Warning: Permanently added '10.128.1.118' (ED25519) to the list of known hosts. 2023/10/03 10:47:53 ignoring optional flag "sandboxArg"="0" 2023/10/03 10:47:53 parsed 1 programs 2023/10/03 10:47:55 executed programs: 0 [ 103.539082][ T5386] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 103.606156][ T5041] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.614851][ T5041] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.623761][ T5041] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.631740][ T5041] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 103.639419][ T5041] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.796150][ T5392] chnl_net:caif_netlink_parms(): no params data found [ 103.869272][ T5392] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.877209][ T5392] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.884397][ T5392] bridge_slave_0: entered allmulticast mode [ 103.891755][ T5392] bridge_slave_0: entered promiscuous mode [ 103.900335][ T5392] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.908213][ T5392] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.915375][ T5392] bridge_slave_1: entered allmulticast mode [ 103.922619][ T5392] bridge_slave_1: entered promiscuous mode [ 103.954330][ T5392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.966949][ T5392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.001648][ T5392] team0: Port device team_slave_0 added [ 104.010779][ T5392] team0: Port device team_slave_1 added [ 104.039459][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.046550][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.073024][ T5392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.087748][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.094725][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.120994][ T5392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.165719][ T5392] hsr_slave_0: entered promiscuous mode [ 104.172359][ T5392] hsr_slave_1: entered promiscuous mode [ 104.922410][ T5392] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 104.934680][ T5392] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 104.945414][ T5392] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 104.956281][ T5392] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.070864][ T5392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.102338][ T5392] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.119696][ T1788] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.126913][ T1788] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.144489][ T27] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.151747][ T27] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.413975][ T5392] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.481944][ T5392] veth0_vlan: entered promiscuous mode [ 105.499737][ T5392] veth1_vlan: entered promiscuous mode [ 105.541044][ T5392] veth0_macvtap: entered promiscuous mode [ 105.554970][ T5392] veth1_macvtap: entered promiscuous mode [ 105.584785][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.605296][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.622436][ T5392] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.634448][ T5392] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.643760][ T5392] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.655056][ T5392] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.697018][ T5041] Bluetooth: hci0: command 0x0409 tx timeout [ 105.755358][ T5052] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.768681][ T5052] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.819977][ T23] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.834158][ T23] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.377563][ T5447] loop0: detected capacity change from 0 to 32768 [ 106.397669][ T5447] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 106.407618][ T5447] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 106.431868][ T5447] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 106.447664][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 106.455759][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 106.545461][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 