Warning: Permanently added '10.128.10.52' (ED25519) to the list of known hosts.
2024/05/20 07:59:16 ignoring optional flag "sandboxArg"="0"
2024/05/20 07:59:16 parsed 1 programs
2024/05/20 07:59:18 executed programs: 0
[ 91.388507][ T5439] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 91.443189][ T4491] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 91.452030][ T4491] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 91.460911][ T4491] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 91.469429][ T4491] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 91.477859][ T4491] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 91.485460][ T4491] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 91.602904][ T5446] chnl_net:caif_netlink_parms(): no params data found
[ 91.657102][ T5446] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.664381][ T5446] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.672251][ T5446] bridge_slave_0: entered allmulticast mode
[ 91.679361][ T5446] bridge_slave_0: entered promiscuous mode
[ 91.687537][ T5446] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.695519][ T5446] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.702720][ T5446] bridge_slave_1: entered allmulticast mode
[ 91.710025][ T5446] bridge_slave_1: entered promiscuous mode
[ 91.736976][ T5446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 91.749936][ T5446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 91.778128][ T5446] team0: Port device team_slave_0 added
[ 91.786849][ T5446] team0: Port device team_slave_1 added
[ 91.808940][ T5446] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 91.815988][ T5446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.842238][ T5446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 91.857130][ T5446] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 91.864279][ T5446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.891714][ T5446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 91.926389][ T5446] hsr_slave_0: entered promiscuous mode
[ 91.932695][ T5446] hsr_slave_1: entered promiscuous mode
[ 92.550280][ T5446] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 92.562891][ T5446] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 92.573828][ T5446] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 92.586439][ T5446] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 92.710517][ T5446] 8021q: adding VLAN 0 to HW filter on device bond0
[ 92.738812][ T5446] 8021q: adding VLAN 0 to HW filter on device team0
[ 92.753899][ T57] bridge0: port 1(bridge_slave_0) entered blocking state
[ 92.761158][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 92.778648][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 92.785866][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 93.007361][ T5446] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 93.070157][ T5446] veth0_vlan: entered promiscuous mode
[ 93.087699][ T5446] veth1_vlan: entered promiscuous mode
[ 93.126945][ T5446] veth0_macvtap: entered promiscuous mode
[ 93.139673][ T5446] veth1_macvtap: entered promiscuous mode
[ 93.170583][ T5446] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 93.189267][ T5446] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 93.207032][ T5446] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.218670][ T5446] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.228805][ T5446] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.239257][ T5446] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.328401][ T2916] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.340581][ T2916] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.382801][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.392149][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.468865][ T5515] loop0: detected capacity change from 0 to 2048
