Warning: Permanently added '10.128.0.6' (ED25519) to the list of known hosts. 2024/12/14 10:31:40 ignoring optional flag "sandboxArg"="0" 2024/12/14 10:31:40 parsed 1 programs [ 102.907331][ T4555] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 104.632713][ T4584] chnl_net:caif_netlink_parms(): no params data found [ 104.678151][ T4584] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.685302][ T4584] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.693294][ T4584] device bridge_slave_0 entered promiscuous mode [ 104.703352][ T4584] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.710619][ T4584] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.719363][ T4584] device bridge_slave_1 entered promiscuous mode [ 104.741789][ T4584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.753587][ T4584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.784002][ T4584] team0: Port device team_slave_0 added [ 104.791997][ T4584] team0: Port device team_slave_1 added [ 104.816514][ T4584] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.823721][ T4584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.850560][ T4584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.862992][ T4584] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.870092][ T4584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.896044][ T4584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.934780][ T4584] device hsr_slave_0 entered promiscuous mode [ 104.941791][ T4584] device hsr_slave_1 entered promiscuous mode [ 105.702108][ T4584] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.713134][ T4584] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.726801][ T4584] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.750357][ T4584] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.892981][ T4584] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.913911][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 105.932983][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 105.949032][ T4584] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.971116][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 105.988375][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 106.007050][ T491] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.014191][ T491] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.032409][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 106.050790][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 106.068346][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 106.086891][ T491] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.094024][ T491] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.117947][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 106.139759][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 106.149517][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 106.170896][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 106.188609][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 106.208446][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 106.217300][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 106.234993][ T4584] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 106.246297][ T4584] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 106.258508][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 106.267287][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 106.287371][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 106.309138][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 106.326442][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 106.494110][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 106.502369][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 106.516640][ T4584] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.540410][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 106.550313][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 106.577867][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 106.591601][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 106.604985][ T4584] device veth0_vlan entered promiscuous mode [ 106.615699][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 106.640477][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 106.653712][ T4584] device veth1_vlan entered promiscuous mode [ 106.679071][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 106.689720][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 106.701912][ T4584] device veth0_macvtap entered promiscuous mode [ 106.712611][ T4584] device veth1_macvtap entered promiscuous mode [ 106.738597][ T4584] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.746428][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 106.755944][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 106.766048][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 106.775474][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 106.797031][ T4584] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.805863][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 106.819325][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 106.832726][ T4584] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.843255][ T4584] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.852839][ T4584] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.863704][ T4584] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.188932][ T491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.197057][ T491] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.223038][ T1289] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 109.239931][ T491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.258700][ T491] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.285946][ T1289] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 109.589333][ T590] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2024/12/14 10:31:51 executed programs: 0 [ 109.866195][ T4803] chnl_net:caif_netlink_parms(): no params data found [ 109.934620][ T4803] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.944276][ T4803] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.952908][ T4803] device bridge_slave_0 entered promiscuous mode [ 109.965155][ T4803] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.972666][ T4803] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.983807][ T4803] device bridge_slave_1 entered promiscuous mode [ 110.015930][ T4803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 110.028351][ T4803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 110.060153][ T4803] team0: Port device team_slave_0 added [ 110.069225][ T4803] team0: Port device team_slave_1 added [ 110.094846][ T4803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.102037][ T4803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.128059][ T4803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.142923][ T4803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.150776][ T4803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.178228][ T4803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.217896][ T4803] device hsr_slave_0 entered promiscuous mode [ 110.224931][ T4803] device hsr_slave_1 entered promiscuous mode [ 110.232309][ T4803] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 110.240298][ T4803] Cannot create hsr debugfs directory [ 111.506100][ T590] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.576838][ T590] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.656773][ T590] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.767781][ T13] Bluetooth: hci0: command 0x0409 tx timeout [ 112.469258][ T4803] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 112.498154][ T4803] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 112.507253][ T4803] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 112.516510][ T4803] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 112.592113][ T4803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.610915][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 112.619355][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 112.630046][ T4803] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.640824][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 112.651298][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 112.660602][ T491] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.667868][ T491] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.676440][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 112.704816][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 112.714195][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 112.722975][ T491] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.730103][ T491] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.739153][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 112.751255][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 112.784112][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 112.793929][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 112.803252][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 112.818024][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 112.827002][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 112.836656][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 