Warning: Permanently added '10.128.1.26' (ED25519) to the list of known hosts.
2024/09/14 00:34:34 ignoring optional flag "sandboxArg"="0"
2024/09/14 00:34:35 parsed 1 programs
2024/09/14 00:34:35 executed programs: 0
[   46.285843][  T413] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.292781][  T413] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.300130][  T413] device bridge_slave_0 entered promiscuous mode
[   46.315511][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.322506][  T413] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.330183][  T413] device bridge_slave_1 entered promiscuous mode
[   46.450480][  T421] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.457775][  T421] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.465329][  T421] device bridge_slave_0 entered promiscuous mode
[   46.476141][  T421] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.483138][  T421] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.490442][  T421] device bridge_slave_1 entered promiscuous mode
[   46.608059][  T416] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.614943][  T416] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.622760][  T416] device bridge_slave_0 entered promiscuous mode
[   46.638078][  T416] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.645089][  T416] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.652546][  T416] device bridge_slave_1 entered promiscuous mode
[   46.678999][  T419] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.685929][  T419] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.693523][  T419] device bridge_slave_0 entered promiscuous mode
[   46.718050][  T419] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.725582][  T419] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.733143][  T419] device bridge_slave_1 entered promiscuous mode
[   46.751502][  T424] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.758598][  T424] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.766114][  T424] device bridge_slave_0 entered promiscuous mode
[   46.773221][  T425] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.780095][  T425] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.787720][  T425] device bridge_slave_0 entered promiscuous mode
[   46.815473][  T424] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.822692][  T424] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.830020][  T424] device bridge_slave_1 entered promiscuous mode
[   46.836722][  T425] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.843693][  T425] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.851071][  T425] device bridge_slave_1 entered promiscuous mode
[   46.955910][  T421] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.963150][  T421] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.970369][  T421] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.977244][  T421] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.010010][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.016964][  T413] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.109831][  T419] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.116829][  T419] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.123960][  T419] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.130864][  T419] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.164391][  T416] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.171422][  T416] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.178579][  T416] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.185764][  T416] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.212934][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.219923][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.228417][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.237349][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.245946][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.253325][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.260303][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.267408][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.276030][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.283567][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.290800][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.299047][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.307115][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.314062][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.350986][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.359409][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.367519][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.374366][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.414692][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.422103][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.431232][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.440141][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.448545][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.455399][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.463075][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.471317][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.479410][   