[ 93.548003][ T5520] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 93.576252][ T4491] Bluetooth: hci0: command tx timeout
[ 93.605222][ T5515] loop0: detected capacity change from 2048 to 0
[ 93.638932][ T5446] syz-executor.0: attempt to access beyond end of device
[ 93.638932][ T5446] loop0: rw=0, sector=100, nr_sectors = 2 limit=0
[ 93.658110][ T5446] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=226)
[ 93.668305][ T5446] NILFS (loop0): error -5 truncating bmap (ino=15)
[ 93.681403][ T5446] syz-executor.0: attempt to access beyond end of device
[ 93.681403][ T5446] loop0: rw=0, sector=66, nr_sectors = 2 limit=0
[ 93.697939][ T5446] NILFS (loop0): I/O error reading b-tree node block (ino=16, blocknr=15)
[ 93.706970][ T5446] NILFS (loop0): error -5 truncating bmap (ino=16)
[ 93.714392][ T5446] syz-executor.0: attempt to access beyond end of device
[ 93.714392][ T5446] loop0: rw=0, sector=90, nr_sectors = 2 limit=0
[ 93.728886][ T5446] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=34)
[ 93.738700][ T5446] NILFS (loop0): error -5 truncating bmap (ino=17)
[ 93.756450][ T5520] segctord: attempt to access beyond end of device
[ 93.756450][ T5520] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 93.770612][ T5520] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.781531][ T5520] segctord: attempt to access beyond end of device
[ 93.781531][ T5520] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 93.795421][ T5520] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.813708][ T5520] segctord: attempt to access beyond end of device
[ 93.813708][ T5520] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 93.827253][ T5520] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.841859][ T5520] segctord: attempt to access beyond end of device
[ 93.841859][ T5520] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 93.857789][ T5520] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.869784][ T5446] syz-executor.0: attempt to access beyond end of device
[ 93.869784][ T5446] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 93.885809][ T5446] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.901447][ T5446] syz-executor.0: attempt to access beyond end of device
[ 93.901447][ T5446] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 93.915535][ T5446] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.928495][ T5446] syz-executor.0: attempt to access beyond end of device
[ 93.928495][ T5446] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 93.943284][ T5446] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.953746][ T5446] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 93.962761][ T5446] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[ 95.654613][ T4491] Bluetooth: hci0: command tx timeout
[ 97.745012][ T4491] Bluetooth: hci0: command tx timeout
[ 99.815487][ T4491] Bluetooth: hci0: command tx timeout
[ 118.628133][ T5446] bio_check_eod: 1 callbacks suppressed
[ 118.628149][ T5446] syz-executor.0: attempt to access beyond end of device
[ 118.628149][ T5446] loop0: rw=395265, sector=2040, nr_sectors = 2 limit=0
[ 118.648025][ T5446] Buffer I/O error on dev loop0, logical block 1020, lost sync page write
[ 118.658383][ T5446] NILFS (loop0): unable to write superblock: err=-5
[ 118.665139][ T5446] syz-executor.0: attempt to access beyond end of device
[ 118.665139][ T5446] loop0: rw=395265, sector=2, nr_sectors = 2 limit=0
[ 118.679134][ T5446] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[ 118.687463][ T5446] NILFS (loop0): unable to write superblock: err=-5
