Warning: Permanently added '10.128.1.116' (ED25519) to the list of known hosts. 2024/02/25 18:27:46 ignoring optional flag "sandboxArg"="0" 2024/02/25 18:27:46 parsed 1 programs 2024/02/25 18:27:46 executed programs: 0 [ 80.920711][ T2628] modprobe (2628) used greatest stack depth: 21608 bytes left [ 86.946048][ T2605] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.978281][ T2605] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.015776][ T2605] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.036035][ T2605] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.108438][ T2599] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 87.122310][ T2599] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 87.132940][ T2599] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 87.145060][ T2599] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 87.192265][ T2607] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 87.215569][ T2607] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 87.259743][ T2607] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 87.268833][ T2602] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.281603][ T2602] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.293849][ T2607] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 87.313267][ T2602] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.326465][ T2602] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.353373][ T2606] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.420414][ T2606] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.452506][ T2606] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.541632][ T2606] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.942760][ T2604] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.978463][ T2604] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.019170][ T2604] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.046490][ T2604] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 108.523850][ T2602] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.561709][ T2602] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.584528][ T2602] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.593455][ T2602] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.651953][ T2605] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.662020][ T2605] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.674164][ T2605] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.683258][ T2605] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.736685][ T2606] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.757130][ T2606] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.775812][ T2606] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.785097][ T2606] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.799828][ T2599] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.817952][ T2599] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.844543][ T2599] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.853483][ T2599] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.922690][ T2604] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.947221][ T2604] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.958228][ T2604] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.982476][ T2604] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.140013][ T2607] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.164465][ T2607] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.173483][ T2607] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.186980][ T2607] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.409971][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.425949][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.460884][ T3353] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.478533][ T3353] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.487631][ T3123] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.495073][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.495095][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.540135][ T3123] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 110.555192][ T3123] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.595959][ T2616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.603993][ T2616] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.628680][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 111.490253][ T2616] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.509059][ T2616] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.528940][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.542560][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.557591][ T5044] loop1: detected capacity change from 0 to 32768 [ 111.566678][ T5046] loop2: detected capacity change from 0 to 32768 [ 111.578692][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.578840][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 