T18] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.486425][   T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.494314][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   47.502580][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.510437][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   47.518513][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.526626][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   47.534645][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.542607][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   47.550854][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.584958][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   47.594263][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.602033][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.634090][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.641573][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.649325][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.657220][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.665346][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.672961][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.680253][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.688586][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.696782][  T369] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.703828][  T369] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.711302][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   47.732732][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.740970][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.750458][  T125] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.757405][  T125] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.765339][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.773695][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.781816][  T125] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.788808][  T125] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.796063][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.805053][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.813071][  T125] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.819988][  T125] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.828051][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.836785][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.845008][  T125] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.852028][  T125] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.859636][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   47.887944][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   47.896426][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   47.905245][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   47.916623][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.925070][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.934184][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.941130][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.948667][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.957047][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.973262][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   47.981296][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   47.993119][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.001013][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.043065][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.050963][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   48.060166][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.070797][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   48.079371][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.087410][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.095242][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   48.103541][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.111704][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.122993][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.153509][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.162181][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.171924][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.180871][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.198754][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.207387][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.215976][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.224706][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.233824][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.242014][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.250971][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.281679][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.291130][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   48.299331][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.334946][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.354396][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.365539][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.376019][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.384586][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.393767][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.401785][   T23] kauditd_printk_skb: 15 callbacks suppressed