2024/05/20 07:59:46 executed programs: 2
[ 118.962565][ T169] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 118.998776][ T5098] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 119.007170][ T5098] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 119.016018][ T5098] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 119.024661][ T5098] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 119.033324][ T5098] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 119.042479][ T5098] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 119.052064][ T169] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 119.129928][ T169] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 119.198985][ T5816] chnl_net:caif_netlink_parms(): no params data found
[ 119.218986][ T169] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 119.277114][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.284707][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.292060][ T5816] bridge_slave_0: entered allmulticast mode
[ 119.299425][ T5816] bridge_slave_0: entered promiscuous mode
[ 119.308254][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.316308][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.323687][ T5816] bridge_slave_1: entered allmulticast mode
[ 119.331756][ T5816] bridge_slave_1: entered promiscuous mode
[ 119.362198][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 119.375045][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 119.424234][ T5816] team0: Port device team_slave_0 added
[ 119.433515][ T5816] team0: Port device team_slave_1 added
[ 119.490638][ T169] bridge_slave_1: left allmulticast mode
[ 119.496873][ T169] bridge_slave_1: left promiscuous mode
[ 119.503287][ T169] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.513425][ T169] bridge_slave_0: left allmulticast mode
[ 119.520724][ T169] bridge_slave_0: left promiscuous mode
[ 119.526687][ T169] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.740814][ T169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 119.756463][ T169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 119.766496][ T169] bond0 (unregistering): Released all slaves
[ 119.782279][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 119.790320][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 119.816338][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 119.835588][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 119.842575][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 119.869410][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 119.929388][ T5816] hsr_slave_0: entered promiscuous mode
[ 119.936124][ T5816] hsr_slave_1: entered promiscuous mode
[ 119.942565][ T5816] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 119.960729][ T5816] Cannot create hsr debugfs directory
[ 120.157857][ T169] hsr_slave_0: left promiscuous mode
[ 120.163996][ T169] hsr_slave_1: left promiscuous mode
[ 120.173015][ T169] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 120.180918][ T169] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 120.193138][ T169] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 120.201011][ T169] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 120.224000][ T169] veth1_macvtap: left promiscuous mode
[ 120.231991][ T169] veth0_macvtap: left promiscuous mode
[ 120.238276][ T169] veth1_vlan: left promiscuous mode
[ 120.243642][ T169] veth0_vlan: left promiscuous mode
[ 120.551741][ T169] team0 (unregistering): Port device team_slave_1 removed
[ 120.581279][ T169] team0 (unregistering): Port device team_slave_0 removed
[ 121.094575][ T5098] Bluetooth: hci0: command tx timeout
