Warning: Permanently added '[localhost]:7610' (ED25519) to the list of known hosts.
2024/11/21 16:53:30 ignoring optional flag "sandboxArg"="0"
2024/11/21 16:53:30 ignoring optional flag "type"="qemu"
2024/11/21 16:53:30 parsed 1 programs
[ 51.006663][ T39] audit: type=1400 audit(1732208010.944:134): avc: denied { getattr } for pid=6058 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 51.076306][ T39] audit: type=1400 audit(1732208011.014:135): avc: denied { unlink } for pid=6064 comm="syz-executor" name="swap-file" dev="sda1" ino=1931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 51.937683][ T6064] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/11/21 16:53:31 executed programs: 0
[ 51.976882][ T5308] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 51.980037][ T5308] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 51.982377][ T5308] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 51.985504][ T5308] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 51.987744][ T5308] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 51.989921][ T5308] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 52.049334][ T6070] chnl_net:caif_netlink_parms(): no params data found
[ 52.112482][ T6070] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.114517][ T6070] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.116428][ T6070] bridge_slave_0: entered allmulticast mode
[ 52.118462][ T6070] bridge_slave_0: entered promiscuous mode
[ 52.120991][ T6070] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.122920][ T6070] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.124938][ T6070] bridge_slave_1: entered allmulticast mode
[ 52.126973][ T6070] bridge_slave_1: entered promiscuous mode
[ 52.148541][ T6070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 52.152039][ T6070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 52.171752][ T6070] team0: Port device team_slave_0 added
[ 52.175407][ T6070] team0: Port device team_slave_1 added
[ 52.193767][ T6070] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 52.197042][ T6070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 52.203617][ T6070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 52.207414][ T6070] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 52.209293][ T6070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 52.215981][ T6070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 52.238141][ T6070] hsr_slave_0: entered promiscuous mode
[ 52.240008][ T6070] hsr_slave_1: entered promiscuous mode
[ 52.691109][ T6070] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 52.697082][ T6070] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 52.700122][ T6070] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 52.704113][ T6070] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 52.715816][ T6070] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.718342][ T6070] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.720302][ T6070] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.722108][ T6070] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.748304][ T6070] 8021q: adding VLAN 0 to HW filter on device bond0
[ 52.757811][ T64] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.762143][ T64] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.772387][ T6070] 8021q: adding VLAN 0 to HW filter on device team0
