[   82.566903][   T45] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.10.16' (ED25519) to the list of known hosts.
2024/05/20 07:21:24 ignoring optional flag "sandboxArg"="0"
2024/05/20 07:21:24 parsed 1 programs
2024/05/20 07:21:26 executed programs: 0
[   89.252074][ T5440] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   89.306453][ T4490] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   89.315956][ T4490] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   89.324181][ T4490] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   89.333005][ T4490] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   89.341772][ T4490] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   89.349462][ T4490] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.478737][ T5447] chnl_net:caif_netlink_parms(): no params data found
[   89.547390][ T5447] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.554987][ T5447] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.562286][ T5447] bridge_slave_0: entered allmulticast mode
[   89.569391][ T5447] bridge_slave_0: entered promiscuous mode
[   89.578084][ T5447] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.585676][ T5447] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.593684][ T5447] bridge_slave_1: entered allmulticast mode
[   89.601017][ T5447] bridge_slave_1: entered promiscuous mode
[   89.627549][ T5447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.640457][ T5447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.668860][ T5447] team0: Port device team_slave_0 added
[   89.678663][ T5447] team0: Port device team_slave_1 added
[   89.703362][ T5447] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.711069][ T5447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.737405][ T5447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.750212][ T5447] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.757820][ T5447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.784365][ T5447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.820062][ T5447] hsr_slave_0: entered promiscuous mode
[   89.827077][ T5447] hsr_slave_1: entered promiscuous mode
[   90.462693][ T5447] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   90.479991][ T5447] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.491126][ T5447] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.516732][ T5447] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.635842][ T5447] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.663257][ T5447] 8021q: adding VLAN 0 to HW filter on device team0
[   90.681693][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.689406][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.710026][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.717840][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.943447][ T5447] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.998711][ T5447] veth0_vlan: entered promiscuous mode
[   91.015587][ T5447] veth1_vlan: entered promiscuous mode
[   91.057549][ T5447] veth0_macvtap: entered promiscuous mode
[   91.071045][ T5447] veth1_macvtap: entered promiscuous mode
[   91.097075][ T5447] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.116571][ T5447] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.131843][ T5447] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.142335][ T5447] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.153344][ T5447] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.163281][ T5447] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.255692][ T1043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.263537][ T1043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.303532][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.314159][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.381739][ T5094] Bluetooth: hci0: command tx timeout