[ 121.318417][ T5816] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 121.333070][ T5816] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 121.343831][ T5816] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 121.356491][ T5816] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 121.464108][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0
[ 121.490802][ T5816] 8021q: adding VLAN 0 to HW filter on device team0
[ 121.506424][ T5511] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.514561][ T5511] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 121.538033][ T5511] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.545259][ T5511] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 121.600060][ T5816] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 121.770589][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 121.843437][ T5816] veth0_vlan: entered promiscuous mode
[ 121.861732][ T5816] veth1_vlan: entered promiscuous mode
[ 121.903675][ T5816] veth0_macvtap: entered promiscuous mode
[ 121.923639][ T5816] veth1_macvtap: entered promiscuous mode
[ 121.949600][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 121.964322][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 121.977432][ T5816] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.986774][ T5816] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.995789][ T5816] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.005007][ T5816] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.061660][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.075319][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.096133][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.104043][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.199803][ T5885] loop0: detected capacity change from 0 to 2048
[ 122.222412][ T5886] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 122.245216][ T5885] loop0: detected capacity change from 2048 to 0
[ 122.264758][ T5816] syz-executor.0: attempt to access beyond end of device
[ 122.264758][ T5816] loop0: rw=0, sector=100, nr_sectors = 2 limit=0
[ 122.279260][ T5816] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=226)
[ 122.289432][ T5816] NILFS (loop0): error -5 truncating bmap (ino=15)
[ 122.299482][ T5816] syz-executor.0: attempt to access beyond end of device
[ 122.299482][ T5816] loop0: rw=0, sector=66, nr_sectors = 2 limit=0
[ 122.313105][ T5816] NILFS (loop0): I/O error reading b-tree node block (ino=16, blocknr=15)
[ 122.322179][ T5816] NILFS (loop0): error -5 truncating bmap (ino=16)
[ 122.329659][ T5816] syz-executor.0: attempt to access beyond end of device
[ 122.329659][ T5816] loop0: rw=0, sector=90, nr_sectors = 2 limit=0
[ 122.344018][ T5816] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=34)
[ 122.353468][ T5816] NILFS (loop0): error -5 truncating bmap (ino=17)
[ 122.362434][ T5886] segctord: attempt to access beyond end of device
[ 122.362434][ T5886] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 122.376583][ T5886] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.386696][ T5886] segctord: attempt to access beyond end of device
[ 122.386696][ T5886] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 122.399650][ T5886] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.408773][ T5886] segctord: attempt to access beyond end of device
[ 122.408773][ T5886] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 122.422475][ T5886] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.432061][ T5886] segctord: attempt to access beyond end of device
[ 122.432061][ T5886] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 122.446751][ T5886] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.457574][ T5816] syz-executor.0: attempt to access beyond end of device
