Warning: Permanently added '10.128.10.34' (ED25519) to the list of known hosts.
2025/03/28 22:18:34 ignoring optional flag "sandboxArg"="0"
2025/03/28 22:18:34 ignoring optional flag "type"="gce"
2025/03/28 22:18:34 parsed 1 programs
2025/03/28 22:18:34 executed programs: 0
[   46.439685][  T418] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.446893][  T418] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.454654][  T418] device bridge_slave_0 entered promiscuous mode
[   46.479007][  T418] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.486186][  T418] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.493875][  T418] device bridge_slave_1 entered promiscuous mode
[   46.504758][  T426] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.512057][  T426] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.519878][  T426] device bridge_slave_0 entered promiscuous mode
[   46.528899][  T417] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.536800][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.544435][  T417] device bridge_slave_0 entered promiscuous mode
[   46.555233][  T417] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.562215][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.569784][  T417] device bridge_slave_1 entered promiscuous mode
[   46.576736][  T426] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.583704][  T426] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.591414][  T426] device bridge_slave_1 entered promiscuous mode
[   46.663614][  T419] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.670679][  T419] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.678664][  T419] device bridge_slave_0 entered promiscuous mode
[   46.685647][  T427] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.692574][  T427] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.700249][  T427] device bridge_slave_0 entered promiscuous mode
[   46.711015][  T427] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.717977][  T427] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.725440][  T427] device bridge_slave_1 entered promiscuous mode
[   46.746841][  T419] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.753779][  T419] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.761396][  T419] device bridge_slave_1 entered promiscuous mode
[   46.823515][  T424] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.830366][  T424] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.837979][  T424] device bridge_slave_0 entered promiscuous mode
[   46.873917][  T424] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.880845][  T424] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.888858][  T424] device bridge_slave_1 entered promiscuous mode
[   47.064701][  T418] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.071722][  T418] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.078938][  T418] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.085956][  T418] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.102907][  T426] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.109776][  T426] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.116953][  T426] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.123808][  T426] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.160386][  T427] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.167583][  T427] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.174715][  T427] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.181545][  T427] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.194684][  T417] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.201882][  T417] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.209090][  T417] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.216028][  T417] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.232479][  T424] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.239366][  T424] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.246582][  T424] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.253556][  T424] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.281152][  T419] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.288022][  T419] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.295561][  T419] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.302555][  