Warning: Permanently added '[localhost]:7221' (ED25519) to the list of known hosts.
2024/03/25 02:51:54 ignoring optional flag "sandboxArg"="0"
2024/03/25 02:51:54 parsed 1 programs
[   82.877920][   T38] kauditd_printk_skb: 73 callbacks suppressed
[   82.877935][   T38] audit: type=1400 audit(1711335114.644:207): avc:  denied  { getattr } for  pid=5412 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   82.914812][   T38] audit: type=1400 audit(1711335114.684:208): avc:  denied  { mounton } for  pid=5420 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   82.924934][   T38] audit: type=1400 audit(1711335114.684:209): avc:  denied  { mount } for  pid=5420 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   82.937033][   T38] audit: type=1400 audit(1711335114.704:210): avc:  denied  { read write } for  pid=5420 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   82.948131][   T38] audit: type=1400 audit(1711335114.704:211): avc:  denied  { open } for  pid=5420 comm="syz-executor" path="/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   83.013123][   T38] audit: type=1400 audit(1711335114.784:212): avc:  denied  { unlink } for  pid=5420 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   83.516700][   T38] audit: type=1400 audit(1711335115.284:213): avc:  denied  { relabelto } for  pid=5424 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   84.606015][ T5420] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2024/03/25 02:51:56 executed programs: 0
[   84.679743][   T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   84.684373][   T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   84.688737][   T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.694414][   T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.698192][   T64] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   84.701679][   T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   84.714642][   T38] audit: type=1400 audit(1711335116.484:214): avc:  denied  { mounton } for  pid=5430 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   84.874921][ T5430] chnl_net:caif_netlink_parms(): no params data found
[   84.989183][ T5430] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.992647][ T5430] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.995943][ T5430] bridge_slave_0: entered allmulticast mode
[   85.000143][ T5430] bridge_slave_0: entered promiscuous mode
[   85.005734][ T5430] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.009088][ T5430] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.012520][ T5430] bridge_slave_1: entered allmulticast mode
[   85.016995][ T5430] bridge_slave_1: entered promiscuous mode
[   85.071827][ T5430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.078787][ T5430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.126568][ T5430] team0: Port device team_slave_0 added
[   85.136950][ T5430] team0: Port device team_slave_1 added
[   85.197187][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.200762][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.212937][ T5430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.219802][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.223652][   T38] audit: type=1400 audit(1711335117.004:215): avc:  denied  { search } for  pid=4669 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   85.223847][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.244458][ T5430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.314163][ T5430] hsr_slave_0: entered promiscuous mode
[   85.317847][ T5430] hsr_slave_1: entered promiscuous mode
[   85.998142][ T5430] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   86.007127][ T5430] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   86.015886][ T5430] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.022673][ T5430] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   86.108908][ T5430] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.127946][ T5430] 8021q: adding VLAN 0 to HW filter on device team0
