Warning: Permanently added '10.128.0.232' (ED25519) to the list of known hosts.
2023/12/15 17:07:30 ignoring optional flag "sandboxArg"="0"
2023/12/15 17:07:30 parsed 1 programs
2023/12/15 17:07:30 executed programs: 0
[   62.856685][ T2696] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   62.868881][ T2696] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   62.879289][ T2696] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   62.890017][ T2696] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.051063][ T1431] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.059305][ T1431] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.072283][ T1431] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.080240][ T1431] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.157895][ T3417] loop0: detected capacity change from 0 to 2048
[   69.172260][ T3418] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.183293][ T3417] syz-executor.0: attempt to access beyond end of device
[   69.183293][ T3417] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.199706][ T3417] syz-executor.0: attempt to access beyond end of device
2023/12/15 17:07:38 executed programs: 1
[   69.199706][ T3417] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.238068][ T3420] loop0: detected capacity change from 0 to 2048
[   69.250621][ T3421] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.263543][ T3420] syz-executor.0: attempt to access beyond end of device
[   69.263543][ T3420] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.280021][ T3420] syz-executor.0: attempt to access beyond end of device
[   69.280021][ T3420] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.317986][ T3423] loop0: detected capacity change from 0 to 2048
[   69.330963][ T3424] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.333459][ T3423] syz-executor.0: attempt to access beyond end of device
[   69.333459][ T3423] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.357923][ T3423] syz-executor.0: attempt to access beyond end of device
[   69.357923][ T3423] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.395373][ T3426] loop0: detected capacity change from 0 to 2048
[   69.406855][ T3427] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.413471][ T3426] syz-executor.0: attempt to access beyond end of device
[   69.413471][ T3426] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.435109][ T3426] syz-executor.0: attempt to access beyond end of device
[   69.435109][ T3426] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.472189][ T3429] loop0: detected capacity change from 0 to 2048
[   69.483839][ T3430] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.496893][ T3429] syz-executor.0: attempt to access beyond end of device
[   69.496893][ T3429] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.513223][ T3429] syz-executor.0: attempt to access beyond end of device
[   69.513223][ T3429] loop0: rw=0, sector=576460752303423530, nr_sectors = 2 limit=2048
[   69.552567][ T3432] loop0: detected capacity change from 0 to 2048
[   69.564008][ T3433] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.602340][ T3435] loop0: detected capacity change from 0 to 2048
[   69.614200][ T3436] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.652145][ T3438] loop0: detected capacity change from 0 to 2048
[   69.665291][ T3439] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.699104][ T3441] loop0: detected capacity change from 0 to 2048
[   69.712297][ T3442] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.757755][ T3444] loop0: detected capacity change from 0 to 2048
[   69.770224][ T3445] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.811373][ T3447] loop0: detected capacity change from 0 to 2048
[   69.826710][ T3448] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.861451][ T3450] loop0: detected capacity change from 0 to 2048
[   69.875735][ T3451] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.914075][ T3453] loop0: detected capacity change from 0 to 2048
[   69.928887][ T3454] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.968209][ T3456] loop0: detected capacity change from 0 to 2048
