Warning: Permanently added '10.128.0.79' (ED25519) to the list of known hosts.
2024/08/18 00:39:07 ignoring optional flag "sandboxArg"="0"
2024/08/18 00:39:07 parsed 1 programs
2024/08/18 00:39:07 executed programs: 0
[ 48.284533][ T419] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.291558][ T419] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.299058][ T419] device bridge_slave_0 entered promiscuous mode
[ 48.308099][ T419] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.315362][ T419] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.322859][ T419] device bridge_slave_1 entered promiscuous mode
[ 48.375051][ T426] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.382036][ T426] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.389642][ T426] device bridge_slave_0 entered promiscuous mode
[ 48.398428][ T426] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.405459][ T426] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.412971][ T426] device bridge_slave_1 entered promiscuous mode
[ 48.514198][ T418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.521265][ T418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.529057][ T418] device bridge_slave_0 entered promiscuous mode
[ 48.554992][ T418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.562008][ T418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.569710][ T418] device bridge_slave_1 entered promiscuous mode
[ 48.614436][ T427] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.621421][ T427] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.629039][ T427] device bridge_slave_0 entered promiscuous mode
[ 48.640276][ T427] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.647952][ T427] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.655870][ T427] device bridge_slave_1 entered promiscuous mode
[ 48.684693][ T424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.692458][ T424] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.699885][ T424] device bridge_slave_0 entered promiscuous mode
[ 48.707097][ T424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.714074][ T424] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.721739][ T424] device bridge_slave_1 entered promiscuous mode
[ 48.728214][ T425] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.735125][ T425] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.742511][ T425] device bridge_slave_0 entered promiscuous mode
[ 48.774162][ T425] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.781332][ T425] bridge0: port 2(bridge_slave_1) entered disabled state
[ 48.788895][ T425] device bridge_slave_1 entered promiscuous mode
[ 48.914816][ T426] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.921683][ T426] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.928798][ T426] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.935676][ T426] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 48.964375][ T419] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.971344][ T419] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.978549][ T419] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.985412][ T419] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.068433][ T418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.075393][ T418] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.082627][ T418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.089446][ T418] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.103037][ T424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.109875][ T424] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.117054][ T424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.123993][ T424] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.137993][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 49.145432][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 49.152492][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 49.160355][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 49.167688][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 49.175008][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 49.182477][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 49.190104][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 49.198185][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 49.224600][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 49.232697][ T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.239543][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.246840][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 49.255177][ T24] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.262026][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.301582][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 49.308971][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 49.316879][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 49.325073][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 49.333827][ T5] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.340638][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.348622][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 49.356774][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 49.365133][ T5] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.372064][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.391882][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 49.399463][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 49.434206][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 49.444270][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 49.453290][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 49.461299][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 49.469305][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 