Warning: Permanently added '[localhost]:54416' (ED25519) to the list of known hosts.
2024/04/14 09:12:01 ignoring optional flag "sandboxArg"="0"
2024/04/14 09:12:01 parsed 1 programs
[ 75.537568][ T38] kauditd_printk_skb: 73 callbacks suppressed
[ 75.537578][ T38] audit: type=1400 audit(1713085921.968:207): avc: denied { getattr } for pid=5400 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 75.572392][ T38] audit: type=1400 audit(1713085921.998:208): avc: denied { mounton } for pid=5410 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 75.581397][ T38] audit: type=1400 audit(1713085921.998:209): avc: denied { mount } for pid=5410 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 75.589902][ T38] audit: type=1400 audit(1713085922.008:210): avc: denied { read write } for pid=5410 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 75.600248][ T38] audit: type=1400 audit(1713085922.008:211): avc: denied { open } for pid=5410 comm="syz-executor" path="/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 75.632748][ T38] audit: type=1400 audit(1713085922.058:212): avc: denied { unlink } for pid=5410 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 76.081588][ T38] audit: type=1400 audit(1713085922.508:213): avc: denied { relabelto } for pid=5418 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 76.914020][ T5410] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/04/14 09:12:03 executed programs: 0
[ 76.960087][ T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.963743][ T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.967698][ T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.972072][ T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.975983][ T64] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 76.979560][ T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 76.991432][ T38] audit: type=1400 audit(1713085923.418:214): avc: denied { mounton } for pid=5425 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 77.058033][ T1355] ieee802154 phy0 wpan0: encryption failed: -22
[ 77.061121][ T1355] ieee802154 phy1 wpan1: encryption failed: -22
[ 77.112110][ T5425] chnl_net:caif_netlink_parms(): no params data found
[ 77.201734][ T5425] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.204920][ T5425] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.208024][ T5425] bridge_slave_0: entered allmulticast mode
[ 77.211381][ T5425] bridge_slave_0: entered promiscuous mode
[ 77.217055][ T5425] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.219662][ T5425] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.222202][ T5425] bridge_slave_1: entered allmulticast mode
[ 77.225686][ T5425] bridge_slave_1: entered promiscuous mode
[ 77.267169][ T5425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.273138][ T5425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.311718][ T5425] team0: Port device team_slave_0 added
[ 77.317823][ T5425] team0: Port device team_slave_1 added
[ 77.369285][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.372073][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.383887][ T5425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 77.390303][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 77.392827][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.402207][ T5425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 77.441552][ T5425] hsr_slave_0: entered promiscuous mode
[ 77.446019][ T5425] hsr_slave_1: entered promiscuous mode