[   69.981280][ T3457] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.021922][ T3459] loop0: detected capacity change from 0 to 2048
[   70.034305][ T3460] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.071537][ T3462] loop0: detected capacity change from 0 to 2048
[   70.085308][ T3463] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.125134][ T3465] loop0: detected capacity change from 0 to 2048
[   70.136714][ T3466] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.174364][ T3468] loop0: detected capacity change from 0 to 2048
[   70.186477][ T3469] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.221106][ T3471] loop0: detected capacity change from 0 to 2048
[   70.233734][ T3472] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.270293][ T3474] loop0: detected capacity change from 0 to 2048
[   70.282027][ T3475] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.325632][ T3477] loop0: detected capacity change from 0 to 2048
[   70.340062][ T3478] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.377778][ T3480] loop0: detected capacity change from 0 to 2048
[   70.389670][ T3481] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.427515][ T3483] loop0: detected capacity change from 0 to 2048
[   70.439127][ T3484] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.477000][ T3486] loop0: detected capacity change from 0 to 2048
[   70.488460][ T3487] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.527362][ T3489] loop0: detected capacity change from 0 to 2048
[   70.539415][ T3490] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.579712][ T3492] loop0: detected capacity change from 0 to 2048
[   70.591580][ T3493] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.672974][ T3495] loop0: detected capacity change from 0 to 2048
[   70.686417][ T3496] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.742123][ T3498] loop0: detected capacity change from 0 to 2048
[   70.754924][ T3499] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.791682][ T3501] loop0: detected capacity change from 0 to 2048
[   70.803423][ T3502] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.842865][ T3504] loop0: detected capacity change from 0 to 2048
[   70.856550][ T3505] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   75.963691][    C0] ==================================================================
[   75.971757][    C0] BUG: KASAN: slab-use-after-free in __lock_acquire.constprop.0+0xe77/0xf50
[   75.980421][    C0] Read of size 8 at addr ffff888120a325b8 by task swapper/0/0
[   75.987867][    C0] 
[   75.990170][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.7.0-rc5-syzkaller #0
[   75.998039][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   76.008073][    C0] Call Trace:
[   76.011332][    C0]  <IRQ>
[   76.014157][    C0]  dump_stack_lvl+0x8e/0xf0
[   76.018642][    C0]  print_report+0xc4/0x620
[   76.023036][    C0]  ? __virt_addr_valid+0x1fb/0x2b0
[   76.028127][    C0]  ? __phys_addr+0x9e/0x120
[   76.032608][    C0]  kasan_report+0xda/0x110
[   76.037005][    C0]  ? __lock_acquire.constprop.0+0xe77/0xf50
[   76.042876][    C0]  ? __lock_acquire.constprop.0+0xe77/0xf50
[   76.048750][    C0]  __lock_acquire.constprop.0+0xe77/0xf50
[   76.054451][    C0]  lock_acquire+0x12a/0x2b0
[   76.058936][    C0]  ? try_to_wake_up+0xa0/0x1380
[   76.063764][    C0]  _raw_spin_lock_irqsave+0x32/0x50
[   76.068941][    C0]  ? try_to_wake_up+0xa0/0x1380
[   76.073779][    C0]  try_to_wake_up+0xa0/0x1380
[   76.078456][    C0]  ? sched_ttwu_pending+0x3e0/0x3e0
[   76.083643][    C0]  ? lock_acquire+0x12a/0x2b0
[   76.088316][    C0]  ? nilfs_segctor_fill_in_checkpoint+0x820/0x820
[   76.094721][    C0]  call_timer_fn+0x177/0x470
[   76.099309][    C0]  ? timer_shutdown_sync+0x20/0x20
[   76.104439][    C0]  ? reacquire_held_locks+0x380/0x380
[   76.109801][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x50
[   76.115165][    C0]  ? debug_object_deactivate+0x5e/0x2a0
[   76.120706][    C0]  ? nilfs_segctor_fill_in_checkpoint+0x820/0x820