[   91.415236][ T5514] loop0: detected capacity change from 0 to 2048
[   91.483640][ T5517] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   91.537474][ T5514] loop0: detected capacity change from 2048 to 0
[   91.571894][ T5447] syz-executor.0: attempt to access beyond end of device
[   91.571894][ T5447] loop0: rw=0, sector=100, nr_sectors = 2 limit=0
[   91.588185][ T5447] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=226)
[   91.597658][ T5447] NILFS (loop0): error -5 truncating bmap (ino=15)
[   91.619501][ T5447] syz-executor.0: attempt to access beyond end of device
[   91.619501][ T5447] loop0: rw=0, sector=66, nr_sectors = 2 limit=0
[   91.633720][ T5447] NILFS (loop0): I/O error reading b-tree node block (ino=16, blocknr=15)
[   91.643932][ T5447] NILFS (loop0): error -5 truncating bmap (ino=16)
[   91.653738][ T5447] syz-executor.0: attempt to access beyond end of device
[   91.653738][ T5447] loop0: rw=0, sector=90, nr_sectors = 2 limit=0
[   91.668664][ T5447] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=34)
[   91.679546][ T5447] NILFS (loop0): error -5 truncating bmap (ino=17)
[   91.699135][ T5517] segctord: attempt to access beyond end of device
[   91.699135][ T5517] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[   91.713582][ T5517] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.725930][ T5517] segctord: attempt to access beyond end of device
[   91.725930][ T5517] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[   91.739524][ T5517] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.750038][ T5517] segctord: attempt to access beyond end of device
[   91.750038][ T5517] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[   91.763361][ T5517] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.775019][ T5517] segctord: attempt to access beyond end of device
[   91.775019][ T5517] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[   91.790462][ T5517] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.803316][ T5447] syz-executor.0: attempt to access beyond end of device
[   91.803316][ T5447] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[   91.820038][ T5447] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.829420][ T5447] syz-executor.0: attempt to access beyond end of device
[   91.829420][ T5447] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[   91.851326][ T5447] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.867627][ T5447] syz-executor.0: attempt to access beyond end of device
[   91.867627][ T5447] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[   91.882652][ T5447] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.891898][ T5447] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[   91.904907][ T5447] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[   93.444845][ T5094] Bluetooth: hci0: command tx timeout
[   95.525357][ T5094] Bluetooth: hci0: command tx timeout
[   97.604985][ T5094] Bluetooth: hci0: command tx timeout
[  116.562351][ T5447] bio_check_eod: 1 callbacks suppressed
[  116.562370][ T5447] syz-executor.0: attempt to access beyond end of device
[  116.562370][ T5447] loop0: rw=395265, sector=2040, nr_sectors = 2 limit=0
[  116.582574][ T5447] Buffer I/O error on dev loop0, logical block 1020, lost sync page write
[  116.591596][ T5447] NILFS (loop0): unable to write superblock: err=-5
[  116.598412][ T5447] syz-executor.0: attempt to access beyond end of device
[  116.598412][ T5447] loop0: rw=395265, sector=2, nr_sectors = 2 limit=0
[  116.612517][ T5447] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[  116.621269][ T5447] NILFS (loop0): unable to write superblock: err=-5
2024/05/20 07:21:53 executed programs: 2
[  116.898003][ T5447] syz-executor.0 (5447) used greatest stack depth: 19576 bytes left