[   48.401797][   T23] audit: type=1400 audit(1726274077.320:91): avc:  denied  { mounton } for  pid=449 comm="syz-executor.0" path="/root/syzkaller-testdir3284619328/syzkaller.olRe93/0/file0" dev="sda1" ino=1952 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   48.428476][  T448] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   48.436945][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.446328][  T450] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   48.465282][   T23] audit: type=1400 audit(1726274077.390:92): avc:  denied  { mount } for  pid=447 comm="syz-executor.3" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   48.484391][  T448] EXT4-fs (loop3): re-mounted. Opts: (null)
[   48.487906][   T23] audit: type=1400 audit(1726274077.390:93): avc:  denied  { mounton } for  pid=447 comm="syz-executor.3" path="/root/syzkaller-testdir2366245742/syzkaller.7FggO9/0/file0/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   48.522069][  T450] EXT4-fs (loop0): re-mounted. Opts: (null)
[   48.536164][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   48.536757][   T23] audit: type=1400 audit(1726274077.390:94): avc:  denied  { prog_load } for  pid=447 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   48.544550][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.564210][   T23] audit: type=1400 audit(1726274077.390:95): avc:  denied  { remount } for  pid=447 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   48.564231][   T23] audit: type=1400 audit(1726274077.460:96): avc:  denied  { create } for  pid=447 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   48.564249][   T23] audit: type=1400 audit(1726274077.460:97): avc:  denied  { unmount } for  pid=421 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   48.633450][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.634505][  T462] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   48.641705][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.659371][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.667973][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.669022][  T462] EXT4-fs (loop3): re-mounted. Opts: (null)
[   48.676561][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.690712][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.699580][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   48.707865][  T368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.726949][   T23] audit: type=1400 audit(1726274077.650:98): avc:  denied  { mounton } for  pid=413 comm="syz-executor.1" path="/dev/binderfs" dev="devtmpfs" ino=10744 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   48.751213][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.760842][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.802592][  T108] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.811075][  T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.841573][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.854157][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.909510][  T470] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   48.926530][  T470] EXT4-fs (loop0): re-mounted. Opts: (null)
[   48.940908][  T483] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   48.951310][  T468] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   48.956620][  T476] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   48.972488][  T483] EXT4-fs (loop5): re-mounted. Opts: (null)
[   48.985838][  T468] EXT4-fs (loop1): re-mounted. Opts: (null)
[   48.990120][  T472] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   49.024394][  T481] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   49.090948][  T472] EXT4-fs (loop2): re-mounted. Opts: (null)
[   49.098238][  T481] EXT4-fs (loop4): re-mounted. Opts: (null)
[   49.123349][  T476] EXT4-fs (loop3): re-mounted. Opts: (null)
[   49.303137][  T501] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   49.327633][  T506] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   49.343316][  T501] EXT4-fs (loop0): re-mounted. Opts: (null)
[   49.349720][  T506] EXT4-fs (loop1): re-mounted. Opts: (null)