111.587444][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.599393][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 111.722784][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 111.769233][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.779816][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.797411][ T2616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.800851][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 111.808697][ T2616] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2024/02/25 18:28:18 executed programs: 6 [ 111.899076][ T3353] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.915027][ T1962] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 111.942431][ T3353] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.993132][ T1962] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 112.010577][ T3353] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.041097][ T3353] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.072687][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.095161][ T3123] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 112.096071][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.162751][ T1962] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 112.686258][ T5078] loop1: detected capacity change from 0 to 32768 [ 112.865929][ T5085] loop2: detected capacity change from 0 to 32768 [ 113.263594][ T5098] loop3: detected capacity change from 0 to 32768 [ 113.277490][ T5096] loop0: detected capacity change from 0 to 32768 [ 113.305437][ T5100] loop5: detected capacity change from 0 to 32768 [ 113.378616][ T5103] loop4: detected capacity change from 0 to 32768 [ 114.107089][ T5108] loop1: detected capacity change from 0 to 32768 [ 114.666655][ T5122] loop4: detected capacity change from 0 to 32768 [ 114.678734][ T5120] loop3: detected capacity change from 0 to 32768 [ 114.703756][ T5113] loop2: detected capacity change from 0 to 32768 [ 114.890422][ T5118] loop5: detected capacity change from 0 to 32768 [ 114.913201][ T5119] loop0: detected capacity change from 0 to 32768 [ 115.052048][ T5125] loop1: detected capacity change from 0 to 32768 [ 116.093190][ T5135] loop5: detected capacity change from 0 to 32768 [ 116.167347][ T5131] loop0: detected capacity change from 0 to 32768 [ 116.312744][ T5132] loop2: detected capacity change from 0 to 32768 [ 116.372420][ T5138] loop4: detected capacity change from 0 to 32768 [ 116.654975][ T83] ================================================================== [ 116.663196][ T83] BUG: KASAN: use-after-free in jfs_lazycommit+0x7da/0xb20 [ 116.670415][ T83] Read of size 4 at addr ffff88807b3e9894 by task jfsCommit/83 [ 116.678334][ T83] [ 116.680854][ T83] CPU: 1 PID: 83 Comm: jfsCommit Not tainted 6.1.79-syzkaller #0 [ 116.688861][ T83] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 116.699382][ T83] Call Trace: [ 116.703019][ T83] [ 116.706053][ T83] dump_stack_lvl+0x210/0x2fc [ 116.710842][ T83] ? nf_tcp_handle_invalid+0x5d0/0x5d0 [ 116.716404][ T83] ? panic+0x56e/0x56e [ 116.720662][ T83] ? lock_acquire+0xbe/0x390 [ 116.725374][ T83] ? read_lock_is_recursive+0x10/0x10 [ 116.730963][ T83] ? _printk+0xd1/0x111 [ 116.732858][ T5142] loop1: detected capacity change from 0 to 32768 [ 116.735999][ T83] ? __virt_addr_valid+0x165/0x370 [ 116.736039][ T83] print_report+0x15f/0x4f0 [ 116.736056][ T83] ? __virt_addr_valid+0x165/0x370 [ 116.736075][ T83] ? __virt_addr_valid+0x2b0/0x370 [ 116.759965][ T5140] loop3: detected capacity change from 0 to 32768 [ 116.763886][ T83] ? __phys_addr+0x8c/0x120 [ 116.775570][ T83] ? jfs_lazycommit+0x7da/0xb20 [ 116.780447][ T83] kasan_report+0x136/0x160 [ 116.785068][ T83] ? jfs_lazycommit+0x7da/0xb20 [ 116.790047][ T83] jfs_lazycommit+0x7da/0xb20 [ 116.794838][ T83] ? txFreelock+0x580/0x580 [ 116.799362][ T83] ? do_task_dead+0xa0/0xa0 [ 116.804081][ T83] ? _raw_spin_unlock+0x40/0x40 [ 116.809147][ T83] ? __kthread_parkme+0x125/0x170 [ 116.814193][ T83] kthread+0x210/0x270 [ 116.818538][ T83] ? txFreelock+0x580/0x580 [ 116.823057][ T83] ? kthread_blkcg+0xd0/0xd0 [ 116.827663][ T83] ret_from_fork+0x1f/0x30 [ 116.832086][ T83] [ 116.835207][ T83] [ 116.837620][ T83] Allocated by task 5132: [ 116.841951][ T83] kasan_set_track+0x4b/0x70 [ 116.846559][ T83] __kasan_kmalloc+0x97/0xb0 [ 116.851175][ T83] jfs_fill_super+0xfb/0xc40 [ 116.855876][ T83] mount_bdev+0x2ad/0x3b0 [ 116.860235][ T83] legacy_get_tree+0xeb/0x180 [ 116.864922][ T83] vfs_get_tree+0x89/0x1b0 [ 116.869328][ T83] do_new_mount+0x2be/0xad0 [ 116.873994][ T83] __se_sys_mount+0x2c4/0x3b0 [ 116.878841][ T83] do_syscall_64+0x3d/0xb0 [ 116.883333][ T83] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 116.889327][ T83] [ 116.891634][ T83] Freed by task 2602: [ 116.895683][ T83] kasan_set_track+0x4b/0x70 [ 116.900254][ T83] kasan_save_free_info+0x27/0x40 [ 116.905521][ T83] ____kasan_slab_free+0x122/0x1e0 [ 116.910614][ T83] __kmem_cache_free+0x2b4/0x470 [ 116.915637][ T83] generic_shutdown_super+0x128/0x340 [ 116.921018][ T83] kill_block_super+0x7a/0xb0 [ 116.925782][ T83] deactivate_locked_super+0xa0/0x110 [ 116.931236][ T83] cleanup_mnt+0x332/0x3b0 [ 116.935748][ T83] task_work_run+0x246/0x2f0 [ 116.940372][ T83] exit_to_user_mode_loop+0xbd/0xe0 [ 116.945761][ T83] exit_to_user_mode_prepare+0x6c/0xc0 [ 116.951211][ T83] syscall_exit_to_user_mode+0x27/0x1c0 [ 116.957042][ T83] do_syscall_64+0x49/0xb0 [ 116.961492][ T83] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 116.967414][ T83] [ 116.969835][ T83] Last potentially related work creation: [ 116.975736][ T83] kasan_save_stack+0x3b/0x60 [ 116.980447][ T83] __kasan_record_aux_stack+0xb0/0xc0 [ 116.985814][ T83] kvfree_call_rcu+0xda/0x850 [ 116.990514][ T83] drop_sysctl_table+0x317/0x460 [ 116.995439][ T83] drop_sysctl_table+0x329/0x460 [ 117.000482][ T83] unregister_sysctl_table+0x75/0x120 [ 117.005841][ T83] neigh_sysctl_unregister+0x74/0x90 [ 117.011254][ T83] inetdev_event+0x961/0x1050 [ 117.015950][ T83] raw_notifier_call_chain+0xd3/0x110 [ 117.021319][ T83] dev_change_name+0x6b9/0x900 [ 117.026424][ T83] do_setlink+0xa72/0x3e00 [ 117.030919][ T83] rtnl_newlink+0x16f8/0x2020 [ 117.035672][ T83] rtnetlink_rcv_msg+0xa9b/0xe50 [ 117.040685][ T83] netlink_rcv_skb+0x1cd/0x410 [ 117.045522][ T83] netlink_unicast+0x7b2/0x940 [ 117.050277][ T83] netlink_sendmsg+0x936/0xce0 [ 117.055074][ T83] __sys_sendto+0x4f4/0x760 [ 117.059944][ T83] __x64_sys_sendto+0xda/0xf0 [ 117.064627][ T83] do_syscall_64+0x3d/0xb0 [ 117.069137][ T83] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 117.075310][ T83] [ 117.077735][ T83] The buggy address belongs to the object at ffff88807b3e9800 [ 117.077735][ T83] which belongs to the cache kmalloc-256 of size 256 [ 117.092307][ T83] The buggy address is located 148 bytes inside of [ 117.092307][ T83] 256-byte region [ffff88807b3e9800, ffff88807b3e9900) [ 117.105666][ T83] [ 117.107976][ T83] The buggy address belongs to the physical page: [ 117.115077][ T83] page:ffffea0001ecfa00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b3e8 [ 117.125214][ T83] head:ffffea0001ecfa00 order:1 compound_mapcount:0 compound_pincount:0 [ 117.133801][ T83] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 117.142150][ T83] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff88800b041b40 [ 117.150849][ T83] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 117.159592][ T83] page dumped because: kasan: bad access detected [ 117.166192][ T83] page_owner tracks the page as allocated [ 117.171940][ T83] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 2607, tgid 2607 (syz-executor.4), ts 87031075120, free_ts 86987245230 [ 117.194967][ T83] post_alloc_hook+0x286/0x2b0 [ 117.199753][ T83] get_page_from_freelist+0x2fdd/0x3170 [ 117.205302][ T83] __alloc_pages+0x251/0x640 [ 117.209972][ T83] alloc_slab_page+0x6a/0x150 [ 117.214641][ T83] new_slab+0x70/0x250 [ 117.218699][ T83] ___slab_alloc+0x9df/0xe70 [ 117.223285][ T83] __kmem_cache_alloc_node+0x195/0x250 [ 117.228731][ T83] __kmalloc+0x95/0x1c0 [ 117.232933][ T83] __register_sysctl_table+0x9f1/0x11e0 [ 117.238576][ T83] mpls_dev_sysctl_register+0x1ed/0x2d0 [ 117.244216][ T83] mpls_dev_notify+0x53e/0xc10 [ 117.248979][ T83] raw_notifier_call_chain+0xd3/0x110 [ 117.254617][ T83] call_netdevice_notifiers+0x11e/0x160 [ 117.260164][ T83] register_netdevice+0x11b5/0x14b0 [ 117.265349][ T83] geneve_configure+0x748/0xae0 [ 117.270538][ T83] geneve_newlink+0xfb/0x1a0 [ 117.275221][ T83] page last free stack trace: [ 117.279987][ T83] free_unref_page_prepare+0xd6c/0xf00 [ 117.285708][ T83] free_unref_page+0x33/0x390 [ 117.290919][ T83] qlist_free_all+0x76/0xe0 [ 117.295429][ T83] kasan_quarantine_reduce+0x156/0x170 [ 117.301063][ T83] __kasan_slab_alloc+0x1f/0x70 [ 117.305902][ T83] slab_post_alloc_hook+0x54/0x3e0 [ 117.311960][ T83] kmem_cache_alloc+0x10c/0x290 [ 117.316810][ T83] prepare_creds+0x3c/0x610 [ 117.321479][ T83] do_faccessat+0xee/0x890 [ 117.325972][ T83] do_syscall_64+0x3d/0xb0 [ 117.330379][ T83] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 117.336266][ T83] [ 117.338575][ T83] Memory state around the buggy address: [ 117.344365][ T83] ffff88807b3e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 117.352413][ T83] ffff88807b3e9800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 117.360488][ T83] >ffff88807b3e9880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 117.368615][ T83] ^ [ 117.373875][ T83] ffff88807b3e9900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 117.382004][ T83] ffff88807b3e9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 117.390388][ T83] ================================================================== [ 117.398440][ T83] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 117.406007][ T83] Kernel Offset: disabled [ 117.410669][ T83] Rebooting in 86400 seconds..