[  116.932120][ T1043] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.962313][ T4490] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  116.971290][ T4490] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  116.980716][ T4490] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  116.991495][ T4490] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  117.000602][ T4490] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  117.010164][ T4490] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  117.020524][ T1043] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.110948][ T1043] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.182451][ T1043] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.200622][ T5814] chnl_net:caif_netlink_parms(): no params data found
[  117.262233][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.270329][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.277870][ T5814] bridge_slave_0: entered allmulticast mode
[  117.285867][ T5814] bridge_slave_0: entered promiscuous mode
[  117.294355][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.310147][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.317706][ T5814] bridge_slave_1: entered allmulticast mode
[  117.324583][ T5814] bridge_slave_1: entered promiscuous mode
[  117.370300][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.392495][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.444060][ T5814] team0: Port device team_slave_0 added
[  117.457263][ T1043] bridge_slave_1: left allmulticast mode
[  117.462964][ T1043] bridge_slave_1: left promiscuous mode
[  117.469516][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.479582][ T1043] bridge_slave_0: left allmulticast mode
[  117.486503][ T1043] bridge_slave_0: left promiscuous mode
[  117.492381][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.732786][ T1043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  117.743955][ T1043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  117.757249][ T1043] bond0 (unregistering): Released all slaves
[  117.772946][ T5814] team0: Port device team_slave_1 added
[  117.851128][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0
[  117.858983][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.886163][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  117.939565][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.947437][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.984216][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.096041][ T5814] hsr_slave_0: entered promiscuous mode
[  118.102880][ T5814] hsr_slave_1: entered promiscuous mode
[  118.110463][ T5814] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.118840][ T5814] Cannot create hsr debugfs directory
[  118.170248][ T1043] hsr_slave_0: left promiscuous mode
[  118.177993][ T1043] hsr_slave_1: left promiscuous mode
[  118.191300][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.200957][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.210045][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.218580][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.233926][ T1043] veth1_macvtap: left promiscuous mode
[  118.242322][ T1043] veth0_macvtap: left promiscuous mode
[  118.248184][ T1043] veth1_vlan: left promiscuous mode
[  118.253829][ T1043] veth0_vlan: left promiscuous mode
[  118.541663][ T1043] team0 (unregistering): Port device team_slave_1 removed
[  118.570039][ T1043] team0 (unregistering): Port device team_slave_0 removed
[  119.046083][ T5094] Bluetooth: hci0: command tx timeout
[  119.293518][ T5814] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  119.303919][ T5814] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  119.315226][ T5814] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  119.327365][ T5814] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  119.426688][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.453071][ T5814] 8021q: adding VLAN 0 to HW filter on device team0
