Warning: Permanently added '10.128.10.57' (ED25519) to the list of known hosts.
2023/07/29 11:40:19 ignoring optional flag "sandboxArg"="0"
2023/07/29 11:40:19 parsed 1 programs
[ 42.040556][ T27] audit: type=1400 audit(1690630819.269:156): avc: denied { mounton } for pid=352 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 42.065336][ T27] audit: type=1400 audit(1690630819.269:157): avc: denied { mount } for pid=352 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
2023/07/29 11:40:19 executed programs: 0
[ 42.111977][ T27] audit: type=1400 audit(1690630819.349:158): avc: denied { unlink } for pid=352 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 42.149647][ T352] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 42.186574][ T358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.193438][ T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 42.200497][ T358] device bridge_slave_0 entered promiscuous mode
[ 42.207272][ T358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.214434][ T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 42.221700][ T358] device bridge_slave_1 entered promiscuous mode
[ 42.250672][ T27] audit: type=1400 audit(1690630819.479:159): avc: denied { write } for pid=358 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 42.254658][ T358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.271259][ T27] audit: type=1400 audit(1690630819.479:160): avc: denied { read } for pid=358 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 42.277994][ T358] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 42.305296][ T358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.312242][ T358] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 42.327230][ T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 42.334492][ T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 42.342112][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 42.349259][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 42.357579][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 42.365578][ T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.372861][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 42.381687][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 42.389557][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.396368][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 42.410412][ T358] device veth0_vlan entered promiscuous mode
[ 42.417026][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 42.425229][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 42.432961][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 42.440542][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 42.447863][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 42.455969][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 42.466711][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 42.475169][ T358] device veth1_macvtap entered promiscuous mode
[ 42.483243][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 42.496340][ T27] audit: type=1400 audit(1690630819.729:161): avc: denied { mounton } for pid=358 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 42.497415][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 42.534931][ T363] loop0: detected capacity change from 0 to 512
[ 42.541803][ T27] audit: type=1400 audit(1690630819.779:162): avc: denied { mounton } for pid=362 comm="syz-executor.0" path="/root/syzkaller-testdir2958320947/syzkaller.GlMu7i/0/file1" dev="sda1" ino=1938 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 42.582996][ T363] EXT4-fs (loop0): 1 orphan inode deleted
[ 42.588617][ T363] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 42.597588][ T363] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/0/file1 supports timestamps until 2038 (0x7fffffff)
[ 42.597591][ T27] audit: type=1400 audit(1690630819.829:163): avc: denied { mount } for pid=362 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 42.633812][ T27] audit: type=1400 audit(1690630819.869:164): avc: denied { write } for pid=362 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 42.655962][ T27] audit: type=1400 audit(1690630819.869:165): avc: denied { add_name } for pid=362 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 42.677477][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 42.691096][ T10] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 42.700426][ T10] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:1: mark_inode_dirty error
[ 42.711889][ T10] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 42.724493][ T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 42.724493][ T10]
[ 42.734193][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 42.748756][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 42.778943][ T371] loop0: detected capacity change from 0 to 512
[ 42.792502][ T371] EXT4-fs (loop0): 1 orphan inode deleted
[ 42.798073][ T371] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 42.806880][ T371] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/1/file1 supports timestamps until 2038 (0x7fffffff)
[ 42.829357][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 42.842820][ T10] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 42.852323][ T10] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:1: mark_inode_dirty error
[ 42.863712][ T10] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 42.875905][ T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 42.875905][ T10]
[ 42.885613][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 42.900096][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 42.920561][ T375] loop0: detected capacity change from 0 to 512
