Warning: Permanently added '10.128.1.174' (ED25519) to the list of known hosts.
2024/09/01 00:46:41 ignoring optional flag "sandboxArg"="0"
2024/09/01 00:46:41 parsed 1 programs
2024/09/01 00:46:41 executed programs: 0
[   65.314130][ T1509] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   67.810578][ T1933] loop0: detected capacity change from 0 to 128
[   67.822402][ T1933] attempt to access beyond end of device
[   67.822402][ T1933] loop0: rw=0, want=6491538, limit=128
[   67.835144][ T1933] Buffer I/O error on dev loop0, logical block 3245768, async page read
[   67.844314][ T1933] attempt to access beyond end of device
[   67.844314][ T1933] loop0: rw=0, want=17666808, limit=128
[   67.855622][ T1933] Buffer I/O error on dev loop0, logical block 8833403, async page read
[   67.865096][ T1933] attempt to access beyond end of device
[   67.865096][ T1933] loop0: rw=0, want=26539620, limit=128
[   67.876510][ T1933] Buffer I/O error on dev loop0, logical block 13269809, async page read
[   67.886054][ T1933] attempt to access beyond end of device
[   67.886054][ T1933] loop0: rw=0, want=16147214, limit=128
[   67.897568][ T1933] Buffer I/O error on dev loop0, logical block 8073606, async page read
[   67.906152][ T1933] attempt to access beyond end of device
[   67.906152][ T1933] loop0: rw=0, want=6491544, limit=128
[   67.917728][ T1933] Buffer I/O error on dev loop0, logical block 3245771, async page read
[   67.926082][ T1933] attempt to access beyond end of device
[   67.926082][ T1933] loop0: rw=0, want=17668344, limit=128
[   67.937793][ T1933] Buffer I/O error on dev loop0, logical block 8834171, async page read
[   67.946268][ T1933] attempt to access beyond end of device
[   67.946268][ T1933] loop0: rw=0, want=26932836, limit=128
[   67.957718][ T1933] Buffer I/O error on dev loop0, logical block 13466417, async page read
[   67.966161][ T1933] attempt to access beyond end of device
[   67.966161][ T1933] loop0: rw=0, want=16147214, limit=128
[   67.977781][ T1933] Buffer I/O error on dev loop0, logical block 8073606, async page read
[   67.986832][ T1933] attempt to access beyond end of device
[   67.986832][ T1933] loop0: rw=0, want=6491550, limit=128
[   67.998456][ T1933] Buffer I/O error on dev loop0, logical block 3245774, async page read
[   68.007586][ T1933] attempt to access beyond end of device
[   68.007586][ T1933] loop0: rw=0, want=17669880, limit=128
[   68.019380][ T1933] Buffer I/O error on dev loop0, logical block 8834939, async page read
[   94.109065][ T1933] ==================================================================
[   94.117478][ T1933] BUG: KASAN: use-after-free in sysv_new_inode+0xd21/0x1250
[   94.124882][ T1933] Read of size 2 at addr ffff88806d7aa1ce by task syz-executor.0/1933
[   94.133162][ T1933] 
[   94.135501][ T1933] CPU: 0 PID: 1933 Comm: syz-executor.0 Not tainted 5.15.165-syzkaller #0
[   94.145862][ T1933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   94.156179][ T1933] Call Trace:
[   94.159713][ T1933]  <TASK>
[   94.163573][ T1933]  dump_stack_lvl+0x41/0x5e
[   94.168444][ T1933]  print_address_description.constprop.0.cold+0x6c/0x309
[   94.176146][ T1933]  ? sysv_new_inode+0xd21/0x1250
[   94.181238][ T1933]  ? sysv_new_inode+0xd21/0x1250
[   94.186696][ T1933]  kasan_report.cold+0x83/0xdf
[   94.191713][ T1933]  ? sysv_new_inode+0xd21/0x1250
[   94.196980][ T1933]  sysv_new_inode+0xd21/0x1250
[   94.201958][ T1933]  ? sysv_free_inode+0x840/0x840
[   94.207131][ T1933]  ? do_raw_spin_lock+0x120/0x2b0
[   94.212407][ T1933]  ? do_raw_spin_unlock+0x171/0x230
[   94.218144][ T1933]  ? _raw_spin_unlock+0x1a/0x30
[   94.223024][ T1933]  sysv_create+0x13/0x90
[   94.227286][ T1933]  ? sysv_inode_by_name+0x260/0x260
[   94.232469][ T1933]  lookup_open.isra.0+0xe3b/0x1680
[   94.237738][ T1933]  ? lockref_put_or_lock+0x50/0x60
[   94.243550][ T1933]  ? vfs_tmpfile+0x2d0/0x2d0
[   94.248433][ T1933]  ? verify_cpu+0x100/0x100
[   94.252979][ T1933]  ? verify_cpu+0x100/0x100
[   94.257840][ T1933]  ? lockref_get_not_dead+0x4a/0x60
[   94.263046][ T1933]  path_openat+0x7e3/0x2360
[   94.268072][ T1933]  ? __kasan_slab_alloc+0x1/0x80
[   94.273259][ T1933]  ? do_syscall_64+0x33/0x80
[   94.278527][ T1933]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   94.284791][ T1933]  ? path_lookupat+0x6b0/0x6b0
[   94.289631][ T1933]  ? futex_wake+0x2fa/0x3f0