[  119.466138][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.473302][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.491733][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.498939][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.717855][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.773872][ T5814] veth0_vlan: entered promiscuous mode
[  119.792455][ T5814] veth1_vlan: entered promiscuous mode
[  119.833526][ T5814] veth0_macvtap: entered promiscuous mode
[  119.849430][ T5814] veth1_macvtap: entered promiscuous mode
[  119.879056][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.896951][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.912720][ T5814] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.922053][ T5814] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.933999][ T5814] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.944314][ T5814] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.055738][ T1043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.063968][ T1043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.114352][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.124464][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.242140][ T5890] loop0: detected capacity change from 0 to 2048
[  120.281069][ T5893] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  120.345696][ T5890] loop0: detected capacity change from 2048 to 0
[  120.375615][ T5814] syz-executor.0: attempt to access beyond end of device
[  120.375615][ T5814] loop0: rw=0, sector=100, nr_sectors = 2 limit=0
[  120.390798][ T5814] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=226)
[  120.401508][ T5814] NILFS (loop0): error -5 truncating bmap (ino=15)
[  120.410355][ T5814] syz-executor.0: attempt to access beyond end of device
[  120.410355][ T5814] loop0: rw=0, sector=66, nr_sectors = 2 limit=0
[  120.426849][ T5814] NILFS (loop0): I/O error reading b-tree node block (ino=16, blocknr=15)
[  120.436152][ T5814] NILFS (loop0): error -5 truncating bmap (ino=16)
[  120.446877][ T5814] syz-executor.0: attempt to access beyond end of device
[  120.446877][ T5814] loop0: rw=0, sector=90, nr_sectors = 2 limit=0
[  120.462646][ T5814] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=34)
[  120.472246][ T5814] NILFS (loop0): error -5 truncating bmap (ino=17)
[  120.482695][ T5893] segctord: attempt to access beyond end of device
[  120.482695][ T5893] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[  120.498923][ T5893] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.510925][ T5893] segctord: attempt to access beyond end of device
[  120.510925][ T5893] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[  120.525894][ T5893] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.535333][ T5893] segctord: attempt to access beyond end of device
[  120.535333][ T5893] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[  120.549015][ T5893] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.558494][ T5893] segctord: attempt to access beyond end of device
[  120.558494][ T5893] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[  120.573618][ T5893] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.584142][ T5814] syz-executor.0: attempt to access beyond end of device
[  120.584142][ T5814] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[  120.597981][ T5814] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.607251][ T5814] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.616266][ T5814] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.626047][ T5814] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[  120.635485][ T5814] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  121.124926][ T5094] Bluetooth: hci0: command tx timeout
[  123.205153][ T5094] Bluetooth: hci0: command tx timeout
[  125.285165][ T5094] Bluetooth: hci0: command tx timeout