[ 42.932261][ T375] EXT4-fs (loop0): 1 orphan inode deleted
[ 42.937783][ T375] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 42.946621][ T375] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/2/file1 supports timestamps until 2038 (0x7fffffff)
[ 42.970587][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 42.984055][ T10] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 42.993402][ T10] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:1: mark_inode_dirty error
[ 43.004776][ T10] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 43.016933][ T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 43.016933][ T10]
[ 43.026711][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 43.041307][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 43.058496][ T379] loop0: detected capacity change from 0 to 512
[ 43.072456][ T379] EXT4-fs (loop0): 1 orphan inode deleted
[ 43.077984][ T379] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 43.086877][ T379] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/3/file1 supports timestamps until 2038 (0x7fffffff)
[ 43.108995][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 43.122630][ T10] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 43.131995][ T10] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:1: mark_inode_dirty error
[ 43.143352][ T10] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 43.155624][ T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 43.155624][ T10]
[ 43.165237][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 43.180168][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 43.222545][ T383] loop0: detected capacity change from 0 to 512
[ 43.232529][ T383] EXT4-fs (loop0): 1 orphan inode deleted
[ 43.238175][ T383] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 43.247095][ T383] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/4/file1 supports timestamps until 2038 (0x7fffffff)
[ 43.270271][ T41] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:2: Invalid inode table block 790638693 in block_group 0
[ 43.283940][ T41] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 43.293511][ T41] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:2: mark_inode_dirty error
[ 43.304883][ T41] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 43.317180][ T41] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 43.317180][ T41]
[ 43.326901][ T41] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:2: Invalid inode table block 790638693 in block_group 0
[ 43.341505][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 43.353405][ T387] loop0: detected capacity change from 0 to 512
[ 43.362842][ T387] EXT4-fs (loop0): 1 orphan inode deleted
[ 43.368384][ T387] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 43.377245][ T387] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/5/file1 supports timestamps until 2038 (0x7fffffff)
[ 43.403450][ T41] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:2: Invalid inode table block 790638693 in block_group 0
[ 43.416946][ T41] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 43.426572][ T41] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:2: mark_inode_dirty error
[ 43.438215][ T41] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 43.450533][ T41] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 43.450533][ T41]
[ 43.460145][ T41] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:2: Invalid inode table block 790638693 in block_group 0
[ 43.474593][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 43.495581][ T391] loop0: detected capacity change from 0 to 512
[ 43.512171][ T391] EXT4-fs (loop0): 1 orphan inode deleted
[ 43.517936][ T391] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 43.527905][ T391] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/6/file1 supports timestamps until 2038 (0x7fffffff)
[ 43.551097][ T41] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:2: Invalid inode table block 790638693 in block_group 0
[ 43.564516][ T41] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 43.573890][ T41] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:2: mark_inode_dirty error
[ 43.585811][ T41] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 43.598312][ T41] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 43.598312][ T41]
[ 43.608032][ T41] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:2: Invalid inode table block 790638693 in block_group 0
[ 43.622490][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 43.637194][ T395] loop0: detected capacity change from 0 to 512
[ 43.652193][ T395] EXT4-fs (loop0): 1 orphan inode deleted
[ 43.657813][ T395] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 43.666997][ T395] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/7/file1 supports timestamps until 2038 (0x7fffffff)
[ 43.692369][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 43.705954][ T10] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5841: Corrupt filesystem
[ 43.715428][ T10] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm kworker/u4:1: mark_inode_dirty error
[ 43.727071][ T10] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 16 with error 117
[ 43.739488][ T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 43.739488][ T10]
[ 43.749429][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4492: comm kworker/u4:1: Invalid inode table block 790638693 in block_group 0
[ 43.764283][ T358] EXT4-fs (loop0): unmounting filesystem.