[ 77.649147][ T38] audit: type=1400 audit(1713085924.078:215): avc: denied { search } for pid=4667 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 78.110655][ T5425] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 78.121751][ T5425] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 78.128392][ T5425] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 78.135723][ T5425] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 78.216716][ T5425] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.233049][ T5425] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.240674][ T1271] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.243790][ T1271] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.256441][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.259038][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.301217][ T38] audit: type=1400 audit(1713085924.728:216): avc: denied { sys_module } for pid=5425 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 78.377874][ T5425] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 78.413483][ T5425] veth0_vlan: entered promiscuous mode
[ 78.421274][ T5425] veth1_vlan: entered promiscuous mode
[ 78.446110][ T5425] veth0_macvtap: entered promiscuous mode
[ 78.451277][ T5425] veth1_macvtap: entered promiscuous mode
[ 78.465540][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 78.476495][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 78.482746][ T5425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.486685][ T5425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.489814][ T5425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.493376][ T5425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.550702][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.554819][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.576909][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.580092][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.905654][ T5483] loop0: detected capacity change from 0 to 32768
[ 78.920124][ T5483] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 78.923700][ T5483] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 78.945950][ T5483] gfs2: fsid=syz:syz.0: journal 0 mapped with 4 extents in 0ms
[ 78.952316][ T5151] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 78.955771][ T5151] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 79.032643][ T5151] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 76ms
[ 79.036733][ T5151] gfs2: fsid=syz:syz.0: jid=0: Done
[ 79.038999][ T5483] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 79.064804][ T5205] Bluetooth: hci0: command tx timeout
[ 79.228604][ T5483] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 79.262084][ T5425] 1. bh: ffff88803dd9d9f8, bd: 0000000000000000, gfs2_alloc_extent
[ 79.266931][ T5425] 1bh: ffff88803dd9d9f8, bd: ffff88802f675000, gfs2_trans_add_meta
[ 79.270551][ T5425] 2. bh: ffff88803dd9d9f8, bd: ffff88802f675000, gfs2_alloc_extent
[ 79.274219][ T5425] 1bh: ffff88803dd9d740, bd: ffff88802f675070, gfs2_trans_add_meta
[ 79.279586][ T5425] 1bh: ffff8880326ac740, bd: ffff88802f6750e0, gfs2_trans_add_meta
[ 79.283365][ T5425] 1,inode: ffff8880326f9ae0, n: 1, err: 0, __gfs2_unstuff_inode
[ 79.287918][ T5425] 1.inode: ffff8880326f9ae0, bh: ffff88803dd9dbc8, bd: 0000000000000000, gfs2_unstuffer_folio
[ 79.292554][ T5425] 1bh: ffff88803dd9dbc8, bd: ffff88802f675150, gfs2_trans_add_data
[ 79.296891][ T5425] 2.inode: ffff8880326f9ae0, bh: ffff88803dd9dbc8, bd: ffff88802f675150, gfs2_unstuffer_folio
[ 79.301331][ T5425] 2,inode: ffff8880326f9ae0, n: 1, err: 0, __gfs2_unstuff_inode
[ 79.306238][ T5425] 1bh: ffff88803dd0f1d0, bd: ffff88801cd10000, gfs2_trans_add_meta
[ 79.310399][ T5425] err: 0, do_sync
[ 79.313515][ T5425] syz-executor.0: attempt to access beyond end of device
[ 79.313515][ T5425] loop0: rw=1, sector=131324, nr_sectors = 4 limit=32768
[ 79.319475][ T5425] gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0
[ 79.323043][ T5425] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 81.134082][ T5205] Bluetooth: hci0: command tx timeout
[ 83.214072][ T5205] Bluetooth: hci0: command tx timeout
[ 84.337655][ T5425] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 84.340958][ T5425] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 84.344950][ T5425] gfs2: fsid=syz:syz.0: File system withdrawn