T419] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.323814][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.332006][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.339844][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.347045][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.354355][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.361352][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.368725][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.376279][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.384145][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.391556][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.398877][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.406444][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.415072][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.423953][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.431725][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.464697][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.473104][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.481907][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.513863][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.522653][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.531262][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.538435][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.565210][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.574690][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.584662][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.593786][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.605357][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.616488][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.627987][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.638795][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.649936][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.659819][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.669636][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.677341][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.685229][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.694193][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.702701][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.710038][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.718377][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.727341][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.735590][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.742537][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.752281][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   47.760839][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.778522][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.786550][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.799086][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.808047][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.817815][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.824953][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.833578][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.842036][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.850660][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.857745][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.884528][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.892123][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.900153][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.909460][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.918286][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.925778][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.933530][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.942122][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.951006][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.957939][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.965526][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   47.973962][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.982286][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.991177][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.999668][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.006991][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.014720][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.024352][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.032929][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.040200][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.048062][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.063227][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   48.071532][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.079793][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   48.088456][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.136435][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.146622][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.154994][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.163037][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.171258][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.180364][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.204340][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   48.215239][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.240543][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.248976][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.259043][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.289734][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.299539][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   48.307844][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.316534][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.325294][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.334917][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.347889][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.368775][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.376788][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.404510][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.413322][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.436294][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.444646][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.453105][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.461454][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.470525][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.479358][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.487841][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.521577][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.530061][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.539095][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   48.548854][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.558254][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   48.566691][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.576314][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.585223][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.594278][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.602554][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.614886][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   48.622745][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.642727][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.652176][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.660814][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.670206][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.678782][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.687868][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.703177][   T23] kauditd_printk_skb: 15 callbacks suppressed
[   48.703190][   T23] audit: type=1400 audit(1743200316.910:91): avc:  denied  { mounton } for  pid=418 comm="syz-executor.2" path="/dev/binderfs" dev="devtmpfs" ino=12317 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   48.759882][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.781671][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.782215][   T23] audit: type=1400 audit(1743200316.990:92): avc:  denied  { mounton } for  pid=452 comm="syz-executor.4" path="/root/syzkaller-testdir3928687524/syzkaller.0FXYr2/0/file0" dev="sda1" ino=1952 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   48.837262][  T456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   48.860183][  T455] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   48.870108][  T456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.880829][  T454] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   48.913866][  T456] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   48.922386][  T456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.936215][  T455] EXT4-fs (loop4): re-mounted. Opts: (null)
[   48.937005][  T454] EXT4-fs (loop2): re-mounted. Opts: (null)
[   48.962901][   T23] audit: type=1400 audit(1743200317.090:93): avc:  denied  { mount } for  pid=452 comm="syz-executor.4" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   48.990007][  T456] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   48.991436][   T23] audit: type=1400 audit(1743200317.130:94): avc:  denied  { mounton } for  pid=453 comm="syz-executor.2" path="/root/syzkaller-testdir2326594475/syzkaller.kTB0D5/0/file0/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   49.010464][  T456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   49.035717][   T23] audit: type=1400 audit(1743200317.130:95): avc:  denied  { prog_load } for  pid=453 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   49.058796][   T23] audit: type=1400 audit(1743200317.140:96): avc:  denied  { remount } for  pid=452 