Warning: Permanently added '[localhost]:23386' (ED25519) to the list of known hosts.
2024/04/14 02:03:38 ignoring optional flag "sandboxArg"="0"
2024/04/14 02:03:39 parsed 1 programs
[ 74.975692][ T38] kauditd_printk_skb: 73 callbacks suppressed
[ 74.975705][ T38] audit: type=1400 audit(1713060219.225:207): avc: denied { getattr } for pid=5401 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 75.031354][ T38] audit: type=1400 audit(1713060219.285:208): avc: denied { mounton } for pid=5407 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 75.042152][ T38] audit: type=1400 audit(1713060219.285:209): avc: denied { mount } for pid=5407 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 75.051737][ T38] audit: type=1400 audit(1713060219.295:210): avc: denied { read write } for pid=5407 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 75.062504][ T38] audit: type=1400 audit(1713060219.295:211): avc: denied { open } for pid=5407 comm="syz-executor" path="/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 75.082151][ T38] audit: type=1400 audit(1713060219.335:212): avc: denied { unlink } for pid=5407 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 75.432461][ T38] audit: type=1400 audit(1713060219.685:213): avc: denied { relabelto } for pid=5410 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 76.231327][ T5407] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/04/14 02:03:40 executed programs: 0
[ 76.292541][ T5198] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.296674][ T5198] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.302387][ T5198] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.306576][ T5198] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.310334][ T5198] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 76.313538][ T5198] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 76.324280][ T38] audit: type=1400 audit(1713060220.575:214): avc: denied { mounton } for pid=5417 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 76.467550][ T5417] chnl_net:caif_netlink_parms(): no params data found
[ 76.592767][ T5417] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.596087][ T5417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.601815][ T5417] bridge_slave_0: entered allmulticast mode
[ 76.606574][ T5417] bridge_slave_0: entered promiscuous mode
[ 76.612201][ T5417] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.615504][ T5417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.618756][ T5417] bridge_slave_1: entered allmulticast mode
[ 76.625599][ T5417] bridge_slave_1: entered promiscuous mode
[ 76.687017][ T5417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.696461][ T5417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.764323][ T5417] team0: Port device team_slave_0 added
[ 76.770838][ T5417] team0: Port device team_slave_1 added
[ 76.770962][ T38] audit: type=1400 audit(1713060221.025:215): avc: denied { search } for pid=4668 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 76.834017][ T5417] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.837145][ T5417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.850514][ T5417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.858733][ T5417] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.862013][ T5417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.874784][ T5417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.946050][ T5417] hsr_slave_0: entered promiscuous mode
[ 76.949761][ T5417] hsr_slave_1: entered promiscuous mode