[   76.127114][    C0]  ? nilfs_segctor_fill_in_checkpoint+0x820/0x820
[   76.133521][    C0]  __run_timers+0x5f2/0x990
[   76.138023][    C0]  ? call_timer_fn+0x470/0x470
[   76.142779][    C0]  ? lock_acquire+0x12a/0x2b0
[   76.147447][    C0]  ? lapic_next_event+0x10/0x20
[   76.152283][    C0]  ? clockevents_program_event+0x262/0x300
[   76.158080][    C0]  run_timer_softirq+0x52/0xb0
[   76.162843][    C0]  __do_softirq+0x24a/0x66e
[   76.167346][    C0]  ? __lock_text_end+0xc/0xc
[   76.171930][    C0]  irq_exit_rcu+0x85/0xe0
[   76.176253][    C0]  sysvec_apic_timer_interrupt+0x95/0xb0
[   76.181880][    C0]  </IRQ>
[   76.184800][    C0]  <TASK>
[   76.187714][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   76.193688][    C0] RIP: 0010:acpi_safe_halt+0x1b/0x20
[   76.198966][    C0] Code: ed c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 65 48 8b 04 25 c0 8e 03 00 48 8b 00 a8 08 75 0c eb 07 0f 00 2d 57 0a 6d 00 fb f4 <fa> c3 0f 1f 00 0f b6 47 08 3c 01 74 0b 3c 02 74 05 8b 7f 04 eb 9f
[   76.218557][    C0] RSP: 0018:ffffffff86007d90 EFLAGS: 00000246
[   76.224610][    C0] RAX: 0000000000004000 RBX: 0000000000000001 RCX: ffffffff84e2f690
[   76.232568][    C0] RDX: ffff8881f6e00000 RSI: ffff888107e61000 RDI: ffff888107e61064
[   76.240524][    C0] RBP: ffff88810ce57800 R08: 0000000000000001 R09: ffffed103edc6949
[   76.248481][    C0] R10: ffff8881f6e34a4b R11: ffff8881f6e2b498 R12: ffffffff8659ef80
[   76.256440][    C0] R13: ffff888107e61064 R14: 0000000000000001 R15: 0000000000000000
[   76.264402][    C0]  ? ct_kernel_exit+0xb0/0xd0
[   76.269075][    C0]  acpi_idle_enter+0xa3/0xf0
[   76.273656][    C0]  cpuidle_enter_state+0x78/0x2a0
[   76.278677][    C0]  ? mark_tsc_async_resets+0x50/0x50
[   76.283956][    C0]  cpuidle_enter+0x4e/0xa0
[   76.288367][    C0]  do_idle+0x2e8/0x3d0
[   76.292440][    C0]  ? arch_cpu_idle_exit+0x30/0x30
[   76.297461][    C0]  cpu_startup_entry+0x50/0x60
[   76.302213][    C0]  rest_init+0x148/0x170
[   76.306447][    C0]  ? acpi_subsystem_init+0x70/0x160
[   76.311638][    C0]  ? trace_init_perf_perm_irq_work_exit+0x20/0x20
[   76.318043][    C0]  arch_call_rest_init+0x13/0x30
[   76.322978][    C0]  start_kernel+0x329/0x340
[   76.327479][    C0]  x86_64_start_reservations+0x18/0x30
[   76.332932][    C0]  x86_64_start_kernel+0xb2/0xc0
[   76.337862][    C0]  secondary_startup_64_no_verify+0x166/0x16b
[   76.343924][    C0]  </TASK>
[   76.346925][    C0] 
[   76.349231][    C0] Allocated by task 2:
[   76.353276][    C0]  kasan_save_stack+0x33/0x50
[   76.357942][    C0]  kasan_set_track+0x25/0x30
[   76.362522][    C0]  __kasan_slab_alloc+0x81/0x90
[   76.367363][    C0]  kmem_cache_alloc_node+0x1c1/0x3c0
[   76.372636][    C0]  copy_process+0x41c/0x6980
[   76.377213][    C0]  kernel_clone+0xfb/0xa30
[   76.381631][    C0]  kernel_thread+0xc0/0x100
[   76.386119][    C0]  kthreadd+0x47c/0x6e0
[   76.390266][    C0]  ret_from_fork+0x45/0x80
[   76.394674][    C0]  ret_from_fork_asm+0x11/0x20
[   76.399435][    C0] 
[   76.401740][    C0] Freed by task 0:
[   76.405442][    C0]  kasan_save_stack+0x33/0x50
[   76.410108][    C0]  kasan_set_track+0x25/0x30
[   76.414685][    C0]  kasan_save_free_info+0x2b/0x40
[   76.419701][    C0]  ____kasan_slab_free+0x15b/0x1b0
[   76.424803][    C0]  slab_free_freelist_hook+0x114/0x1e0
[   76.430251][    C0]  kmem_cache_free+0xe9/0x450
[   76.434915][    C0]  delayed_put_task_struct+0x1e7/0x250
[   76.440369][    C0]  rcu_core+0xb4d/0x13d0
[   76.444597][    C0]  __do_softirq+0x24a/0x66e
[   76.449090][    C0] 
[   76.451395][    C0] Last potentially related work creation:
[   76.457089][    C0]  kasan_save_stack+0x33/0x50
[   76.461754][    C0]  __kasan_record_aux_stack+0xbc/0xd0
[   76.467115][    C0]  __call_rcu_common.constprop.0+0x8e/0x6b0
[   76.473008][    C0]  put_task_struct_rcu_user+0x87/0xc0
[   76.478399][    C0]  __schedule+0xb98/0x2760
[   76.482834][    C0]  preempt_schedule_common+0x45/0xc0
[   76.488127][    C0]  __cond_resched+0x17/0x20
[   76.492624][    C0]  smpboot_thread_fn+0x601/0x900
[   76.497563][    C0]  kthread+0x2aa/0x380
[   76.501632][    C0]  ret_from_fork+0x45/0x80