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   49.088753][   T23] audit: type=1400 audit(1743200317.170:97): avc:  denied  { create } for  pid=452 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   49.112144][   T23] audit: type=1400 audit(1743200317.170:98): avc:  denied  { unmount } for  pid=426 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   49.135940][  T464] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   49.135968][  T475] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   49.152305][  T468] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   49.161024][  T469] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   49.193636][  T468] EXT4-fs (loop1): re-mounted. Opts: (null)
[   49.200154][  T469] EXT4-fs (loop3): re-mounted. Opts: (null)
[   49.200315][  T464] EXT4-fs (loop5): re-mounted. Opts: (null)
[   49.219151][  T475] EXT4-fs (loop4): re-mounted. Opts: (null)
[   49.229400][  T480] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   49.255298][  T480] EXT4-fs (loop2): re-mounted. Opts: (null)
[   49.268645][  T490] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   49.413514][  T490] EXT4-fs (loop0): re-mounted. Opts: (null)
[   49.432792][  T503] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   49.479245][  T503] EXT4-fs (loop2): re-mounted. Opts: (null)
[   49.505670][  T514] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   49.505917][  T510] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   49.524125][  T501] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   49.539926][  T514] EXT4-fs (loop5): re-mounted. Opts: (null)
[   49.570548][  T507] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   49.591192][  T501] EXT4-fs (loop1): re-mounted. Opts: (null)
[   49.609364][  T507] EXT4-fs (loop4): re-mounted. Opts: (null)
[   49.630063][  T524] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   49.641248][  T510] EXT4-fs (loop3): re-mounted. Opts: (null)
[   49.660818][  T526] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   49.799026][  T524] EXT4-fs (loop2): re-mounted. Opts: (null)
[   49.807383][  T526] EXT4-fs (loop0): re-mounted. Opts: (null)
[   49.880000][  T541] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   49.889138][  T531] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   49.900273][  T542] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   49.978814][  T531] EXT4-fs (loop5): re-mounted. Opts: (null)
[   49.984684][  T541] EXT4-fs (loop1): re-mounted. Opts: (null)
[   49.992800][  T542] EXT4-fs (loop4): re-mounted. Opts: (null)
[   50.032054][  T547] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   50.038065][  T554] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   50.051019][  T556] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.149019][  T556] EXT4-fs (loop2): re-mounted. Opts: (null)
[   50.155875][  T554] EXT4-fs (loop0): re-mounted. Opts: (null)
[   50.161855][  T547] EXT4-fs (loop3): re-mounted. Opts: (null)
[   50.194567][  T569] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.266910][  T569] EXT4-fs (loop4): re-mounted. Opts: (null)
[   50.280980][  T572] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   50.305353][  T574] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   50.334382][  T572] EXT4-fs (loop1): re-mounted. Opts: (null)
[   50.349098][  T580] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   50.353978][  T582] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   50.367080][  T574] EXT4-fs (loop5): re-mounted. Opts: (null)
[   50.417183][  T590] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.457673][  T582] EXT4-fs (loop3): re-mounted. Opts: (null)
[   50.463610][  T580] EXT4-fs (loop0): re-mounted. Opts: (null)
[   50.480005][  T590] EXT4-fs (loop2): re-mounted. Opts: (null)
[   50.487884][  T596] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.498627][  T598] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   50.626442][  T596] EXT4-fs (loop4): re-mounted. Opts: (null)
[   50.633482][  T598] EXT4-fs (loop1): re-mounted. Opts: (null)
[   50.648953][  T607] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   50.676256][  T613] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   50.703487][  T607] EXT4-fs (loop5): re-mounted. Opts: (null)
[   50.725074][  T613] EXT4-fs (loop2): re-mounted. Opts: (null)
[   50.732389][  T618] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   50.744241][  T617] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   50.781577][  T617] EXT4-fs (loop3): re-mounted. Opts: (null)
[   50.785267][  T618] EXT4-fs (loop0): re-mounted. Opts: (null)
[   50.910932][  T633] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   50.959772][  T635] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   50.975295][  T633] EXT4-fs (loop1): re-mounted. Opts: (null)