[ 77.125874][ T1358] ieee802154 phy0 wpan0: encryption failed: -22
[ 77.129044][ T1358] ieee802154 phy1 wpan1: encryption failed: -22
[ 77.533006][ T5417] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 77.539500][ T5417] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 77.546582][ T5417] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 77.556524][ T5417] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 77.645458][ T5417] 8021q: adding VLAN 0 to HW filter on device bond0
[ 77.656740][ T5417] 8021q: adding VLAN 0 to HW filter on device team0
[ 77.666603][ T824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.670302][ T824] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 77.680329][ T55] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.682924][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 77.721250][ T5417] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 77.748374][ T38] audit: type=1400 audit(1713060221.995:216): avc: denied { sys_module } for pid=5417 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 77.822818][ T5417] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 77.864188][ T5417] veth0_vlan: entered promiscuous mode
[ 77.873490][ T5417] veth1_vlan: entered promiscuous mode
[ 77.893389][ T5417] veth0_macvtap: entered promiscuous mode
[ 77.898278][ T5417] veth1_macvtap: entered promiscuous mode
[ 77.915205][ T5417] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 77.924291][ T5417] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 77.930781][ T5417] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.934705][ T5417] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.938665][ T5417] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.944216][ T5417] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.003464][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.007071][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.033176][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.037389][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.387143][ T5472] loop0: detected capacity change from 0 to 32768
[ 78.390618][ T5198] Bluetooth: hci0: command tx timeout
[ 78.397805][ T5472] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 78.401670][ T5472] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 78.420535][ T5472] gfs2: fsid=syz:syz.0: journal 0 mapped with 4 extents in 0ms
[ 78.427083][ T54] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 78.432123][ T54] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 78.509670][ T54] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 77ms
[ 78.514336][ T54] gfs2: fsid=syz:syz.0: jid=0: Done
[ 78.517333][ T5472] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 78.761539][ T5472] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 78.781189][ T5417] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:315
[ 78.784580][ T5417] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5417, name: syz-executor.0
[ 78.790834][ T5417] preempt_count: 1, expected: 0
[ 78.793021][ T5417] RCU nest depth: 0, expected: 0
[ 78.795128][ T5417] 7 locks held by syz-executor.0/5417:
[ 78.797260][ T5417] #0: ffff88802f6340e0 (&type->s_umount_key#67){+.+.}-{3:3}, at: deactivate_super+0xd6/0x100
[ 78.801185][ T5417] #1: ffff88803e574b78 (&sdp->sd_quota_sync_mutex){+.+.}-{3:3}, at: gfs2_quota_sync+0x19e/0x630
[ 78.804820][ T5417] #2: ffff888032be8808 (&gfs2_quota_imutex_key){+.+.}-{3:3}, at: do_sync+0x3af/0xd30