[ 52.779405][ T159] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.781347][ T159] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.786714][ T159] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.788639][ T159] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.870194][ T6070] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 52.888211][ T6070] veth0_vlan: entered promiscuous mode
[ 52.894569][ T6070] veth1_vlan: entered promiscuous mode
[ 52.910764][ T6070] veth0_macvtap: entered promiscuous mode
[ 52.913828][ T6070] veth1_macvtap: entered promiscuous mode
[ 52.921671][ T6070] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 52.930046][ T6070] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 52.933905][ T6070] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 52.936890][ T6070] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 52.939215][ T6070] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 52.941519][ T6070] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 52.969827][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 52.971897][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 52.980847][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 52.982957][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 53.157483][ T6134] loop0: detected capacity change from 0 to 32768
[ 53.160300][ T39] audit: type=1400 audit(1732208013.094:136): avc: denied { mounton } for pid=6132 comm="syz-executor.0" path="/syzkaller-testdir1615517360/syzkaller.BWoKfh/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 53.181138][ T6134] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 53.183465][ T6134] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 53.194207][ T6134] gfs2: fsid=syz:syz.0: journal 0 mapped with 4 extents in 0ms
[ 53.197837][ T6108] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 53.199666][ T6108] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 53.236021][ T6108] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 36ms
[ 53.239185][ T6108] gfs2: fsid=syz:syz.0: jid=0: Done
[ 53.240977][ T6134] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 53.381521][ T6134] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 53.390001][ T39] audit: type=1400 audit(1732208013.324:137): avc: denied { mount } for pid=6132 comm="syz-executor.0" name="/" dev="loop0" ino=4674 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 53.396876][ T39] audit: type=1400 audit(1732208013.324:138): avc: denied { unmount } for pid=6070 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 53.406550][ T6070] syz-executor.0: attempt to access beyond end of device
[ 53.406550][ T6070] loop0: rw=1, sector=131324, nr_sectors = 4 limit=32768
[ 53.410303][ T6070] gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0
[ 53.412272][ T6154] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 53.416457][ T6154] gfs2: fsid=syz:syz.0: File system withdrawn
[ 53.418089][ T6154] CPU: 3 UID: 0 PID: 6154 Comm: gfs2_logd/syz:s Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[ 53.420859][ T6154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 53.423655][ T6154] Call Trace:
[ 53.424586][ T6154]
[ 53.425371][ T6154] dump_stack_lvl+0x16c/0x1f0
[ 53.426654][ T6154] gfs2_withdraw+0xaa3/0x1280