112.845294][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 112.856281][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 112.865328][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 112.898365][ T4803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 112.996399][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 113.004064][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 113.016722][ T4803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.045055][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 113.055765][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 113.076385][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 113.085044][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 113.094583][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 113.103112][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 113.116989][ T4803] device veth0_vlan entered promiscuous mode [ 113.142674][ T4803] device veth1_vlan entered promiscuous mode [ 113.164200][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 113.173708][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 113.182453][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 113.191685][ T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 113.202738][ T4803] device veth0_macvtap entered promiscuous mode [ 113.212901][ T4803] device veth1_macvtap entered promiscuous mode [ 113.240009][ T590] device hsr_slave_0 left promiscuous mode [ 113.246434][ T590] device hsr_slave_1 left promiscuous mode [ 113.253566][ T590] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 113.261710][ T590] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 113.269660][ T590] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 113.277341][ T590] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 113.285619][ T590] device bridge_slave_1 left promiscuous mode [ 113.292104][ T590] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.301413][ T590] device bridge_slave_0 left promiscuous mode [ 113.307896][ T590] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.320428][ T590] device veth1_macvtap left promiscuous mode [ 113.326451][ T590] device veth0_macvtap left promiscuous mode [ 113.334088][ T590] device veth1_vlan left promiscuous mode [ 113.340625][ T590] device veth0_vlan left promiscuous mode [ 113.504788][ T590] team0 (unregistering): Port device team_slave_1 removed [ 113.521324][ T590] team0 (unregistering): Port device team_slave_0 removed [ 113.533635][ T590] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 113.547238][ T590] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 113.610537][ T590] bond0 (unregistering): Released all slaves [ 113.653065][ T4803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.664265][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 113.672925][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 113.681133][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 113.690121][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 113.712430][ T4803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.722093][ T1289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 113.731609][ T1289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 113.747376][ T4803] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.756571][ T4803] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.765733][ T4803] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.775717][ T4803] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.843641][ T1289] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.854452][ T4238] Bluetooth: hci0: command 0x041b tx timeout [ 113.863272][ T1289] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.872649][ T491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.874387][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 113.884729][ T491] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.911261][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 113.965810][ T4986] loop0: detected capacity change from 0 to 512 [ 114.042396][ T4986] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.15: inode #1: comm syz.0.15: iget: illegal inode # [ 114.064907][ T4986] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.15: error while reading EA inode 1 err=-117 [ 114.078556][ T4986] EXT4-fs (loop0): 1 orphan inode deleted [ 114.084664][ T4986] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 114.104702][ T4986] ================================================================== [ 114.113038][ T4986] BUG: KASAN: use-after-free in ext4_insert_dentry+0x366/0x6c0 [ 114.120640][ T4986] Write of size 250 at addr ffff888060257f18 by task syz.0.15/4986 [ 