[   86.138735][  T826] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.142143][  T826] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.163338][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.166271][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.197073][ T5430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.241205][   T38] audit: type=1400 audit(1711335118.014:216): avc:  denied  { sys_module } for  pid=5430 comm="syz-executor.0" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   86.344111][ T5430] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.382677][ T5430] veth0_vlan: entered promiscuous mode
[   86.391365][ T5430] veth1_vlan: entered promiscuous mode
[   86.418902][ T5430] veth0_macvtap: entered promiscuous mode
[   86.441268][ T5430] veth1_macvtap: entered promiscuous mode
[   86.456136][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.467096][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.475511][ T5430] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.479195][ T5430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.485407][ T5430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.489687][ T5430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.554006][   T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.557954][   T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.587588][   T44] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.592924][   T44] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.633595][ T5481] loop0: detected capacity change from 0 to 128
[   86.644157][ T5481] VFS: Found a Xenix FS (block size = 1024) on device loop0
[   86.653654][ T5481] sysv_free_block: flc_count > flc_size
[   86.657095][ T5481] sysv_free_block: flc_count > flc_size
[   86.660403][ T5481] sysv_free_block: flc_count > flc_size
[   86.663297][ T5481] sysv_free_block: flc_count > flc_size
[   86.666082][ T5481] sysv_free_block: flc_count > flc_size
[   86.671012][ T5481] sysv_free_block: flc_count > flc_size
[   86.673532][ T5481] sysv_free_block: flc_count > flc_size
[   86.676793][ T5481] sysv_free_block: flc_count > flc_size
[   86.679267][ T5481] sysv_free_block: flc_count > flc_size
[   86.682011][ T5481] sysv_free_block: flc_count > flc_size
[   86.691210][ T5481] ==================================================================
[   86.695177][ T5481] BUG: KASAN: use-after-free in sysv_new_block+0x7a7/0xa50
[   86.698447][ T5481] Read of size 4 at addr ffff88803ef970c8 by task syz-executor.0/5481
[   86.701893][ T5481] 
[   86.702787][ T5481] CPU: 2 PID: 5481 Comm: syz-executor.0 Not tainted 6.9.0-rc1-syzkaller-g4cece7649650 #0
[   86.707170][ T5481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   86.713052][ T5481] Call Trace:
[   86.714654][ T5481]  <TASK>
[   86.716091][ T5481]  dump_stack_lvl+0x116/0x1f0
[   86.718551][ T5481]  print_report+0xc3/0x620
[   86.720590][ T5481]  ? __virt_addr_valid+0x5e/0x580
[   86.722920][ T5481]  ? __phys_addr+0xc6/0x150
[   86.725022][ T5481]  kasan_report+0xd9/0x110
[   86.726855][ T5481]  ? sysv_new_block+0x7a7/0xa50
[   86.728521][ T5481]  ? sysv_new_block+0x7a7/0xa50
[   86.730273][ T5481]  sysv_new_block+0x7a7/0xa50
[   86.732204][ T5481]  get_block+0x261/0x15a0
[   86.733999][ T5481]  ? __pfx_get_block+0x10/0x10
[   86.736398][ T5481]  ? __pfx_lock_release+0x10/0x10
[   86.739008][ T5481]  ? do_raw_spin_lock+0x12d/0x2c0
[   86.741494][ T5481]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   86.744134][ T5481]  ? _raw_spin_unlock+0x28/0x50
[   86.746415][ T5481]  ? create_empty_buffers+0x3a5/0x480
[   86.748956][ T5481]  ? __pfx_get_block+0x10/0x10
[   86.751123][ T5481]  __block_write_begin_int+0x4fb/0x16e0
[   86.754277][ T5481]  ? __pfx_get_block+0x10/0x10