[   76.506043][    C0]  ret_from_fork_asm+0x11/0x20
[   76.510801][    C0] 
[   76.513109][    C0] Second to last potentially related work creation:
[   76.519675][    C0]  kasan_save_stack+0x33/0x50
[   76.524350][    C0]  __kasan_record_aux_stack+0xbc/0xd0
[   76.529717][    C0]  __call_rcu_common.constprop.0+0x8e/0x6b0
[   76.535606][    C0]  put_task_struct_rcu_user+0x87/0xc0
[   76.540974][    C0]  release_task+0xd9d/0x1700
[   76.545555][    C0]  wait_consider_task+0x159e/0x3800
[   76.550746][    C0]  __do_wait+0x1d7/0x870
[   76.554980][    C0]  do_wait+0x1cb/0x430
[   76.559039][    C0]  kernel_wait4+0x16d/0x270
[   76.563532][    C0]  __do_sys_wait4+0x15b/0x170
[   76.568200][    C0]  do_syscall_64+0x40/0x110
[   76.572707][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   76.578598][    C0] 
[   76.581082][    C0] The buggy address belongs to the object at ffff888120a31c40
[   76.581082][    C0]  which belongs to the cache task_struct of size 6976
[   76.595212][    C0] The buggy address is located 2424 bytes inside of
[   76.595212][    C0]  freed 6976-byte region [ffff888120a31c40, ffff888120a33780)
[   76.609175][    C0] 
[   76.611482][    C0] The buggy address belongs to the physical page:
[   76.617874][    C0] page:ffffea0004828c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120a30
[   76.628104][    C0] head:ffffea0004828c00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   76.637024][    C0] memcg:ffff88811305f1c1
[   76.641247][    C0] flags: 0x200000000000840(slab|head|node=0|zone=2)
[   76.647824][    C0] page_type: 0xffffffff()
[   76.652138][    C0] raw: 0200000000000840 ffff888101a50500 dead000000000100 dead000000000122
[   76.660713][    C0] raw: 0000000000000000 0000000000040004 00000001ffffffff ffff88811305f1c1
[   76.669280][    C0] page dumped because: kasan: bad access detected
[   76.675679][    C0] page_owner tracks the page as allocated
[   76.681379][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1691, tgid 1691 (udevd), ts 28834289580, free_ts 25769351658
[   76.702130][    C0]  post_alloc_hook+0x27f/0x2f0
[   76.706904][    C0]  get_page_from_freelist+0xea8/0x36f0
[   76.712362][    C0]  __alloc_pages+0x342/0x5e0
[   76.716948][    C0]  alloc_pages_mpol+0xeb/0x3f0
[   76.721702][    C0]  allocate_slab+0x24b/0x360
[   76.726283][    C0]  ___slab_alloc+0x8ce/0x10e0
[   76.730951][    C0]  __slab_alloc.constprop.0+0x4d/0x90
[   76.736330][    C0]  kmem_cache_alloc_node+0x151/0x3c0
[   76.741609][    C0]  copy_process+0x41c/0x6980
[   76.746192][    C0]  kernel_clone+0xfb/0xa30
[   76.750599][    C0]  __do_sys_clone+0xba/0x100
[   76.755180][    C0]  do_syscall_64+0x40/0x110
[   76.759682][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   76.765567][    C0] page last free stack trace:
[   76.770219][    C0]  free_unref_page_prepare+0x562/0xbd0
[   76.775672][    C0]  free_unref_page+0x33/0x350
[   76.780347][    C0]  __folio_put+0x97/0xb0
[   76.784583][    C0]  page_to_skb+0x7c2/0xbc0
[   76.788986][    C0]  receive_buf+0x111e/0x5f60
[   76.793564][    C0]  virtnet_poll+0x974/0x1400
[   76.798148][    C0]  __napi_poll+0xb4/0x690
[   76.802474][    C0]  net_rx_action+0x938/0xe60
[   76.807057][    C0]  __do_softirq+0x24a/0x66e
[   76.811557][    C0] 
[   76.813862][    C0] Memory state around the buggy address:
[   76.819479][    C0]  ffff888120a32480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   76.827532][    C0]  ffff888120a32500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   76.835586][    C0] >ffff888120a32580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   76.843632][    C0]                                         ^
[   76.849550][    C0]  ffff888120a32600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   76.857604][    C0]  ffff888120a32680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   76.865656][    C0] ==================================================================
[   76.873793][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   76.881299][    C0] Kernel Offset: disabled
[   76.885609][    C0] Rebooting in 86400 seconds..