[   51.004831][  T635] EXT4-fs (loop4): re-mounted. Opts: (null)
[   51.015271][  T645] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   51.026568][  T637] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   51.026634][  T643] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   51.046707][  T639] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   51.064844][  T645] EXT4-fs (loop0): re-mounted. Opts: (null)
2025/03/28 22:18:39 executed programs: 42
[   51.114943][  T643] EXT4-fs (loop3): re-mounted. Opts: (null)
[   51.115331][  T637] EXT4-fs (loop5): re-mounted. Opts: (null)
[   51.182573][  T639] EXT4-fs (loop2): re-mounted. Opts: (null)
[   51.202052][  T663] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   51.270296][  T663] EXT4-fs (loop1): re-mounted. Opts: (null)
[   51.277615][  T665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   51.300853][  T670] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   51.311964][  T675] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   51.386957][  T665] EXT4-fs (loop4): re-mounted. Opts: (null)
[   51.393226][  T670] EXT4-fs (loop3): re-mounted. Opts: (null)
[   51.399815][  T675] EXT4-fs (loop0): re-mounted. Opts: (null)
[   51.429333][  T680] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   51.485071][  T687] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   51.593492][  T687] EXT4-fs (loop5): re-mounted. Opts: (null)
[   51.601616][  T680] EXT4-fs (loop2): re-mounted. Opts: (null)
[   51.645685][  T696] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   51.656465][  T690] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   51.666289][  T697] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   51.732009][  T690] EXT4-fs (loop1): re-mounted. Opts: (null)
[   51.732015][  T696] EXT4-fs (loop0): re-mounted. Opts: (null)
[   51.745070][  T697] EXT4-fs (loop4): re-mounted. Opts: (null)
[   51.749028][  T704] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   51.795231][  T712] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   51.811437][  T712] EXT4-fs (loop5): re-mounted. Opts: (null)
[   51.921264][  T704] EXT4-fs (loop3): re-mounted. Opts: (null)
[   51.950383][  T719] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   51.958618][  T723] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   51.962313][  T725] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   51.987114][  T719] EXT4-fs (loop0): re-mounted. Opts: (null)
[   52.006730][  T723] EXT4-fs (loop2): re-mounted. Opts: (null)
[   52.021490][  T725] EXT4-fs (loop1): re-mounted. Opts: (null)
[   52.048672][  T730] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   52.059099][  T732] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   52.099746][  T743] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   52.149220][  T730] EXT4-fs (loop5): re-mounted. Opts: (null)
[   52.149237][  T732] EXT4-fs (loop4): re-mounted. Opts: (null)
[   52.192460][  T743] EXT4-fs (loop3): re-mounted. Opts: (null)
[   52.206429][  T756] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   52.216821][  T752] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   52.234057][  T752] EXT4-fs (loop0): re-mounted. Opts: (null)
[   52.312117][  T756] EXT4-fs (loop2): re-mounted. Opts: (null)
[   52.355633][  T751] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   52.368272][  T768] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   52.371630][  T760] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   52.394296][  T751] EXT4-fs (loop1): re-mounted. Opts: (null)
[   52.401921][  T760] EXT4-fs (loop5): re-mounted. Opts: (null)
[   52.425942][  T768] EXT4-fs (loop3): re-mounted. Opts: (null)
[   52.442543][  T774] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   52.451309][  T770] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   52.582815][  T770] EXT4-fs (loop4): re-mounted. Opts: (null)
[   52.596148][  T774] EXT4-fs (loop0): re-mounted. Opts: (null)
[   52.623403][  T787] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   52.660643][  T787] EXT4-fs (loop2): re-mounted. Opts: (null)
[   52.717231][  T793] EXT4-fs (loop5): re-mounted. Opts: (null)
[   52.724205][  T792] EXT4-fs (loop1): re-mounted. Opts: (null)
[   52.764295][  T795] EXT4-fs (loop3): re-mounted. Opts: (null)
[   52.812208][  T807] EXT4-fs (loop4): re-mounted. Opts: (null)
[   52.854351][  T810] EXT4-fs (loop0): re-mounted. Opts: (null)
[   52.894470][  T817] EXT4-fs (loop2): re-mounted. Opts: (null)
[   52.900797][  T815] EXT4-fs (loop5): re-mounted. Opts: (null)
[   53.036507][  T827] EXT4-fs (loop1): re-mounted. Opts: (null)
