[ 24.655347][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.702875][ T9] device bridge_slave_0 left promiscuous mode [ 24.704512][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.832484][ T9] device veth0_macvtap left promiscuous mode [ 24.834156][ T9] device veth1_vlan left promiscuous mode [ 24.835617][ T9] device veth0_vlan left promiscuous mode [ 25.567669][ T3071] can: request_module (can-proto-0) failed. [ 25.590404][ T3071] can: request_module (can-proto-0) failed. [ 25.598953][ T3071] can: request_module (can-proto-7) failed. [ 25.607406][ T3071] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.10.50' (ED25519) to the list of known hosts. 2024/05/22 01:03:41 ignoring optional flag "sandboxArg"="0" 2024/05/22 01:03:42 parsed 1 programs [ 43.754663][ T3319] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS 2024/05/22 01:03:42 executed programs: 0 [ 43.904878][ T3327] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.906900][ T3327] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.909019][ T3327] device bridge_slave_0 entered promiscuous mode [ 43.911348][ T3327] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.913875][ T3327] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.916029][ T3327] device bridge_slave_1 entered promiscuous mode [ 44.080598][ T3327] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.082459][ T3327] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.084432][ T3327] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.086250][ T3327] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.255438][ T3116] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.257896][ T3116] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.260203][ T3116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.262291][ T3116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.305596][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.307988][ T3080] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.309966][ T3080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.312074][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.314494][ T3080] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.316444][ T3080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.318496][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.320842][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.656026][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.700949][ T3327] device veth0_vlan entered promiscuous mode [ 44.704896][ T3327] device veth1_vlan entered promiscuous mode [ 44.710999][ T3327] device veth0_macvtap entered promiscuous mode [ 44.713510][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.715826][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.717891][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.719985][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 44.722108][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 44.724530][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.726814][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 44.764088][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.766606][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.946168][ T3469] loop0: detected capacity change from 0 to 8192 [ 44.949067][ T3469] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 44.952363][ T3469] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 44.955094][ T3469] REISERFS (device loop0): using ordered data mode [ 44.956817][ T3469] reiserfs: using flush barriers [ 44.958436][ T3469] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 44.963016][ T3469] REISERFS (device loop0): checking transaction