[ 53.427920][ T6154] ? find_held_lock+0x2d/0x110
[ 53.429223][ T6154] ? __pfx_gfs2_withdraw+0x10/0x10
[ 53.430562][ T6154] ? gfs2_logd+0xc74/0xfe0
[ 53.431748][ T6154] ? __pfx_lock_release+0x10/0x10
[ 53.433075][ T6154] ? lock_acquire+0x2f/0xb0
[ 53.434295][ T6154] ? finish_wait+0xc5/0x280
[ 53.435500][ T6154] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 53.437025][ T6154] gfs2_logd+0xdad/0xfe0
[ 53.438156][ T6154] ? __pfx_gfs2_logd+0x10/0x10
[ 53.439426][ T6154] ? __pfx_autoremove_wake_function+0x10/0x10
[ 53.441140][ T6154] ? lockdep_hardirqs_on+0x7c/0x110
[ 53.442526][ T6154] ? __kthread_parkme+0x148/0x220
[ 53.443917][ T6154] ? __pfx_gfs2_logd+0x10/0x10
[ 53.445183][ T6154] kthread+0x2c1/0x3a0
[ 53.446267][ T6154] ? _raw_spin_unlock_irq+0x23/0x50
[ 53.447655][ T6154] ? __pfx_kthread+0x10/0x10
[ 53.448880][ T6154] ret_from_fork+0x45/0x80
[ 53.450051][ T6154] ? __pfx_kthread+0x10/0x10
[ 53.451282][ T6154] ret_from_fork_asm+0x1a/0x30
[ 53.452535][ T6154]
[ 53.465583][ T6070] ==================================================================
[ 53.467720][ T6070] BUG: KASAN: slab-use-after-free in gfs2_invalidate_folio+0x718/0x820
[ 53.469838][ T6070] Read of size 8 at addr ffff8880213a2168 by task syz-executor.0/6070
[ 53.473328][ T6070]
[ 53.473962][ T6070] CPU: 3 UID: 0 PID: 6070 Comm: syz-executor.0 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[ 53.476706][ T6070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 53.479489][ T6070] Call Trace:
[ 53.480380][ T6070]
[ 53.481170][ T6070] dump_stack_lvl+0x116/0x1f0
[ 53.482411][ T6070] print_report+0xc3/0x620
[ 53.483594][ T6070] ? __virt_addr_valid+0x5e/0x590
[ 53.484912][ T6070] ? __phys_addr+0xc6/0x150
[ 53.486106][ T6070] kasan_report+0xd9/0x110
[ 53.487312][ T6070] ? gfs2_invalidate_folio+0x718/0x820
[ 53.488724][ T6070] ? gfs2_invalidate_folio+0x718/0x820
[ 53.490144][ T6070] gfs2_invalidate_folio+0x718/0x820
[ 53.491525][ T6070] ? const_folio_flags.constprop.0+0x56/0x150
[ 53.493144][ T6070] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 53.494675][ T6070] truncate_cleanup_folio+0x2f3/0x490
[ 53.496083][ T6070] truncate_inode_pages_range+0x271/0xe80
[ 53.497589][ T6070] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 53.499243][ T6070] ? mark_lock+0xb5/0xc60
[ 53.500397][ T6070] ? __pfx___lock_acquire+0x10/0x10
[ 53.501785][ T6070] ? mark_held_locks+0x9f/0xe0
[ 53.503041][ T6070] ? _raw_spin_unlock_irq+0x23/0x50
[ 53.504405][ T6070] ? lockdep_hardirqs_on+0x7c/0x110
[ 53.505762][ T6070] gfs2_evict_inode+0x75b/0x1430
[ 53.507057][ T6070] ? __pfx___lock_acquire+0x10/0x10
[ 53.508406][ T6070] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 53.509803][ T6070] ? lock_acquire.part.0+0x11b/0x380
[ 53.511190][ T6070] ? find_held_lock+0x2d/0x110
[ 53.512448][ T6070] ? evict+0x3c8/0x960
[ 53.513521][ T6070] ? lock_acquire+0x2f/0xb0
[ 53.514710][ T6070] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 53.516107][ T6070] evict+0x409/0x960
[ 53.517152][ T6070] ? __pfx_evict+0x10/0x10
[ 53.518320][ T6070] iput+0x530/0x890
[ 53.519325][ T6070] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 53.520716][ T6070] gfs2_put_super+0x2b8/0x750
[ 53.521949][ T6070] ? __pfx_gfs2_put_super+0x10/0x10
[ 53.523305][ T6070] generic_shutdown_super+0x15c/0x3d0
[ 53.524699][ T6070] kill_block_super+0x3b/0x90