[   53.050628][  T831] EXT4-fs (loop3): re-mounted. Opts: (null)
[   53.124762][  T845] EXT4-fs (loop2): re-mounted. Opts: (null)
[   53.144918][  T837] EXT4-fs (loop4): re-mounted. Opts: (null)
[   53.152819][  T844] EXT4-fs (loop5): re-mounted. Opts: (null)
[   53.176198][  T842] EXT4-fs (loop0): re-mounted. Opts: (null)
[   53.187333][  T849] EXT4-fs (loop1): re-mounted. Opts: (null)
[   53.382320][  T861] EXT4-fs (loop3): re-mounted. Opts: (null)
[   53.405842][  T869] EXT4-fs (loop4): re-mounted. Opts: (null)
[   53.492287][  T879] EXT4-fs (loop0): re-mounted. Opts: (null)
[   53.492424][  T873] EXT4-fs (loop5): re-mounted. Opts: (null)
[   53.503861][  T871] EXT4-fs (loop2): re-mounted. Opts: (null)
[   53.516110][  T880] EXT4-fs (loop1): re-mounted. Opts: (null)
[   53.723844][  T896] EXT4-fs (loop4): re-mounted. Opts: (null)
[   53.724030][  T885] EXT4-fs (loop3): re-mounted. Opts: (null)
[   53.862290][  T911] EXT4-fs (loop2): re-mounted. Opts: (null)
[   53.888531][  T907] EXT4-fs (loop5): re-mounted. Opts: (null)
[   53.888651][  T915] EXT4-fs (loop4): re-mounted. Opts: (null)
[   53.921917][  T910] EXT4-fs (loop1): re-mounted. Opts: (null)
[   53.928307][  T908] EXT4-fs (loop0): re-mounted. Opts: (null)
[   54.081141][  T923] EXT4-fs (loop3): re-mounted. Opts: (null)
[   54.143621][  T933] EXT4-fs (loop2): re-mounted. Opts: (null)
[   54.162202][  T941] EXT4-fs (loop5): re-mounted. Opts: (null)
[   54.226914][  T939] EXT4-fs (loop4): re-mounted. Opts: (null)
[   54.243446][  T943] EXT4-fs (loop1): re-mounted. Opts: (null)
[   54.249286][  T945] EXT4-fs (loop0): re-mounted. Opts: (null)
[   54.269162][  T949] EXT4-fs (loop3): re-mounted. Opts: (null)
[   54.453530][  T967] EXT4-fs (loop2): re-mounted. Opts: (null)
[   54.461683][  T971] EXT4-fs (loop3): re-mounted. Opts: (null)
[   54.487234][  T968] EXT4-fs (loop5): re-mounted. Opts: (null)
[   54.514422][  T980] EXT4-fs (loop4): re-mounted. Opts: (null)
[   54.569103][  T973] EXT4-fs (loop0): re-mounted. Opts: (null)
[   54.686185][  T977] EXT4-fs (loop1): re-mounted. Opts: (null)
[   54.749884][  T996] EXT4-fs (loop4): re-mounted. Opts: (null)
[   54.772488][  T998] EXT4-fs (loop2): re-mounted. Opts: (null)
[   54.793056][ T1002] EXT4-fs (loop3): re-mounted. Opts: (null)
[   54.799694][ T1000] EXT4-fs (loop5): re-mounted. Opts: (null)
[   54.899528][ T1006] EXT4-fs (loop0): re-mounted. Opts: (null)
[   54.954007][ T1022] EXT4-fs (loop4): re-mounted. Opts: (null)
[   54.975087][ T1018] EXT4-fs (loop1): re-mounted. Opts: (null)
[   55.108416][ T1032] EXT4-fs (loop5): re-mounted. Opts: (null)
[   55.113622][ T1031] EXT4-fs (loop3): re-mounted. Opts: (null)
[   55.114365][ T1028] EXT4-fs (loop2): re-mounted. Opts: (null)
[   55.132333][ T1041] EXT4-fs (loop0): re-mounted. Opts: (null)
[   55.253905][ T1046] EXT4-fs (loop4): re-mounted. Opts: (null)
[   55.374655][ T1060] EXT4-fs (loop5): re-mounted. Opts: (null)
[   55.395070][ T1065] EXT4-fs (loop2): re-mounted. Opts: (null)
[   55.431671][ T1070] EXT4-fs (loop3): re-mounted. Opts: (null)
[   55.438676][  T418] ==================================================================
[   55.447086][  T418] BUG: KASAN: use-after-free in kthread_stop+0x37/0x4a0
[   55.454202][  T418] Write of size 4 at addr ffff8881e64a4ee0 by task syz-executor.2/418
[   55.462163][  T418] 
[   55.464490][  T418] CPU: 0 PID: 418 Comm: syz-executor.2 Not tainted 5.4.290-syzkaller-05053-g41adfeb3d639 #0
[   55.474728][  T418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   55.484628][  T418] Call Trace:
[   55.487756][  T418]  dump_stack+0x1d8/0x241
[   55.492076][  T418]  ? prepare_exit_to_usermode+0x199/0x200
[   55.497634][  T418]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   55.503374][  T418]  ? printk+0xd1/0x111
[   55.507688][  T418]  ? kthread_stop+0x37/0x4a0
[   55.512220][  T418]  print_address_description+0x8c/0x600
[   55.517813][  T418]  ? kthread_stop+0x37/0x4a0
[   55.522239][  T418]  __kasan_report+0xf3/0x120
[   55.526666][  T418]  ? kthread_stop+0x37/0x4a0
[   55.531207][  T418]  kasan_report+0x30/0x60
[   55.535376][  T418]  check_memory_region+0x272/0x280
[   55.540425][  T418]  kthread_stop+0x37/0x4a0
[   55.544954][  T418]  ext4_put_super+0x790/0xbb0
[   55.549480][  T418]  ? ext4_drop_inode+0x1f0/0x1f0
[   55.555120][  T418]  generic_shutdown_super+0x120/0x300
[   55.560788][  T418]  kill_block_super+0x7a/0xe0
[   55.565619][  T418]  deactivate_locked_super+0xa8/0x110
[   55.571043][  T418]  deactivate_super+0x1e2/0x2a0
[   55.575730][  T418]  ? deactivate_locked_super+0x110/0x110
[   55.581382][  T418]  ? d_lru_add+0xdb/0x160
[   55.585734][  T418]  ? retain_dentry+0x1ac/0x270
[   55.590573][  T418]  cleanup_mnt+0x44e/0x500
[   55.594804][  T418]  task_work_run+0x140/0x170