[ 43.778747][ T401] loop0: detected capacity change from 0 to 512
[ 43.792571][ T401] EXT4-fs (loop0): 1 orphan inode deleted
[ 43.798137][ T401] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 43.807025][ T401] ext4 filesystem being mounted at /root/syzkaller-testdir2958320947/syzkaller.GlMu7i/8/file1 supports timestamps until 2038 (0x7fffffff)
[ 43.833059][ T368] ==================================================================
[ 43.841012][ T368] BUG: KASAN: use-after-free in ext4_find_extent+0xb60/0xd10
[ 43.848389][ T368] Read of size 4 at addr ffff8881241ef4cc by task kworker/u4:3/368
[ 43.856232][ T368]
[ 43.858373][ T368] CPU: 0 PID: 368 Comm: kworker/u4:3 Not tainted 6.1.25-syzkaller #0
[ 43.866456][ T368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[ 43.876345][ T368] Workqueue: writeback wb_workfn (flush-7:0)
[ 43.882159][ T368] Call Trace:
[ 43.885290][ T368]
[ 43.888070][ T368] dump_stack_lvl+0x105/0x148
[ 43.892664][ T368] ? panic+0x3b4/0x3b4
[ 43.896565][ T368] ? nf_tcp_handle_invalid+0x30b/0x30b
[ 43.901953][ T368] ? _printk+0xca/0x10a
[ 43.906030][ T368] print_report+0x158/0x4e0
[ 43.910378][ T368] ? kasan_addr_to_slab+0xd/0x80
[ 43.915230][ T368] ? ext4_find_extent+0xb60/0xd10
[ 43.920101][ T368] kasan_report+0x13c/0x170
[ 43.924428][ T368] ? ext4_find_extent+0xb60/0xd10
[ 43.929297][ T368] __asan_report_load4_noabort+0x14/0x20
[ 43.934760][ T368] ext4_find_extent+0xb60/0xd10
[ 43.939458][ T368] ext4_ext_map_blocks+0x25d/0x64d0
[ 43.944651][ T368] ? stack_trace_save+0x113/0x1c0
[ 43.949539][ T368] ? uncharge_batch+0x4e0/0x4e0
[ 43.954460][ T368] ? stack_trace_snprint+0xe0/0xe0
[ 43.959406][ T368] ? __stack_depot_save+0x21/0x480
[ 43.964359][ T368] ? kasan_set_track+0x60/0x70
[ 43.968966][ T368] ? kasan_set_track+0x4b/0x70
[ 43.973652][ T368] ? kasan_save_alloc_info+0x1f/0x30
[ 43.978771][ T368] ? __kasan_slab_alloc+0x6c/0x80
[ 43.983632][ T368] ? ext4_ext_release+0x10/0x10
[ 43.988403][ T368] ? __kasan_check_write+0x14/0x20
[ 43.993365][ T368] ? _raw_spin_lock_irqsave+0xf9/0x210
[ 43.998649][ T368] ? process_one_work+0x6de/0xd00
[ 44.003600][ T368] ? worker_thread+0x892/0xf20
[ 44.008278][ T368] ? kthread+0x215/0x270
[ 44.012363][ T368] ? _raw_spin_lock+0x1b0/0x1b0
[ 44.017047][ T368] ? _raw_spin_unlock_irqrestore+0x5b/0x80
[ 44.022687][ T368] ? ext4_es_lookup_extent+0x278/0x730
[ 44.027981][ T368] ext4_map_blocks+0x83a/0x18b0
[ 44.032761][ T368] ? ext4_issue_zeroout+0x170/0x170
[ 44.037789][ T368] ext4_writepages+0x1425/0x31d0
[ 44.042563][ T368] ? check_preempt_wakeup+0x7c1/0xb20
[ 44.047769][ T368] ? ext4_read_folio+0x180/0x180
[ 44.052544][ T368] ? yield_to_task_fair+0x190/0x190
[ 44.057578][ T368] ? enqueue_task+0x110/0x490
[ 44.062100][ T368] ? check_preempt_curr+0xdb/0x1c0
[ 44.067043][ T368] ? _raw_spin_unlock+0x4c/0x70
[ 44.071726][ T368] do_writepages+0x338/0x5b0
[ 44.076178][ T368] ? __writepage+0xf0/0xf0
[ 44.080409][ T368] ? update_load_avg+0x54a/0x14c0
[ 44.085378][ T368] ? update_curr+0x2e7/0x6f0