[   49.370656][  T503] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   49.382788][  T518] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   49.457735][  T503] EXT4-fs (loop5): re-mounted. Opts: (null)
[   49.463872][  T518] EXT4-fs (loop4): re-mounted. Opts: (null)
[   49.480136][  T531] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   49.503929][  T522] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   49.514870][  T519] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   49.552845][  T531] EXT4-fs (loop0): re-mounted. Opts: (null)
[   49.565711][  T522] EXT4-fs (loop3): re-mounted. Opts: (null)
[   49.589644][  T519] EXT4-fs (loop2): re-mounted. Opts: (null)
[   49.602207][  T536] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   49.644319][  T545] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   49.726075][  T536] EXT4-fs (loop1): re-mounted. Opts: (null)
[   49.775374][  T545] EXT4-fs (loop5): re-mounted. Opts: (null)
[   49.814277][  T553] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   49.855577][  T554] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   49.868833][  T553] EXT4-fs (loop4): re-mounted. Opts: (null)
[   49.874303][  T554] EXT4-fs (loop3): re-mounted. Opts: (null)
[   49.890721][  T556] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   49.903279][  T560] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   49.925748][  T556] EXT4-fs (loop0): re-mounted. Opts: (null)
[   49.933753][  T560] EXT4-fs (loop1): re-mounted. Opts: (null)
[   49.934326][  T558] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.013245][  T558] EXT4-fs (loop2): re-mounted. Opts: (null)
[   50.096491][  T576] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   50.125549][  T576] EXT4-fs (loop5): re-mounted. Opts: (null)
[   50.146085][  T591] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.156102][  T581] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   50.157578][  T583] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   50.167690][  T581] EXT4-fs (loop3): re-mounted. Opts: (null)
[   50.180630][  T585] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   50.191011][  T589] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.202143][  T591] EXT4-fs (loop4): re-mounted. Opts: (null)
[   50.244353][  T585] EXT4-fs (loop1): re-mounted. Opts: (null)
[   50.251622][  T583] EXT4-fs (loop0): re-mounted. Opts: (null)
[   50.257583][  T589] EXT4-fs (loop2): re-mounted. Opts: (null)
[   50.408871][  T610] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   50.427136][  T608] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   50.444718][  T608] EXT4-fs (loop5): re-mounted. Opts: (null)
[   50.451531][  T610] EXT4-fs (loop3): re-mounted. Opts: (null)
[   50.459117][  T615] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.476884][  T613] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.489468][  T617] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   50.493014][  T615] EXT4-fs (loop4): re-mounted. Opts: (null)
[   50.503436][  T625] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   50.526123][  T617] EXT4-fs (loop1): re-mounted. Opts: (null)
[   50.535297][  T613] EXT4-fs (loop2): re-mounted. Opts: (null)
[   50.544475][  T625] EXT4-fs (loop0): re-mounted. Opts: (null)
[   50.694152][  T640] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   50.705007][  T641] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   50.706320][  T645] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.741769][  T641] EXT4-fs (loop3): re-mounted. Opts: (null)
[   50.752778][  T640] EXT4-fs (loop5): re-mounted. Opts: (null)
[   50.765787][  T645] EXT4-fs (loop4): re-mounted. Opts: (null)
[   50.804548][  T647] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   50.808660][  T653] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   50.849439][  T647] EXT4-fs (loop1): re-mounted. Opts: (null)
[   50.864161][  T658] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.907423][  T653] EXT4-fs (loop0): re-mounted. Opts: (null)
[   50.956634][  T658] EXT4-fs (loop2): re-mounted. Opts: (null)
[   51.079125][  T676] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   51.088643][  T672] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   51.122026][  T674] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   51.132788][  T672] EXT4-fs (loop3): re-mounted. Opts: (null)
[   51.139279][  T676] EXT4-fs (loop4): re-mounted. Opts: (null)
[   51.148639][  T674] EXT4-fs (loop1): re-mounted. Opts: (null)
[   51.155700][  T678] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
2024/09/14 00:34:40 executed programs: 47
[   51.167553][  T684] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   51.188049][  T678] EXT4-fs (loop5): re-mounted. Opts: (null)
[   51.195684][  T690] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   51.314396][  T690] EXT4-fs (loop0): re-mounted. Opts: (null)
[   51.374461][  T684] EXT4-fs (loop2): re-mounted. Opts: (null)