log (loop0) [ 44.979024][ T3469] REISERFS (device loop0): Using r5 hash to sort names [ 44.980987][ T3469] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 44.991757][ T3469] ================================================================== [ 44.993960][ T3469] BUG: KASAN: out-of-bounds in leaf_insert_into_buf+0x1f4/0x748 [ 44.995955][ T3469] Read of size 18446744073709551384 at addr ffff0000de556000 by task syz-executor.0/3469 [ 44.998479][ T3469] [ 44.999083][ T3469] CPU: 1 PID: 3469 Comm: syz-executor.0 Not tainted 6.1.91-syzkaller #0 [ 45.001326][ T3469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 45.003922][ T3469] Call trace: [ 45.004811][ T3469] dump_backtrace+0x1c8/0x1f4 [ 45.006078][ T3469] show_stack+0x2c/0x3c [ 45.007178][ T3469] dump_stack_lvl+0xc0/0x104 [ 45.008404][ T3469] print_report+0x174/0x4c0 [ 45.009586][ T3469] kasan_report+0xcc/0x124 [ 45.010747][ T3469] kasan_check_range+0x264/0x2a4 [ 45.012113][ T3469] memmove+0x48/0x90 [ 45.013143][ T3469] leaf_insert_into_buf+0x1f4/0x748 [ 45.014545][ T3469] do_balance+0x4220/0xb510 [ 45.015800][ T3469] reiserfs_insert_item+0x908/0xa4c [ 45.017145][ T3469] indirect2direct+0x51c/0x88c [ 45.018383][ T3469] reiserfs_cut_from_item+0x840/0x1c50 [ 45.019806][ T3469] reiserfs_do_truncate+0x764/0x10a0 [ 45.021186][ T3469] reiserfs_truncate_file+0x510/0xb1c [ 45.022747][ T3469] reiserfs_write_end+0x640/0x800 [ 45.024250][ T3469] generic_perform_write+0x384/0x548 [ 45.025567][ T3469] __generic_file_write_iter+0x168/0x388 [ 45.027080][ T3469] generic_file_write_iter+0xb8/0x2b4 [ 45.028459][ T3469] vfs_write+0x610/0x914 [ 45.029599][ T3469] ksys_write+0x15c/0x26c [ 45.030811][ T3469] __arm64_sys_write+0x7c/0x90 [ 45.032051][ T3469] invoke_syscall+0x98/0x2c0 [ 45.033335][ T3469] el0_svc_common+0x134/0x24c [ 45.034535][ T3469] do_el0_svc+0x64/0x218 [ 45.035661][ T3469] el0_svc+0x34/0x100 [ 45.036713][ T3469] el0t_64_sync_handler+0x84/0xf0 [ 45.037996][ T3469] el0t_64_sync+0x18c/0x190 [ 45.039149][ T3469] [ 45.039746][ T3469] The buggy address belongs to the physical page: [ 45.041451][ T3469] page:00000000f95bc3d4 refcount:1 mapcount:1 mapping:0000000000000000 index:0xffff8b778 pfn:0x11e556 [ 45.044401][ T3469] memcg:ffff0000d2472000 [ 45.045539][ T3469] anon flags: 0x5ffc000000a0014(uptodate|lru|mappedtodisk|swapbacked|node=0|zone=2|lastcpupid=0x7ff) [ 45.048490][ T3469] raw: 05ffc000000a0014 fffffc00037ede48 fffffc00037955c8 ffff0000cffc9221 [ 45.050802][ T3469] raw: 0000000ffff8b778 0000000000000000 0000000100000000 ffff0000d2472000 [ 45.053150][ T3469] page dumped because: kasan: bad access detected [ 45.054865][ T3469] [ 45.055484][ T3469] Memory state around the buggy address: [ 45.057001][ T3469] ffff0000de555f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.059147][ T3469] ffff0000de555f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.061281][ T3469] >ffff0000de556000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.063445][ T3469] ^ [ 45.064513][ T3469] ffff0000de556080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.066574][ T3469] ffff0000de556100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.068741][ T3469] ================================================================== [ 45.071273][ T3469] Disabling lock debugging due to kernel taint [ 45.082427][ C0] Unable to handle kernel paging request at virtual address dfff800000000002 [ 45.082430][ C1] list_add corruption. next->prev should be prev (ffff0001b4ee8368), but was 0000000000000000. (next=ffff0000d9691be8). [ 45.082446][ C1] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP [ 45.084728][ C0] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 