[ 122.457574][ T5816] loop0: rw=0, sector=84, nr_sectors = 2 limit=0
[ 122.471651][ T5816] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.480793][ T5816] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.490215][ T5816] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.500654][ T5816] NILFS (loop0): I/O error reading meta-data file (ino=3, block-offset=0)
[ 122.509405][ T5816] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[ 123.174745][ T5098] Bluetooth: hci0: command tx timeout
[ 125.254587][ T5098] Bluetooth: hci0: command tx timeout
[ 127.335137][ T5098] Bluetooth: hci0: command tx timeout
[ 133.336932][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[ 133.344365][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[ 147.271125][ T5816] bio_check_eod: 3 callbacks suppressed
[ 147.271145][ T5816] syz-executor.0: attempt to access beyond end of device
[ 147.271145][ T5816] loop0: rw=395265, sector=2040, nr_sectors = 2 limit=0
[ 147.293173][ T5816] Buffer I/O error on dev loop0, logical block 1020, lost sync page write
[ 147.301848][ T5816] NILFS (loop0): unable to write superblock: err=-5
[ 147.309609][ T5816] syz-executor.0: attempt to access beyond end of device
[ 147.309609][ T5816] loop0: rw=395265, sector=2, nr_sectors = 2 limit=0
[ 147.325081][ T5816] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[ 147.333468][ T5816] NILFS (loop0): unable to write superblock: err=-5
[ 147.359494][ T5887] ==================================================================
[ 147.367613][ T5887] BUG: KASAN: slab-use-after-free in lru_add_fn+0x2cc/0x1a20
[ 147.375316][ T5887] Read of size 8 at addr ffff8880643a4b20 by task udevd/5887
[ 147.382968][ T5887]
[ 147.385314][ T5887] CPU: 1 PID: 5887 Comm: udevd Not tainted 6.9.0-next-20240520-syzkaller-13491-g632483ea8004 #0
[ 147.395829][ T5887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 147.406068][ T5887] Call Trace:
[ 147.409533][ T5887]
[ 147.412669][ T5887] dump_stack_lvl+0x241/0x360
[ 147.417476][ T5887] ? __pfx_dump_stack_lvl+0x10/0x10
[ 147.422844][ T5887] ? __pfx__printk+0x10/0x10
[ 147.427445][ T5887] ? _printk+0xd5/0x120
[ 147.431696][ T5887] ? __virt_addr_valid+0x183/0x520
[ 147.436804][ T5887] ? __virt_addr_valid+0x183/0x520
[ 147.441914][ T5887] print_report+0x169/0x550
[ 147.446435][ T5887] ? __virt_addr_valid+0x183/0x520
[ 147.451593][ T5887] ? __virt_addr_valid+0x183/0x520
[ 147.456716][ T5887] ? __virt_addr_valid+0x44e/0x520
[ 147.461936][ T5887] ? __phys_addr+0xba/0x170
[ 147.466537][ T5887] ? lru_add_fn+0x2cc/0x1a20
[ 147.471317][ T5887] kasan_report+0x143/0x180
[ 147.475886][ T5887] ? lru_add_fn+0x2cc/0x1a20
[ 147.480478][ T5887] ? lru_add_fn+0x20c/0x1a20
[ 147.485075][ T5887] kasan_check_range+0x282/0x290
[ 147.490040][ T5887] lru_add_fn+0x2cc/0x1a20
[ 147.494638][ T5887] folio_batch_move_lru+0x322/0x690
[ 147.499855][ T5887] ? __pfx_lru_add_fn+0x10/0x10
[ 147.504923][ T5887] ? __pfx_folio_batch_move_lru+0x10/0x10
[ 147.510712][ T5887] ? __lruvec_stat_mod_folio+0x7d/0x300
[ 147.516358][ T5887] ? folio_batch_add_and_move+0x98/0x2b0
[ 147.522034][ T5887] ? __pfx_lru_add_fn+0x10/0x10
[ 147.526904][ T5887] ? folio_add_lru+0x357/0xd70
[ 147.531662][ T5887] folio_add_lru+0x475/0xd70
[ 147.536776][ T5887] do_wp_page+0x1c60/0x5310
[ 147.541298][ T5887] ? do_wp_page+0x15c4/0x5310
[ 147.545983][ T5887] ? __pfx_do_wp_page+0x10/0x10
[ 147.550956][ T5887] ? __pfx_lock_acquire+0x10/0x10
[ 147.556009][ T5887] ? do_raw_spin_lock+0x14f/0x370
[ 147.561148][ T5887] ? __pfx_validate_chain+0x10/0x10
[ 147.566366][ T5887] handle_pte_fault+0x1189/0x70f0
[ 147.571589][ T5887] ? __pfx_validate_chain+0x10/0x10