[  133.767089][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  133.773886][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  145.382605][ T5814] bio_check_eod: 3 callbacks suppressed
[  145.382622][ T5814] syz-executor.0: attempt to access beyond end of device
[  145.382622][ T5814] loop0: rw=395265, sector=2040, nr_sectors = 2 limit=0
[  145.407320][ T5814] Buffer I/O error on dev loop0, logical block 1020, lost sync page write
[  145.416015][ T5814] NILFS (loop0): unable to write superblock: err=-5
[  145.422956][ T5814] syz-executor.0: attempt to access beyond end of device
[  145.422956][ T5814] loop0: rw=395265, sector=2, nr_sectors = 2 limit=0
[  145.436912][ T5814] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[  145.447041][ T5814] NILFS (loop0): unable to write superblock: err=-5
[  145.454449][ T5814] ==================================================================
[  145.462879][ T5814] BUG: KASAN: slab-use-after-free in lru_add_fn+0x2cc/0x1a20
[  145.470457][ T5814] Read of size 8 at addr ffff888071365188 by task syz-executor.0/5814
[  145.478873][ T5814] 
[  145.481210][ T5814] CPU: 1 PID: 5814 Comm: syz-executor.0 Not tainted 6.9.0-next-20240520-syzkaller-13491-g632483ea8004 #0
[  145.492930][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  145.503700][ T5814] Call Trace:
[  145.507110][ T5814]  <TASK>
[  145.510133][ T5814]  dump_stack_lvl+0x241/0x360
[  145.514818][ T5814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.520059][ T5814]  ? __pfx__printk+0x10/0x10
[  145.524743][ T5814]  ? _printk+0xd5/0x120
[  145.528990][ T5814]  ? __virt_addr_valid+0x183/0x520
[  145.534121][ T5814]  ? __virt_addr_valid+0x183/0x520
[  145.540219][ T5814]  print_report+0x169/0x550
[  145.544769][ T5814]  ? __virt_addr_valid+0x183/0x520
[  145.549889][ T5814]  ? __virt_addr_valid+0x183/0x520
[  145.555175][ T5814]  ? __virt_addr_valid+0x44e/0x520
[  145.560393][ T5814]  ? __phys_addr+0xba/0x170
[  145.565109][ T5814]  ? lru_add_fn+0x2cc/0x1a20
[  145.569702][ T5814]  kasan_report+0x143/0x180
[  145.574740][ T5814]  ? lru_add_fn+0x2cc/0x1a20
[  145.579535][ T5814]  ? lru_add_fn+0x20c/0x1a20
[  145.584125][ T5814]  kasan_check_range+0x282/0x290
[  145.589237][ T5814]  lru_add_fn+0x2cc/0x1a20
[  145.593665][ T5814]  folio_batch_move_lru+0x322/0x690
[  145.598897][ T5814]  ? __pfx_lru_add_fn+0x10/0x10
[  145.603752][ T5814]  ? __pfx_folio_batch_move_lru+0x10/0x10
[  145.609684][ T5814]  lru_add_drain_cpu+0x10e/0x8c0
[  145.614749][ T5814]  ? __pfx_lru_add_drain_cpu+0x10/0x10
[  145.620213][ T5814]  ? folio_redirty_for_writepage+0x1de/0x6a0
[  145.626607][ T5814]  ? __pfx_lock_release+0x10/0x10
[  145.632739][ T5814]  ? lru_add_drain+0x79/0x3e0
[  145.637428][ T5814]  lru_add_drain+0x123/0x3e0
[  145.642017][ T5814]  __folio_batch_release+0x55/0xa0
[  145.647482][ T5814]  writeback_iter+0x742/0x18d0
[  145.653017][ T5814]  do_writepages+0x4b5/0x870
[  145.657830][ T5814]  ? __pfx_do_writepages+0x10/0x10
[  145.663053][ T5814]  ? __pfx_lock_acquire+0x10/0x10
[  145.668273][ T5814]  ? __pfx_lock_release+0x10/0x10
[  145.673606][ T5814]  ? do_raw_spin_lock+0x14f/0x370
[  145.678969][ T5814]  __writeback_single_inode+0x165/0x10b0
[  145.684718][ T5814]  writeback_single_inode+0x21b/0x7a0
[  145.690154][ T5814]  ? __pfx_writeback_single_inode+0x10/0x10
[  145.696355][ T5814]  ? __pfx_stack_trace_save+0x10/0x10
[  145.702598][ T5814]  write_inode_now+0x1d1/0x260
[  145.707377][ T5814]  ? __pfx_write_inode_now+0x10/0x10
[  145.713286][ T5814]  ? do_raw_spin_unlock+0x13c/0x8b0
[  145.718585][ T5814]  iput+0x5d7/0x930
[  145.722979][ T5814]  nilfs_put_super+0xd7/0x160
[  145.727770][ T5814]  ? __pfx_nilfs_put_super+0x10/0x10
[  145.733083][ T5814]  generic_shutdown_super+0x136/0x2d0
[  145.738489][ T5814]  kill_block_super+0x44/0x90
[  145.743178][ T5814]  deactivate_locked_super+0xc4/0x130
[  145.748549][ T5814]  cleanup_mnt+0x426/0x4c0
[  145.752964][ T5814]  ? _raw_spin_unlock_irq+0x23/0x50