[ 44.089904][ T368] ? __kasan_check_write+0x14/0x20
[ 44.094866][ T368] ? _raw_spin_lock+0xa4/0x1b0
[ 44.099785][ T368] __writeback_single_inode+0x73/0x7a0
[ 44.105077][ T368] ? inode_io_list_move_locked+0x204/0x3c0
[ 44.110977][ T368] writeback_sb_inodes+0x881/0x1500
[ 44.116014][ T368] ? _raw_spin_lock+0xa4/0x1b0
[ 44.120624][ T368] ? queue_io+0x410/0x410
[ 44.124790][ T368] ? __writeback_inodes_wb+0x330/0x330
[ 44.130073][ T368] ? queue_io+0x28a/0x410
[ 44.134238][ T368] ? memset+0x35/0x40
[ 44.138068][ T368] ? blk_start_plug+0x8c/0x120
[ 44.142762][ T368] wb_writeback+0x357/0x810
[ 44.147377][ T368] ? inode_cgwb_move_to_attached+0x480/0x480
[ 44.153199][ T368] ? set_worker_desc+0x11c/0x180
[ 44.157961][ T368] ? __kasan_check_write+0x14/0x20
[ 44.162926][ T368] wb_workfn+0x37d/0xdf0
[ 44.166997][ T368] ? inode_wait_for_writeback+0x260/0x260
[ 44.172553][ T368] ? _raw_spin_unlock+0x4c/0x70
[ 44.177331][ T368] ? finish_task_switch+0x14b/0x680
[ 44.182545][ T368] ? __kasan_check_read+0x11/0x20
[ 44.187474][ T368] ? read_word_at_a_time+0x12/0x20
[ 44.192512][ T368] ? strscpy+0x99/0x260
[ 44.196501][ T368] process_one_work+0x6de/0xd00
[ 44.201199][ T368] worker_thread+0x892/0xf20
[ 44.205627][ T368] ? process_one_work+0xd00/0xd00
[ 44.210472][ T368] kthread+0x215/0x270
[ 44.214467][ T368] ? process_one_work+0xd00/0xd00
[ 44.219325][ T368] ? kthread_blkcg+0xa0/0xa0
[ 44.223766][ T368] ret_from_fork+0x1f/0x30
[ 44.228014][ T368]
[ 44.230886][ T368]
[ 44.233050][ T368] The buggy address belongs to the physical page:
[ 44.239302][ T368] page:ffffea0004907bc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x1241ef
[ 44.249448][ T368] flags: 0x4000000000000000(zone=1)
[ 44.254572][ T368] raw: 4000000000000000 ffffea0004908cc8 ffffea0004907c88 0000000000000000
[ 44.263070][ T368] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 44.271494][ T368] page dumped because: kasan: bad access detected
[ 44.277753][ T368] page_owner tracks the page as freed
[ 44.282971][ T368] page last allocated via order 0, migratetype Movable, gfp_mask 0x8140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO|0x8000000), pid 374, tgid 374 (syz-executor.0), ts 42916164401, free_ts 42966990581
[ 44.302561][ T368] prep_new_page+0x50b/0x530
[ 44.306986][ T368] get_page_from_freelist+0x273d/0x27d0
[ 44.312366][ T368] __alloc_pages+0x39f/0x780
[ 44.316793][ T368] __folio_alloc+0x15/0x40
[ 44.321047][ T368] handle_mm_fault+0x188f/0x2200
[ 44.325820][ T368] exc_page_fault+0x243/0x6d0
[ 44.330343][ T368] asm_exc_page_fault+0x27/0x30
[ 44.335018][ T368] page last free stack trace:
[ 44.339540][ T368] free_unref_page_prepare+0x794/0x7a0
[ 44.344826][ T368] free_unref_page_list+0xf6/0x690
[ 44.349774][ T368] release_pages+0xcfc/0xd50
[ 44.354287][ T368] free_pages_and_swap_cache+0x68/0x80
[ 44.359593][ T368] tlb_flush_mmu+0xe9/0x1b0
[ 44.363921][ T368] unmap_page_range+0x7d4/0x18e0
[ 44.368781][ T368] unmap_vmas+0x461/0x590
