring removed orlov option
[ 106.446267][ T5038] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 106.482048][ T5038] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
2024/12/29 18:09:19 executed programs: 1
[ 106.565540][ T4746] ==================================================================
[ 106.574052][ T4746] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[ 106.582091][ T4746] Read of size 4 at addr ffff888065923000 by task syz-executor/4746
[ 106.590091][ T4746]
[ 106.592434][ T4746] CPU: 1 PID: 4746 Comm: syz-executor Not tainted 5.15.175-syzkaller #0
[ 106.600825][ T4746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 106.610919][ T4746] Call Trace:
[ 106.614222][ T4746]
[ 106.617177][ T4746] dump_stack_lvl+0x1e3/0x2d0
[ 106.621898][ T4746] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 106.627550][ T4746] ? _printk+0xd1/0x120
[ 106.631738][ T4746] ? __wake_up_klogd+0xcc/0x100
[ 106.636649][ T4746] ? panic+0x860/0x860
[ 106.640751][ T4746] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 106.646429][ T4746] print_address_description+0x63/0x3b0
[ 106.651993][ T4746] ? ext4_xattr_delete_inode+0xcd0/0xce0
[ 106.657640][ T4746] kasan_report+0x16b/0x1c0
[ 106.662159][ T4746] ? ext4_xattr_delete_inode+0xcd0/0xce0
[ 106.667823][ T4746] ext4_xattr_delete_inode+0xcd0/0xce0
[ 106.673306][ T4746] ? ext4_blocks_for_truncate+0x270/0x270
[ 106.679051][ T4746] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[ 106.685136][ T4746] ? rcu_read_lock_any_held+0xb3/0x160
[ 106.690624][ T4746] ? ext4_inode_is_fast_symlink+0x262/0x390
[ 106.696532][ T4746] ext4_evict_inode+0xcb7/0x1100
[ 106.701485][ T4746] ? _raw_spin_unlock+0x24/0x40
[ 106.706362][ T4746] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 106.712359][ T4746] ? do_raw_spin_unlock+0x137/0x8b0
[ 106.717573][ T4746] ? _raw_spin_unlock+0x24/0x40
[ 106.722438][ T4746] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 106.728357][ T4746] evict+0x529/0x930
[ 106.732301][ T4746] ? __lock_acquire+0x1ff0/0x1ff0
[ 106.737366][ T4746] ? mode_strip_sgid+0x210/0x210
[ 106.742313][ T4746] ? rcu_is_watching+0x11/0xa0
[ 106.747094][ T4746] ? _raw_spin_unlock+0x24/0x40
[ 106.751971][ T4746] vfs_rmdir+0x33c/0x460
[ 106.756326][ T4746] do_rmdir+0x368/0x670
[ 106.760498][ T4746] ? d_delete_notify+0x150/0x150
[ 106.765450][ T4746] ? strncpy_from_user+0x209/0x370
[ 106.770577][ T4746] ? syscall_enter_from_user_mode+0x2e/0x240
[ 106.776581][ T4746] __x64_sys_unlinkat+0xdc/0xf0
[ 106.781461][ T4746] do_syscall_64+0x3b/0xb0
[ 106.785891][ T4746] ? clear_bhb_loop+0x15/0x70
[ 106.790581][ T4746] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 106.796497][ T4746] RIP: 0033:0x7fa4153a36c7
[ 106.800945][ T4746] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 106.820749][ T4746] RSP: 002b:00007ffec73fce78 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[ 106.829187][ T4746] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fa4153a36c7
[ 106.837515][ T4746] RDX: 0000000000000200 RSI: 00007ffec73fe020 RDI: 00000000ffffff9c
[ 106.845816][ T4746] RBP: 00007fa4153ef336 R08: 0000000000000000 R09: 0000000000000000
[ 106.853821][ T4746] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffec73fe020
[ 106.861812][ T4746] R13: 00007fa4153ef336 R14: 0000000000019f4f R15: 0000000000000007
[ 106.869833][ T4746]
[ 106.872919][ T4746]
[ 106.875256][ T4746] Allocated by task 4658:
[ 106.879616][ T4746] __kasan_slab_alloc+0x8e/0xc0
[ 106.884484][ T4746] slab_post_alloc_hook+0x53/0x380