[ 78.808169][ T5417] #3: ffff88802f634610 (sb_internal#2){.+.+}-{0:0}, at: gfs2_trans_begin+0x74/0x100
[ 78.811664][ T5417] #4: ffff88803e575060 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: __gfs2_trans_begin+0x533/0xb80
[ 78.815661][ T5417] #5: ffff888032be8ca0 (&ip->i_rw_mutex){++++}-{3:3}, at: gfs2_unstuff_dinode+0x93/0x1460
[ 78.820571][ T5417] #6: ffff88803e574e88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_trans_add_data+0x116/0x710
[ 78.825180][ T5417] Preemption disabled at:
[ 78.825190][ T5417] [<0000000000000000>] 0x0
[ 78.828921][ T5417] CPU: 0 PID: 5417 Comm: syz-executor.0 Not tainted 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 78.832649][ T5417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 78.836125][ T5417] Call Trace:
[ 78.837313][ T5417]
[ 78.838382][ T5417] dump_stack_lvl+0x16c/0x1f0
[ 78.840031][ T5417] __might_resched+0x3c0/0x5e0
[ 78.841715][ T5417] ? __pfx___might_resched+0x10/0x10
[ 78.843545][ T5417] ? gfs2_trans_add_data+0x250/0x710
[ 78.845371][ T5417] kmem_cache_alloc+0x281/0x320
[ 78.847098][ T5417] gfs2_trans_add_data+0x250/0x710
[ 78.848931][ T5417] ? create_empty_buffers+0x3a5/0x480
[ 78.850830][ T5417] gfs2_unstuff_dinode+0xad9/0x1460
[ 78.852657][ T5417] ? trace_gfs2_log_blocks+0x192/0x220
[ 78.854889][ T5417] ? __pfx_gfs2_unstuff_dinode+0x10/0x10
[ 78.857402][ T5417] ? __gfs2_log_try_reserve+0x138/0x1a0
[ 78.859724][ T5417] ? __pfx___gfs2_log_try_reserve+0x10/0x10
[ 78.862189][ T5417] ? __pfx_rwsem_read_trylock+0x10/0x10
[ 78.864589][ T5417] ? __pfx___might_resched+0x10/0x10
[ 78.866913][ T5417] ? map_id_up+0x282/0x370
[ 78.868864][ T5417] gfs2_adjust_quota+0x124/0xb10
[ 78.870980][ T5417] ? __pfx_gfs2_adjust_quota+0x10/0x10
[ 78.873348][ T5417] ? from_kgid+0x8b/0xd0
[ 78.875221][ T5417] ? __pfx_from_kgid+0x10/0x10
[ 78.877338][ T5417] ? __gfs2_trans_begin+0x5fb/0xb80
[ 78.879511][ T5417] ? from_kqid+0xfa/0x1d0
[ 78.881403][ T5417] ? __pfx_from_kqid+0x10/0x10
[ 78.883604][ T5417] do_sync+0xa73/0xd30
[ 78.885117][ T5417] ? __pfx_do_sync+0x10/0x10
[ 78.886748][ T5417] ? gfs2_quota_sync+0x4ad/0x630
[ 78.888616][ T5417] ? gfs2_quota_sync+0x419/0x630
[ 78.890794][ T5417] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 78.893121][ T5417] ? qd_check_sync+0x3d8/0x4f0
[ 78.895207][ T5417] gfs2_quota_sync+0x419/0x630
[ 78.897265][ T5417] gfs2_sync_fs+0x44/0xb0
[ 78.899137][ T5417] ? __pfx_gfs2_sync_fs+0x10/0x10
[ 78.901339][ T5417] sync_filesystem+0x10d/0x290
[ 78.903443][ T5417] generic_shutdown_super+0x7e/0x3d0
[ 78.905781][ T5417] kill_block_super+0x3b/0x90
[ 78.907788][ T5417] gfs2_kill_sb+0x360/0x410
[ 78.909785][ T5417] deactivate_locked_super+0xbe/0x1a0
[ 78.912134][ T5417] deactivate_super+0xde/0x100
[ 78.914232][ T5417] cleanup_mnt+0x222/0x450
[ 78.916200][ T5417] task_work_run+0x14e/0x250
[ 78.918191][ T5417] ? __pfx_task_work_run+0x10/0x10
[ 78.920479][ T5417] syscall_exit_to_user_mode+0x278/0x2a0
[ 78.923022][ T5417] do_syscall_64+0xdc/0x260
[ 78.925079][ T5417] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.927587][ T5417] RIP: 0033:0x7f5a5ca7f197
[ 78.929238][ T5417] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 78.935877][ T5417] RSP: 002b:00007fff82f87ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 78.938745][ T5417] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f5a5ca7f197
[ 78.941506][ T5417] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff82f87b90
[ 78.944242][ T5417] RBP: 00007fff82f87b90 R08: 0000000000000000 R09: 0000000000000000
[ 78.947001][ T5417] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff82f88c50