[ 44.372954][ T368] exit_mmap+0x25c/0x730
[ 44.377026][ T368] __mmput+0x6b/0x2a0
[ 44.380855][ T368] mmput+0x2a/0xe0
[ 44.384403][ T368] do_exit+0x93e/0x23b0
[ 44.388482][ T368] do_group_exit+0x1ba/0x290
[ 44.392908][ T368] get_signal+0xf0b/0x1000
[ 44.397164][ T368] arch_do_signal_or_restart+0xb0/0x16f0
[ 44.402630][ T368] exit_to_user_mode_loop+0x6b/0xa0
[ 44.407664][ T368] exit_to_user_mode_prepare+0x5a/0xa0
[ 44.413048][ T368]
[ 44.415216][ T368] Memory state around the buggy address:
[ 44.420693][ T368] ffff8881241ef380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 44.428591][ T368] ffff8881241ef400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 44.436652][ T368] >ffff8881241ef480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 44.444550][ T368] ^
[ 44.450888][ T368] ffff8881241ef500: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 44.458787][ T368] ffff8881241ef580: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 44.466780][ T368] ==================================================================
[ 44.475961][ T368] Disabling lock debugging due to kernel taint
[ 44.482109][ T368] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 44.487992][ T368] CPU: 1 PID: 368 Comm: kworker/u4:3 Tainted: G B 6.1.25-syzkaller #0
[ 44.497459][ T368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[ 44.507431][ T368] Workqueue: writeback wb_workfn (flush-7:0)
[ 44.513528][ T368] RIP: 0010:ext4_writepages+0x31cc/0x31d0
[ 44.519170][ T368] Code: 00 65 ff 0d de 09 32 7e 49 bf 00 00 00 00 00 fc ff df 4c 8b ac 24 a8 00 00 00 0f 85 6a fb ff ff e8 61 01 30 ff e9 60 fb ff ff <0f> 0b 0f 0b 55 48 89 e5 41 56 53 48 89 f3 49 89 fe 48 89 f7 be 08
[ 44.538963][ T368] RSP: 0018:ffffc90000e07060 EFLAGS: 00010246
[ 44.544950][ T368] RAX: 0000000000000000 RBX: ffffc90000e07320 RCX: 0000000000000001
[ 44.552956][ T368] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000001
[ 44.560755][ T368] RBP: ffffc90000e07450 R08: dffffc0000000000 R09: ffffed10200af470
[ 44.568743][ T368] R10: 0000000000000000 R11: dffffc0000000001 R12: 000000000000042b
[ 44.576554][ T368] R13: dffffc0000000000 R14: ffff88810057a3b8 R15: 0000000000000000
[ 44.584367][ T368] FS: 0000000000000000(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000
[ 44.593307][ T368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 44.599726][ T368] CR2: 000055555632b818 CR3: 000000000540f000 CR4: 00000000003506a0
[ 44.607629][ T368] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 44.615872][ T368] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 44.623684][ T368] Call Trace:
[ 44.626810][ T368]
[ 44.629588][ T368] ? check_preempt_wakeup+0x7c1/0xb20
[ 44.634804][ T368] ? ext4_read_folio+0x180/0x180
[ 44.639575][ T368] ? yield_to_task_fair+0x190/0x190
[ 44.644914][ T368] ? enqueue_task+0x110/0x490
[ 44.649382][ T368] ? check_preempt_curr+0xdb/0x1c0
[ 44.654324][ T368] ? _raw_spin_unlock+0x4c/0x70
[ 44.659011][ T368] do_writepages+0x338/0x5b0
[ 44.663624][ T368] ? __writepage+0xf0/0xf0