[ 106.889605][ T4746] kmem_cache_alloc+0xf3/0x280
[ 106.894379][ T4746] ptlock_alloc+0x1c/0x60
[ 106.898834][ T4746] pte_alloc_one+0xd1/0x360
[ 106.903447][ T4746] __pte_alloc+0x75/0x210
[ 106.907788][ T4746] copy_page_range+0x3828/0x4420
[ 106.912746][ T4746] copy_mm+0xc64/0x1370
[ 106.917007][ T4746] copy_process+0x1816/0x3ef0
[ 106.921772][ T4746] kernel_clone+0x210/0x960
[ 106.926430][ T4746] __x64_sys_clone+0x23f/0x290
[ 106.931233][ T4746] do_syscall_64+0x3b/0xb0
[ 106.935751][ T4746] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 106.941759][ T4746]
[ 106.944133][ T4746] The buggy address belongs to the object at ffff888065923000
[ 106.944133][ T4746] which belongs to the cache page->ptl of size 64
[ 106.958042][ T4746] The buggy address is located 0 bytes inside of
[ 106.958042][ T4746] 64-byte region [ffff888065923000, ffff888065923040)
[ 106.971150][ T4746] The buggy address belongs to the page:
[ 106.976793][ T4746] page:ffffea00019648c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888065923ba0 pfn:0x65923
[ 106.988338][ T4746] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 106.995918][ T4746] raw: 00fff00000000200 ffffea0000848c80 0000000400000004 ffff88801744f780
[ 107.004500][ T4746] raw: ffff888065923ba0 00000000802a0000 00000001ffffffff 0000000000000000
[ 107.013247][ T4746] page dumped because: kasan: bad access detected
[ 107.019662][ T4746] page_owner tracks the page as allocated
[ 107.025373][ T4746] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 4658, ts 97435090938, free_ts 97433430677
[ 107.041532][ T4746] get_page_from_freelist+0x3b78/0x3d40
[ 107.047088][ T4746] __alloc_pages+0x272/0x700
[ 107.051736][ T4746] new_slab+0xbb/0x4b0
[ 107.055807][ T4746] ___slab_alloc+0x6f6/0xe10
[ 107.060396][ T4746] kmem_cache_alloc+0x18e/0x280
[ 107.065248][ T4746] ptlock_alloc+0x1c/0x60
[ 107.069584][ T4746] pte_alloc_one+0xd1/0x360
[ 107.074084][ T4746] __pte_alloc+0x75/0x210
[ 107.078549][ T4746] copy_page_range+0x3828/0x4420
[ 107.083499][ T4746] copy_mm+0xc64/0x1370
[ 107.087660][ T4746] copy_process+0x1816/0x3ef0
[ 107.092445][ T4746] kernel_clone+0x210/0x960
[ 107.097148][ T4746] __x64_sys_clone+0x23f/0x290
[ 107.102001][ T4746] do_syscall_64+0x3b/0xb0
[ 107.106434][ T4746] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 107.112327][ T4746] page last free stack trace:
[ 107.117092][ T4746] free_unref_page_prepare+0xc34/0xcf0
[ 107.122583][ T4746] free_unref_page_list+0x1f7/0x8e0
[ 107.127891][ T4746] release_pages+0x1bb9/0x1f40
[ 107.132843][ T4746] tlb_finish_mmu+0x177/0x320
[ 107.137538][ T4746] exit_mmap+0x3cd/0x620
[ 107.141876][ T4746] __mmput+0x112/0x3b0
[ 107.145952][ T4746] exit_mm+0x688/0x7f0
[ 107.150036][ T4746] do_exit+0x626/0x2480
[ 107.154191][ T4746] do_group_exit+0x144/0x310
[ 107.158779][ T4746] __x64_sys_exit_group+0x3b/0x40
[ 107.163799][ T4746] do_syscall_64+0x3b/0xb0
[ 107.168374][ T4746] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 107.174290][ T4746]
[ 107.176621][ T4746] Memory state around the buggy address:
[ 107.182242][ T4746] ffff888065922f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 107.190322][ T4746] ffff888065922f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 107.198382][ T4746] >ffff888065923000: fb fb fb fb fb fb fb fb fc fc fc fc fb fb fb fb
[ 107.206544][ T4746] ^
[ 107.210615][ T4746] ffff888065923080: fb fb fb fb fc fc fc fc fb fb fb fb fb fb fb fb
[ 107.218841][ T4746] ffff888065923100: fc fc fc fc fb fb fb fb fb fb fb fb fc fc fc fc