[ 147.577178][ T5887] ? __pfx_cgroup_rstat_updated+0x10/0x10
[ 147.582938][ T5887] ? __pfx_handle_pte_fault+0x10/0x10
[ 147.588393][ T5887] ? __lock_acquire+0x1346/0x1fd0
[ 147.593524][ T5887] ? reacquire_held_locks+0x3eb/0x690
[ 147.598899][ T5887] ? lock_vma_under_rcu+0x2f9/0x6e0
[ 147.604095][ T5887] ? __pfx_reacquire_held_locks+0x10/0x10
[ 147.609806][ T5887] handle_mm_fault+0x10df/0x1ba0
[ 147.614778][ T5887] ? __pfx_handle_mm_fault+0x10/0x10
[ 147.620174][ T5887] ? lock_vma_under_rcu+0x592/0x6e0
[ 147.625906][ T5887] ? exc_page_fault+0x113/0x8c0
[ 147.630950][ T5887] exc_page_fault+0x459/0x8c0
[ 147.635751][ T5887] asm_exc_page_fault+0x26/0x30
[ 147.640645][ T5887] RIP: 0033:0x7f30d86c71a6
[ 147.645270][ T5887] Code: f2 e6 0e 00 eb 81 49 89 c5 49 ff c0 49 c1 ed 0c 4c 33 28 4c 89 e8 eb c0 44 0f b7 04 4e 4c 89 c0 4d 39 d8 73 2a 48 89 fa ff c0 <4c> 89 4d 18 48 c1 ea 0c 48 33 94 ce 80 00 00 00 48 89 55 10 48 89
[ 147.665175][ T5887] RSP: 002b:00007ffc053598d0 EFLAGS: 00010207
[ 147.671502][ T5887] RAX: 0000000000000006 RBX: 0000000000000210 RCX: 000000000000001f
[ 147.679741][ T5887] RDX: 0000555f5dd2ac20 RSI: 0000555f5dd15010 RDI: 0000555f5dd2ac20
[ 147.687836][ T5887] RBP: 0000555f5dd2ac10 R08: 0000000000000005 R09: 3327265b1cebfd59
[ 147.695888][ T5887] R10: 00000000ffffffff R11: 0000000000000007 R12: 0000000000000000
[ 147.704025][ T5887] R13: 0000555f2c52f040 R14: 00007f30d87f1aa0 R15: 0000555f5dd15910
[ 147.712085][ T5887]
[ 147.715106][ T5887]
[ 147.717424][ T5887] Allocated by task 5885:
[ 147.721885][ T5887] kasan_save_track+0x3f/0x80
[ 147.726574][ T5887] __kasan_slab_alloc+0x66/0x80
[ 147.731591][ T5887] kmem_cache_alloc_lru_noprof+0x139/0x2b0
[ 147.737391][ T5887] nilfs_alloc_inode+0x2e/0xf0
[ 147.742226][ T5887] iget5_locked+0xa4/0x280
[ 147.746629][ T5887] nilfs_iget_locked+0x12b/0x180
[ 147.751552][ T5887] nilfs_ifile_read+0x30/0x1b0
[ 147.756315][ T5887] nilfs_attach_checkpoint+0xed/0x1a0
[ 147.761770][ T5887] nilfs_fill_super+0x380/0x6a0
[ 147.766691][ T5887] nilfs_get_tree+0x4f9/0x920
[ 147.771347][ T5887] vfs_get_tree+0x90/0x2a0
[ 147.775769][ T5887] do_new_mount+0x2be/0xb40
[ 147.780496][ T5887] __se_sys_mount+0x2d9/0x3c0
[ 147.785246][ T5887] do_syscall_64+0xf5/0x240
[ 147.789765][ T5887] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 147.795842][ T5887]
[ 147.798172][ T5887] Freed by task 0:
[ 147.802093][ T5887] kasan_save_track+0x3f/0x80
[ 147.806782][ T5887] kasan_save_free_info+0x40/0x50
[ 147.811806][ T5887] poison_slab_object+0xe0/0x150
[ 147.816741][ T5887] __kasan_slab_free+0x37/0x60
[ 147.821489][ T5887] kmem_cache_free+0x145/0x350
[ 147.826322][ T5887] rcu_core+0xafd/0x1830
[ 147.830656][ T5887] handle_softirqs+0x2d6/0x990
[ 147.835400][ T5887] __irq_exit_rcu+0xf4/0x1c0
[ 147.839985][ T5887] irq_exit_rcu+0x9/0x30
[ 147.844205][ T5887] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 147.849891][ T5887] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 147.856053][ T5887]
[ 147.858384][ T5887] Last potentially related work creation:
[ 147.864082][ T5887] kasan_save_stack+0x3f/0x60
[ 147.868766][ T5887] __kasan_record_aux_stack+0xac/0xc0
[ 147.874153][ T5887] call_rcu+0x167/0xa70
[ 147.878309][ T5887] nilfs_put_root+0x97/0xc0
[ 147.882810][ T5887] nilfs_detach_log_writer+0x8bb/0xbe0
[ 147.888293][ T5887] nilfs_put_super+0x4d/0x160
[ 147.893010][ T5887] generic_shutdown_super+0x136/0x2d0
[ 147.898383][ T5887] kill_block_super+0x44/0x90
[ 147.903068][ T5887] deactivate_locked_super+0xc4/0x130
[ 147.908604][ T5887] cleanup_mnt+0x426/0x4c0
[ 147.913031][ T5887] task_work_run+0x24f/0x310
[ 147.917654][ T5887] syscall_exit_to_user_mode+0x168/0x370
[ 147.923304][ T5887] do_syscall_64+0x102/0x240