[ 84.347772][ T5425] CPU: 1 PID: 5425 Comm: syz-executor.0 Not tainted 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 84.352154][ T5425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 84.355873][ T5425] Call Trace:
[ 84.357087][ T5425]
[ 84.358184][ T5425] dump_stack_lvl+0x16c/0x1f0
[ 84.360125][ T5425] gfs2_withdraw+0xab8/0x1290
[ 84.362203][ T5425] ? __pfx_gfs2_withdraw+0x10/0x10
[ 84.364227][ T5425] ? gfs2_flush_revokes+0x7e/0x150
[ 84.366065][ T5425] ? __pfx_lock_release+0x10/0x10
[ 84.368207][ T5425] ? __pfx_autoremove_wake_function+0x10/0x10
[ 84.370658][ T5425] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 84.373040][ T5425] ? buf_lo_before_commit+0xa4/0xe0
[ 84.375069][ T5425] ? __pfx_revoke_lo_before_commit+0x10/0x10
[ 84.377352][ T5425] gfs2_flush_revokes+0x11e/0x150
[ 84.379397][ T5425] revoke_lo_before_commit+0x22/0x640
[ 84.381716][ T5425] ? do_raw_spin_unlock+0x172/0x230
[ 84.383594][ T5425] ? __pfx_revoke_lo_before_commit+0x10/0x10
[ 84.386016][ T5425] gfs2_log_flush+0x891/0x29c0
[ 84.387732][ T5425] ? vprintk+0x86/0xa0
[ 84.389365][ T5425] ? __pfx_gfs2_log_flush+0x10/0x10
[ 84.391743][ T5425] ? kfree+0x129/0x390
[ 84.393573][ T5425] do_sync+0x565/0xd40
[ 84.395372][ T5425] ? __pfx_do_sync+0x10/0x10
[ 84.397524][ T5425] ? gfs2_quota_sync+0x4ad/0x630
[ 84.399761][ T5425] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 84.402103][ T5425] ? qd_check_sync+0x3d8/0x4f0
[ 84.404181][ T5425] gfs2_quota_sync+0x419/0x630
[ 84.406279][ T5425] gfs2_sync_fs+0x44/0xb0
[ 84.408244][ T5425] ? __pfx_gfs2_sync_fs+0x10/0x10
[ 84.410548][ T5425] sync_filesystem+0x10d/0x290
[ 84.412703][ T5425] generic_shutdown_super+0x7e/0x3d0
[ 84.415020][ T5425] kill_block_super+0x3b/0x90
[ 84.417201][ T5425] gfs2_kill_sb+0x360/0x410
[ 84.419335][ T5425] deactivate_locked_super+0xbe/0x1a0
[ 84.421830][ T5425] deactivate_super+0xde/0x100
[ 84.424097][ T5425] cleanup_mnt+0x222/0x450
[ 84.426216][ T5425] task_work_run+0x14e/0x250
[ 84.428389][ T5425] ? __pfx_task_work_run+0x10/0x10
[ 84.430769][ T5425] syscall_exit_to_user_mode+0x278/0x2a0
[ 84.433363][ T5425] do_syscall_64+0xdc/0x260
[ 84.435287][ T5425] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.437977][ T5425] RIP: 0033:0x7ff35ce7f197
[ 84.440047][ T5425] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 84.448699][ T5425] RSP: 002b:00007fffb7457c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 84.452506][ T5425] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff35ce7f197
[ 84.455926][ T5425] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb7457d20
[ 84.459533][ T5425] RBP: 00007fffb7457d20 R08: 0000000000000000 R09: 0000000000000000
[ 84.463141][ T5425] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffb7458de0
[ 84.466709][ T5425] R13: 00007ff35cec93b9 R14: 000000000001327f R15: 0000000000000001
[ 84.470311][ T5425]
[ 84.472501][ T5425] bh: ffff88802f675110, bd: ffff88802f675150, trans_drain
[ 84.557657][ T5425] bh: ffff88803dd9dbc8, bd: ffff88802f675150, gfs2_discard
[ 84.561188][ T5425] ==================================================================
[ 84.564872][ T5425] BUG: KASAN: slab-use-after-free in gfs2_invalidate_folio+0x731/0x840
[ 84.568605][ T5425] Read of size 8 at addr ffff88802f675168 by task syz-executor.0/5425
[ 84.573308][ T5425]
[ 84.574194][ T5425] CPU: 0 PID: 5425 Comm: syz-executor.0 Not tainted 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 84.578237][ T5425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 84.581995][ T5425] Call Trace:
[ 84.583248][ T5425]
[ 84.584416][ T5425] dump_stack_lvl+0x116/0x1f0
[ 84.586225][ T5425] print_report+0xc3/0x620
[ 84.587852][ T5425] ? __virt_addr_valid+0x5e/0x580
[ 84.589694][ T5425] ? __phys_addr+0xc6/0x150
[ 84.591435][ T5425] kasan_report+0xd9/0x110