[ 53.525926][ T6070] gfs2_kill_sb+0x369/0x420
[ 53.527123][ T6070] deactivate_locked_super+0xbe/0x1a0
[ 53.528522][ T6070] deactivate_super+0xde/0x100
[ 53.529772][ T6070] cleanup_mnt+0x222/0x450
[ 53.530943][ T6070] task_work_run+0x14e/0x250
[ 53.532157][ T6070] ? __pfx_task_work_run+0x10/0x10
[ 53.533414][ T6070] syscall_exit_to_user_mode+0x27b/0x2a0
[ 53.534879][ T6070] do_syscall_64+0xda/0x250
[ 53.536061][ T6070] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 53.537549][ T6070] RIP: 0033:0x7f2e9ca7f197
[ 53.538677][ T6070] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 53.543498][ T6070] RSP: 002b:00007ffe209b1008 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 53.545686][ T6070] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2e9ca7f197
[ 53.547717][ T6070] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe209b10c0
[ 53.549772][ T6070] RBP: 00007ffe209b10c0 R08: 0000000000000000 R09: 0000000000000000
[ 53.551839][ T6070] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe209b2180
[ 53.553890][ T6070] R13: 00007f2e9cac93b9 R14: 000000000000ce9e R15: 0000000000000001
[ 53.555977][ T6070]
[ 53.556797][ T6070]
[ 53.557444][ T6070] Allocated by task 6070:
[ 53.558580][ T6070] kasan_save_stack+0x33/0x60
[ 53.559825][ T6070] kasan_save_track+0x14/0x30
[ 53.561060][ T6070] __kasan_slab_alloc+0x89/0x90
[ 53.562336][ T6070] kmem_cache_alloc_noprof+0x121/0x2f0
[ 53.563764][ T6070] gfs2_trans_add_data+0x4b3/0x7f0
[ 53.565086][ T6070] gfs2_unstuff_dinode+0xad9/0x1460
[ 53.566420][ T6070] gfs2_adjust_quota+0x122/0xbe0
[ 53.567683][ T6070] do_sync+0xa99/0xd30
[ 53.568716][ T6070] gfs2_quota_sync+0x326/0x570
[ 53.569974][ T6070] gfs2_sync_fs+0x44/0xb0
[ 53.571130][ T6070] sync_filesystem+0x10d/0x290
[ 53.572396][ T6070] generic_shutdown_super+0x7e/0x3d0
[ 53.573766][ T6070] kill_block_super+0x3b/0x90
[ 53.575011][ T6070] gfs2_kill_sb+0x369/0x420
[ 53.576210][ T6070] deactivate_locked_super+0xbe/0x1a0
[ 53.577614][ T6070] deactivate_super+0xde/0x100
[ 53.578884][ T6070] cleanup_mnt+0x222/0x450
[ 53.580086][ T6070] task_work_run+0x14e/0x250
[ 53.581318][ T6070] syscall_exit_to_user_mode+0x27b/0x2a0
[ 53.582784][ T6070] do_syscall_64+0xda/0x250
[ 53.583944][ T6070] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 53.585470][ T6070]
[ 53.586098][ T6070] Freed by task 6070:
[ 53.587139][ T6070] kasan_save_stack+0x33/0x60
[ 53.588311][ T6070] kasan_save_track+0x14/0x30
[ 53.589492][ T6070] kasan_save_free_info+0x3b/0x60
[ 53.590766][ T6070] __kasan_slab_free+0x51/0x70
[ 53.592010][ T6070] kmem_cache_free+0x152/0x4b0
[ 53.593267][ T6070] gfs2_log_flush+0x1545/0x29a0
[ 53.594544][ T6070] do_sync+0x555/0xd30
[ 53.595620][ T6070] gfs2_quota_sync+0x326/0x570
[ 53.596865][ T6070] gfs2_sync_fs+0x44/0xb0
[ 53.598010][ T6070] sync_filesystem+0x10d/0x290
[ 53.599278][ T6070] generic_shutdown_super+0x7e/0x3d0
[ 53.600662][ T6070] kill_block_super+0x3b/0x90
[ 53.601884][ T6070] gfs2_kill_sb+0x369/0x420
[ 53.603081][ T6070] deactivate_locked_super+0xbe/0x1a0
[ 53.604473][ T6070] deactivate_super+0xde/0x100
[ 53.605710][ T6070] cleanup_mnt+0x222/0x450
[ 53.606875][ T6070] task_work_run+0x14e/0x250
[ 53.608070][ T6070] syscall_exit_to_user_mode+0x27b/0x2a0
[ 53.609530][ T6070] do_syscall_64+0xda/0x250
[ 53.610726][ T6070] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 53.612270][ T6070]