[   94.294248][ T1933]  ? futex_wait_restart+0x210/0x210
[   94.299928][ T1933]  ? stack_trace_save+0x8c/0xc0
[   94.304982][ T1933]  ? find_held_lock+0x2d/0x110
[   94.309810][ T1933]  do_filp_open+0x199/0x3d0
[   94.314406][ T1933]  ? may_open_dev+0xd0/0xd0
[   94.318872][ T1933]  ? do_raw_spin_lock+0x120/0x2b0
[   94.324421][ T1933]  ? rwlock_bug.part.0+0x90/0x90
[   94.329681][ T1933]  ? lock_acquire+0x11a/0x250
[   94.334435][ T1933]  ? _raw_spin_unlock+0x1a/0x30
[   94.339283][ T1933]  ? alloc_fd+0x17c/0x4e0
[   94.343822][ T1933]  ? getname_flags.part.0+0x89/0x440
[   94.349304][ T1933]  do_sys_openat2+0x11e/0x400
[   94.353958][ T1933]  ? build_open_flags+0x490/0x490
[   94.359071][ T1933]  ? lock_downgrade+0x4f0/0x4f0
[   94.364014][ T1933]  __x64_sys_openat+0x11b/0x1d0
[   94.369209][ T1933]  ? __ia32_sys_open+0x190/0x190
[   94.374408][ T1933]  ? vtime_user_exit+0xde/0x180
[   94.379573][ T1933]  ? trace_user_exit.constprop.0+0x25/0xc0
[   94.385374][ T1933]  do_syscall_64+0x33/0x80
[   94.389792][ T1933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   94.395913][ T1933] RIP: 0033:0x7f25aa77dca9
[   94.400333][ T1933] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   94.421318][ T1933] RSP: 002b:00007f25aa2ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   94.430544][ T1933] RAX: ffffffffffffffda RBX: 00007f25aa8abf80 RCX: 00007f25aa77dca9
[   94.439115][ T1933] RDX: 0000000000002c41 RSI: 0000000020000040 RDI: ffffffffffffff9c
[   94.447254][ T1933] RBP: 00007f25aa7c947e R08: 0000000000000000 R09: 0000000000000000
[   94.455976][ T1933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.464323][ T1933] R13: 0000000000000006 R14: 00007f25aa8abf80 R15: 00007ffcbf2222f8
[   94.473190][ T1933]  </TASK>
[   94.476563][ T1933] 
[   94.478879][ T1933] The buggy address belongs to the page:
[   94.485047][ T1933] page:ffffea0001b5ea80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6d7aa
[   94.496303][ T1933] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   94.504941][ T1933] raw: 00fff00000000000 ffffea0001b5ec48 ffffea0001b5f008 0000000000000000
[   94.513719][ T1933] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   94.522552][ T1933] page dumped because: kasan: bad access detected
[   94.529143][ T1933] page_owner tracks the page as freed
[   94.534691][ T1933] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 1933, ts 67808269233, free_ts 67810166833
[   94.550420][ T1933]  get_page_from_freelist+0x12d1/0x2d40
[   94.555951][ T1933]  __alloc_pages+0x1b2/0x440
[   94.560528][ T1933]  alloc_pages_vma+0xe0/0x650
[   94.565302][ T1933]  __handle_mm_fault+0x1ce9/0x33c0
[   94.570523][ T1933]  handle_mm_fault+0x1c5/0x5b0
[   94.575364][ T1933]  do_user_addr_fault+0x298/0xc80
[   94.580454][ T1933]  exc_page_fault+0x5a/0xb0
[   94.585140][ T1933]  asm_exc_page_fault+0x22/0x30
[   94.590268][ T1933] page last free stack trace:
[   94.595011][ T1933]  free_pcp_prepare+0x379/0x850
[   94.600185][ T1933]  free_unref_page_list+0x16f/0xbd0
[   94.605625][ T1933]  release_pages+0xb3a/0x1480
[   94.610832][ T1933]  tlb_finish_mmu+0x127/0x790
[   94.615879][ T1933]  unmap_region+0x298/0x390
[   94.620470][ T1933]  __do_munmap+0x481/0x10c0
[   94.625099][ T1933]  __vm_munmap+0xd2/0x1a0
[   94.629670][ T1933]  __x64_sys_munmap+0x5d/0x80
[   94.634540][ T1933]  do_syscall_64+0x33/0x80
[   94.639171][ T1933]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   94.645211][ T1933] 
[   94.647546][ T1933] Memory state around the buggy address:
[   94.653291][ T1933]  ffff88806d7aa080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   94.661432][ T1933]  ffff88806d7aa100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   94.669651][ T1933] >ffff88806d7aa180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   94.677781][ T1933]                                               ^
[   94.684350][ T1933]  ffff88806d7aa200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   94.692670][ T1933]  ffff88806d7aa280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   94.701187][ T1933] ==================================================================
[   94.709591][ T1933] Disabling lock debugging due to kernel taint
[   94.716046][ T1933] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   94.724118][ T1933] Kernel Offset: disabled
[   94.728499][ T1933] Rebooting in 86400 seconds..