[   51.378321][  T703] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   51.457022][  T703] EXT4-fs (loop4): re-mounted. Opts: (null)
[   51.468485][  T705] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   51.495729][  T710] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   51.522902][  T705] EXT4-fs (loop3): re-mounted. Opts: (null)
[   51.533180][  T710] EXT4-fs (loop1): re-mounted. Opts: (null)
[   51.543264][  T713] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   51.571391][  T722] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   51.583755][  T720] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   51.600380][  T713] EXT4-fs (loop5): re-mounted. Opts: (null)
[   51.607601][  T726] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   51.631052][  T720] EXT4-fs (loop0): re-mounted. Opts: (null)
[   51.637089][  T726] EXT4-fs (loop4): re-mounted. Opts: (null)
[   51.643509][  T722] EXT4-fs (loop2): re-mounted. Opts: (null)
[   51.658453][  T737] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   51.754470][  T737] EXT4-fs (loop3): re-mounted. Opts: (null)
[   51.894177][  T744] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   51.917244][  T749] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   51.935961][  T754] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   51.945343][  T744] EXT4-fs (loop1): re-mounted. Opts: (null)
[   51.952840][  T747] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   51.976278][  T747] EXT4-fs (loop5): re-mounted. Opts: (null)
[   51.980274][  T756] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   51.983343][  T749] EXT4-fs (loop0): re-mounted. Opts: (null)
[   51.995732][  T753] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   52.007330][  T754] EXT4-fs (loop4): re-mounted. Opts: (null)
[   52.080142][  T756] EXT4-fs (loop3): re-mounted. Opts: (null)
[   52.083944][  T753] EXT4-fs (loop2): re-mounted. Opts: (null)
[   52.294111][  T774] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   52.321925][  T774] EXT4-fs (loop1): re-mounted. Opts: (null)
[   52.335906][  T776] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   52.358560][  T776] EXT4-fs (loop5): re-mounted. Opts: (null)
[   52.374725][  T789] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   52.436233][  T789] EXT4-fs (loop2): re-mounted. Opts: (null)
[   52.447596][  T787] EXT4-fs (loop4): re-mounted. Opts: (null)
[   52.453988][  T780] EXT4-fs (loop0): re-mounted. Opts: (null)
[   52.460253][  T785] EXT4-fs (loop3): re-mounted. Opts: (null)
[   52.715391][  T805] EXT4-fs (loop1): re-mounted. Opts: (null)
[   52.755650][  T807] EXT4-fs (loop5): re-mounted. Opts: (null)
[   52.763946][  T810] EXT4-fs (loop2): re-mounted. Opts: (null)
[   52.764053][  T817] EXT4-fs (loop4): re-mounted. Opts: (null)
[   52.777893][  T816] EXT4-fs (loop3): re-mounted. Opts: (null)
[   53.047826][  T818] EXT4-fs (loop0): re-mounted. Opts: (null)
[   53.079030][  T838] EXT4-fs (loop1): re-mounted. Opts: (null)
[   53.085801][  T836] EXT4-fs (loop5): re-mounted. Opts: (null)
[   53.172345][  T839] EXT4-fs (loop4): re-mounted. Opts: (null)
[   53.253043][  T850] EXT4-fs (loop2): re-mounted. Opts: (null)
[   53.258954][  T843] EXT4-fs (loop3): re-mounted. Opts: (null)
[   53.304570][  T859] EXT4-fs (loop0): re-mounted. Opts: (null)
[   53.312474][  T854] EXT4-fs (loop5): re-mounted. Opts: (null)
[   53.318889][  T860] EXT4-fs (loop1): re-mounted. Opts: (null)
[   53.442161][  T875] EXT4-fs (loop4): re-mounted. Opts: (null)
[   53.518682][  T881] EXT4-fs (loop3): re-mounted. Opts: (null)
[   53.539749][  T886] EXT4-fs (loop0): re-mounted. Opts: (null)
[   53.546110][  T882] EXT4-fs (loop1): re-mounted. Opts: (null)
[   53.546341][  T890] EXT4-fs (loop5): re-mounted. Opts: (null)
[   53.585472][  T898] EXT4-fs (loop4): re-mounted. Opts: (null)
[   53.587357][  T884] EXT4-fs (loop2): re-mounted. Opts: (null)
[   54.041036][  T915] EXT4-fs (loop5): re-mounted. Opts: (null)
[   54.059265][  T919] EXT4-fs (loop2): re-mounted. Opts: (null)
[   54.079341][  T916] EXT4-fs (loop0): re-mounted. Opts: (null)
[   54.086328][  T920] EXT4-fs (loop1): re-mounted. Opts: (null)
[   54.094137][  T913] EXT4-fs (loop3): re-mounted. Opts: (null)
[   54.108957][  T923] EXT4-fs (loop4): re-mounted. Opts: (null)
[   54.488530][  T942] EXT4-fs (loop2): re-mounted. Opts: (null)
[   54.523546][  T947] EXT4-fs (loop5): re-mounted. Opts: (null)
[   54.544667][  T945] EXT4-fs (loop4): re-mounted. Opts: (null)
[   54.605952][  T955] EXT4-fs (loop0): re-mounted. Opts: (null)
[   54.735831][  T953] EXT4-fs (loop3): re-mounted. Opts: (null)
[   54.741617][  T957] EXT4-fs (loop1): re-mounted. Opts: (null)
[   54.759791][  T969] EXT4-fs (loop2): re-mounted. Opts: (null)
[   54.770254][  T978] EXT4-fs (loop0): re-mounted. Opts: (null)
[   54.770733][  T971] EXT4-fs (loop4): re-mounted. Opts: (null)
[   54.884729][  T979] EXT4-fs (loop5): re-mounted. Opts: (null)
[   55.041502][  T993] EXT4-fs (loop3): re-mounted. Opts: (null)