[ 78.949779][ T5417] R13: 00007f5a5cac93b9 R14: 000000000001305f R15: 0000000000000001
[ 78.952528][ T5417]
[ 78.961409][ T5417] syz-executor.0: attempt to access beyond end of device
[ 78.961409][ T5417] loop0: rw=1, sector=131324, nr_sectors = 4 limit=32768
[ 78.966932][ T5417] gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0
[ 78.970250][ T5492] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 78.974636][ T5492] gfs2: fsid=syz:syz.0: File system withdrawn
[ 78.977304][ T5492] CPU: 2 PID: 5492 Comm: gfs2_logd/syz:s Tainted: G W 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 78.982572][ T5492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 78.986852][ T5492] Call Trace:
[ 78.988298][ T5492]
[ 78.989584][ T5492] dump_stack_lvl+0x16c/0x1f0
[ 78.991604][ T5492] gfs2_withdraw+0xab8/0x1290
[ 78.993644][ T5492] ? find_held_lock+0x2d/0x110
[ 78.995620][ T5492] ? __pfx_gfs2_withdraw+0x10/0x10
[ 78.997461][ T5492] ? gfs2_logd+0xc74/0xfe0
[ 78.999089][ T5492] ? __pfx_lock_release+0x10/0x10
[ 79.000910][ T5492] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 79.002988][ T5492] gfs2_logd+0xdad/0xfe0
[ 79.004501][ T5492] ? __pfx_gfs2_logd+0x10/0x10
[ 79.006221][ T5492] ? __pfx_autoremove_wake_function+0x10/0x10
[ 79.008369][ T5492] ? lockdep_hardirqs_on+0x7c/0x110
[ 79.010224][ T5492] ? __kthread_parkme+0x148/0x220
[ 79.012100][ T5492] ? __pfx_gfs2_logd+0x10/0x10
[ 79.013886][ T5492] kthread+0x2c1/0x3a0
[ 79.015420][ T5492] ? _raw_spin_unlock_irq+0x23/0x50
[ 79.017334][ T5492] ? __pfx_kthread+0x10/0x10
[ 79.018971][ T5492] ret_from_fork+0x45/0x80
[ 79.020545][ T5492] ? __pfx_kthread+0x10/0x10
[ 79.022180][ T5492] ret_from_fork_asm+0x1a/0x30
[ 79.023826][ T5492]
[ 79.037104][ T5417] ==================================================================
[ 79.039975][ T5417] BUG: KASAN: slab-use-after-free in gfs2_invalidate_folio+0x718/0x820
[ 79.042825][ T5417] Read of size 8 at addr ffff8880274f9168 by task syz-executor.0/5417
[ 79.045676][ T5417]
[ 79.046527][ T5417] CPU: 2 PID: 5417 Comm: syz-executor.0 Tainted: G W 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 79.051160][ T5417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 79.054694][ T5417] Call Trace:
[ 79.055870][ T5417]
[ 79.056907][ T5417] dump_stack_lvl+0x116/0x1f0
[ 79.058603][ T5417] print_report+0xc3/0x620
[ 79.060175][ T5417] ? __virt_addr_valid+0x5e/0x580
[ 79.061931][ T5417] ? __phys_addr+0xc6/0x150
[ 79.063520][ T5417] kasan_report+0xd9/0x110
[ 79.065291][ T5417] ? gfs2_invalidate_folio+0x718/0x820
[ 79.067250][ T5417] ? gfs2_invalidate_folio+0x718/0x820
[ 79.069205][ T5417] gfs2_invalidate_folio+0x718/0x820
[ 79.071126][ T5417] ? hlock_class+0x4e/0x130
[ 79.072794][ T5417] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 79.075177][ T5417] truncate_cleanup_folio+0x2ac/0x3e0
[ 79.077090][ T5417] truncate_inode_pages_range+0x271/0xe90
[ 79.079139][ T5417] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 79.081349][ T5417] ? mark_lock+0xb5/0xc60
[ 79.082871][ T5417] ? __pfx___lock_acquire+0x10/0x10
[ 79.084692][ T5417] ? __pfx_mark_lock+0x10/0x10
[ 79.086398][ T5417] ? __pfx_mark_lock+0x10/0x10
[ 79.088102][ T5417] ? mark_held_locks+0x9f/0xe0
[ 79.089815][ T5417] ? _raw_spin_unlock_irq+0x23/0x50
[ 79.091767][ T5417] ? lockdep_hardirqs_on+0x7c/0x110
[ 79.093630][ T5417] gfs2_evict_inode+0x75b/0x1460
[ 79.095374][ T5417] ? __pfx___lock_acquire+0x10/0x10
[ 79.097217][ T5417] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 79.099215][ T5417] ? find_held_lock+0x2d/0x110