[   55.599216][  T418]  exit_to_usermode_loop+0x190/0x1a0
[   55.604446][  T418]  prepare_exit_to_usermode+0x199/0x200
[   55.609912][  T418]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   55.616305][  T418] RIP: 0033:0x7ff88cee6bc7
[   55.620536][  T418] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   55.640312][  T418] RSP: 002b:00007ffd205d2a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   55.648766][  T418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff88cee6bc7
[   55.656568][  T418] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffd205d2ad0
[   55.664643][  T418] RBP: 00007ffd205d2ad0 R08: 0000000000000000 R09: 0000000000000000
[   55.672692][  T418] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd205d3b90
[   55.680465][  T418] R13: 00007ff88cf40aa2 R14: 000000000000d7f5 R15: 0000000000000009
[   55.688275][  T418] 
[   55.690454][  T418] Allocated by task 2:
[   55.694414][  T418]  __kasan_kmalloc+0x171/0x210
[   55.699133][  T418]  kmem_cache_alloc+0xd9/0x250
[   55.703887][  T418]  dup_task_struct+0x4f/0x600
[   55.708530][  T418]  copy_process+0x56d/0x3230
[   55.713019][  T418]  _do_fork+0x197/0x900
[   55.717256][  T418]  kernel_thread+0x16a/0x1d0
[   55.721770][  T418]  kthreadd+0x3b1/0x4f0
[   55.725958][  T418]  ret_from_fork+0x1f/0x30
[   55.730453][  T418] 
[   55.732592][  T418] Freed by task 17:
[   55.736279][  T418]  __kasan_slab_free+0x1b5/0x270
[   55.741015][  T418]  kmem_cache_free+0x10b/0x2c0
[   55.745622][  T418]  rcu_do_batch+0x492/0xa00
[   55.749952][  T418]  rcu_core+0x4c8/0xcb0
[   55.753954][  T418]  __do_softirq+0x23b/0x6b7
[   55.758371][  T418] 
[   55.760770][  T418] The buggy address belongs to the object at ffff8881e64a4ec0
[   55.760770][  T418]  which belongs to the cache task_struct of size 3904
[   55.774791][  T418] The buggy address is located 32 bytes inside of
[   55.774791][  T418]  3904-byte region [ffff8881e64a4ec0, ffff8881e64a5e00)
[   55.788077][  T418] The buggy address belongs to the page:
[   55.793764][  T418] page:ffffea0007992800 refcount:1 mapcount:0 mapping:ffff8881f5cf0500 index:0x0 compound_mapcount: 0
[   55.804703][  T418] flags: 0x8000000000010200(slab|head)
[   55.810177][  T418] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f5cf0500
[   55.818712][  T418] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
[   55.827125][  T418] page dumped because: kasan: bad access detected
[   55.833390][  T418] page_owner tracks the page as allocated
[   55.838936][  T418] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL)
[   55.855172][  T418]  prep_new_page+0x18f/0x370
[   55.859589][  T418]  get_page_from_freelist+0x2d13/0x2d90
[   55.865063][  T418]  __alloc_pages_nodemask+0x393/0x840
[   55.870407][  T418]  alloc_slab_page+0x39/0x3c0
[   55.874872][  T418]  new_slab+0x97/0x440
[   55.878775][  T418]  ___slab_alloc+0x2fe/0x490
[   55.883304][  T418]  __slab_alloc+0x62/0xa0
[   55.887477][  T418]  kmem_cache_alloc+0x109/0x250
[   55.892166][  T418]  dup_task_struct+0x4f/0x600
[   55.896690][  T418]  copy_process+0x56d/0x3230
[   55.901106][  T418]  _do_fork+0x197/0x900
[   55.905093][  T418]  __x64_sys_clone3+0x2da/0x300
[   55.909779][  T418]  do_syscall_64+0xca/0x1c0
[   55.914141][  T418]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   55.919844][  T418] page last free stack trace:
[   55.924453][  T418]  __free_pages_ok+0x847/0x950
[   55.929057][  T418]  __free_pages+0x91/0x140
[   55.933384][  T418]  __free_slab+0x221/0x2e0
[   55.937633][  T418]  unfreeze_partials+0x14e/0x180
[   55.942410][  T418]  put_cpu_partial+0x44/0x180
[   55.946923][  T418]  __slab_free+0x297/0x360
[   55.951187][  T418]  qlist_free_all+0x43/0xb0
[   55.955607][  T418]  quarantine_reduce+0x1d9/0x210
[   55.960646][  T418]  __kasan_kmalloc+0x41/0x210
[   55.965166][  T418]  kmem_cache_alloc_trace+0xdc/0x260
[   55.970453][  T418]  kernfs_iop_get_link+0x63/0x540
[   55.975317][  T418]  vfs_readlink+0x174/0x400
[   55.979749][  T418]  do_readlinkat+0x27f/0x3a0
[   55.984161][  T418]  __x64_sys_readlink+0x7b/0x90
[   55.989388][  T418]  do_syscall_64+0xca/0x1c0
[   55.993721][  T418]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   55.999519][  T418] 
[   56.001688][  T418] Memory state around the buggy address:
[   56.007164][  T418]  ffff8881e64a4d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   56.015074][  T418]  ffff8881e64a4e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   56.023598][  T418] >ffff8881e64a4e80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   56.031896][  T418]                                                        ^
[   56.039032][  T418]  ffff8881e64a4f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   56.047126][  T418]  ffff8881e64a4f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   56.055103][  T418] ==================================================================