49.477581][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 49.485641][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 49.494068][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 49.526267][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 49.534097][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 49.543370][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 49.551106][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 49.558832][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 49.567307][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 49.575610][ T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.582499][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.589691][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 49.598366][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 49.606871][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 49.615067][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 49.623366][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 49.632593][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 49.641822][ T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.650315][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.674816][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 49.683897][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 49.693242][ T124] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.700074][ T124] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.707548][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 49.716407][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 49.725004][ T124] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.732367][ T124] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.739754][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 49.779806][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 49.788275][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 49.796823][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 49.805758][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 49.814156][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 49.822200][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 49.830006][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 49.837479][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 49.844969][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 49.853217][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 49.861305][ T107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.868130][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.876833][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 49.885315][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 49.893430][ T107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.900245][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.907597][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 49.916065][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 49.953534][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 49.963560][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 49.971825][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 49.980126][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 49.988558][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 49.996932][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 50.005535][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 50.035196][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 50.043483][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 50.051793][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 50.060041][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 50.068569][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 50.076913][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 50.085133][ T124] bridge0: port 1(bridge_slave_0) entered blocking state
[ 50.091978][ T124] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 50.099145][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 50.107749][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 50.115954][ T124] bridge0: port 2(bridge_slave_1) entered blocking state
[ 50.122814][ T124] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 50.130057][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 50.138305][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 50.156067][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 50.164789][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 50.186111][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 50.194094][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 50.202319][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 50.238278][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 50.248017][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 50.256871][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 50.266650][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 50.275299][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 50.301565][ T23] kauditd_printk_skb: 15 callbacks suppressed