[ 79.100898][ T5417] ? evict+0x2b7/0x6c0
[ 79.102342][ T5417] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 79.104219][ T5417] ? do_raw_spin_unlock+0x172/0x230
[ 79.106069][ T5417] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 79.107980][ T5417] evict+0x2ed/0x6c0
[ 79.109379][ T5417] iput.part.0+0x5a8/0x7f0
[ 79.110947][ T5417] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 79.112768][ T5417] iput+0x5c/0x80
[ 79.114066][ T5417] gfs2_put_super+0x2bd/0x760
[ 79.115743][ T5417] ? __pfx_gfs2_put_super+0x10/0x10
[ 79.117582][ T5417] generic_shutdown_super+0x159/0x3d0
[ 79.119474][ T5417] kill_block_super+0x3b/0x90
[ 79.121138][ T5417] gfs2_kill_sb+0x360/0x410
[ 79.122827][ T5417] deactivate_locked_super+0xbe/0x1a0
[ 79.124708][ T5417] deactivate_super+0xde/0x100
[ 79.126428][ T5417] cleanup_mnt+0x222/0x450
[ 79.128060][ T5417] task_work_run+0x14e/0x250
[ 79.129717][ T5417] ? __pfx_task_work_run+0x10/0x10
[ 79.131511][ T5417] syscall_exit_to_user_mode+0x278/0x2a0
[ 79.133499][ T5417] do_syscall_64+0xdc/0x260
[ 79.135097][ T5417] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.137183][ T5417] RIP: 0033:0x7f5a5ca7f197
[ 79.138775][ T5417] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 79.145530][ T5417] RSP: 002b:00007fff82f87ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 79.148817][ T5417] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f5a5ca7f197
[ 79.151636][ T5417] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff82f87b90
[ 79.154393][ T5417] RBP: 00007fff82f87b90 R08: 0000000000000000 R09: 0000000000000000
[ 79.157163][ T5417] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff82f88c50
[ 79.159952][ T5417] R13: 00007f5a5cac93b9 R14: 000000000001305f R15: 0000000000000001
[ 79.162717][ T5417]
[ 79.163810][ T5417]
[ 79.164660][ T5417] Allocated by task 5417:
[ 79.166191][ T5417] kasan_save_stack+0x33/0x60
[ 79.167836][ T5417] kasan_save_track+0x14/0x30
[ 79.169534][ T5417] __kasan_slab_alloc+0x89/0x90
[ 79.171239][ T5417] kmem_cache_alloc+0x136/0x320
[ 79.172956][ T5417] gfs2_trans_add_data+0x250/0x710
[ 79.174727][ T5417] gfs2_unstuff_dinode+0xad9/0x1460
[ 79.176544][ T5417] gfs2_adjust_quota+0x124/0xb10
[ 79.178326][ T5417] do_sync+0xa73/0xd30
[ 79.179938][ T5417] gfs2_quota_sync+0x419/0x630
[ 79.181630][ T5417] gfs2_sync_fs+0x44/0xb0
[ 79.183157][ T5417] sync_filesystem+0x10d/0x290
[ 79.184852][ T5417] generic_shutdown_super+0x7e/0x3d0
[ 79.186722][ T5417] kill_block_super+0x3b/0x90
[ 79.188406][ T5417] gfs2_kill_sb+0x360/0x410
[ 79.190018][ T5417] deactivate_locked_super+0xbe/0x1a0
[ 79.192084][ T5417] deactivate_super+0xde/0x100
[ 79.193815][ T5417] cleanup_mnt+0x222/0x450
[ 79.195349][ T5417] task_work_run+0x14e/0x250
[ 79.196965][ T5417] syscall_exit_to_user_mode+0x278/0x2a0
[ 79.198938][ T5417] do_syscall_64+0xdc/0x260
[ 79.200517][ T5417] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.202604][ T5417]
[ 79.203446][ T5417] Freed by task 5417:
[ 79.204847][ T5417] kasan_save_stack+0x33/0x60
[ 79.206503][ T5417] kasan_save_track+0x14/0x30
[ 79.208153][ T5417] kasan_save_free_info+0x3b/0x60
[ 79.209920][ T5417] __kasan_slab_free+0x11d/0x1a0
[ 79.211624][ T5417] kmem_cache_free+0x12e/0x380
[ 79.213286][ T5417] gfs2_log_flush+0x1486/0x29b0
[ 79.214977][ T5417] do_sync+0x550/0xd30
[ 79.216397][ T5417] gfs2_quota_sync+0x419/0x630
[ 79.218098][ T5417] gfs2_sync_fs+0x44/0xb0
[ 79.219609][ T5417] sync_filesystem+0x10d/0x290
[ 79.221525][ T5417] generic_shutdown_super+0x7e/0x3d0
[ 79.223437][ T5417] kill_block_super+0x3b/0x90