[ 107.227016][ T4746] ==================================================================
[ 107.235095][ T4746] Disabling lock debugging due to kernel taint
[ 107.250018][ T4746] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 107.257247][ T4746] CPU: 0 PID: 4746 Comm: syz-executor Tainted: G B 5.15.175-syzkaller #0
[ 107.266977][ T4746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 107.277050][ T4746] Call Trace:
[ 107.280353][ T4746]
[ 107.283298][ T4746] dump_stack_lvl+0x1e3/0x2d0
[ 107.288101][ T4746] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 107.293840][ T4746] ? panic+0x860/0x860
[ 107.297930][ T4746] ? rcu_is_watching+0x11/0xa0
[ 107.302712][ T4746] ? preempt_schedule_common+0xa6/0xd0
[ 107.308481][ T4746] panic+0x318/0x860
[ 107.312397][ T4746] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 107.318574][ T4746] ? check_panic_on_warn+0x1d/0xa0
[ 107.323730][ T4746] ? fb_is_primary_device+0xd0/0xd0
[ 107.329008][ T4746] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 107.335021][ T4746] ? _raw_spin_unlock+0x40/0x40
[ 107.339905][ T4746] check_panic_on_warn+0x7e/0xa0
[ 107.344840][ T4746] ? ext4_xattr_delete_inode+0xcd0/0xce0
[ 107.350472][ T4746] end_report+0x6d/0xf0
[ 107.354639][ T4746] kasan_report+0x18e/0x1c0
[ 107.359255][ T4746] ? ext4_xattr_delete_inode+0xcd0/0xce0
[ 107.365029][ T4746] ext4_xattr_delete_inode+0xcd0/0xce0
[ 107.370594][ T4746] ? ext4_blocks_for_truncate+0x270/0x270
[ 107.376778][ T4746] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[ 107.382974][ T4746] ? rcu_read_lock_any_held+0xb3/0x160
[ 107.388531][ T4746] ? ext4_inode_is_fast_symlink+0x262/0x390
[ 107.394430][ T4746] ext4_evict_inode+0xcb7/0x1100
[ 107.399375][ T4746] ? _raw_spin_unlock+0x24/0x40
[ 107.404227][ T4746] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 107.410290][ T4746] ? do_raw_spin_unlock+0x137/0x8b0
[ 107.415587][ T4746] ? _raw_spin_unlock+0x24/0x40
[ 107.420532][ T4746] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 107.426799][ T4746] evict+0x529/0x930
[ 107.430691][ T4746] ? __lock_acquire+0x1ff0/0x1ff0
[ 107.435807][ T4746] ? mode_strip_sgid+0x210/0x210
[ 107.440746][ T4746] ? rcu_is_watching+0x11/0xa0
[ 107.445502][ T4746] ? _raw_spin_unlock+0x24/0x40
[ 107.450373][ T4746] vfs_rmdir+0x33c/0x460
[ 107.454615][ T4746] do_rmdir+0x368/0x670
[ 107.458855][ T4746] ? d_delete_notify+0x150/0x150
[ 107.463791][ T4746] ? strncpy_from_user+0x209/0x370
[ 107.468903][ T4746] ? syscall_enter_from_user_mode+0x2e/0x240
[ 107.474884][ T4746] __x64_sys_unlinkat+0xdc/0xf0
[ 107.479851][ T4746] do_syscall_64+0x3b/0xb0
[ 107.484283][ T4746] ? clear_bhb_loop+0x15/0x70
[ 107.489057][ T4746] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 107.494963][ T4746] RIP: 0033:0x7fa4153a36c7
[ 107.499391][ T4746] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 107.519221][ T4746] RSP: 002b:00007ffec73fce78 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[ 107.527659][ T4746] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fa4153a36c7
[ 107.535639][ T4746] RDX: 0000000000000200 RSI: 00007ffec73fe020 RDI: 00000000ffffff9c
[ 107.543910][ T4746] RBP: 00007fa4153ef336 R08: 0000000000000000 R09: 0000000000000000
[ 107.551970][ T4746] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffec73fe020
[ 107.560077][ T4746] R13: 00007fa4153ef336 R14: 0000000000019f4f R15: 0000000000000007
[ 107.568105][ T4746]
[ 107.571529][ T4746] Kernel Offset: disabled
[ 107.575907][ T4746] Rebooting in 86400 seconds..