[ 50.301576][ T23] audit: type=1400 audit(1723941549.540:91): avc: denied { sys_admin } for pid=451 comm="syz-executor.0" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 50.330109][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 50.341631][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 50.350108][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 50.359005][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 50.367393][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 50.375627][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 50.383928][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 50.392830][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 50.401028][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 50.421308][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 50.429636][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 50.439484][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 50.448786][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 50.457749][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 50.465841][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 50.492799][ T23] audit: type=1400 audit(1723941549.730:92): avc: denied { mounton } for pid=425 comm="syz-executor.3" path="/dev/binderfs" dev="devtmpfs" ino=10045 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 50.580127][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 50.592666][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 50.615112][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 50.626096][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 50.669778][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 50.683719][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 50.727312][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 50.741633][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 50.774388][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 50.784380][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2024/08/18 00:39:12 executed programs: 173
[ 56.442799][ T2155] ==================================================================
[ 56.450741][ T2155] BUG: KASAN: use-after-free in enqueue_timer+0xb7/0x300
[ 56.458019][ T2155] Write of size 8 at addr ffff8881dcdab1c8 by task syz-executor.5/2155
[ 56.466406][ T2155]
[ 56.468591][ T2155] CPU: 1 PID: 2155 Comm: syz-executor.5 Not tainted 5.4.278-syzkaller-04929-g8edc449e71a9 #0
[ 56.478557][ T2155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 56.488465][ T2155] Call Trace:
[ 56.491688][ T2155] dump_stack+0x1d8/0x241
[ 56.496167][ T2155] ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 56.501819][ T2155] ? printk+0xd1/0x111
[ 56.505711][ T2155] ? enqueue_timer+0xb7/0x300
[ 56.510666][ T2155] ? wake_up_klogd+0xb2/0xf0
[ 56.515202][ T2155] ? enqueue_timer+0xb7/0x300
[ 56.519695][ T2155] print_address_description+0x8c/0x600
[ 56.525184][ T2155] ? panic+0x89d/0x89d
[ 56.529087][ T2155] ? enqueue_timer+0xb7/0x300
[ 56.533601][ T2155] __kasan_report+0xf3/0x120
[ 56.538029][ T2155] ? enqueue_timer+0xb7/0x300
[ 56.542537][ T2155] kasan_report+0x30/0x60
[ 56.546704][ T2155] enqueue_timer+0xb7/0x300
[ 56.551047][ T2155] internal_add_timer+0x240/0x430
[ 56.555997][ T2155] __mod_timer+0x6f1/0x13e0
[ 56.560334][ T2155] ? mod_timer_pending+0x20/0x20
[ 56.565105][ T2155] ? selinux_tun_dev_alloc_security+0x4d/0x130
[ 56.571121][ T2155] ? selinux_tun_dev_alloc_security+0x5e/0x130
[ 56.577084][ T2155] ? init_timer_key+0x2d/0x1f0
[ 56.581779][ T2155] tun_net_init+0x287/0x540
[ 56.586346][ T2155] register_netdevice+0x1c0/0x12a0
[ 56.591474][ T2155] ? netdev_update_lockdep_key+0x10/0x10
[ 56.597111][ T2155] ? memset+0x1f/0x40
[ 56.600927][ T2155] tun_set_iff+0x7f7/0xdc0
[ 56.605355][ T2155] __tun_chr_ioctl+0x8a9/0x1d00
[ 56.610478][ T2155] ? tun_flow_create+0x250/0x250
[ 56.615306][ T2155] ? tun_chr_poll+0x670/0x670
[ 56.619819][ T2155] do_vfs_ioctl+0x742/0x1720
[ 56.624257][ T2155] ? ioctl_preallocate+0x250/0x250
[ 56.629202][ T2155] ? __fget+0x407/0x490
[ 56.633185][ T2155] ? fget_many+0x20/0x20
[ 56.637271][ T2155] ? switch_fpu_return+0x1d4/0x410
[ 56.642217][ T2155] ? security_file_ioctl+0x7d/0xa0
[ 56.647201][ T2155] __x64_sys_ioctl+0xd4/0x110
[ 56.651865][ T2155] do_syscall_64+0xca/0x1c0
[ 56.656378][ T2155] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 56.662206][ T2155] RIP: 0033:0x7f261fa42a29
[ 56.666446][ T2155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 56.686005][ T2155] RSP: 002b:00007f261f9c80c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 56.694307][ T2155] RAX: ffffffffffffffda RBX: 00007f261fb54f80 RCX: 00007f261fa42a29
[ 56.702115][ T2155] RDX: 0000000020000040 RSI: 00000000400454ca RDI: 0000000000000003
[ 56.710028][ T2155] RBP: 00007f261fa9e2d0 R08: 0000000000000000 R09: 0000000000000000
[ 56.717844][ T2155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 56.725827][ T2155] R13: 000000000000000b R14: 00007f261fb54f80 R15: 00007ffed99f91e8
[ 56.733744][ T2155]
[ 56.735939][ T2155] The buggy address belongs to the page:
[ 56.741697][ T2155] page:ffffea0007736ac0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[ 56.750713][ T2155] flags: 0x8000000000000000()
[ 56.755405][ T2155] raw: 8000000000000000 0000000000000000 dead000000000122 0000000000000000
[ 56.763816][ T2155] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 56.772314][ T2155] page dumped because: kasan: bad access detected
[ 56.778802][ T2155] page_owner tracks the page as freed
[ 56.784131][ T2155] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x146dc0(GFP_USER|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP|__GFP_ZERO)
[ 56.798350][ T2155] prep_new_page+0x18f/0x370
[ 56.802773][ T2155] get_page_from_freelist+0x2d13/0x2d90
[ 56.808278][ T2155] __alloc_pages_nodemask+0x393/0x840
[ 56.813498][ T2155] kmalloc_order_trace+0x2a/0x100
[ 56.818429][ T2155] kvmalloc_node+0x7e/0xf0
[ 56.822687][ T2155] alloc_netdev_mqs+0x85/0xc70
[ 56.827374][ T2155] tun_set_iff+0x51f/0xdc0
[ 56.831629][ T2155] __tun_chr_ioctl+0x8a9/0x1d00
[ 56.836308][ T2155] do_vfs_ioctl+0x742/0x1720
[ 56.840752][ T2155] __x64_sys_ioctl+0xd4/0x110
[ 56.845430][ T2155] do_syscall_64+0xca/0x1c0
[ 56.849764][ T2155] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 56.855658][ T2155] page last free stack trace:
[ 56.860185][ T2155] __free_pages_ok+0x847/0x950
[ 56.864779][ T2155] __free_pages+0x91/0x140
[ 56.869130][ T2155] device_release+0x6b/0x190
[ 56.873637][ T2155] kobject_put+0x1e6/0x2f0
[ 56.877885][ T2155] tun_set_iff+0x870/0xdc0