[ 84.593196][ T5425] ? gfs2_invalidate_folio+0x731/0x840
[ 84.595347][ T5425] ? gfs2_invalidate_folio+0x731/0x840
[ 84.597374][ T5425] gfs2_invalidate_folio+0x731/0x840
[ 84.599292][ T5425] ? hlock_class+0x4e/0x130
[ 84.600950][ T5425] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 84.603115][ T5425] truncate_cleanup_folio+0x2ac/0x3e0
[ 84.605061][ T5425] truncate_inode_pages_range+0x271/0xe90
[ 84.607129][ T5425] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.609374][ T5425] ? mark_lock+0xb5/0xc60
[ 84.610949][ T5425] ? __pfx___lock_acquire+0x10/0x10
[ 84.612853][ T5425] ? __pfx_mark_lock+0x10/0x10
[ 84.614612][ T5425] ? __pfx_mark_lock+0x10/0x10
[ 84.616345][ T5425] ? mark_held_locks+0x9f/0xe0
[ 84.618081][ T5425] ? _raw_spin_unlock_irq+0x23/0x50
[ 84.619955][ T5425] ? lockdep_hardirqs_on+0x7c/0x110
[ 84.621857][ T5425] gfs2_evict_inode+0x75b/0x1460
[ 84.623668][ T5425] ? __pfx___lock_acquire+0x10/0x10
[ 84.625527][ T5425] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 84.627425][ T5425] ? find_held_lock+0x2d/0x110
[ 84.629155][ T5425] ? evict+0x2b7/0x6c0
[ 84.630618][ T5425] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 84.632538][ T5425] ? do_raw_spin_unlock+0x172/0x230
[ 84.634394][ T5425] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 84.636341][ T5425] evict+0x2ed/0x6c0
[ 84.637738][ T5425] iput.part.0+0x5a8/0x7f0
[ 84.639361][ T5425] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 84.641238][ T5425] iput+0x5c/0x80
[ 84.642573][ T5425] gfs2_put_super+0x2bd/0x760
[ 84.644261][ T5425] ? __pfx_gfs2_put_super+0x10/0x10
[ 84.646243][ T5425] generic_shutdown_super+0x159/0x3d0
[ 84.648205][ T5425] kill_block_super+0x3b/0x90
[ 84.649902][ T5425] gfs2_kill_sb+0x360/0x410
[ 84.651532][ T5425] deactivate_locked_super+0xbe/0x1a0
[ 84.653466][ T5425] deactivate_super+0xde/0x100
[ 84.655524][ T5425] cleanup_mnt+0x222/0x450
[ 84.657615][ T5425] task_work_run+0x14e/0x250
[ 84.659769][ T5425] ? __pfx_task_work_run+0x10/0x10
[ 84.662164][ T5425] syscall_exit_to_user_mode+0x278/0x2a0
[ 84.664413][ T5425] do_syscall_64+0xdc/0x260
[ 84.666520][ T5425] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.669009][ T5425] RIP: 0033:0x7ff35ce7f197
[ 84.670612][ T5425] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 84.677412][ T5425] RSP: 002b:00007fffb7457c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 84.680354][ T5425] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff35ce7f197
[ 84.683198][ T5425] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb7457d20
[ 84.686005][ T5425] RBP: 00007fffb7457d20 R08: 0000000000000000 R09: 0000000000000000
[ 84.688834][ T5425] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffb7458de0
[ 84.691693][ T5425] R13: 00007ff35cec93b9 R14: 000000000001327f R15: 0000000000000001
[ 84.695041][ T5425]
[ 84.696294][ T5425]
[ 84.697146][ T5425] Allocated by task 5425:
[ 84.698697][ T5425] kasan_save_stack+0x33/0x60
[ 84.700364][ T5425] kasan_save_track+0x14/0x30
[ 84.702071][ T5425] __kasan_slab_alloc+0x89/0x90
[ 84.703820][ T5425] kmem_cache_alloc+0x136/0x320
[ 84.705812][ T5425] gfs2_trans_add_data+0x4d1/0x820
[ 84.708050][ T5425] gfs2_unstuff_dinode+0xb30/0x1510
[ 84.710335][ T5425] gfs2_adjust_quota+0x124/0xb10
[ 84.712454][ T5425] do_sync+0xa88/0xd40
[ 84.714217][ T5425] gfs2_quota_sync+0x419/0x630
[ 84.716381][ T5425] gfs2_sync_fs+0x44/0xb0
[ 84.718361][ T5425] sync_filesystem+0x10d/0x290
[ 84.720243][ T5425] generic_shutdown_super+0x7e/0x3d0
[ 84.722575][ T5425] kill_block_super+0x3b/0x90
[ 84.724258][ T5425] gfs2_kill_sb+0x360/0x410
[ 84.725899][ T5425] deactivate_locked_super+0xbe/0x1a0
[ 84.727855][ T5425] deactivate_super+0xde/0x100
[ 84.729973][ T5425] cleanup_mnt+0x222/0x450
[ 84.731936][ T5425] task_work_run+0x14e/0x250
[ 84.733983][ T5425] syscall_exit_to_user_mode+0x278/0x2a0
[ 84.736552][ T5425] do_syscall_64+0xdc/0x260