[ 147.927924][ T5887] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 147.933806][ T5887]
[ 147.936115][ T5887] The buggy address belongs to the object at ffff8880643a4678
[ 147.936115][ T5887] which belongs to the cache nilfs2_inode_cache of size 1512
[ 147.950859][ T5887] The buggy address is located 1192 bytes inside of
[ 147.950859][ T5887] freed 1512-byte region [ffff8880643a4678, ffff8880643a4c60)
[ 147.964808][ T5887]
[ 147.967126][ T5887] The buggy address belongs to the physical page:
[ 147.973514][ T5887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880643a0000 pfn:0x643a0
[ 147.983565][ T5887] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 147.992200][ T5887] memcg:ffff88802aa53501
[ 147.996465][ T5887] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 148.004013][ T5887] page_type: 0xffffefff(slab)
[ 148.008689][ T5887] raw: 00fff00000000040 ffff88801afb1dc0 dead000000000122 0000000000000000
[ 148.017279][ T5887] raw: ffff8880643a0000 000000008013000e 00000001ffffefff ffff88802aa53501
[ 148.025862][ T5887] head: 00fff00000000040 ffff88801afb1dc0 dead000000000122 0000000000000000
[ 148.034610][ T5887] head: ffff8880643a0000 000000008013000e 00000001ffffefff ffff88802aa53501
[ 148.043350][ T5887] head: 00fff00000000003 ffffea000190e801 ffffffffffffffff 0000000000000000
[ 148.052000][ T5887] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 148.060929][ T5887] page dumped because: kasan: bad access detected
[ 148.067425][ T5887] page_owner tracks the page as allocated
[ 148.073214][ T5887] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5515, tgid 5514 (syz-executor.0), ts 93562493088, free_ts 17048166723
[ 148.097264][ T5887] post_alloc_hook+0x1f3/0x230
[ 148.102110][ T5887] get_page_from_freelist+0x2ce2/0x2d90
[ 148.107638][ T5887] __alloc_pages_noprof+0x256/0x6c0
[ 148.112818][ T5887] alloc_slab_page+0x5f/0x120
[ 148.117496][ T5887] allocate_slab+0x5a/0x2e0
[ 148.121982][ T5887] ___slab_alloc+0xcd1/0x14b0
[ 148.127099][ T5887] __slab_alloc+0x58/0xa0
[ 148.131524][ T5887] kmem_cache_alloc_lru_noprof+0x1c5/0x2b0
[ 148.137329][ T5887] nilfs_alloc_inode+0x2e/0xf0
[ 148.142082][ T5887] new_inode_pseudo+0x69/0x1e0
[ 148.146934][ T5887] new_inode+0x22/0x1d0
[ 148.151092][ T5887] nilfs_new_inode+0x13f/0x990
[ 148.155863][ T5887] nilfs_create+0xfd/0x2d0
[ 148.160285][ T5887] path_openat+0x1425/0x3280
[ 148.164868][ T5887] do_filp_open+0x235/0x490
[ 148.169357][ T5887] do_sys_openat2+0x13e/0x1d0
[ 148.174018][ T5887] page last free pid 1 tgid 1 stack trace:
[ 148.179817][ T5887] free_unref_page+0xd22/0xea0
[ 148.184597][ T5887] free_contig_range+0x9e/0x160
[ 148.189548][ T5887] destroy_args+0x8a/0x890
[ 148.193969][ T5887] debug_vm_pgtable+0x4be/0x550
[ 148.198816][ T5887] do_one_initcall+0x248/0x880
[ 148.203577][ T5887] do_initcall_level+0x157/0x210
[ 148.208503][ T5887] do_initcalls+0x3f/0x80
[ 148.212835][ T5887] kernel_init_freeable+0x435/0x5d0
[ 148.218019][ T5887] kernel_init+0x1d/0x2b0
[ 148.222346][ T5887] ret_from_fork+0x4b/0x80
[ 148.226924][ T5887] ret_from_fork_asm+0x1a/0x30
[ 148.231784][ T5887]
[ 148.234096][ T5887] Memory state around the buggy address:
[ 148.239728][ T5887] ffff8880643a4a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 148.247887][ T5887] ffff8880643a4a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 148.255982][ T5887] >ffff8880643a4b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 148.264080][ T5887] ^
[ 148.269185][ T5887] ffff8880643a4b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 148.277336][ T5887] ffff8880643a4c00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 148.285516][ T5887] ==================================================================