[ 79.225100][ T5417] gfs2_kill_sb+0x360/0x410
[ 79.226687][ T5417] deactivate_locked_super+0xbe/0x1a0
[ 79.228579][ T5417] deactivate_super+0xde/0x100
[ 79.230265][ T5417] cleanup_mnt+0x222/0x450
[ 79.231824][ T5417] task_work_run+0x14e/0x250
[ 79.233437][ T5417] syscall_exit_to_user_mode+0x278/0x2a0
[ 79.235398][ T5417] do_syscall_64+0xdc/0x260
[ 79.237002][ T5417] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.239093][ T5417]
[ 79.239935][ T5417] The buggy address belongs to the object at ffff8880274f9150
[ 79.239935][ T5417] which belongs to the cache gfs2_bufdata of size 80
[ 79.244742][ T5417] The buggy address is located 24 bytes inside of
[ 79.244742][ T5417] freed 80-byte region [ffff8880274f9150, ffff8880274f91a0)
[ 79.249450][ T5417]
[ 79.250300][ T5417] The buggy address belongs to the physical page:
[ 79.252526][ T5417] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x274f9
[ 79.255549][ T5417] flags: 0xfff80000000800(slab|node=0|zone=1|lastcpupid=0xfff)
[ 79.258379][ T5417] page_type: 0xffffffff()
[ 79.260072][ T5417] raw: 00fff80000000800 ffff88801668ba40 dead000000000122 0000000000000000
[ 79.263408][ T5417] raw: 0000000000000000 0000000080240024 00000001ffffffff 0000000000000000
[ 79.266447][ T5417] page dumped because: kasan: bad access detected
[ 79.268770][ T5417] page_owner tracks the page as allocated
[ 79.270836][ T5417] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 5417, tgid 5417 (syz-executor.0), ts 78780685821, free_ts 78721961391
[ 79.278119][ T5417] post_alloc_hook+0x2d4/0x350
[ 79.279784][ T5417] get_page_from_freelist+0xa28/0x3780
[ 79.281723][ T5417] __alloc_pages+0x22b/0x2460
[ 79.283384][ T5417] new_slab+0xcc/0x3a0
[ 79.284813][ T5417] ___slab_alloc+0x66d/0x1790
[ 79.286466][ T5417] __slab_alloc.constprop.0+0x56/0xb0
[ 79.288346][ T5417] kmem_cache_alloc+0x2e9/0x320
[ 79.290065][ T5417] gfs2_trans_add_meta+0xade/0xf50
[ 79.291852][ T5417] gfs2_alloc_blocks+0x46c/0x19c0
[ 79.293616][ T5417] gfs2_unstuff_dinode+0x499/0x1460
[ 79.295414][ T5417] gfs2_adjust_quota+0x124/0xb10
[ 79.297137][ T5417] do_sync+0xa73/0xd30
[ 79.298582][ T5417] gfs2_quota_sync+0x419/0x630
[ 79.300226][ T5417] gfs2_sync_fs+0x44/0xb0
[ 79.301751][ T5417] sync_filesystem+0x10d/0x290
[ 79.303803][ T5417] generic_shutdown_super+0x7e/0x3d0
[ 79.306028][ T5417] page last free pid 15 tgid 15 stack trace:
[ 79.308357][ T5417] free_unref_page_prepare+0x527/0xb10
[ 79.310285][ T5417] free_unref_page+0x33/0x3c0
[ 79.312054][ T5417] __folio_put+0x166/0x1f0
[ 79.313667][ T5417] free_page_and_swap_cache+0x1eb/0x250
[ 79.315620][ T5417] tlb_remove_table_rcu+0x89/0xe0
[ 79.317406][ T5417] rcu_core+0x828/0x16b0
[ 79.318964][ T5417] __do_softirq+0x218/0x922
[ 79.320570][ T5417]
[ 79.321429][ T5417] Memory state around the buggy address:
[ 79.323413][ T5417] ffff8880274f9000: fa fb fb fb fb fb fb fb fb fb fc fc fc fc fa fb
[ 79.326221][ T5417] ffff8880274f9080: fb fb fb fb fb fb fb fb fc fc fc fc fa fb fb fb
[ 79.329065][ T5417] >ffff8880274f9100: fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb fb
[ 79.331859][ T5417] ^
[ 79.334519][ T5417] ffff8880274f9180: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[ 79.337308][ T5417] ffff8880274f9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 79.340101][ T5417] ==================================================================
[ 79.343564][ T5417] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 79.346131][ T5417] CPU: 2 PID: 5417 Comm: syz-executor.0 Tainted: G W 6.9.0-rc3-syzkaller-00073-ge8c39d0f57f3-dirty #0