[   86.756592][ T5481]  ? __pfx___block_write_begin_int+0x10/0x10
[   86.759648][ T5481]  block_write_begin+0xb1/0x4a0
[   86.762407][ T5481]  ? __pfx_get_block+0x10/0x10
[   86.764801][ T5481]  sysv_write_begin+0x31/0xe0
[   86.767097][ T5481]  generic_perform_write+0x272/0x620
[   86.769600][ T5481]  ? __pfx_generic_perform_write+0x10/0x10
[   86.772319][ T5481]  ? generic_write_checks+0x2f3/0x460
[   86.775373][ T5481]  __generic_file_write_iter+0x1fd/0x240
[   86.778623][ T5481]  generic_file_write_iter+0xe7/0x350
[   86.781368][ T5481]  vfs_write+0x6db/0x1100
[   86.783390][ T5481]  ? __pfx_vfs_write+0x10/0x10
[   86.785616][ T5481]  ? __pfx___mutex_lock+0x10/0x10
[   86.787940][ T5481]  ? __fget_files+0x256/0x400
[   86.790078][ T5481]  ksys_write+0x12f/0x260
[   86.792167][ T5481]  ? __pfx_ksys_write+0x10/0x10
[   86.794834][ T5481]  do_syscall_64+0xd2/0x260
[   86.797303][ T5481]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   86.800424][ T5481] RIP: 0033:0x7f05cc87dda9
[   86.802749][ T5481] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   86.811561][ T5481] RSP: 002b:00007f05cd5b50c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   86.815379][ T5481] RAX: ffffffffffffffda RBX: 00007f05cc9abf80 RCX: 00007f05cc87dda9
[   86.819010][ T5481] RDX: 00000000fffffe45 RSI: 00000000200000c0 RDI: 0000000000000004
[   86.822720][ T5481] RBP: 00007f05cc8ca47a R08: 0000000000000000 R09: 0000000000000000
[   86.825942][ T5481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.829518][ T5481] R13: 000000000000000b R14: 00007f05cc9abf80 R15: 00007ffde71a97d8
[   86.833304][ T5481]  </TASK>
[   86.834813][ T5481] 
[   86.836121][ T5481] The buggy address belongs to the physical page:
[   86.839603][ T5481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x3ef97
[   86.843822][ T5481] flags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)
[   86.847002][ T5481] page_type: 0xffffffff()
[   86.848856][ T5481] raw: 00fff80000000000 dead000000000100 dead000000000122 0000000000000000
[   86.852349][ T5481] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   86.856588][ T5481] page dumped because: kasan: bad access detected
[   86.859913][ T5481] page_owner tracks the page as freed
[   86.862095][ T5481] page last allocated via order 9, migratetype Movable, gfp_mask 0x3d24ca(GFP_TRANSHUGE|__GFP_NORETRY|__GFP_THISNODE), pid 5190, tgid 5190 (syz-fuzzer), ts 63658266884, free_ts 66393138789
[   86.870639][ T5481]  post_alloc_hook+0x2d4/0x350
[   86.873092][ T5481]  get_page_from_freelist+0xa28/0x3780
[   86.875779][ T5481]  __alloc_pages+0x22b/0x2460
[   86.878054][ T5481]  alloc_pages_mpol+0x22e/0x610
[   86.880446][ T5481]  vma_alloc_folio+0xad/0x160
[   86.882779][ T5481]  do_huge_pmd_anonymous_page+0x243/0x2180
[   86.885585][ T5481]  __handle_mm_fault+0x21fb/0x4b40
[   86.887926][ T5481]  handle_mm_fault+0x476/0xa00
[   86.890183][ T5481]  do_user_addr_fault+0x426/0x1080
[   86.892573][ T5481]  exc_page_fault+0x5c/0xc0
[   86.894720][ T5481]  asm_exc_page_fault+0x26/0x30
[   86.897123][ T5481] page last free pid 5198 tgid 5190 stack trace:
[   86.900156][ T5481]  free_unref_page_prepare+0x527/0xb10
[   86.903039][ T5481]  free_unref_folios+0xf4/0xad0
[   86.905839][ T5481]  folios_put_refs+0x49c/0x750
[   86.908014][ T5481]  free_pages_and_swap_cache+0x25b/0x4b0
[   86.910412][ T5481]  __tlb_batch_free_encoded_pages+0xf9/0x290
[   86.912839][ T5481]  tlb_finish_mmu+0x168/0x7b0
[   86.914931][ T5481]  exit_mmap+0x3da/0xb90
[   86.916790][ T5481]  __mmput+0x12a/0x4d0
[   86.918681][ T5481]  mmput+0x62/0x70
[   86.920382][ T5481]  do_exit+0x999/0x2c10
[   86.922279][ T5481]  do_group_exit+0xd3/0x2a0
[   86.924584][ T5481]  __x64_sys_exit_group+0x3e/0x50
[   86.926714][ T5481]  do_syscall_64+0xd2/0x260
[   86.928554][ T5481]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   86.931367][ T5481] 
[   86.932478][ T5481] Memory state around the buggy address:
[   86.935122][ T5481]  ffff88803ef96f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.938974][ T5481]  ffff88803ef97000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.942421][ T5481] >ffff88803ef97080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.945996][ T5481]                                               ^
[   86.948803][ T5481]  ffff88803ef97100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.952482][ T5481]  ffff88803ef97180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.956271][ T5481] ==================================================================
[   86.962261][ T4632] Bluetooth: hci0: command tx timeout
[   86.964450][ T5481] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   86.964461][ T5481] CPU: 0 PID: 5481 Comm: syz-executor.0 Not tainted 6.9.0-rc1-syzkaller-g4cece7649650 #0
[   86.964478][ T5481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   86.964487][ T5481] Call Trace:
[   86.964492][ T5481]  <TASK>
[   86.964498][ T5481]  dump_stack_lvl+0x3d/0x1f0
[   86.964527][ T5481]  panic+0x6f5/0x7a0
[   86.964546][ T5481]  ? __pfx_panic+0x10/0x10
[   86.964561][ T5481]  ? preempt_schedule_thunk+0x1a/0x30
[   86.964576][ T5481]  ? preempt_schedule_common+0x44/0xc0
[   86.964597][ T5481]  ? check_panic_on_warn+0x1f/0xb0
[   86.964617][ T5481]  check_panic_on_warn+0xab/0xb0
[   86.964640][ T5481]  end_report+0x117/0x180
[   86.964658][ T5481]  kasan_report+0xe9/0x110
[   86.964676][ T5481]  ? sysv_new_block+0x7a7/0xa50
[   86.964692][ T5481]  ? sysv_new_block+0x7a7/0xa50
[   86.964709][ T5481]  sysv_new_block+0x7a7/0xa50
[   86.964725][ T5481]  get_block+0x261/0x15a0
[   86.964745][ T5481]  ? __pfx_get_block+0x10/0x10
[   86.964761][ T5481]  ? __pfx_lock_release+0x10/0x10
[   86.964784][ T5481]  ? do_raw_spin_lock+0x12d/0x2c0
[   86.964801][ T5481]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   86.964818][ T5481]  ? _raw_spin_unlock+0x28/0x50
[   86.964838][ T5481]  ? create_empty_buffers+0x3a5/0x480
[   86.964860][ T5481]  ? __pfx_get_block+0x10/0x10
[   86.964876][ T5481]  __block_write_begin_int+0x4fb/0x16e0
[   86.964901][ T5481]  ? __pfx_get_block+0x10/0x10
[   87.032026][ T5481]  ? __pfx___block_write_begin_int+0x10/0x10
[   87.034751][ T5481]  block_write_begin+0xb1/0x4a0
[   87.037060][ T5481]  ? __pfx_get_block+0x10/0x10
[   87.039456][ T5481]  sysv_write_begin+0x31/0xe0
[   87.041994][ T5481]  generic_perform_write+0x272/0x620
[   87.044772][ T5481]  ? __pfx_generic_perform_write+0x10/0x10
[   87.047757][ T5481]  ? generic_write_checks+0x2f3/0x460
[   87.049900][ T5481]  __generic_file_write_iter+0x1fd/0x240
[   87.052289][ T5481]  generic_file_write_iter+0xe7/0x350
[   87.054819][ T5481]  vfs_write+0x6db/0x1100
[   87.056912][ T5481]  ? __pfx_vfs_write+0x10/0x10
[   87.059382][ T5481]  ? __pfx___mutex_lock+0x10/0x10
[   87.061566][ T5481]  ? __fget_files+0x256/0x400
[   87.063804][ T5481]  ksys_write+0x12f/0x260
[   87.066470][ T5481]  ? __pfx_ksys_write+0x10/0x10
[   87.070034][ T5481]  do_syscall_64+0xd2/0x260
[   87.072206][ T5481]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   87.074715][ T5481] RIP: 0033:0x7f05cc87dda9
[   87.076598][ T5481] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   87.084729][ T5481] RSP: 002b:00007f05cd5b50c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   87.088403][ T5481] RAX: ffffffffffffffda RBX: 00007f05cc9abf80 RCX: 00007f05cc87dda9
[   87.091632][ T5481] RDX: 00000000fffffe45 RSI: 00000000200000c0 RDI: 0000000000000004
[   87.095095][ T5481] RBP: 00007f05cc8ca47a R08: 0000000000000000 R09: 0000000000000000
[   87.099569][ T5481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.103647][ T5481] R13: 000000000000000b R14: 00007f05cc9abf80 R15: 00007ffde71a97d8
[   87.107293][ T5481]  </TASK>
[   87.119112][ T5481] Kernel Offset: disabled
[   87.121201][ T5481] Rebooting in 86400 seconds..