[ 148.293742][ T5887] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 148.301029][ T5887] CPU: 1 PID: 5887 Comm: udevd Not tainted 6.9.0-next-20240520-syzkaller-13491-g632483ea8004 #0
[ 148.311444][ T5887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 148.321502][ T5887] Call Trace:
[ 148.324777][ T5887]
[ 148.328151][ T5887] dump_stack_lvl+0x241/0x360
[ 148.332832][ T5887] ? __pfx_dump_stack_lvl+0x10/0x10
[ 148.338049][ T5887] ? __pfx__printk+0x10/0x10
[ 148.342648][ T5887] ? rcu_is_watching+0x15/0xb0
[ 148.347430][ T5887] ? vscnprintf+0x5d/0x90
[ 148.351742][ T5887] panic+0x349/0x860
[ 148.355631][ T5887] ? __pfx_lock_release+0x10/0x10
[ 148.360638][ T5887] ? check_panic_on_warn+0x21/0xb0
[ 148.365752][ T5887] ? __pfx_panic+0x10/0x10
[ 148.370156][ T5887] ? do_raw_spin_unlock+0x13c/0x8b0
[ 148.375435][ T5887] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 148.381344][ T5887] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 148.387778][ T5887] check_panic_on_warn+0x86/0xb0
[ 148.392853][ T5887] ? lru_add_fn+0x2cc/0x1a20
[ 148.397447][ T5887] end_report+0x77/0x160
[ 148.401697][ T5887] kasan_report+0x154/0x180
[ 148.406194][ T5887] ? lru_add_fn+0x2cc/0x1a20
[ 148.410780][ T5887] ? lru_add_fn+0x20c/0x1a20
[ 148.415386][ T5887] kasan_check_range+0x282/0x290
[ 148.420404][ T5887] lru_add_fn+0x2cc/0x1a20
[ 148.424804][ T5887] folio_batch_move_lru+0x322/0x690
[ 148.429996][ T5887] ? __pfx_lru_add_fn+0x10/0x10
[ 148.434841][ T5887] ? __pfx_folio_batch_move_lru+0x10/0x10
[ 148.440746][ T5887] ? __lruvec_stat_mod_folio+0x7d/0x300
[ 148.446292][ T5887] ? folio_batch_add_and_move+0x98/0x2b0
[ 148.451916][ T5887] ? __pfx_lru_add_fn+0x10/0x10
[ 148.456783][ T5887] ? folio_add_lru+0x357/0xd70
[ 148.461553][ T5887] folio_add_lru+0x475/0xd70
[ 148.466217][ T5887] do_wp_page+0x1c60/0x5310
[ 148.470725][ T5887] ? do_wp_page+0x15c4/0x5310
[ 148.475565][ T5887] ? __pfx_do_wp_page+0x10/0x10
[ 148.480413][ T5887] ? __pfx_lock_acquire+0x10/0x10
[ 148.485598][ T5887] ? do_raw_spin_lock+0x14f/0x370
[ 148.490664][ T5887] ? __pfx_validate_chain+0x10/0x10
[ 148.495906][ T5887] handle_pte_fault+0x1189/0x70f0
[ 148.501077][ T5887] ? __pfx_validate_chain+0x10/0x10
[ 148.506278][ T5887] ? __pfx_cgroup_rstat_updated+0x10/0x10
[ 148.512076][ T5887] ? __pfx_handle_pte_fault+0x10/0x10
[ 148.517897][ T5887] ? __lock_acquire+0x1346/0x1fd0
[ 148.522911][ T5887] ? reacquire_held_locks+0x3eb/0x690
[ 148.528298][ T5887] ? lock_vma_under_rcu+0x2f9/0x6e0
[ 148.533487][ T5887] ? __pfx_reacquire_held_locks+0x10/0x10
[ 148.539195][ T5887] handle_mm_fault+0x10df/0x1ba0
[ 148.544141][ T5887] ? __pfx_handle_mm_fault+0x10/0x10
[ 148.549522][ T5887] ? lock_vma_under_rcu+0x592/0x6e0
[ 148.554752][ T5887] ? exc_page_fault+0x113/0x8c0
[ 148.559589][ T5887] exc_page_fault+0x459/0x8c0
[ 148.564257][ T5887] asm_exc_page_fault+0x26/0x30
[ 148.569119][ T5887] RIP: 0033:0x7f30d86c71a6
[ 148.573622][ T5887] Code: f2 e6 0e 00 eb 81 49 89 c5 49 ff c0 49 c1 ed 0c 4c 33 28 4c 89 e8 eb c0 44 0f b7 04 4e 4c 89 c0 4d 39 d8 73 2a 48 89 fa ff c0 <4c> 89 4d 18 48 c1 ea 0c 48 33 94 ce 80 00 00 00 48 89 55 10 48 89
[ 148.593708][ T5887] RSP: 002b:00007ffc053598d0 EFLAGS: 00010207
[ 148.599779][ T5887] RAX: 0000000000000006 RBX: 0000000000000210 RCX: 000000000000001f
[ 148.607828][ T5887] RDX: 0000555f5dd2ac20 RSI: 0000555f5dd15010 RDI: 0000555f5dd2ac20
[ 148.615837][ T5887] RBP: 0000555f5dd2ac10 R08: 0000000000000005 R09: 3327265b1cebfd59
[ 148.623820][ T5887] R10: 00000000ffffffff R11: 0000000000000007 R12: 0000000000000000
[ 148.631966][ T5887] R13: 0000555f2c52f040 R14: 00007f30d87f1aa0 R15: 0000555f5dd15910
[ 148.640225][ T5887]
[ 148.643664][ T5887] Kernel Offset: disabled
[ 148.648414][ T5887] Rebooting in 86400 seconds..