Warning: Permanently added '10.128.15.195' (ECDSA) to the list of known hosts.
2023/05/12 16:40:25 ignoring optional flag "sandboxArg"="0"
2023/05/12 16:40:25 parsed 1 programs
2023/05/12 16:40:25 executed programs: 0
[   70.704863][ T4387] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   70.713549][ T4387] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   70.722297][ T4387] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   70.731054][ T4387] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   70.739117][ T4387] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   70.747004][ T4387] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   70.838447][ T5332] chnl_net:caif_netlink_parms(): no params data found
[   70.877821][ T5332] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.885255][ T5332] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.892880][ T5332] bridge_slave_0: entered allmulticast mode
[   70.900683][ T5332] bridge_slave_0: entered promiscuous mode
[   70.908209][ T5332] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.915378][ T5332] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.923087][ T5332] bridge_slave_1: entered allmulticast mode
[   70.930298][ T5332] bridge_slave_1: entered promiscuous mode
[   70.950920][ T5332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.962013][ T5332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.983849][ T5332] team0: Port device team_slave_0 added
[   70.991064][ T5332] team0: Port device team_slave_1 added
[   71.007728][ T5332] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.014698][ T5332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.041686][ T5332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.053766][ T5332] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.061135][ T5332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.089063][ T5332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.117564][ T5332] hsr_slave_0: entered promiscuous mode
[   71.124142][ T5332] hsr_slave_1: entered promiscuous mode
[   71.647071][ T5332] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   71.659124][ T5332] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   71.678363][ T5332] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   71.699750][ T5332] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   71.729796][ T5332] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.737001][ T5332] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.744462][ T5332] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.751699][ T5332] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.819891][ T5332] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.860776][ T5332] 8021q: adding VLAN 0 to HW filter on device team0
[   71.871846][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   71.917606][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.937514][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.997704][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   72.047532][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   72.058783][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   72.067528][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.074643][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.084190][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   72.094327][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   72.104589][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.111804][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.121238][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   72.135456][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   72.160692][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   72.171587][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   72.182167][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   72.191660][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   72.201745][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   72.210652][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   72.220891][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   72.231806][ T5332] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.246748][ T5332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   72.258200][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   72.268376][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   72.396847][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   72.404553][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   72.417449][ T5332] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.436075][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   72.447798][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   72.469367][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   72.478225][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   72.490158][ T5332] veth0_vlan: entered promiscuous mode
[   72.496994][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   72.505125][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   72.518140][ T5332] veth1_vlan: entered promiscuous mode
[   72.539406][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   72.550063][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   72.558781][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   72.568198][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   72.579587][ T5332] veth0_macvtap: entered promiscuous mode
[   72.589576][ T5332] veth1_macvtap: entered promiscuous mode
[   72.605025][ T5332] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.612778][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   72.622280][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   72.630390][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   72.639098][ T4995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   72.651163][ T5332] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.660224][ T4994] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   72.670332][ T4994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   72.680901][ T5332] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.692118][ T5332] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.701241][ T5332] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.711238][ T5332] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.774850][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.787175][ T4387] Bluetooth: hci0: command 0x0409 tx timeout
[   72.788406][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.819618][ T4994] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   72.830982][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.839969][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.850979][ T4994] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   72.913204][ T5413] loop0: detected capacity change from 0 to 2048
[   72.963476][ T5413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none.