[ 79.350414][ T5417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 79.353952][ T5417] Call Trace:
[ 79.355132][ T5417]
[ 79.356180][ T5417] dump_stack_lvl+0x3d/0x1f0
[ 79.357829][ T5417] panic+0x6f5/0x7a0
[ 79.359252][ T5417] ? mark_held_locks+0x9f/0xe0
[ 79.361053][ T5417] ? __pfx_panic+0x10/0x10
[ 79.363052][ T5417] ? irqentry_exit+0x3b/0x90
[ 79.365158][ T5417] ? lockdep_hardirqs_on+0x7c/0x110
[ 79.367575][ T5417] ? check_panic_on_warn+0x1f/0xb0
[ 79.369852][ T5417] check_panic_on_warn+0xab/0xb0
[ 79.372119][ T5417] end_report+0x117/0x180
[ 79.374100][ T5417] kasan_report+0xe9/0x110
[ 79.376136][ T5417] ? gfs2_invalidate_folio+0x718/0x820
[ 79.378531][ T5417] ? gfs2_invalidate_folio+0x718/0x820
[ 79.380972][ T5417] gfs2_invalidate_folio+0x718/0x820
[ 79.383323][ T5417] ? hlock_class+0x4e/0x130
[ 79.385409][ T5417] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 79.387729][ T5417] truncate_cleanup_folio+0x2ac/0x3e0
[ 79.389671][ T5417] truncate_inode_pages_range+0x271/0xe90
[ 79.391659][ T5417] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 79.393838][ T5417] ? mark_lock+0xb5/0xc60
[ 79.395356][ T5417] ? __pfx___lock_acquire+0x10/0x10
[ 79.397181][ T5417] ? __pfx_mark_lock+0x10/0x10
[ 79.398889][ T5417] ? __pfx_mark_lock+0x10/0x10
[ 79.400572][ T5417] ? mark_held_locks+0x9f/0xe0
[ 79.402308][ T5417] ? _raw_spin_unlock_irq+0x23/0x50
[ 79.404120][ T5417] ? lockdep_hardirqs_on+0x7c/0x110
[ 79.406509][ T5417] gfs2_evict_inode+0x75b/0x1460
[ 79.408807][ T5417] ? __pfx___lock_acquire+0x10/0x10
[ 79.411209][ T5417] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 79.413661][ T5417] ? find_held_lock+0x2d/0x110
[ 79.415856][ T5417] ? evict+0x2b7/0x6c0
[ 79.417679][ T5417] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 79.419561][ T5417] ? do_raw_spin_unlock+0x172/0x230
[ 79.421397][ T5417] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 79.423298][ T5417] evict+0x2ed/0x6c0
[ 79.424687][ T5417] iput.part.0+0x5a8/0x7f0
[ 79.426295][ T5417] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 79.428244][ T5417] iput+0x5c/0x80
[ 79.429912][ T5417] gfs2_put_super+0x2bd/0x760
[ 79.431560][ T5417] ? __pfx_gfs2_put_super+0x10/0x10
[ 79.433382][ T5417] generic_shutdown_super+0x159/0x3d0
[ 79.435262][ T5417] kill_block_super+0x3b/0x90
[ 79.436920][ T5417] gfs2_kill_sb+0x360/0x410
[ 79.438575][ T5417] deactivate_locked_super+0xbe/0x1a0
[ 79.440681][ T5417] deactivate_super+0xde/0x100
[ 79.442757][ T5417] cleanup_mnt+0x222/0x450
[ 79.444681][ T5417] task_work_run+0x14e/0x250
[ 79.446740][ T5417] ? __pfx_task_work_run+0x10/0x10
[ 79.449064][ T5417] syscall_exit_to_user_mode+0x278/0x2a0
[ 79.451069][ T5417] do_syscall_64+0xdc/0x260
[ 79.452664][ T5417] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.454739][ T5417] RIP: 0033:0x7f5a5ca7f197
[ 79.456298][ T5417] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 79.463079][ T5417] RSP: 002b:00007fff82f87ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 79.466018][ T5417] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f5a5ca7f197
[ 79.468797][ T5417] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff82f87b90
[ 79.471555][ T5417] RBP: 00007fff82f87b90 R08: 0000000000000000 R09: 0000000000000000
[ 79.474305][ T5417] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff82f88c50
[ 79.477056][ T5417] R13: 00007f5a5cac93b9 R14: 000000000001305f R15: 0000000000000001
[ 79.479831][ T5417]
[ 79.482671][ T5417] Kernel Offset: disabled
[ 79.484262][ T5417] Rebooting in 86400 seconds..