[ 56.882227][ T2155] __tun_chr_ioctl+0x8a9/0x1d00
[ 56.886920][ T2155] do_vfs_ioctl+0x742/0x1720
[ 56.891470][ T2155] __x64_sys_ioctl+0xd4/0x110
[ 56.895952][ T2155] do_syscall_64+0xca/0x1c0
[ 56.900279][ T2155] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 56.906174][ T2155]
[ 56.908359][ T2155] Memory state around the buggy address:
[ 56.913829][ T2155] ffff8881dcdab080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.921922][ T2155] ffff8881dcdab100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.929803][ T2155] >ffff8881dcdab180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.937883][ T2155] ^
[ 56.944137][ T2155] ffff8881dcdab200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.952124][ T2155] ffff8881dcdab280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.960103][ T2155] ==================================================================
[ 56.968001][ T2155] Disabling lock debugging due to kernel taint
2024/08/18 00:39:17 executed programs: 448
[ 60.971269][ C1] kasan: CONFIG_KASAN_INLINE enabled
[ 60.976396][ C1] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 60.985205][ C1] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 60.991943][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.4.278-syzkaller-04929-g8edc449e71a9 #0
[ 61.003403][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 61.013549][ C1] RIP: 0010:__run_timers+0x7b0/0xbe0
[ 61.018666][ C1] Code: 89 e7 e8 b3 4f 3f 00 4d 89 2c 24 4d 85 ed 74 2e e8 e5 68 0f 00 49 83 c5 08 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ef e8 82 4f 3f 00 4d 89 65 00 eb 05 e8 b7
[ 61.038482][ C1] RSP: 0018:ffff8881f6f09d60 EFLAGS: 00010802
[ 61.044635][ C1] RAX: 1bd5a00000000025 RBX: 1ffff1103b9b5639 RCX: dffffc0000000000
[ 61.052560][ C1] RDX: 0000000000000102 RSI: 0000000000000008 RDI: ffff8881dcdab1c8
[ 61.060438][ C1] RBP: ffff8881f6f09ec8 R08: dffffc0000000000 R09: 0000000000000003
[ 61.068345][ C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881f6f09e20
[ 61.076386][ C1] R13: dead00000000012a R14: 1ffff1103b9b5638 R15: ffff8881dcdab1c8
[ 61.084295][ C1] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 61.093082][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 61.099474][ C1] CR2: 0000000000002700 CR3: 00000001dae6a000 CR4: 00000000003406a0
[ 61.107459][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 61.115353][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 61.123157][ C1] Call Trace:
[ 61.126374][ C1]
[ 61.129100][ C1] ? __die+0xb4/0x100
[ 61.132887][ C1] ? die+0x26/0x50
[ 61.136451][ C1] ? do_general_protection+0x266/0x3c0
[ 61.141834][ C1] ? do_trap+0x340/0x340
[ 61.145920][ C1] ? round_jiffies+0x99/0xb0
[ 61.150425][ C1] ? general_protection+0x28/0x30
[ 61.155294][ C1] ? __run_timers+0x7b0/0xbe0
[ 61.159900][ C1] ? enqueue_timer+0x300/0x300
[ 61.164489][ C1] ? check_preemption_disabled+0x9f/0x320
[ 61.170041][ C1] ? debug_smp_processor_id+0x20/0x20
[ 61.175246][ C1] ? lapic_next_event+0x5b/0x70
[ 61.179950][ C1] run_timer_softirq+0x63/0xf0
[ 61.184630][ C1] __do_softirq+0x23b/0x6b7
[ 61.188962][ C1] ? sched_clock_cpu+0x18/0x3a0
[ 61.193662][ C1] irq_exit+0x195/0x1c0
[ 61.197801][ C1] smp_apic_timer_interrupt+0x11a/0x460
[ 61.203194][ C1] apic_timer_interrupt+0xf/0x20
[ 61.207946][ C1]
[ 61.210905][ C1] RIP: 0010:default_idle+0x1f/0x30
[ 61.216024][ C1] Code: 90 90 90 90 90 90 90 90 90 90 90 e8 5b 61 e0 fd bf 01 00 00 00 89 c6 e8 7f a8 d7 fc 0f 1f 44 00 00 0f 00 2d 93 b7 53 00 fb f4 3c 61 e0 fd bf ff ff ff ff 89 c6 e9 60 a8 d7 fc 41 57 41 56 53
[ 61.235686][ C1] RSP: 0018:ffff8881f5dffd78 EFLAGS: 000002d2 ORIG_RAX: ffffffffffffff13
[ 61.243905][ C1] RAX: 0000000000000001 RBX: dffffc0000000000 RCX: ffff8881f5dcde80
[ 61.251735][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 61.259529][ C1] RBP: ffff8881f5dffe80 R08: ffffffff823169a1 R09: ffffed103ebb9bd1
[ 61.267520][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffff85eb6ce8
[ 61.275319][ C1] R13: ffff8881f5dcde80 R14: 1ffff1103ebb9bd0 R15: 0000000000000001
[ 61.283143][ C1] ? check_preemption_disabled+0x91/0x320
[ 61.288692][ C1] ? default_idle+0x11/0x30
[ 61.293031][ C1] do_idle+0x248/0x660
[ 61.296938][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 61.302056][ C1] ? __wake_up_locked+0xb7/0x110
[ 61.306829][ C1] ? complete+0x60/0xb0
[ 61.311253][ C1] cpu_startup_entry+0x14/0x20
[ 61.315922][ C1] start_secondary+0x3a5/0x460
[ 61.320526][ C1] ? native_play_dead+0x260/0x260
[ 61.325571][ C1] secondary_startup_64+0xa4/0xb0
[ 61.330576][ C1] Modules linked in:
[ 61.334445][ C1] ---[ end trace 3ea69b6d74d5f63b ]---
[ 61.339984][ C1] RIP: 0010:__run_timers+0x7b0/0xbe0
[ 61.345091][ C1] Code: 89 e7 e8 b3 4f 3f 00 4d 89 2c 24 4d 85 ed 74 2e e8 e5 68 0f 00 49 83 c5 08 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ef e8 82 4f 3f 00 4d 89 65 00 eb 05 e8 b7
[ 61.364879][ C1] RSP: 0018:ffff8881f6f09d60 EFLAGS: 00010802
[ 61.370867][ C1] RAX: 1bd5a00000000025 RBX: 1ffff1103b9b5639 RCX: dffffc0000000000
[ 61.379030][ C1] RDX: 0000000000000102 RSI: 0000000000000008 RDI: ffff8881dcdab1c8
[ 61.386972][ C1] RBP: ffff8881f6f09ec8 R08: dffffc0000000000 R09: 0000000000000003
[ 61.394808][ C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881f6f09e20
[ 61.402600][ C1] R13: dead00000000012a R14: 1ffff1103b9b5638 R15: ffff8881dcdab1c8
[ 61.410399][ C1] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 61.419258][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 61.425760][ C1] CR2: 0000000000002700 CR3: 00000001dae6a000 CR4: 00000000003406a0
[ 61.433655][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 61.441661][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 61.449646][ C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 61.457082][ C1] Kernel Offset: disabled
[ 61.461409][ C1] Rebooting in 86400 seconds..