[   56.063402][  T418] Disabling lock debugging due to kernel taint
[   56.070919][  T418] ------------[ cut here ]------------
[   56.076391][  T418] refcount_t: addition on 0; use-after-free.
[   56.083072][  T418] WARNING: CPU: 0 PID: 418 at lib/refcount.c:25 refcount_warn_saturate+0x132/0x1a0
[   56.092491][  T418] Modules linked in:
[   56.096203][  T418] CPU: 0 PID: 418 Comm: syz-executor.2 Tainted: G    B             5.4.290-syzkaller-05053-g41adfeb3d639 #0
[   56.107680][  T418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   56.117685][  T418] RIP: 0010:refcount_warn_saturate+0x132/0x1a0
[   56.123683][  T418] Code: 04 01 48 c7 c7 60 1f fa 84 e8 ba 8b 0d ff 0f 0b eb a9 e8 c1 e9 36 ff c6 05 d6 0d 1d 04 01 48 c7 c7 e0 1f fa 84 e8 9e 8b 0d ff <0f> 0b eb 8d e8 a5 e9 36 ff c6 05 bb 0d 1d 04 01 48 c7 c7 40 20 fa
[   56.143609][  T418] RSP: 0018:ffff8881eb88fc30 EFLAGS: 00010246
[   56.149503][  T418] RAX: 7c7fabc891ea3000 RBX: 0000000000000002 RCX: ffff8881edf74ec0
[   56.157308][  T418] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   56.165267][  T418] RBP: 0000000000000002 R08: ffffffff814d6db2 R09: ffffed103edca9b8
[   56.173157][  T418] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   56.181151][  T418] R13: ffff8881e64a4ec0 R14: dffffc0000000000 R15: ffff8881e64a4ee0
[   56.188962][  T418] FS:  0000555579e97480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   56.197985][  T418] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.204490][  T418] CR2: 0000555556a6e818 CR3: 00000001ed985000 CR4: 00000000003406b0
[   56.212399][  T418] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   56.220537][  T418] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   56.228583][  T418] Call Trace:
[   56.231726][  T418]  ? __warn+0x162/0x250
[   56.235804][  T418]  ? report_bug+0x3a1/0x4e0
[   56.240135][  T418]  ? refcount_warn_saturate+0x132/0x1a0
[   56.245642][  T418]  ? refcount_warn_saturate+0x132/0x1a0
[   56.251002][  T418]  ? do_invalid_op+0x6e/0x110
[   56.255597][  T418]  ? invalid_op+0x1e/0x30
[   56.259876][  T418]  ? wake_up_klogd+0xb2/0xf0
[   56.264303][  T418]  ? refcount_warn_saturate+0x132/0x1a0
[   56.269977][  T418]  kthread_stop+0x1a5/0x4a0
[   56.274412][  T418]  ext4_put_super+0x790/0xbb0
[   56.279039][  T418]  ? ext4_drop_inode+0x1f0/0x1f0
[   56.284005][  T418]  generic_shutdown_super+0x120/0x300
[   56.289380][  T418]  kill_block_super+0x7a/0xe0
[   56.294077][  T418]  deactivate_locked_super+0xa8/0x110
[   56.299505][  T418]  deactivate_super+0x1e2/0x2a0
[   56.304541][  T418]  ? deactivate_locked_super+0x110/0x110
[   56.310017][  T418]  ? d_lru_add+0xdb/0x160
[   56.314172][  T418]  ? retain_dentry+0x1ac/0x270
[   56.318856][  T418]  cleanup_mnt+0x44e/0x500
[   56.323120][  T418]  task_work_run+0x140/0x170
[   56.327716][  T418]  exit_to_usermode_loop+0x190/0x1a0
[   56.332842][  T418]  prepare_exit_to_usermode+0x199/0x200
[   56.338478][  T418]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   56.344432][  T418] RIP: 0033:0x7ff88cee6bc7
[   56.348820][  T418] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   56.368344][  T418] RSP: 002b:00007ffd205d2a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   56.376816][  T418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ff88cee6bc7
[   56.384623][  T418] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffd205d2ad0
[   56.392489][  T418] RBP: 00007ffd205d2ad0 R08: 0000000000000000 R09: 0000000000000000
[   56.400244][  T418] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd205d3b90
[   56.408057][  T418] R13: 00007ff88cf40aa2 R14: 000000000000d7f5 R15: 0000000000000009
[   56.416083][  T418] ---[ end trace f0c7d487cf732cf4 ]---
2025/03/28 22:18:44 executed programs: 126
[   56.437490][ T1057] EXT4-fs (loop1): re-mounted. Opts: (null)
[   56.465615][ T1062] EXT4-fs (loop0): re-mounted. Opts: (null)
[   56.466629][ T1077] EXT4-fs (loop4): re-mounted. Opts: (null)
[   56.716225][ T1089] EXT4-fs (loop5): re-mounted. Opts: (null)
[   56.722864][ T1093] EXT4-fs (loop3): re-mounted. Opts: (null)
[   56.738470][ T1096] EXT4-fs (loop4): re-mounted. Opts: (null)
[   56.745124][ T1099] EXT4-fs (loop0): re-mounted. Opts: (null)
[   56.757598][ T1091] EXT4-fs (loop1): re-mounted. Opts: (null)
[   57.015028][ T1116] EXT4-fs (loop3): re-mounted. Opts: (null)
[   57.016017][ T1118] EXT4-fs (loop5): re-mounted. Opts: (null)
[   57.035465][ T1114] EXT4-fs (loop4): re-mounted. Opts: (null)
[   57.043473][ T1121] EXT4-fs (loop0): re-mounted. Opts: (null)
[   57.079724][ T1123] EXT4-fs (loop1): re-mounted. Opts: (null)
[   57.315510][ T1139] EXT4-fs (loop3): re-mounted. Opts: (null)