[   55.044143][  T996] EXT4-fs (loop0): re-mounted. Opts: (null)
[   55.097384][  T998] EXT4-fs (loop2): re-mounted. Opts: (null)
[   55.104041][ T1005] EXT4-fs (loop5): re-mounted. Opts: (null)
[   55.109970][  T999] EXT4-fs (loop1): re-mounted. Opts: (null)
[   55.278772][ T1006] EXT4-fs (loop4): re-mounted. Opts: (null)
[   55.296158][ T1025] EXT4-fs (loop2): re-mounted. Opts: (null)
[   55.405004][ T1027] EXT4-fs (loop0): re-mounted. Opts: (null)
[   55.421818][ T1022] EXT4-fs (loop3): re-mounted. Opts: (null)
[   55.441011][ T1036] EXT4-fs (loop5): re-mounted. Opts: (null)
[   55.490516][ T1037] EXT4-fs (loop1): re-mounted. Opts: (null)
[   55.570823][ T1046] EXT4-fs (loop4): re-mounted. Opts: (null)
[   55.659026][ T1044] EXT4-fs (loop2): re-mounted. Opts: (null)
[   55.665541][ T1052] EXT4-fs (loop0): re-mounted. Opts: (null)
[   55.674116][ T1061] EXT4-fs (loop3): re-mounted. Opts: (null)
[   55.674140][ T1063] EXT4-fs (loop1): re-mounted. Opts: (null)
[   55.691988][ T1065] EXT4-fs (loop5): re-mounted. Opts: (null)
[   56.017943][ T1075] EXT4-fs (loop4): re-mounted. Opts: (null)
[   56.111446][ T1085] EXT4-fs (loop3): re-mounted. Opts: (null)
[   56.211185][ T1092] EXT4-fs (loop1): re-mounted. Opts: (null)
[   56.217592][ T1095] EXT4-fs (loop0): re-mounted. Opts: (null)
[   56.239854][ T1089] EXT4-fs (loop2): re-mounted. Opts: (null)
[   56.247817][ T1091] EXT4-fs (loop5): re-mounted. Opts: (null)
2024/09/14 00:34:45 executed programs: 129
[   56.258868][ T1098] EXT4-fs (loop4): re-mounted. Opts: (null)
[   56.504663][ T1116] EXT4-fs (loop3): re-mounted. Opts: (null)
[   56.533415][ T1119] EXT4-fs (loop1): re-mounted. Opts: (null)
[   56.539382][ T1123] EXT4-fs (loop2): re-mounted. Opts: (null)
[   56.713424][ T1132] EXT4-fs (loop4): re-mounted. Opts: (null)
[   56.727442][ T1130] EXT4-fs (loop0): re-mounted. Opts: (null)
[   56.799717][ T1133] EXT4-fs (loop5): re-mounted. Opts: (null)
[   56.813521][ T1143] EXT4-fs (loop2): re-mounted. Opts: (null)
[   56.860618][ T1146] EXT4-fs (loop1): re-mounted. Opts: (null)
[   56.866542][ T1140] EXT4-fs (loop3): re-mounted. Opts: (null)
[   57.001831][ T1164] EXT4-fs (loop4): re-mounted. Opts: (null)
[   57.022148][ T1169] EXT4-fs (loop2): re-mounted. Opts: (null)
[   57.036576][ T1166] EXT4-fs (loop5): re-mounted. Opts: (null)
[   57.064467][ T1163] EXT4-fs (loop0): re-mounted. Opts: (null)
[   57.098599][ T1175] EXT4-fs (loop1): re-mounted. Opts: (null)
[   57.104723][ T1173] EXT4-fs (loop3): re-mounted. Opts: (null)
[   57.281450][ T1194] EXT4-fs (loop0): re-mounted. Opts: (null)
[   57.304872][ T1197] EXT4-fs (loop1): re-mounted. Opts: (null)
[   57.398243][ T1203] EXT4-fs (loop4): re-mounted. Opts: (null)
[   57.406217][ T1200] EXT4-fs (loop3): re-mounted. Opts: (null)
[   57.412024][ T1192] EXT4-fs (loop2): re-mounted. Opts: (null)
[   57.418185][ T1198] EXT4-fs (loop5): re-mounted. Opts: (null)
[   57.470560][ T1222] EXT4-fs (loop0): re-mounted. Opts: (null)
[   57.680149][ T1234] EXT4-fs (loop1): re-mounted. Opts: (null)
[   57.707106][ T1232] EXT4-fs (loop4): re-mounted. Opts: (null)
[   57.715639][ T1236] EXT4-fs (loop5): re-mounted. Opts: (null)
[   57.721600][ T1237] EXT4-fs (loop2): re-mounted. Opts: (null)
[   57.732113][ T1229] EXT4-fs (loop3): re-mounted. Opts: (null)
[   57.754017][  T416] ==================================================================
[   57.761943][  T416] BUG: KASAN: use-after-free in kthread_stop+0x37/0x4a0
[   57.768863][  T416] Write of size 4 at addr ffff8881e1aa8fe0 by task syz-executor.2/416
[   57.777143][  T416] 
[   57.779332][  T416] CPU: 0 PID: 416 Comm: syz-executor.2 Not tainted 5.4.281-syzkaller-04949-gc8a568fb88e9 #0
[   57.789297][  T416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   57.799311][  T416] Call Trace:
[   57.802432][  T416]  dump_stack+0x1d8/0x241
[   57.806588][  T416]  ? prepare_exit_to_usermode+0x199/0x200
[   57.812151][  T416]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   57.817782][  T416]  ? printk+0xd1/0x111
[   57.821740][  T416]  ? kthread_stop+0x37/0x4a0
[   57.826215][  T416]  print_address_description+0x8c/0x600
[   57.831586][  T416]  ? kthread_stop+0x37/0x4a0
[   57.836013][  T416]  __kasan_report+0xf3/0x120
[   57.840436][  T416]  ? kthread_stop+0x37/0x4a0
[   57.844952][  T416]  kasan_report+0x30/0x60
[   57.849126][  T416]  check_memory_region+0x272/0x280
[   57.854154][  T416]  kthread_stop+0x37/0x4a0
[   57.858407][  T416]  ext4_put_super+0x790/0xbb0
[   57.863014][  T416]  ? ext4_drop_inode+0x1f0/0x1f0
[   57.867899][  T416]  generic_shutdown_super+0x120/0x2a0
[   57.873069][  T416]  kill_block_super+0x7a/0xe0
[   57.877592][  T416]  deactivate_locked_super+0xa8/0x110
[   57.882793][  T416]  deactivate_super+0x1e2/0x2a0
[   57.887495][  T416]  ? deactivate_locked_super+0x110/0x110
[   57.893063][  T416]  ? d_lru_add+0xdb/0x160
[   57.897403][  T416]  ? retain_dentry+0x1ac/0x270
[   57.902174][  T416]  cleanup_mnt+0x44e/0x500
[   57.906516][  T416]  task_work_run+0x140/0x170