114.128542][ T4986] [ 114.130891][ T4986] CPU: 0 PID: 4986 Comm: syz.0.15 Not tainted 5.15.173-syzkaller #0 [ 114.138960][ T4986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 114.149021][ T4986] Call Trace: [ 114.152289][ T4986] [ 114.155298][ T4986] dump_stack_lvl+0x1e3/0x2d0 [ 114.159977][ T4986] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 114.165703][ T4986] ? _printk+0xd1/0x120 [ 114.169881][ T4986] ? __wake_up_klogd+0xcc/0x100 [ 114.174742][ T4986] ? panic+0x860/0x860 [ 114.178801][ T4986] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 114.184353][ T4986] print_address_description+0x63/0x3b0 [ 114.190174][ T4986] ? ext4_insert_dentry+0x366/0x6c0 [ 114.195370][ T4986] kasan_report+0x16b/0x1c0 [ 114.199867][ T4986] ? ext4_insert_dentry+0x366/0x6c0 [ 114.205078][ T4986] kasan_check_range+0x27e/0x290 [ 114.210021][ T4986] ? ext4_insert_dentry+0x366/0x6c0 [ 114.215230][ T4986] memcpy+0x3c/0x60 [ 114.219035][ T4986] ext4_insert_dentry+0x366/0x6c0 [ 114.224063][ T4986] add_dirent_to_buf+0x384/0x7d0 [ 114.229001][ T4986] ? ext4_dx_add_entry+0x1620/0x1620 [ 114.234279][ T4986] ? __ext4_handle_dirty_metadata+0x2ef/0x800 [ 114.240431][ T4986] make_indexed_dir+0xf34/0x15a0 [ 114.245377][ T4986] ? add_dirent_to_buf+0x7d0/0x7d0 [ 114.250576][ T4986] ? add_dirent_to_buf+0x54e/0x7d0 [ 114.255785][ T4986] ? ext4_dx_add_entry+0x1620/0x1620 [ 114.261064][ T4986] ? __ext4_read_dirblock+0x522/0x890 [ 114.266441][ T4986] ext4_add_entry+0xde2/0x12b0 [ 114.271216][ T4986] ? ext4_inc_count+0x190/0x190 [ 114.276166][ T4986] ? ext4_init_new_dir+0x7c8/0xa20 [ 114.281276][ T4986] ? ext4_init_dot_dotdot+0x4e0/0x4e0 [ 114.286660][ T4986] ext4_mkdir+0x54f/0xce0 [ 114.291084][ T4986] ? ext4_symlink+0xed0/0xed0 [ 114.295759][ T4986] ? inode_permission+0xf7/0x450 [ 114.300692][ T4986] ? bpf_lsm_inode_mkdir+0x5/0x10 [ 114.305737][ T4986] ? security_inode_mkdir+0xb4/0x100 [ 114.311052][ T4986] vfs_mkdir+0x3b6/0x590 [ 114.315308][ T4986] do_mkdirat+0x260/0x520 [ 114.319720][ T4986] ? vfs_mkdir+0x590/0x590 [ 114.324147][ T4986] ? getname_flags+0x1ec/0x4e0 [ 114.328934][ T4986] __x64_sys_mkdirat+0x85/0x90 [ 114.333726][ T4986] do_syscall_64+0x3b/0xb0 [ 114.338141][ T4986] ? clear_bhb_loop+0x15/0x70 [ 114.342911][ T4986] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 114.348808][ T4986] RIP: 0033:0x7f59a32e6809 [ 114.353227][ T4986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.372921][ T4986] RSP: 002b:00007f59a2564058 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 114.381438][ T4986] RAX: ffffffffffffffda RBX: 00007f59a34abfa0 RCX: 00007f59a32e6809 [ 114.389436][ T4986] RDX: 5be60480b9579340 RSI: 0000000020000940 RDI: ffffffffffffff9c [ 114.397462][ T4986] RBP: 00007f59a335993e R08: 0000000000000000 R09: 0000000000000000 [ 114.405547][ T4986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.413649][ T4986] R13: 0000000000000000 R14: 00007f59a34abfa0 R15: 00007ffc3c387528 [ 114.421808][ T4986] [ 114.424842][ T4986] [ 114.427156][ T4986] The buggy address belongs to the page: [ 114.432792][ T4986] page:ffffea00018095c0 refcount:3 mapcount:0 mapping:ffff888145a84f30 index:0x3f pfn:0x60257 [ 114.443116][ T4986] memcg:ffff888076a18000 [ 114.447351][ T4986] aops:def_blk_aops ino:700000 [ 114.452126][ T4986] flags: 0xfff0000000202a(referenced|dirty|active|private|node=0|zone=1|lastcpupid=0x7ff) [ 114.462142][ T4986] raw: 00fff0000000202a 0000000000000000 dead000000000122 ffff888145a84f30 [ 114.470730][ T4986] raw: 000000000000003f ffff88807ec071d0 00000003ffffffff ffff888076a18000 [ 114.479330][ T4986] page dumped because: kasan: bad access detected [ 114.485829][ T4986] page_owner tracks the page as allocated [ 114.491556][ T4986] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 4986, ts 114104124513, free_ts 112947201668 [ 114.508845][ T4986] get_page_from_freelist+0x3b78/0x3d40 [ 114.514397][ T4986] __alloc_pages+0x272/0x700 [ 114.518976][ T4986] __page_cache_alloc+0xd4/0x4a0 [ 114.523921][ T4986] pagecache_get_page+0xa91/0x1010 [ 114.529020][ T4986] __getblk_gfp+0x22a/0xaf0 [ 114.533515][ T4986] ext4_getblk+0x259/0x710 [ 114.537928][ T4986] ext4_bread+0x2a/0x170 [ 114.542177][ T4986] ext4_append+0x31f/0x5c0 [ 114.546604][ T4986] make_indexed_dir+0x515/0x15a0 [ 114.551574][ T4986] ext4_add_entry+0xde2/0x12b0 [ 114.556501][ T4986] ext4_mkdir+0x54f/0xce0 [ 114.560872][ T4986] vfs_mkdir+0x3b6/0x590 [ 114.565218][ T4986] do_mkdirat+0x260/0x520 [ 114.569541][ T4986] __x64_sys_mkdirat+0x85/0x90 [ 114.574335][ T4986] do_syscall_64+0x3b/0xb0 [ 114.578750][ T4986] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 114.584642][ T4986] page last free stack trace: [ 114.589299][ T4986] free_unref_page_prepare+0xc34/0xcf0 [ 114.594883][ T4986] free_unref_page_list+0x1f7/0x8e0 [ 114.600238][ T4986] release_pages+0x1bb9/0x1f40 [ 114.605210][ T4986] tlb_finish_mmu+0x177/0x320 [ 114.609903][ T4986] exit_mmap+0x3cd/0x670 [ 114.614140][ T4986] __mmput+0x112/0x3b0 [ 114.618435][ T4986] exit_mm+0x688/0x7f0 [ 114.622505][ T4986] do_exit+0x626/0x2480 [ 114.626775][ T4986] do_group_exit+0x144/0x310 [ 114.631365][ T4986] __x64_sys_exit_group+0x3b/0x40 [ 114.636566][ T4986] do_syscall_64+0x3b/0xb0 [ 114.641001][ T4986] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 114.646930][ T4986] [ 114.649781][ T4986] Memory state around the buggy address: [ 114.655408][ T4986] ffff888060257f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 114.663466][ T4986] ffff888060257f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 114.671602][ T4986] >ffff888060258000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.679671][ T4986] ^ [ 114.683751][ T4986] ffff888060258080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.691936][ T4986] ffff888060258100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.700005][ T4986] ================================================================== [ 114.708056][ T4986] Disabling lock debugging due to kernel taint [ 114.716161][ T4986] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 114.723375][ T4986] CPU: 0 PID: 4986 Comm: syz.0.15 Tainted: G B 5.15.173-syzkaller #0 [ 114.732761][ T4986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 114.742834][ T4986] Call Trace: [ 114.746121][ T4986] [ 114.749043][ T4986] dump_stack_lvl+0x1e3/0x2d0 [ 114.753736][ T4986] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 114.759362][ T4986] ? panic+0x860/0x860 [ 114.763437][ T4986] ? preempt_schedule_common+0xa6/0xd0 [ 114.768992][ T4986] ? preempt_schedule+0xd9/0xe0 [ 114.773834][ T4986] panic+0x318/0x860 [ 114.777728][ T4986] ? check_panic_on_warn+0x1d/0xa0 [ 114.783028][ T4986] ? fb_is_primary_device+0xd0/0xd0 [ 114.788222][ T4986] ? _raw_spin_unlock_irqrestore+0x128/0x130 [ 114.794320][ T4986] ? _raw_spin_unlock+0x40/0x40 [ 114.799168][ T4986] ? print_memory_metadata+0xe2/0x140 [ 114.804627][ T4986] check_panic_on_warn+0x7e/0xa0 [ 114.809563][ T4986] ? ext4_insert_dentry+0x366/0x6c0 [ 114.814776][ T4986] end_report+0x6d/0xf0 [ 114.819065][ T4986] kasan_report+0x18e/0x1c0 [ 114.823559][ T4986] ? ext4_insert_dentry+0x366/0x6c0 [ 114.828760][ T4986] kasan_check_range+0x27e/0x290 [ 114.833695][ T4986] ? ext4_insert_dentry+0x366/0x6c0 [ 114.838913][ T4986] memcpy+0x3c/0x60 [ 114.842713][ T4986] ext4_insert_dentry+0x366/0x6c0 [ 114.847731][ T4986] add_dirent_to_buf+0x384/0x7d0 [ 114.852663][ T4986] ? ext4_dx_add_entry+0x1620/0x1620 [ 114.857947][ T4986] ? __ext4_handle_dirty_metadata+0x2ef/0x800 [ 114.864023][ T4986] make_indexed_dir+0xf34/0x15a0 [ 114.868987][ T4986] ? add_dirent_to_buf+0x7d0/0x7d0 [ 114.874094][ T4986] ? add_dirent_to_buf+0x54e/0x7d0 [ 114.879251][ T4986] ? ext4_dx_add_entry+0x1620/0x1620 [ 114.884535][ T4986] ? __ext4_read_dirblock+0x522/0x890 [ 114.889914][ T4986] ext4_add_entry+0xde2/0x12b0 [ 114.894795][ T4986] ? ext4_inc_count+0x190/0x190 [ 114.899748][ T4986] ? ext4_init_new_dir+0x7c8/0xa20 [ 114.904953][ T4986] ? ext4_init_dot_dotdot+0x4e0/0x4e0 [ 114.910360][ T4986] ext4_mkdir+0x54f/0xce0 [ 114.914783][ T4986] ? ext4_symlink+0xed0/0xed0 [ 114.919465][ T4986] ? inode_permission+0xf7/0x450 [ 114.924401][ T4986] ? bpf_lsm_inode_mkdir+0x5/0x10 [ 114.929539][ T4986] ? security_inode_mkdir+0xb4/0x100 [ 114.934837][ T4986] vfs_mkdir+0x3b6/0x590 [ 114.939116][ T4986] do_mkdirat+0x260/0x520 [ 114.943446][ T4986] ? vfs_mkdir+0x590/0x590 [ 114.947982][ T4986] ? getname_flags+0x1ec/0x4e0 [ 114.952845][ T4986] __x64_sys_mkdirat+0x85/0x90 [ 114.957609][ T4986] do_syscall_64+0x3b/0xb0 [ 114.962056][ T4986] ? clear_bhb_loop+0x15/0x70 [ 114.966730][ T4986] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 114.972741][ T4986] RIP: 0033:0x7f59a32e6809 [ 114.977232][ T4986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.997056][ T4986] RSP: 002b:00007f59a2564058 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 115.005651][ T4986] RAX: ffffffffffffffda RBX: 00007f59a34abfa0 RCX: 00007f59a32e6809 [ 115.013799][ T4986] RDX: 5be60480b9579340 RSI: 0000000020000940 RDI: ffffffffffffff9c [ 115.021854][ T4986] RBP: 00007f59a335993e R08: 0000000000000000 R09: 0000000000000000 [ 115.029821][ T4986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.037874][ T4986] R13: 0000000000000000 R14: 00007f59a34abfa0 R15: 00007ffc3c387528 [ 115.045973][ T4986] [ 115.049281][ T4986] Kernel Offset: disabled [ 115.053650][ T4986] Rebooting in 86400 seconds..