45.088032][ C1] Modules linked in: [ 45.090009][ C0] Mem abort info: [ 45.090014][ C0] ESR = 0x0000000096000006 [ 45.092195][ C1] [ 45.093214][ C0] EC = 0x25: DABT (current EL), IL = 32 bits [ 45.094149][ C1] CPU: 1 PID: 3314 Comm: syz-execprog Tainted: G B 6.1.91-syzkaller #0 [ 45.095403][ C0] SET = 0, FnV = 0 [ 45.095970][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 45.097579][ C0] EA = 0, S1PTW = 0 [ 45.100103][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.101064][ C0] FSC = 0x06: level 2 translation fault [ 45.103788][ C1] pc : __list_add_valid+0xf4/0x110 [ 45.104799][ C0] Data abort info: [ 45.104804][ C0] ISV = 0, ISS = 0x00000006 [ 45.106853][ C1] lr : __list_add_valid+0xf4/0x110 [ 45.108347][ C0] CM = 0, WnR = 0 [ 45.109655][ C1] sp : ffff800008017660 [ 45.110625][ C0] [dfff800000000002] address between user and kernel address ranges [ 45.111897][ C1] x29: ffff800008017660 x28: ffff0000d2d100a8 x27: 0000000000000000 [ 45.119611][ C1] x26: ffff0000d2d10100 x25: 1fffe000369dd06d x24: 0000000000000009 [ 45.121672][ C1] x23: dfff800000000000 x22: ffff0000d9691bf0 x21: ffff0000d2d100a8 [ 45.123960][ C1] x20: ffff0001b4ee8368 x19: ffff0000d9691be8 x18: ffff800008017720 [ 45.126111][ C1] x17: 3836333865653462 x16: 3130303066666666 x15: 2820766572702065 [ 45.128249][ C1] x14: 6220646c756f6873 x13: 2e29386562313936 x12: 0000000000000001 [ 45.130301][ C1] x11: 0000000000ff0100 x10: 0000000000010005 x9 : 290a1dd5c9fe3e00 [ 45.132416][ C1] x8 : 290a1dd5c9fe3e00 x7 : 74707572726f6320 x6 : ffff8000082b7964 [ 45.134560][ C1] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800009a1f1dc [ 45.136643][ C1] x2 : ffff0001b4ef5cd0 x1 : 0000000100010005 x0 : 0000000000000075 [ 45.138769][ C1] Call trace: [ 45.139646][ C1] __list_add_valid+0xf4/0x110 [ 45.140915][ C1] enqueue_task_fair+0x6c4/0x1630 [ 45.142264][ C1] activate_task+0x140/0x2c4 [ 45.143466][ C1] ttwu_do_activate+0x144/0x22c [ 45.144784][ C1] try_to_wake_up+0x4c4/0xd40 [ 45.146030][ C1] default_wake_function+0x4c/0x60 [ 45.147356][ C1] autoremove_wake_function+0x24/0xf8 [ 45.148752][ C1] __wake_up_common+0x238/0x3b0 [ 45.150011][ C1] __wake_up+0x10c/0x1a8 [ 45.151132][ C1] wake_up_klogd_work_func+0x15c/0x1cc [ 45.152573][ C1] irq_work_run_list+0x104/0x1d8 [ 45.153907][ C1] irq_work_tick+0x9c/0xb0 [ 45.155083][ C1] update_process_times+0x16c/0x1bc [ 45.156452][ C1] tick_sched_timer+0x33c/0x4f4 [ 45.157739][ C1] __hrtimer_run_queues+0x2e4/0x60c [ 45.159080][ C1] hrtimer_interrupt+0x2ac/0xb2c [ 45.160410][ C1] arch_timer_handler_virt+0x74/0x88 [ 45.161875][ C1] handle_percpu_devid_irq+0x168/0x2c8 [ 45.163288][ C1] generic_handle_domain_irq+0x7c/0xc4 [ 45.164734][ C1] gic_handle_irq+0x70/0x1ac [ 45.165891][ C1] call_on_irq_stack+0x24/0x4c [ 45.167108][ C1] do_interrupt_handler+0xd4/0x138 [ 45.168488][ C1] el1_interrupt+0x34/0x68 [ 45.169637][ C1] el1h_64_irq_handler+0x18/0x24 [ 45.171026][ C1] el1h_64_irq+0x64/0x68 [ 45.172161][ C1] preempt_count_add+0x134/0x230 [ 45.173455][ C1] do_notify_resume+0x630/0x3180 [ 45.174761][ C1] el0_da+0x7c/0x11c [ 45.175793][ C1] el0t_64_sync_handler+0xcc/0xf0 [ 45.177182][ C1] el0t_64_sync+0x18c/0x190 [ 45.178336][ C1] Code: 91070000 aa1403e1 aa1303e3 954a8ddf (d4210000) [ 45.180126][ C1] ---[ end trace 0000000000000000 ]--- [ 45.379811][ C1] Kernel panic - not syncing: Oops - BUG: Fatal exception in interrupt [ 45.382198][ C1] SMP: stopping secondary CPUs [ 46.461535][ C1] SMP: failed to stop secondary CPUs 0-1 [ 46.463078][ C1] Kernel Offset: disabled [ 46.464295][ C1] CPU features: 0x00000,02070084,26017203 [ 46.465852][ C1] Memory Limit: none [ 46.672341][ C1] Rebooting in 86400 seconds..