[ 44.667880][ T368] ? update_load_avg+0x54a/0x14c0
[ 44.672721][ T368] ? update_curr+0x2e7/0x6f0
[ 44.677148][ T368] ? __kasan_check_write+0x14/0x20
[ 44.682096][ T368] ? _raw_spin_lock+0xa4/0x1b0
[ 44.686726][ T368] __writeback_single_inode+0x73/0x7a0
[ 44.692000][ T368] ? inode_io_list_move_locked+0x204/0x3c0
[ 44.697639][ T368] writeback_sb_inodes+0x881/0x1500
[ 44.702744][ T368] ? _raw_spin_lock+0xa4/0x1b0
[ 44.707267][ T368] ? queue_io+0x410/0x410
[ 44.711444][ T368] ? __writeback_inodes_wb+0x330/0x330
[ 44.716820][ T368] ? queue_io+0x28a/0x410
[ 44.720979][ T368] ? memset+0x35/0x40
[ 44.724811][ T368] ? blk_start_plug+0x8c/0x120
[ 44.729399][ T368] wb_writeback+0x357/0x810
[ 44.733830][ T368] ? inode_cgwb_move_to_attached+0x480/0x480
[ 44.739817][ T368] ? set_worker_desc+0x11c/0x180
[ 44.744588][ T368] ? __kasan_check_write+0x14/0x20
[ 44.749535][ T368] wb_workfn+0x37d/0xdf0
[ 44.753730][ T368] ? inode_wait_for_writeback+0x260/0x260
[ 44.759254][ T368] ? _raw_spin_unlock+0x4c/0x70
[ 44.763942][ T368] ? finish_task_switch+0x14b/0x680
[ 44.768978][ T368] ? __kasan_check_read+0x11/0x20
[ 44.773837][ T368] ? read_word_at_a_time+0x12/0x20
[ 44.778780][ T368] ? strscpy+0x99/0x260
[ 44.782776][ T368] process_one_work+0x6de/0xd00
[ 44.787461][ T368] worker_thread+0x892/0xf20
[ 44.791889][ T368] ? process_one_work+0xd00/0xd00
[ 44.796753][ T368] kthread+0x215/0x270
[ 44.800661][ T368] ? process_one_work+0xd00/0xd00
[ 44.805530][ T368] ? kthread_blkcg+0xa0/0xa0
[ 44.809945][ T368] ret_from_fork+0x1f/0x30
[ 44.814195][ T368]
[ 44.817078][ T368] Modules linked in:
[ 44.820947][ T368] ---[ end trace 0000000000000000 ]---
[ 44.826484][ T368] RIP: 0010:ext4_writepages+0x31cc/0x31d0
[ 44.832018][ T368] Code: 00 65 ff 0d de 09 32 7e 49 bf 00 00 00 00 00 fc ff df 4c 8b ac 24 a8 00 00 00 0f 85 6a fb ff ff e8 61 01 30 ff e9 60 fb ff ff <0f> 0b 0f 0b 55 48 89 e5 41 56 53 48 89 f3 49 89 fe 48 89 f7 be 08
[ 44.851465][ T368] RSP: 0018:ffffc90000e07060 EFLAGS: 00010246
[ 44.857337][ T368] RAX: 0000000000000000 RBX: ffffc90000e07320 RCX: 0000000000000001
[ 44.865198][ T368] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000001
[ 44.873203][ T368] RBP: ffffc90000e07450 R08: dffffc0000000000 R09: ffffed10200af470
[ 44.880953][ T368] R10: 0000000000000000 R11: dffffc0000000001 R12: 000000000000042b
[ 44.888917][ T368] R13: dffffc0000000000 R14: ffff88810057a3b8 R15: 0000000000000000
[ 44.896728][ T368] FS: 0000000000000000(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
[ 44.905462][ T368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 44.911908][ T368] CR2: 0000000020042000 CR3: 00000001244ba000 CR4: 00000000003506b0
[ 44.919686][ T368] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 44.927531][ T368] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 44.935344][ T368] Kernel panic - not syncing: Fatal exception
[ 44.941394][ T368] Kernel Offset: disabled
[ 44.945505][ T368] Rebooting in 86400 seconds..