[   57.910974][  T416]  exit_to_usermode_loop+0x190/0x1a0
[   57.916175][  T416]  prepare_exit_to_usermode+0x199/0x200
[   57.921613][  T416]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   57.927346][  T416] RIP: 0033:0x7f386e8f6bc7
[   57.931596][  T416] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   57.951057][  T416] RSP: 002b:00007ffe06749b98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   57.959277][  T416] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f386e8f6bc7
[   57.967089][  T416] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe06749c50
[   57.975195][  T416] RBP: 00007ffe06749c50 R08: 0000000000000000 R09: 0000000000000000
[   57.983329][  T416] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe0674ad10
[   57.991131][  T416] R13: 00007f386e950aa2 R14: 000000000000e07b R15: 0000000000000009
[   57.998970][  T416] 
[   58.001278][  T416] Allocated by task 2:
[   58.005283][  T416]  __kasan_kmalloc+0x171/0x210
[   58.010005][  T416]  kmem_cache_alloc+0xd9/0x250
[   58.014631][  T416]  dup_task_struct+0x4f/0x600
[   58.019291][  T416]  copy_process+0x56d/0x3230
[   58.023906][  T416]  _do_fork+0x197/0x900
[   58.027994][  T416]  kernel_thread+0x16a/0x1d0
[   58.032505][  T416]  kthreadd+0x3b1/0x4f0
[   58.036508][  T416]  ret_from_fork+0x1f/0x30
[   58.040858][  T416] 
[   58.043035][  T416] Freed by task 10:
[   58.046690][  T416]  __kasan_slab_free+0x1b5/0x270
[   58.051882][  T416]  kmem_cache_free+0x10b/0x2c0
[   58.056441][  T416]  rcu_do_batch+0x492/0xa00
[   58.061696][  T416]  rcu_core+0x4c8/0xcb0
[   58.066069][  T416]  __do_softirq+0x23b/0x6b7
[   58.070479][  T416] 
[   58.072671][  T416] The buggy address belongs to the object at ffff8881e1aa8fc0
[   58.072671][  T416]  which belongs to the cache task_struct of size 3904
[   58.087466][  T416] The buggy address is located 32 bytes inside of
[   58.087466][  T416]  3904-byte region [ffff8881e1aa8fc0, ffff8881e1aa9f00)
[   58.100553][  T416] The buggy address belongs to the page:
[   58.106023][  T416] page:ffffea000786aa00 refcount:1 mapcount:0 mapping:ffff8881f5cf8a00 index:0x0 compound_mapcount: 0
[   58.116938][  T416] flags: 0x8000000000010200(slab|head)
[   58.122554][  T416] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f5cf8a00
[   58.130928][  T416] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
[   58.139599][  T416] page dumped because: kasan: bad access detected
[   58.145855][  T416] page_owner tracks the page as allocated
[   58.151587][  T416] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL)
[   58.168029][  T416]  prep_new_page+0x18f/0x370
[   58.172445][  T416]  get_page_from_freelist+0x2d13/0x2d90
[   58.177961][  T416]  __alloc_pages_nodemask+0x393/0x840
[   58.183360][  T416]  alloc_slab_page+0x39/0x3c0
[   58.187869][  T416]  new_slab+0x97/0x440
[   58.191837][  T416]  ___slab_alloc+0x2fe/0x490
[   58.196268][  T416]  __slab_alloc+0x62/0xa0
[   58.200434][  T416]  kmem_cache_alloc+0x109/0x250
[   58.205295][  T416]  dup_task_struct+0x4f/0x600
[   58.209914][  T416]  copy_process+0x56d/0x3230
[   58.214591][  T416]  _do_fork+0x197/0x900
[   58.218584][  T416]  kernel_thread+0x16a/0x1d0
[   58.223100][  T416]  kthreadd+0x3b1/0x4f0
[   58.227083][  T416]  ret_from_fork+0x1f/0x30
[   58.231345][  T416] page last free stack trace:
[   58.235859][  T416]  __free_pages_ok+0x847/0x950
[   58.240455][  T416]  __free_pages+0x91/0x140
[   58.244700][  T416]  __free_slab+0x221/0x2e0
[   58.248950][  T416]  unfreeze_partials+0x14e/0x180
[   58.253813][  T416]  put_cpu_partial+0x44/0x180
[   58.258413][  T416]  __slab_free+0x297/0x360
[   58.262762][  T416]  qlist_free_all+0x43/0xb0
[   58.267125][  T416]  quarantine_reduce+0x1d9/0x210
[   58.271963][  T416]  __kasan_kmalloc+0x41/0x210
[   58.276473][  T416]  kmem_cache_alloc+0xd9/0x250
[   58.281073][  T416]  getname_flags+0xb8/0x4e0
[   58.285414][  T416]  do_sys_open+0x357/0x810
[   58.289769][  T416]  do_syscall_64+0xca/0x1c0
[   58.294097][  T416]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   58.299902][  T416] 
[   58.302157][  T416] Memory state around the buggy address:
[   58.307991][  T416]  ffff8881e1aa8e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   58.315883][  T416]  ffff8881e1aa8f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   58.324053][  T416] >ffff8881e1aa8f80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   58.331941][  T416]                                                        ^
[   58.339059][  T416]  ffff8881e1aa9000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   58.347052][  T416]  ffff8881e1aa9080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   58.354929][  T416] ==================================================================
[   58.362942][  T416] Disabling lock debugging due to kernel taint
[   58.369727][  T416] ------------[ cut here ]------------
[   58.375305][  T416] refcount_t: addition on 0; use-after-free.