[ 84.738570][ T5425] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.741169][ T5425]
[ 84.742240][ T5425] Freed by task 5425:
[ 84.743996][ T5425] kasan_save_stack+0x33/0x60
[ 84.746077][ T5425] kasan_save_track+0x14/0x30
[ 84.748155][ T5425] kasan_save_free_info+0x3b/0x60
[ 84.750384][ T5425] __kasan_slab_free+0x11d/0x1a0
[ 84.752566][ T5425] kmem_cache_free+0x12e/0x380
[ 84.754701][ T5425] gfs2_log_flush+0x149f/0x29c0
[ 84.756851][ T5425] do_sync+0x565/0xd40
[ 84.758655][ T5425] gfs2_quota_sync+0x419/0x630
[ 84.760766][ T5425] gfs2_sync_fs+0x44/0xb0
[ 84.762631][ T5425] sync_filesystem+0x10d/0x290
[ 84.764760][ T5425] generic_shutdown_super+0x7e/0x3d0
[ 84.767106][ T5425] kill_block_super+0x3b/0x90
[ 84.769206][ T5425] gfs2_kill_sb+0x360/0x410
[ 84.771240][ T5425] deactivate_locked_super+0xbe/0x1a0
[ 84.773616][ T5425] deactivate_super+0xde/0x100
[ 84.775740][ T5425] cleanup_mnt+0x222/0x450
[ 84.777717][ T5425] task_work_run+0x14e/0x250
[ 84.779772][ T5425] syscall_exit_to_user_mode+0x278/0x2a0
[ 84.782259][ T5425] do_syscall_64+0xdc/0x260
[ 84.784271][ T5425] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.786873][ T5425]
[ 84.787932][ T5425] The buggy address belongs to the object at ffff88802f675150
[ 84.787932][ T5425] which belongs to the cache gfs2_bufdata of size 80
[ 84.793958][ T5425] The buggy address is located 24 bytes inside of
[ 84.793958][ T5425] freed 80-byte region [ffff88802f675150, ffff88802f6751a0)
[ 84.799827][ T5425]
[ 84.800890][ T5425] The buggy address belongs to the physical page:
[ 84.803687][ T5425] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2f675
[ 84.807495][ T5425] flags: 0xfff80000000800(slab|node=0|zone=1|lastcpupid=0xfff)
[ 84.810779][ T5425] page_type: 0xffffffff()
[ 84.812673][ T5425] raw: 00fff80000000800 ffff888015fa28c0 dead000000000122 0000000000000000
[ 84.816412][ T5425] raw: 0000000000000000 0000000080240024 00000001ffffffff 0000000000000000
[ 84.820138][ T5425] page dumped because: kasan: bad access detected
[ 84.822934][ T5425] page_owner tracks the page as allocated
[ 84.825135][ T5425] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 5425, tgid 5425 (syz-executor.0), ts 79266814979, free_ts 79245423591
[ 84.833604][ T5425] post_alloc_hook+0x2d4/0x350
[ 84.835714][ T5425] get_page_from_freelist+0xa28/0x3780
[ 84.838094][ T5425] __alloc_pages+0x22b/0x2460
[ 84.840168][ T5425] new_slab+0xcc/0x3a0
[ 84.841966][ T5425] ___slab_alloc+0x66d/0x1790
[ 84.844040][ T5425] __slab_alloc.constprop.0+0x56/0xb0
[ 84.846402][ T5425] kmem_cache_alloc+0x2e9/0x320
[ 84.848529][ T5425] gfs2_trans_add_meta+0xae4/0xf60
[ 84.850781][ T5425] gfs2_alloc_blocks+0x4ea/0x1b30
[ 84.852997][ T5425] gfs2_unstuff_dinode+0x49e/0x1510
[ 84.855270][ T5425] gfs2_adjust_quota+0x124/0xb10
[ 84.857453][ T5425] do_sync+0xa88/0xd40
[ 84.859242][ T5425] gfs2_quota_sync+0x419/0x630
[ 84.861340][ T5425] gfs2_sync_fs+0x44/0xb0
[ 84.863222][ T5425] sync_filesystem+0x10d/0x290
[ 84.865344][ T5425] generic_shutdown_super+0x7e/0x3d0
[ 84.867657][ T5425] page last free pid 5425 tgid 5425 stack trace:
[ 84.870414][ T5425] free_unref_page_prepare+0x527/0xb10
[ 84.872797][ T5425] free_unref_page+0x33/0x3c0
[ 84.874860][ T5425] __folio_put+0x166/0x1f0
[ 84.876818][ T5425] free_page_and_swap_cache+0x1eb/0x250
[ 84.879231][ T5425] tlb_remove_table_rcu+0x89/0xe0
[ 84.881440][ T5425] rcu_core+0x828/0x16b0
[ 84.883309][ T5425] __do_softirq+0x218/0x922
[ 84.885309][ T5425]
[ 84.886383][ T5425] Memory state around the buggy address:
[ 84.888818][ T5425] ffff88802f675000: fa fb fb fb fb fb fb fb fb fb fc fc fc fc fa fb
[ 84.892294][ T5425] ffff88802f675080: fb fb fb fb fb fb fb fb fc fc fc fc fa fb fb fb
[ 84.895798][ T5425] >ffff88802f675100: fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb fb
[ 84.899274][ T5425] ^