[  145.758168][ T5814]  task_work_run+0x24f/0x310
[  145.762787][ T5814]  ? __pfx_task_work_run+0x10/0x10
[  145.767922][ T5814]  ? __x64_sys_umount+0x126/0x170
[  145.772983][ T5814]  ? syscall_exit_to_user_mode+0xa3/0x370
[  145.778994][ T5814]  syscall_exit_to_user_mode+0x168/0x370
[  145.784642][ T5814]  do_syscall_64+0x102/0x240
[  145.789232][ T5814]  ? clear_bhb_loop+0x35/0x90
[  145.793925][ T5814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.799877][ T5814] RIP: 0033:0x7f98fdc7efd7
[  145.804519][ T5814] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[  145.824951][ T5814] RSP: 002b:00007ffc34e27c28 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[  145.833555][ T5814] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 00007f98fdc7efd7
[  145.841714][ T5814] RDX: 0000000000000200 RSI: 0000000000000009 RDI: 00007ffc34e28dd0
[  145.849942][ T5814] RBP: 00007f98fdcc83b9 R08: 0000000000000000 R09: 0000000000000000
[  145.857955][ T5814] R10: 0000000000000100 R11: 0000000000000202 R12: 00007ffc34e28dd0
[  145.865987][ T5814] R13: 00007f98fdcc83b9 R14: 0000555593b03430 R15: 0000000000000005
[  145.873985][ T5814]  </TASK>
[  145.877012][ T5814] 
[  145.879333][ T5814] Allocated by task 5890:
[  145.883691][ T5814]  kasan_save_track+0x3f/0x80
[  145.888407][ T5814]  __kasan_slab_alloc+0x66/0x80
[  145.893356][ T5814]  kmem_cache_alloc_lru_noprof+0x139/0x2b0
[  145.899273][ T5814]  nilfs_alloc_inode+0x2e/0xf0
[  145.904213][ T5814]  iget5_locked+0xa4/0x280
[  145.908624][ T5814]  nilfs_iget_locked+0x12b/0x180
[  145.913644][ T5814]  nilfs_ifile_read+0x30/0x1b0
[  145.918664][ T5814]  nilfs_attach_checkpoint+0xed/0x1a0
[  145.924087][ T5814]  nilfs_fill_super+0x380/0x6a0
[  145.928961][ T5814]  nilfs_get_tree+0x4f9/0x920
[  145.933759][ T5814]  vfs_get_tree+0x90/0x2a0
[  145.938196][ T5814]  do_new_mount+0x2be/0xb40
[  145.942980][ T5814]  __se_sys_mount+0x2d9/0x3c0
[  145.947687][ T5814]  do_syscall_64+0xf5/0x240
[  145.952227][ T5814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.958161][ T5814] 
[  145.960655][ T5814] Freed by task 5814:
[  145.964638][ T5814]  kasan_save_track+0x3f/0x80
[  145.969448][ T5814]  kasan_save_free_info+0x40/0x50
[  145.974567][ T5814]  poison_slab_object+0xe0/0x150
[  145.979512][ T5814]  __kasan_slab_free+0x37/0x60
[  145.984269][ T5814]  kmem_cache_free+0x145/0x350
[  145.989135][ T5814]  rcu_core+0xafd/0x1830
[  145.993404][ T5814]  handle_softirqs+0x2d6/0x990
[  145.998175][ T5814]  __irq_exit_rcu+0xf4/0x1c0
[  146.002845][ T5814]  irq_exit_rcu+0x9/0x30
[  146.007183][ T5814]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  146.013050][ T5814]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  146.019089][ T5814] 
[  146.021405][ T5814] Last potentially related work creation:
[  146.027724][ T5814]  kasan_save_stack+0x3f/0x60
[  146.032425][ T5814]  __kasan_record_aux_stack+0xac/0xc0
[  146.037801][ T5814]  call_rcu+0x167/0xa70
[  146.042046][ T5814]  nilfs_put_root+0x97/0xc0
[  146.046564][ T5814]  nilfs_detach_log_writer+0x8bb/0xbe0
[  146.052014][ T5814]  nilfs_put_super+0x4d/0x160
[  146.056679][ T5814]  generic_shutdown_super+0x136/0x2d0
[  146.062039][ T5814]  kill_block_super+0x44/0x90
[  146.066966][ T5814]  deactivate_locked_super+0xc4/0x130
[  146.072326][ T5814]  cleanup_mnt+0x426/0x4c0
[  146.076735][ T5814]  task_work_run+0x24f/0x310
[  146.081316][ T5814]  syscall_exit_to_user_mode+0x168/0x370
[  146.086941][ T5814]  do_syscall_64+0x102/0x240
[  146.091610][ T5814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.097578][ T5814] 
[  146.099887][ T5814] The buggy address belongs to the object at ffff888071364ce0
[  146.099887][ T5814]  which belongs to the cache nilfs2_inode_cache of size 1512
[  146.114658][ T5814] The buggy address is located 1192 bytes inside of
[  146.114658][ T5814]  freed 1512-byte region [ffff888071364ce0, ffff8880713652c8)