[   73.000631][ T5413] ==================================================================
[   73.008821][ T5413] BUG: KASAN: use-after-free in ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.017626][ T5413] Read of size 20 at addr ffff88801cb021a3 by task syz-executor.0/5413
[   73.026049][ T5413] 
[   73.028384][ T5413] CPU: 0 PID: 5413 Comm: syz-executor.0 Not tainted 6.4.0-rc1-syzkaller #0
[   73.037155][ T5413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   73.047224][ T5413] Call Trace:
[   73.050769][ T5413]  <TASK>
[   73.053823][ T5413]  dump_stack_lvl+0x167/0x220
[   73.058506][ T5413]  ? nf_tcp_handle_invalid+0x4e0/0x4e0
[   73.064068][ T5413]  ? panic+0x540/0x540
[   73.068144][ T5413]  ? _printk+0xce/0x110
[   73.072337][ T5413]  print_report+0x163/0x540
[   73.076845][ T5413]  ? ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.083613][ T5413]  kasan_report+0x176/0x1b0
[   73.088128][ T5413]  ? ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.094464][ T5413]  kasan_check_range+0x283/0x290
[   73.099494][ T5413]  ? ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.105836][ T5413]  __asan_memcpy+0x29/0x70
[   73.110352][ T5413]  ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.116605][ T5413]  ? __down_write_common+0x161/0x200
[   73.121898][ T5413]  ? ext4_add_dirent_to_inline+0x460/0x460
[   73.127738][ T5413]  ? __ext4_journal_start_sb+0xc2/0x3c0
[   73.133304][ T5413]  ext4_convert_inline_data+0x3c4/0x4e0
[   73.139046][ T5413]  ? memalloc_retry_wait+0xb0/0xb0
[   73.144174][ T5413]  ext4_fallocate+0x13f/0x1a10
[   73.148978][ T5413]  ? rcu_read_lock_any_held+0xb7/0x160
[   73.154453][ T5413]  ? rcu_read_lock_bh_held+0x120/0x120
[   73.160024][ T5413]  ? memalloc_retry_wait+0xb0/0xb0
[   73.165157][ T5413]  vfs_fallocate+0x3ae/0x530
[   73.169756][ T5413]  __x64_sys_fallocate+0xaa/0xe0
[   73.174706][ T5413]  do_syscall_64+0x41/0xc0
[   73.179133][ T5413]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.185123][ T5413] RIP: 0033:0x7fd65668c0f9
[   73.189548][ T5413] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   73.209248][ T5413] RSP: 002b:00007fd657429168 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   73.217867][ T5413] RAX: ffffffffffffffda RBX: 00007fd6567abf80 RCX: 00007fd65668c0f9
[   73.225845][ T5413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   73.233827][ T5413] RBP: 00007fd6566e7b39 R08: 0000000000000000 R09: 0000000000000000
[   73.241889][ T5413] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000
[   73.249957][ T5413] R13: 00007fffcdb9de7f R14: 00007fd657429300 R15: 0000000000022000
[   73.257944][ T5413]  </TASK>
[   73.260969][ T5413] 
[   73.263465][ T5413] The buggy address belongs to the physical page:
[   73.269877][ T5413] page:ffffea000072c080 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1cb02
[   73.280033][ T5413] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   73.287147][ T5413] page_type: 0xffffffff()
[   73.291499][ T5413] raw: 00fff00000000000 0000000000000000 ffffea000072c088 0000000000000000
[   73.300192][ T5413] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   73.308863][ T5413] page dumped because: kasan: bad access detected
[   73.315453][ T5413] page_owner tracks the page as freed
[   73.321175][ T5413] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x1d2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 56, tgid 56 (kworker/u4:3), ts 55114806598, free_ts 72757937864
[   73.344017][ T5413]  get_page_from_freelist+0x321c/0x33a0
[   73.349811][ T5413]  __alloc_pages+0x255/0x670
[   73.354448][ T5413]  alloc_slab_page+0x6a/0x160
[   73.359128][ T5413]  new_slab+0x84/0x2f0
[   73.363202][ T5413]  ___slab_alloc+0xa85/0x10a0
[   73.367883][ T5413]  kmem_cache_alloc_node+0x1f3/0x350
[   73.373181][ T5413]  kmalloc_reserve+0x6f/0x1f0
[   73.377867][ T5413]  __alloc_skb+0x143/0x3b0
[   73.382381][ T5413]  __neigh_notify+0x77/0x100
[   73.387155][ T5413]  neigh_cleanup_and_release+0x5c/0x180
[   73.392704][ T5413]  neigh_flush_dev+0x14e/0x8f0
[   73.397478][ T5413]  __neigh_ifdown+0x40/0x350
[   73.402067][ T5413]  neigh_ifdown+0xb/0x10
[   73.406310][ T5413]  rt6_disable_ip+0x6e2/0x750
[   73.410991][ T5413]  addrconf_ifdown+0x143/0x1690
[   73.415977][ T5413]  addrconf_notify+0x1b3/0xcf0
[   73.420752][ T5413] page last free stack trace:
[   73.426045][ T5413]  free_unref_page_prepare+0x8fe/0xa10
[   73.433330][ T5413]  free_unref_page+0x37/0x3f0
[   73.438186][ T5413]  __unfreeze_partials+0x1b1/0x1f0
[   73.443303][ T5413]  put_cpu_partial+0x116/0x180
[   73.448336][ T5413]  qlist_free_all+0x22/0x60
[   73.452936][ T5413]  kasan_quarantine_reduce+0x14b/0x160
[   73.458401][ T5413]  __kasan_slab_alloc+0x23/0x70
[   73.463513][ T5413]  slab_post_alloc_hook+0x68/0x3a0
[   73.469883][ T5413]  __kmem_cache_alloc_node+0x14c/0x290
[   73.475521][ T5413]  __kmalloc_node+0xa7/0x230
[   73.480216][ T5413]  kvmalloc_node+0x42/0xf0
[   73.484956][ T5413]  seq_read_iter+0x1aa/0xb40
[   73.489707][ T5413]  vfs_read+0x791/0x9c0
[   73.493994][ T5413]  ksys_read+0x163/0x250
[   73.498246][ T5413]  do_syscall_64+0x41/0xc0
[   73.502752][ T5413]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.508911][ T5413] 
[   73.511403][ T5413] Memory state around the buggy address:
[   73.517027][ T5413]  ffff88801cb02080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.525267][ T5413]  ffff88801cb02100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.533525][ T5413] >ffff88801cb02180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.541754][ T5413]                                ^
[   73.547224][ T5413]  ffff88801cb02200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.556601][ T5413]  ffff88801cb02280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.564751][ T5413] ==================================================================
[   73.586602][ T5413] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   73.593916][ T5413] CPU: 1 PID: 5413 Comm: syz-executor.0 Not tainted 6.4.0-rc1-syzkaller #0
[   73.602501][ T5413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   73.612627][ T5413] Call Trace:
[   73.615925][ T5413]  <TASK>
[   73.618876][ T5413]  dump_stack_lvl+0x167/0x220
[   73.623649][ T5413]  ? nf_tcp_handle_invalid+0x4e0/0x4e0
[   73.629125][ T5413]  ? panic+0x540/0x540
[   73.633202][ T5413]  ? preempt_schedule_common+0x83/0xc0
[   73.638768][ T5413]  panic+0x21e/0x540
[   73.642685][ T5413]  ? __memcpy_flushcache+0x1a0/0x1a0
[   73.648083][ T5413]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   73.654420][ T5413]  ? _raw_spin_unlock+0x40/0x40
[   73.659300][ T5413]  check_panic_on_warn+0x58/0x70
[   73.664333][ T5413]  ? ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.670709][ T5413]  end_report+0x63/0x110
[   73.675227][ T5413]  kasan_report+0x183/0x1b0
[   73.679749][ T5413]  ? ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.686283][ T5413]  kasan_check_range+0x283/0x290
[   73.691346][ T5413]  ? ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.697774][ T5413]  __asan_memcpy+0x29/0x70
[   73.702200][ T5413]  ext4_convert_inline_data_nolock+0x286/0xbf0
[   73.708445][ T5413]  ? __down_write_common+0x161/0x200
[   73.713741][ T5413]  ? ext4_add_dirent_to_inline+0x460/0x460
[   73.719569][ T5413]  ? __ext4_journal_start_sb+0xc2/0x3c0
[   73.725219][ T5413]  ext4_convert_inline_data+0x3c4/0x4e0
[   73.730789][ T5413]  ? memalloc_retry_wait+0xb0/0xb0
[   73.736007][ T5413]  ext4_fallocate+0x13f/0x1a10
[   73.740785][ T5413]  ? rcu_read_lock_any_held+0xb7/0x160
[   73.746252][ T5413]  ? rcu_read_lock_bh_held+0x120/0x120
[   73.751808][ T5413]  ? memalloc_retry_wait+0xb0/0xb0
[   73.757080][ T5413]  vfs_fallocate+0x3ae/0x530
[   73.761721][ T5413]  __x64_sys_fallocate+0xaa/0xe0
[   73.766901][ T5413]  do_syscall_64+0x41/0xc0
[   73.771351][ T5413]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.777438][ T5413] RIP: 0033:0x7fd65668c0f9
[   73.781864][ T5413] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   73.801908][ T5413] RSP: 002b:00007fd657429168 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   73.810591][ T5413] RAX: ffffffffffffffda RBX: 00007fd6567abf80 RCX: 00007fd65668c0f9
[   73.818567][ T5413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   73.826541][ T5413] RBP: 00007fd6566e7b39 R08: 0000000000000000 R09: 0000000000000000
[   73.834695][ T5413] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000
[   73.842716][ T5413] R13: 00007fffcdb9de7f R14: 00007fd657429300 R15: 0000000000022000
[   73.850786][ T5413]  </TASK>
[   73.854009][ T5413] Kernel Offset: disabled
[   73.858528][ T5413] Rebooting in 86400 seconds..