[ 84.902519][ T5425] ffff88802f675180: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[ 84.906030][ T5425] ffff88802f675200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 84.909510][ T5425] ==================================================================
[ 84.913571][ T5425] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 84.916717][ T5425] CPU: 0 PID: 5425 Comm: syz-executor.0 Not tainted 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 84.921403][ T5425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 84.925823][ T5425] Call Trace:
[ 84.927282][ T5425]
[ 84.928587][ T5425] dump_stack_lvl+0x3d/0x1f0
[ 84.930628][ T5425] panic+0x6f5/0x7a0
[ 84.932362][ T5425] ? mark_held_locks+0x9f/0xe0
[ 84.934482][ T5425] ? __pfx_panic+0x10/0x10
[ 84.936456][ T5425] ? irqentry_exit+0x3b/0x90
[ 84.938517][ T5425] ? lockdep_hardirqs_on+0x7c/0x110
[ 84.940789][ T5425] ? check_panic_on_warn+0x1f/0xb0
[ 84.943079][ T5425] check_panic_on_warn+0xab/0xb0
[ 84.945250][ T5425] end_report+0x117/0x180
[ 84.947171][ T5425] kasan_report+0xe9/0x110
[ 84.949142][ T5425] ? gfs2_invalidate_folio+0x731/0x840
[ 84.951517][ T5425] ? gfs2_invalidate_folio+0x731/0x840
[ 84.953918][ T5425] gfs2_invalidate_folio+0x731/0x840
[ 84.956251][ T5425] ? hlock_class+0x4e/0x130
[ 84.958267][ T5425] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 84.960818][ T5425] truncate_cleanup_folio+0x2ac/0x3e0
[ 84.963185][ T5425] truncate_inode_pages_range+0x271/0xe90
[ 84.965678][ T5425] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.968379][ T5425] ? mark_lock+0xb5/0xc60
[ 84.970282][ T5425] ? __pfx___lock_acquire+0x10/0x10
[ 84.972563][ T5425] ? __pfx_mark_lock+0x10/0x10
[ 84.974681][ T5425] ? __pfx_mark_lock+0x10/0x10
[ 84.976779][ T5425] ? mark_held_locks+0x9f/0xe0
[ 84.978893][ T5425] ? _raw_spin_unlock_irq+0x23/0x50
[ 84.981180][ T5425] ? lockdep_hardirqs_on+0x7c/0x110
[ 84.983508][ T5425] gfs2_evict_inode+0x75b/0x1460
[ 84.985709][ T5425] ? __pfx___lock_acquire+0x10/0x10
[ 84.988042][ T5425] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 84.990410][ T5425] ? find_held_lock+0x2d/0x110
[ 84.992504][ T5425] ? evict+0x2b7/0x6c0
[ 84.994302][ T5425] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 84.996629][ T5425] ? do_raw_spin_unlock+0x172/0x230
[ 84.998900][ T5425] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 85.001243][ T5425] evict+0x2ed/0x6c0
[ 85.002990][ T5425] iput.part.0+0x5a8/0x7f0
[ 85.004956][ T5425] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 85.007300][ T5425] iput+0x5c/0x80
[ 85.008920][ T5425] gfs2_put_super+0x2bd/0x760
[ 85.010914][ T5425] ? __pfx_gfs2_put_super+0x10/0x10
[ 85.013169][ T5425] generic_shutdown_super+0x159/0x3d0
[ 85.015526][ T5425] kill_block_super+0x3b/0x90
[ 85.017607][ T5425] gfs2_kill_sb+0x360/0x410
[ 85.019587][ T5425] deactivate_locked_super+0xbe/0x1a0
[ 85.021971][ T5425] deactivate_super+0xde/0x100
[ 85.024076][ T5425] cleanup_mnt+0x222/0x450
[ 85.026061][ T5425] task_work_run+0x14e/0x250
[ 85.028102][ T5425] ? __pfx_task_work_run+0x10/0x10
[ 85.030352][ T5425] syscall_exit_to_user_mode+0x278/0x2a0
[ 85.032817][ T5425] do_syscall_64+0xdc/0x260
[ 85.034830][ T5425] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.037444][ T5425] RIP: 0033:0x7ff35ce7f197
[ 85.039414][ T5425] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 85.047858][ T5425] RSP: 002b:00007fffb7457c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 85.051518][ T5425] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff35ce7f197
[ 85.054989][ T5425] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb7457d20
[ 85.058461][ T5425] RBP: 00007fffb7457d20 R08: 0000000000000000 R09: 0000000000000000
[ 85.061944][ T5425] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffb7458de0
[ 85.065408][ T5425] R13: 00007ff35cec93b9 R14: 000000000001327f R15: 0000000000000001
[ 85.068858][ T5425]
[ 85.070866][ T5425] Kernel Offset: disabled
[ 85.072713][ T5425] Rebooting in 86400 seconds..