[  146.128721][ T5814] 
[  146.131052][ T5814] The buggy address belongs to the physical page:
[  146.137472][ T5814] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x71360
[  146.146499][ T5814] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  146.154999][ T5814] memcg:ffff88802afadf01
[  146.159239][ T5814] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  146.166772][ T5814] page_type: 0xffffefff(slab)
[  146.171613][ T5814] raw: 00fff00000000040 ffff88801b726500 dead000000000122 0000000000000000
[  146.180277][ T5814] raw: 0000000000000000 0000000000130013 00000001ffffefff ffff88802afadf01
[  146.188852][ T5814] head: 00fff00000000040 ffff88801b726500 dead000000000122 0000000000000000
[  146.197599][ T5814] head: 0000000000000000 0000000000130013 00000001ffffefff ffff88802afadf01
[  146.206539][ T5814] head: 00fff00000000003 ffffea0001c4d801 ffffffffffffffff 0000000000000000
[  146.215314][ T5814] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  146.224354][ T5814] page dumped because: kasan: bad access detected
[  146.230788][ T5814] page_owner tracks the page as allocated
[  146.236729][ T5814] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5514, tgid 5512 (syz-executor.0), ts 91446176265, free_ts 19303937180
[  146.260809][ T5814]  post_alloc_hook+0x1f3/0x230
[  146.265584][ T5814]  get_page_from_freelist+0x2ce2/0x2d90
[  146.271147][ T5814]  __alloc_pages_noprof+0x256/0x6c0
[  146.276335][ T5814]  alloc_slab_page+0x5f/0x120
[  146.281035][ T5814]  allocate_slab+0x5a/0x2e0
[  146.285547][ T5814]  ___slab_alloc+0xcd1/0x14b0
[  146.290388][ T5814]  __slab_alloc+0x58/0xa0
[  146.294732][ T5814]  kmem_cache_alloc_lru_noprof+0x1c5/0x2b0
[  146.300577][ T5814]  nilfs_alloc_inode+0x2e/0xf0
[  146.305348][ T5814]  iget5_locked+0xa4/0x280
[  146.309794][ T5814]  nilfs_iget_locked+0x12b/0x180
[  146.314748][ T5814]  nilfs_dat_read+0xc3/0x310
[  146.319343][ T5814]  load_nilfs+0x56f/0x1090
[  146.324275][ T5814]  nilfs_fill_super+0x310/0x6a0
[  146.329141][ T5814]  nilfs_get_tree+0x4f9/0x920
[  146.333822][ T5814]  vfs_get_tree+0x90/0x2a0
[  146.338418][ T5814] page last free pid 1 tgid 1 stack trace:
[  146.344212][ T5814]  free_unref_page+0xd22/0xea0
[  146.348975][ T5814]  free_contig_range+0x9e/0x160
[  146.354077][ T5814]  destroy_args+0x8a/0x890
[  146.358579][ T5814]  debug_vm_pgtable+0x4be/0x550
[  146.363440][ T5814]  do_one_initcall+0x248/0x880
[  146.368223][ T5814]  do_initcall_level+0x157/0x210
[  146.373199][ T5814]  do_initcalls+0x3f/0x80
[  146.377557][ T5814]  kernel_init_freeable+0x435/0x5d0
[  146.382812][ T5814]  kernel_init+0x1d/0x2b0
[  146.387148][ T5814]  ret_from_fork+0x4b/0x80
[  146.391652][ T5814]  ret_from_fork_asm+0x1a/0x30
[  146.396413][ T5814] 
[  146.398896][ T5814] Memory state around the buggy address:
[  146.404521][ T5814]  ffff888071365080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  146.412665][ T5814]  ffff888071365100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  146.420836][ T5814] >ffff888071365180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  146.429108][ T5814]                       ^
[  146.433443][ T5814]  ffff888071365200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  146.441619][ T5814]  ffff888071365280: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc
[  146.449959][ T5814] ==================================================================
[  146.458129][ T5814] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  146.465348][ T5814] CPU: 1 PID: 5814 Comm: syz-executor.0 Not tainted 6.9.0-next-20240520-syzkaller-13491-g632483ea8004 #0
[  146.476801][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  146.486946][ T5814] Call Trace:
[  146.490410][ T5814]  <TASK>
[  146.493620][ T5814]  dump_stack_lvl+0x241/0x360
[  146.498298][ T5814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.503844][ T5814]  ? __pfx__printk+0x10/0x10