[   58.386046][  T416] WARNING: CPU: 0 PID: 416 at lib/refcount.c:25 refcount_warn_saturate+0x132/0x1a0
[   58.395411][  T416] Modules linked in:
[   58.399147][  T416] CPU: 0 PID: 416 Comm: syz-executor.2 Tainted: G    B             5.4.281-syzkaller-04949-gc8a568fb88e9 #0
[   58.410611][  T416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   58.420962][  T416] RIP: 0010:refcount_warn_saturate+0x132/0x1a0
[   58.427122][  T416] Code: 03 01 48 c7 c7 a0 0e fa 84 e8 9a eb 0d ff 0f 0b eb a9 e8 11 3a 37 ff c6 05 24 ac bc 03 01 48 c7 c7 20 0f fa 84 e8 7e eb 0d ff <0f> 0b eb 8d e8 f5 39 37 ff c6 05 09 ac bc 03 01 48 c7 c7 80 0f fa
[   58.447030][  T416] RSP: 0018:ffff8881f0b27c30 EFLAGS: 00010246
[   58.452931][  T416] RAX: f245f083e6476100 RBX: 0000000000000002 RCX: ffff8881f31f1f80
[   58.460932][  T416] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   58.468728][  T416] RBP: 0000000000000002 R08: ffffffff814d5952 R09: ffffed103edca9b8
[   58.476634][  T416] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   58.484738][  T416] R13: ffff8881e1aa8fc0 R14: dffffc0000000000 R15: ffff8881e1aa8fe0
[   58.492609][  T416] FS:  000055555618c480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   58.501806][  T416] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   58.508428][  T416] CR2: 0000555556195818 CR3: 00000001f31e3000 CR4: 00000000003406b0
[   58.516250][  T416] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   58.524107][  T416] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   58.532001][  T416] Call Trace:
[   58.535241][  T416]  ? __warn+0x162/0x250
[   58.539307][  T416]  ? report_bug+0x3a1/0x4e0
[   58.543639][  T416]  ? refcount_warn_saturate+0x132/0x1a0
[   58.549129][  T416]  ? refcount_warn_saturate+0x132/0x1a0
[   58.554510][  T416]  ? do_invalid_op+0x6e/0x110
[   58.559021][  T416]  ? invalid_op+0x1e/0x30
[   58.563285][  T416]  ? wake_up_klogd+0xb2/0xf0
[   58.567706][  T416]  ? refcount_warn_saturate+0x132/0x1a0
[   58.573164][  T416]  kthread_stop+0x1a5/0x4a0
[   58.577502][  T416]  ext4_put_super+0x790/0xbb0
[   58.582031][  T416]  ? ext4_drop_inode+0x1f0/0x1f0
[   58.587095][  T416]  generic_shutdown_super+0x120/0x2a0
[   58.592294][  T416]  kill_block_super+0x7a/0xe0
[   58.597166][  T416]  deactivate_locked_super+0xa8/0x110
[   58.602371][  T416]  deactivate_super+0x1e2/0x2a0
[   58.607348][  T416]  ? deactivate_locked_super+0x110/0x110
[   58.612822][  T416]  ? d_lru_add+0xdb/0x160
[   58.617092][  T416]  ? retain_dentry+0x1ac/0x270
[   58.621673][  T416]  cleanup_mnt+0x44e/0x500
[   58.625929][  T416]  task_work_run+0x140/0x170
[   58.630547][  T416]  exit_to_usermode_loop+0x190/0x1a0
[   58.635656][  T416]  prepare_exit_to_usermode+0x199/0x200
[   58.641356][  T416]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   58.647171][  T416] RIP: 0033:0x7f386e8f6bc7
[   58.651540][  T416] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   58.671176][  T416] RSP: 002b:00007ffe06749b98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   58.679427][  T416] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f386e8f6bc7
[   58.687498][  T416] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe06749c50
[   58.695400][  T416] RBP: 00007ffe06749c50 R08: 0000000000000000 R09: 0000000000000000
[   58.703305][  T416] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe0674ad10
[   58.711296][  T416] R13: 00007f386e950aa2 R14: 000000000000e07b R15: 0000000000000009
[   58.719104][  T416] ---[ end trace 138c8b74919f3b93 ]---
[   58.850352][ T1262] EXT4-fs (loop1): re-mounted. Opts: (null)
[   58.852677][ T1256] EXT4-fs (loop0): re-mounted. Opts: (null)
[   58.881777][ T1272] EXT4-fs (loop3): re-mounted. Opts: (null)
[   58.892404][ T1258] EXT4-fs (loop5): re-mounted. Opts: (null)
[   59.037235][ T1268] EXT4-fs (loop4): re-mounted. Opts: (null)
[   59.108494][ T1283] EXT4-fs (loop1): re-mounted. Opts: (null)
[   59.227153][ T1284] EXT4-fs (loop3): re-mounted. Opts: (null)
[   59.253076][ T1296] EXT4-fs (loop5): re-mounted. Opts: (null)
[   59.264864][ T1292] EXT4-fs (loop0): re-mounted. Opts: (null)
[   59.368143][ T1301] EXT4-fs (loop4): re-mounted. Opts: (null)
[   59.422802][ T1305] EXT4-fs (loop1): re-mounted. Opts: (null)
[   59.450565][ T1313] EXT4-fs (loop3): re-mounted. Opts: (null)
[   59.456955][ T1315] EXT4-fs (loop5): re-mounted. Opts: (null)
[   66.472732][   T24] cfg80211: failed to load regulatory.db