89ms [ 106.559778][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 106.566451][ T5447] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 107.342544][ T5478] loop0: detected capacity change from 0 to 32768 [ 107.359491][ T5478] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 107.371087][ T5478] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 107.388630][ T5478] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 107.401738][ T27] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 107.409391][ T27] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 107.489176][ T27] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 79ms [ 107.500683][ T27] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 107.506737][ T5478] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 107.775864][ T5041] Bluetooth: hci0: command 0x041b tx timeout [ 108.312544][ T5507] loop0: detected capacity change from 0 to 32768 [ 108.324187][ T5507] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 108.335657][ T5507] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 108.352848][ T5507] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 108.364817][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 108.372609][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 108.441650][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 69ms [ 108.453256][ T5052] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 108.459529][ T5507] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 109.262458][ T5542] loop0: detected capacity change from 0 to 32768 [ 109.274035][ T5542] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 109.286268][ T5542] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 109.301214][ T5542] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 109.311463][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 109.320382][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... 2023/10/03 10:48:01 executed programs: 4 [ 109.398314][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 77ms [ 109.410443][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 109.417696][ T5542] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 109.855973][ T5041] Bluetooth: hci0: command 0x040f tx timeout [ 110.197298][ T5573] loop0: detected capacity change from 0 to 32768 [ 110.211045][ T5573] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 110.225405][ T5573] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 110.239029][ T5573] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 110.250961][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 110.259294][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 110.337776][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 78ms [ 110.349892][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 110.358649][ T5573] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 111.140300][ T5603] loop0: detected capacity change from 0 to 32768 [ 111.154191][ T5603] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 111.169366][ T5603] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 111.184018][ T5603] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 111.196062][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 111.204569][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 111.292602][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 88ms [ 111.304303][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 111.312039][ T5603] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 111.935948][ T5041] Bluetooth: hci0: command 0x0419 tx timeout [ 112.064863][ T5638] loop0: detected capacity change from 0 to 32768 [ 112.077428][ T5638] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 112.091141][ T5638] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 112.107346][ T5638] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 1ms [ 112.118790][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 112.126986][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 112.192499][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 65ms [ 112.203737][ T54] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 112.210312][ T5638] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 112.927803][ T5667] loop0: detected capacity change from 0 to 32768 [ 112.941219][ T5667] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 112.951344][ T5667] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 112.964841][ T5667] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 112.979156][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 112.987279][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 113.063094][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 75ms [ 113.073124][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 113.082184][ T5667] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 113.856673][ T5695] loop0: detected capacity change from 0 to 32768 [ 113.873186][ T5695] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 113.885085][ T5695] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 113.902410][ T5695] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 113.912968][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 113.921397][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 113.999712][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 78ms [ 114.011942][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 114.018868][ T5695] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 114.827154][ T5728] loop0: detected capacity change from 0 to 32768 [ 114.842729][ T5728] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 114.853022][ T5728] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 114.870168][ T5728] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 114.882329][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 114.890078][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... 2023/10/03 10:48:07 executed programs: 10 [ 114.972918][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 82ms [ 114.987017][ T5039] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 114.993088][ T5728] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 115.779905][ T5763] loop0: detected capacity change from 0 to 32768 [ 115.791088][ T5763] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 115.802256][ T5763] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 115.815249][ T5763] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 115.827477][ T1788] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 115.835213][ T1788] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 115.910197][ T1788] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 74ms [ 115.919043][ T1788] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 115.925017][ T5763] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 116.570863][ T5790] loop0: detected capacity change from 0 to 32768 [ 116.581231][ T5790] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 116.590880][ T5790] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 116.603533][ T5790] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 116.613890][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 116.621485][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 116.670050][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 48ms [ 116.680235][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 116.686599][ T5790] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 117.152931][ T5801] loop0: detected capacity change from 0 to 32768 [ 117.163455][ T5801] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 117.173740][ T5801] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 117.185041][ T5801] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 117.197457][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 117.204951][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 117.254422][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 49ms [ 117.262936][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 117.269575][ T5801] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 117.743826][ T5805] loop0: detected capacity change from 0 to 32768 [ 117.754426][ T5805] gfs2: fsid=„½%b­i’~N-SS“: Trying to join cluster "lock_nolock", "„½%b­i’~N-SS“" [ 117.765185][ T5805] gfs2: fsid=„½%b­i’~N-SS“: Now mounting FS (format 1801)... [ 117.778083][ T5805] gfs2: fsid=„½%b­i’~N-SS“.0: journal 0 mapped with 18 extents in 0ms [ 117.788100][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0, already locked for use [ 117.795577][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Looking at journal... [ 117.846002][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Journal head lookup took 50ms [ 117.854372][ T23] gfs2: fsid=„½%b­i’~N-SS“.0: jid=0: Done [ 117.860719][ T5805] gfs2: fsid=„½%b­i’~N-SS“.0: first mount done, others may mount [ 117.945921][ C0] ================================================================== [ 117.954049][ C0] BUG: KASAN: slab-use-after-free in gfs2_qd_dealloc+0x88/0xf0 [ 117.961655][ C0] Write of size 4 at addr ffff8880252bca78 by task swapper/0/0 [ 117.969241][ C0] [ 117.971588][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.6.0-rc3-syzkaller-dirty #0 [ 117.980047][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 117.990133][ C0] Call Trace: [ 117.993448][ C0] [ 117.996315][ C0] dump_stack_lvl+0x1e7/0x2d0 [ 118.001025][ C0] ? nf_tcp_handle_invalid+0x650/0x650 [ 118.006510][ C0] ? panic+0x770/0x770 [ 118.010609][ C0] ? _printk+0xd5/0x120 [ 118.014783][ C0] print_report+0x163/0x540 [ 118.019297][ C0] ? print_irqtrace_events+0x220/0x220 [ 118.024761][ C0] ? __virt_addr_valid+0x22f/0x2e0 [ 118.029899][ C0] ? __phys_addr+0xba/0x170 [ 118.034426][ C0] ? gfs2_qd_dealloc+0x88/0xf0 [ 118.039215][ C0] kasan_report+0x175/0x1b0 [ 118.043744][ C0] ? gfs2_qd_dealloc+0x88/0xf0 [ 118.048532][ C0] kasan_check_range+0x27e/0x290 [ 118.053578][ C0] gfs2_qd_dealloc+0x88/0xf0 [ 118.058188][ C0] ? gfs2_qd_dispose+0x5b0/0x5b0 [ 118.063141][ C0] ? rcu_core+0xa61/0x1790 [ 118.067563][ C0] rcu_core+0xacf/0x1790 [ 118.071839][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 118.077045][ C0] ? rebalance_domains+0x949/0xac0 [ 118.082186][ C0] ? rebalance_domains+0x1b9/0xac0 [ 118.087415][ C0] ? pick_eevdf+0x660/0x660 [ 118.091940][ C0] ? do_raw_spin_unlock+0x13b/0x8b0 [ 118.097167][ C0] __do_softirq+0x2ab/0x908 [ 118.101708][ C0] ? __irq_exit_rcu+0xf1/0x1b0 [ 118.106497][ C0] ? __lock_text_end+0xc/0xc [ 118.111113][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 118.116340][ C0] __irq_exit_rcu+0xf1/0x1b0 [ 118.120957][ C0] ? irq_exit_rcu+0x20/0x20 [ 118.125481][ C0] irq_exit_rcu+0x9/0x20 [ 118.129739][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 118.135399][ C0] [ 118.138343][ C0] [ 118.141292][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 118.147287][ C0] RIP: 0010:acpi_safe_halt+0x20/0x30 [ 118.152602][ C0] Code: 7f 04 eb 36 66 0f 1f 44 00 00 65 48 8b 05 e8 4b 36 75 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 76 a5 95 00 f3 0f 1e fa fb f4 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 fa ec 48 8b 05 [ 118.172269][ C0] RSP: 0018:ffffffff8d007ca8 EFLAGS: 00000246 [ 118.178349][ C0] RAX: ffffffff8d094540 RBX: ffff888012ec6064 RCX: 000000000001eb49 [ 118.186329][ C0] RDX: 0000000000000001 RSI: ffff888012ec6000 RDI: ffff888012ec6064 [ 118.194309][ C0] RBP: 0000000000038df8 R08: ffff8880b9836bcb R09: 1ffff11017306d79 [ 118.202286][ C0] R10: dffffc0000000000 R11: ffffed1017306d7a R12: ffff888140ac5000 [ 118.210272][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8da1f660 [ 118.218279][ C0] acpi_idle_enter+0xe4/0x140 [ 118.223013][ C0] cpuidle_enter_state+0x10e/0x470 [ 118.228142][ C0] ? menu_enable_device+0x380/0x380 [ 118.233444][ C0] cpuidle_enter+0x5d/0x90 [ 118.237879][ C0] do_idle+0x374/0x5c0 [ 118.241956][ C0] ? release_firmware_map_entry+0x190/0x190 [ 118.247888][ C0] ? idle_inject_timer_fn+0x60/0x60 [ 118.253095][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 118.259001][ C0] ? _raw_spin_unlock+0x40/0x40 [ 118.263950][ C0] ? rest_init+0x35/0x300 [ 118.268292][ C0] ? rest_init+0x35/0x300 [ 118.272640][ C0] cpu_startup_entry+0x41/0x60 [ 118.277411][ C0] rest_init+0x2e0/0x300 [ 118.281680][ C0] ? time_init+0x40/0x40 [ 118.285932][ C0] arch_call_rest_init+0xe/0x10 [ 118.290804][ C0] start_kernel+0x46e/0x4f0 [ 118.295324][ C0] x86_64_start_reservations+0x2a/0x30 [ 118.300795][ C0] x86_64_start_kernel+0x99/0xa0 [ 118.305759][ C0] secondary_startup_64_no_verify+0x167/0x16b [ 118.311854][ C0] [ 118.314895][ C0] [ 118.317223][ C0] Allocated by task 5805: [ 118.321548][ C0] kasan_set_track+0x4f/0x70 [ 118.326146][ C0] __kasan_kmalloc+0x98/0xb0 [ 118.330744][ C0] gfs2_fill_super+0x136/0x26c0 [ 118.335604][ C0] get_tree_bdev+0x416/0x5b0 [ 118.340214][ C0] gfs2_get_tree+0x54/0x210 [ 118.344739][ C0] vfs_get_tree+0x8c/0x280 [ 118.349163][ C0] do_new_mount+0x28f/0xae0 [ 118.353673][ C0] __se_sys_mount+0x2d9/0x3c0 [ 118.358356][ C0] do_syscall_64+0x41/0xc0 [ 118.362773][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.368668][ C0] [ 118.370989][ C0] Freed by task 5392: [ 118.374966][ C0] kasan_set_track+0x4f/0x70 [ 118.379562][ C0] kasan_save_free_info+0x28/0x40 [ 118.384594][ C0] ____kasan_slab_free+0xd6/0x120 [ 118.389634][ C0] __kmem_cache_free+0x25f/0x3b0 [ 118.394574][ C0] generic_shutdown_super+0x13a/0x2c0 [ 118.399957][ C0] kill_block_super+0x41/0x70 [ 118.404673][ C0] deactivate_locked_super+0xa4/0x110 [ 118.410171][ C0] cleanup_mnt+0x426/0x4c0 [ 118.414606][ C0] task_work_run+0x24a/0x300 [ 118.419223][ C0] exit_to_user_mode_loop+0xde/0x100 [ 118.424518][ C0] exit_to_user_mode_prepare+0xb1/0x140 [ 118.430071][ C0] syscall_exit_to_user_mode+0x64/0x280 [ 118.435629][ C0] do_syscall_64+0x4d/0xc0 [ 118.440048][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 118.445943][ C0] [ 118.448276][ C0] The buggy address belongs to the object at ffff8880252bc000 [ 118.448276][ C0] which belongs to the cache kmalloc-8k of size 8192 [ 118.462682][ C0] The buggy address is located 2680 bytes inside of [ 118.462682][ C0] freed 8192-byte region [ffff8880252bc000, ffff8880252be000) [ 118.476653][ C0] [ 118.478978][ C0] The buggy address belongs to the physical page: [ 118.485402][ C0] page:ffffea000094ae00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x252b8 [ 118.495554][ C0] head:ffffea000094ae00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 118.504492][ C0] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 118.512469][ C0] page_type: 0xffffffff() [ 118.516802][ C0] raw: 00fff00000000840 ffff888012842280 ffffea0000909c00 0000000000000002 [ 118.525392][ C0] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 118.533969][ C0] page dumped because: kasan: bad access detected [ 118.540378][ C0] page_owner tracks the page as allocated [ 118.546178][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4708, tgid 4708 (dhcpcd-run-hook), ts 45194433683, free_ts 45158202311 [ 118.567018][ C0] post_alloc_hook+0x1e6/0x210 [ 118.571799][ C0] get_page_from_freelist+0x31db/0x3360 [ 118.577367][ C0] __alloc_pages+0x255/0x670 [ 118.581962][ C0] alloc_slab_page+0x6a/0x160 [ 118.586729][ C0] new_slab+0x84/0x2f0 [ 118.590828][ C0] ___slab_alloc+0xc85/0x1310 [ 118.595533][ C0] __kmem_cache_alloc_node+0x1af/0x270 [ 118.600997][ C0] kmalloc_trace+0x2a/0xe0 [ 118.605418][ C0] tomoyo_init_log+0x11cd/0x2040 [ 118.610370][ C0] tomoyo_supervisor+0x386/0x11f0 [ 118.615400][ C0] tomoyo_env_perm+0x178/0x210 [ 118.620203][ C0] tomoyo_find_next_domain+0x1383/0x1cf0 [ 118.625844][ C0] tomoyo_bprm_check_security+0x114/0x170 [ 118.631580][ C0] security_bprm_check+0x63/0xa0 [ 118.636532][ C0] bprm_execve+0x8c7/0x17c0 [ 118.641046][ C0] do_execveat_common+0x580/0x720 [ 118.646072][ C0] page last free stack trace: [ 118.650771][ C0] free_unref_page_prepare+0x8c3/0x9f0 [ 118.656263][ C0] free_unref_page+0x37/0x3f0 [ 118.660962][ C0] __unfreeze_partials+0x1dc/0x220 [ 118.666087][ C0] put_cpu_partial+0x17b/0x250 [ 118.671300][ C0] __slab_free+0x2b6/0x390 [ 118.675727][ C0] qlist_free_all+0x75/0xe0 [ 118.680239][ C0] kasan_quarantine_reduce+0x14b/0x160 [ 118.685813][ C0] __kasan_slab_alloc+0x23/0x70 [ 118.690671][ C0] slab_post_alloc_hook+0x67/0x3d0 [ 118.695790][ C0] __kmem_cache_alloc_node+0x141/0x270 [ 118.701255][ C0] __kmalloc_node_track_caller+0xa5/0x230 [ 118.706982][ C0] krealloc+0x79/0x110 [ 118.711071][ C0] ima_collect_measurement+0x54a/0x890 [ 118.716569][ C0] process_measurement+0xfea/0x1cf0 [ 118.721795][ C0] ima_bprm_check+0x128/0x2b0 [ 118.726514][ C0] bprm_execve+0x8c7/0x17c0 [ 118.731058][ C0] [ 118.733387][ C0] Memory state around the buggy address: [ 118.739025][ C0] ffff8880252bc900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.747106][ C0] ffff8880252bc980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.755284][ C0] >ffff8880252bca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.763365][ C0] ^ [ 118.771361][ C0] ffff8880252bca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.779433][ C0] ffff8880252bcb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.787595][ C0] ================================================================== [ 118.795779][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 118.803007][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.6.0-rc3-syzkaller-dirty #0 [ 118.811634][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 118.821733][ C0] Call Trace: [ 118.825042][ C0] [ 118.827913][ C0] dump_stack_lvl+0x1e7/0x2d0 [ 118.832634][ C0] ? nf_tcp_handle_invalid+0x650/0x650 [ 118.838138][ C0] ? panic+0x770/0x770 [ 118.842251][ C0] ? vscnprintf+0x5d/0x80 [ 118.846620][ C0] panic+0x30f/0x770 [ 118.850559][ C0] ? check_panic_on_warn+0x21/0xa0 [ 118.855710][ C0] ? __memcpy_flushcache+0x2b0/0x2b0 [ 118.861040][ C0] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 118.866977][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 118.872903][ C0] ? _raw_spin_unlock+0x40/0x40 [ 118.877787][ C0] ? print_report+0x4fb/0x540 [ 118.882518][ C0] check_panic_on_warn+0x82/0xa0 [ 118.887498][ C0] ? gfs2_qd_dealloc+0x88/0xf0 [ 118.892336][ C0] end_report+0x6e/0x130 [ 118.896630][ C0] kasan_report+0x186/0x1b0 [ 118.901174][ C0] ? gfs2_qd_dealloc+0x88/0xf0 [ 118.905968][ C0] kasan_check_range+0x27e/0x290 [ 118.910929][ C0] gfs2_qd_dealloc+0x88/0xf0 [ 118.915536][ C0] ? gfs2_qd_dispose+0x5b0/0x5b0 [ 118.920494][ C0] ? rcu_core+0xa61/0x1790 [ 118.924916][ C0] rcu_core+0xacf/0x1790 [ 118.929183][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 118.934392][ C0] ? rebalance_domains+0x949/0xac0 [ 118.939518][ C0] ? rebalance_domains+0x1b9/0xac0 [ 118.944726][ C0] ? pick_eevdf+0x660/0x660 [ 118.949243][ C0] ? do_raw_spin_unlock+0x13b/0x8b0 [ 118.954457][ C0] __do_softirq+0x2ab/0x908 [ 118.958976][ C0] ? __irq_exit_rcu+0xf1/0x1b0 [ 118.963757][ C0] ? __lock_text_end+0xc/0xc [ 118.968358][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 118.973566][ C0] __irq_exit_rcu+0xf1/0x1b0 [ 118.978199][ C0] ? irq_exit_rcu+0x20/0x20 [ 118.982719][ C0] irq_exit_rcu+0x9/0x20 [ 118.986988][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 118.992647][ C0] [ 118.995589][ C0] [ 118.998562][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 119.004581][ C0] RIP: 0010:acpi_safe_halt+0x20/0x30 [ 119.009893][ C0] Code: 7f 04 eb 36 66 0f 1f 44 00 00 65 48 8b 05 e8 4b 36 75 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 76 a5 95 00 f3 0f 1e fa fb f4 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 fa ec 48 8b 05 [ 119.029855][ C0] RSP: 0018:ffffffff8d007ca8 EFLAGS: 00000246 [ 119.035929][ C0] RAX: ffffffff8d094540 RBX: ffff888012ec6064 RCX: 000000000001eb49 [ 119.043916][ C0] RDX: 0000000000000001 RSI: ffff888012ec6000 RDI: ffff888012ec6064 [ 119.051908][ C0] RBP: 0000000000038df8 R08: ffff8880b9836bcb R09: 1ffff11017306d79 [ 119.059902][ C0] R10: dffffc0000000000 R11: ffffed1017306d7a R12: ffff888140ac5000 [ 119.067896][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8da1f660 [ 119.076930][ C0] acpi_idle_enter+0xe4/0x140 [ 119.081626][ C0] cpuidle_enter_state+0x10e/0x470 [ 119.086832][ C0] ? menu_enable_device+0x380/0x380 [ 119.092065][ C0] cpuidle_enter+0x5d/0x90 [ 119.096600][ C0] do_idle+0x374/0x5c0 [ 119.100965][ C0] ? release_firmware_map_entry+0x190/0x190 [ 119.106896][ C0] ? idle_inject_timer_fn+0x60/0x60 [ 119.112133][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 119.118064][ C0] ? _raw_spin_unlock+0x40/0x40 [ 119.122942][ C0] ? rest_init+0x35/0x300 [ 119.127306][ C0] ? rest_init+0x35/0x300 [ 119.131668][ C0] cpu_startup_entry+0x41/0x60 [ 119.136466][ C0] rest_init+0x2e0/0x300 [ 119.140909][ C0] ? time_init+0x40/0x40 [ 119.145162][ C0] arch_call_rest_init+0xe/0x10 [ 119.150029][ C0] start_kernel+0x46e/0x4f0 [ 119.154555][ C0] x86_64_start_reservations+0x2a/0x30 [ 119.160025][ C0] x86_64_start_kernel+0x99/0xa0 [ 119.164968][ C0] secondary_startup_64_no_verify+0x167/0x16b [ 119.171062][ C0] [ 119.174355][ C0] Kernel Offset: disabled [ 119.178702][ C0] Rebooting in 86400 seconds..