[  146.508427][ T5814]  ? rcu_is_watching+0x15/0xb0
[  146.513574][ T5814]  ? vscnprintf+0x5d/0x90
[  146.518024][ T5814]  panic+0x349/0x860
[  146.522225][ T5814]  ? __pfx_lock_release+0x10/0x10
[  146.528779][ T5814]  ? check_panic_on_warn+0x21/0xb0
[  146.534004][ T5814]  ? __pfx_panic+0x10/0x10
[  146.538826][ T5814]  ? do_raw_spin_unlock+0x13c/0x8b0
[  146.544582][ T5814]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  146.550893][ T5814]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  146.557597][ T5814]  check_panic_on_warn+0x86/0xb0
[  146.562646][ T5814]  ? lru_add_fn+0x2cc/0x1a20
[  146.567391][ T5814]  end_report+0x77/0x160
[  146.571757][ T5814]  kasan_report+0x154/0x180
[  146.576275][ T5814]  ? lru_add_fn+0x2cc/0x1a20
[  146.580958][ T5814]  ? lru_add_fn+0x20c/0x1a20
[  146.585541][ T5814]  kasan_check_range+0x282/0x290
[  146.590603][ T5814]  lru_add_fn+0x2cc/0x1a20
[  146.595040][ T5814]  folio_batch_move_lru+0x322/0x690
[  146.600349][ T5814]  ? __pfx_lru_add_fn+0x10/0x10
[  146.605300][ T5814]  ? __pfx_folio_batch_move_lru+0x10/0x10
[  146.611311][ T5814]  lru_add_drain_cpu+0x10e/0x8c0
[  146.616438][ T5814]  ? __pfx_lru_add_drain_cpu+0x10/0x10
[  146.622438][ T5814]  ? folio_redirty_for_writepage+0x1de/0x6a0
[  146.628551][ T5814]  ? __pfx_lock_release+0x10/0x10
[  146.633873][ T5814]  ? lru_add_drain+0x79/0x3e0
[  146.638633][ T5814]  lru_add_drain+0x123/0x3e0
[  146.643394][ T5814]  __folio_batch_release+0x55/0xa0
[  146.648846][ T5814]  writeback_iter+0x742/0x18d0
[  146.654601][ T5814]  do_writepages+0x4b5/0x870
[  146.659405][ T5814]  ? __pfx_do_writepages+0x10/0x10
[  146.664699][ T5814]  ? __pfx_lock_acquire+0x10/0x10
[  146.669805][ T5814]  ? __pfx_lock_release+0x10/0x10
[  146.674907][ T5814]  ? do_raw_spin_lock+0x14f/0x370
[  146.679967][ T5814]  __writeback_single_inode+0x165/0x10b0
[  146.685879][ T5814]  writeback_single_inode+0x21b/0x7a0
[  146.691256][ T5814]  ? __pfx_writeback_single_inode+0x10/0x10
[  146.697144][ T5814]  ? __pfx_stack_trace_save+0x10/0x10
[  146.702616][ T5814]  write_inode_now+0x1d1/0x260
[  146.707549][ T5814]  ? __pfx_write_inode_now+0x10/0x10
[  146.712841][ T5814]  ? do_raw_spin_unlock+0x13c/0x8b0
[  146.718321][ T5814]  iput+0x5d7/0x930
[  146.722164][ T5814]  nilfs_put_super+0xd7/0x160
[  146.726942][ T5814]  ? __pfx_nilfs_put_super+0x10/0x10
[  146.732320][ T5814]  generic_shutdown_super+0x136/0x2d0
[  146.738042][ T5814]  kill_block_super+0x44/0x90
[  146.742914][ T5814]  deactivate_locked_super+0xc4/0x130
[  146.748472][ T5814]  cleanup_mnt+0x426/0x4c0
[  146.753403][ T5814]  ? _raw_spin_unlock_irq+0x23/0x50
[  146.758593][ T5814]  task_work_run+0x24f/0x310
[  146.763179][ T5814]  ? __pfx_task_work_run+0x10/0x10
[  146.768372][ T5814]  ? __x64_sys_umount+0x126/0x170
[  146.773491][ T5814]  ? syscall_exit_to_user_mode+0xa3/0x370
[  146.779225][ T5814]  syscall_exit_to_user_mode+0x168/0x370
[  146.784958][ T5814]  do_syscall_64+0x102/0x240
[  146.789582][ T5814]  ? clear_bhb_loop+0x35/0x90
[  146.794264][ T5814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.800174][ T5814] RIP: 0033:0x7f98fdc7efd7
[  146.804591][ T5814] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[  146.824384][ T5814] RSP: 002b:00007ffc34e27c28 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[  146.832798][ T5814] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 00007f98fdc7efd7
[  146.840763][ T5814] RDX: 0000000000000200 RSI: 0000000000000009 RDI: 00007ffc34e28dd0
[  146.849011][ T5814] RBP: 00007f98fdcc83b9 R08: 0000000000000000 R09: 0000000000000000
[  146.856983][ T5814] R10: 0000000000000100 R11: 0000000000000202 R12: 00007ffc34e28dd0
[  146.865037][ T5814] R13: 00007f98fdcc83b9 R14: 0000555593b03430 R15: 0000000000000005
[  146.873097][ T5814]  </TASK>
[  146.876602][ T5814] Kernel Offset: disabled
[  146.880990][ T5814] Rebooting in 86400 seconds..