[ 53.612898][ T6070] The buggy address belongs to the object at ffff8880213a2150
[ 53.612898][ T6070] which belongs to the cache gfs2_bufdata of size 80
[ 53.616463][ T6070] The buggy address is located 24 bytes inside of
[ 53.616463][ T6070] freed 80-byte region [ffff8880213a2150, ffff8880213a21a0)
[ 53.619929][ T6070]
[ 53.620557][ T6070] The buggy address belongs to the physical page:
[ 53.622197][ T6070] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x213a2
[ 53.624497][ T6070] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 53.626311][ T6070] page_type: f5(slab)
[ 53.627352][ T6070] raw: 00fff00000000000 ffff888104d17180 dead000000000122 0000000000000000
[ 53.629863][ T6070] raw: 0000000000000000 0000000080240024 00000001f5000000 0000000000000000
[ 53.632026][ T6070] page dumped because: kasan: bad access detected
[ 53.633620][ T6070] page_owner tracks the page as allocated
[ 53.635075][ T6070] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6070, tgid 6070 (syz-executor.0), ts 53405631606, free_ts 53396432978
[ 53.639970][ T6070] post_alloc_hook+0x2d1/0x350
[ 53.641227][ T6070] get_page_from_freelist+0xfce/0x2f80
[ 53.642664][ T6070] __alloc_pages_noprof+0x223/0x25a0
[ 53.644039][ T6070] alloc_pages_mpol_noprof+0x2c9/0x610
[ 53.645455][ T6070] new_slab+0x2c9/0x410
[ 53.646546][ T6070] ___slab_alloc+0xdac/0x1880
[ 53.647778][ T6070] __slab_alloc.constprop.0+0x56/0xb0
[ 53.649171][ T6070] kmem_cache_alloc_noprof+0x2a7/0x2f0
[ 53.650599][ T6070] gfs2_trans_add_meta+0xade/0xf50
[ 53.651936][ T6070] gfs2_alloc_blocks+0x46c/0x19c0
[ 53.653248][ T6070] gfs2_unstuff_dinode+0x499/0x1460
[ 53.654603][ T6070] gfs2_adjust_quota+0x122/0xbe0
[ 53.655929][ T6070] do_sync+0xa99/0xd30
[ 53.656994][ T6070] gfs2_quota_sync+0x326/0x570
[ 53.658258][ T6070] gfs2_sync_fs+0x44/0xb0
[ 53.659405][ T6070] sync_filesystem+0x10d/0x290
[ 53.660659][ T6070] page last free pid 24 tgid 24 stack trace:
[ 53.662218][ T6070] free_unref_page+0x661/0x1080
[ 53.663503][ T6070] __folio_put+0x32a/0x450
[ 53.664676][ T6070] free_page_and_swap_cache+0x249/0x2c0
[ 53.666113][ T6070] tlb_remove_table_rcu+0x89/0xe0
[ 53.667443][ T6070] rcu_core+0x79d/0x14d0
[ 53.668557][ T6070] handle_softirqs+0x213/0x8f0
[ 53.669814][ T6070] run_ksoftirqd+0x3a/0x60
[ 53.670991][ T6070] smpboot_thread_fn+0x661/0xa30
[ 53.672288][ T6070] kthread+0x2c1/0x3a0
[ 53.673357][ T6070] ret_from_fork+0x45/0x80
[ 53.674528][ T6070] ret_from_fork_asm+0x1a/0x30
[ 53.675783][ T6070]
[ 53.676409][ T6070] Memory state around the buggy address:
[ 53.677870][ T6070] ffff8880213a2000: fa fb fb fb fb fb fb fb fb fb fc fc fc fc fa fb
[ 53.679971][ T6070] ffff8880213a2080: fb fb fb fb fb fb fb fb fc fc fc fc fa fb fb fb
[ 53.682034][ T6070] >ffff8880213a2100: fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb fb
[ 53.684105][ T6070] ^
[ 53.686032][ T6070] ffff8880213a2180: fb fb fb fb fc fc fc fc fa fb fb fb fb fb fb fb
[ 53.688102][ T6070] ffff8880213a2200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 53.690179][ T6070] ==================================================================
[ 53.692514][ T6070] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 53.694400][ T6070] CPU: 3 UID: 0 PID: 6070 Comm: syz-executor.0 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[ 53.697271][ T6070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 53.700053][ T6070] Call Trace:
[ 53.700932][ T6070]
[ 53.701718][ T6070] dump_stack_lvl+0x3d/0x1f0
[ 53.702940][ T6070] panic+0x71d/0x800
[ 53.703971][ T6070] ? mark_held_locks+0x9f/0xe0
[ 53.705233][ T6070] ? __pfx_panic+0x10/0x10
[ 53.706414][ T6070] ? irqentry_exit+0x3b/0x90
[ 53.707629][ T6070] ? lockdep_hardirqs_on+0x7c/0x110
[ 53.708983][ T6070] ? check_panic_on_warn+0x1f/0xb0
[ 53.710329][ T6070] check_panic_on_warn+0xab/0xb0
[ 53.711639][ T6070] end_report+0x117/0x180
[ 53.712795][ T6070] kasan_report+0xe9/0x110
[ 53.713962][ T6070] ? gfs2_invalidate_folio+0x718/0x820
[ 53.715405][ T6070] ? gfs2_invalidate_folio+0x718/0x820
[ 53.716827][ T6070] gfs2_invalidate_folio+0x718/0x820
[ 53.718219][ T6070] ? const_folio_flags.constprop.0+0x56/0x150
[ 53.719820][ T6070] ? __pfx_gfs2_invalidate_folio+0x10/0x10
[ 53.721357][ T6070] truncate_cleanup_folio+0x2f3/0x490
[ 53.722770][ T6070] truncate_inode_pages_range+0x271/0xe80
[ 53.724271][ T6070] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 53.725931][ T6070] ? mark_lock+0xb5/0xc60
[ 53.727085][ T6070] ? __pfx___lock_acquire+0x10/0x10
[ 53.728452][ T6070] ? mark_held_locks+0x9f/0xe0
[ 53.729710][ T6070] ? _raw_spin_unlock_irq+0x23/0x50
[ 53.731083][ T6070] ? lockdep_hardirqs_on+0x7c/0x110
[ 53.732459][ T6070] gfs2_evict_inode+0x75b/0x1430
[ 53.733765][ T6070] ? __pfx___lock_acquire+0x10/0x10
[ 53.735193][ T6070] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 53.736599][ T6070] ? lock_acquire.part.0+0x11b/0x380
[ 53.737986][ T6070] ? find_held_lock+0x2d/0x110
[ 53.739252][ T6070] ? evict+0x3c8/0x960
[ 53.740332][ T6070] ? lock_acquire+0x2f/0xb0
[ 53.741526][ T6070] ? __pfx_gfs2_evict_inode+0x10/0x10
[ 53.742937][ T6070] evict+0x409/0x960
[ 53.743973][ T6070] ? __pfx_evict+0x10/0x10
[ 53.745145][ T6070] iput+0x530/0x890
[ 53.746154][ T6070] ? __pfx_gfs2_drop_inode+0x10/0x10
[ 53.747552][ T6070] gfs2_put_super+0x2b8/0x750
[ 53.748783][ T6070] ? __pfx_gfs2_put_super+0x10/0x10
[ 53.750141][ T6070] generic_shutdown_super+0x15c/0x3d0
[ 53.751554][ T6070] kill_block_super+0x3b/0x90
[ 53.752790][ T6070] gfs2_kill_sb+0x369/0x420
[ 53.753999][ T6070] deactivate_locked_super+0xbe/0x1a0
[ 53.755413][ T6070] deactivate_super+0xde/0x100
[ 53.756664][ T6070] cleanup_mnt+0x222/0x450
[ 53.757842][ T6070] task_work_run+0x14e/0x250
[ 53.759065][ T6070] ? __pfx_task_work_run+0x10/0x10
[ 53.760410][ T6070] syscall_exit_to_user_mode+0x27b/0x2a0
[ 53.761888][ T6070] do_syscall_64+0xda/0x250
[ 53.763100][ T6070] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 53.764654][ T6070] RIP: 0033:0x7f2e9ca7f197
[ 53.765833][ T6070] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 53.770764][ T6070] RSP: 002b:00007ffe209b1008 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 53.772907][ T6070] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2e9ca7f197
[ 53.774868][ T6070] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe209b10c0
[ 53.776849][ T6070] RBP: 00007ffe209b10c0 R08: 0000000000000000 R09: 0000000000000000
[ 53.778912][ T6070] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe209b2180
[ 53.780908][ T6070] R13: 00007f2e9cac93b9 R14: 000000000000ce9e R15: 0000000000000001
[ 53.782873][ T6070]
[ 53.784194][ T6070] Kernel Offset: disabled
[ 53.785317][ T6070] Rebooting in 86400 seconds..