Warning: Permanently added '10.128.0.192' (ED25519) to the list of known hosts.
2023/12/06 18:11:26 ignoring optional flag "sandboxArg"="0"
2023/12/06 18:11:26 parsed 1 programs
[   81.978003][    T9] cfg80211: failed to load regulatory.db
2023/12/06 18:11:27 executed programs: 0
[   83.132177][ T5403] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   83.186201][ T4452] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.194826][ T4452] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.202773][ T4452] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.211244][ T4452] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.219494][ T4452] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   83.227978][ T4452] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.342882][ T5411] chnl_net:caif_netlink_parms(): no params data found
[   83.395770][ T5411] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.403053][ T5411] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.410304][ T5411] bridge_slave_0: entered allmulticast mode
[   83.417879][ T5411] bridge_slave_0: entered promiscuous mode
[   83.426839][ T5411] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.434182][ T5411] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.441775][ T5411] bridge_slave_1: entered allmulticast mode
[   83.449398][ T5411] bridge_slave_1: entered promiscuous mode
[   83.474770][ T5411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.487423][ T5411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.515941][ T5411] team0: Port device team_slave_0 added
[   83.523700][ T5411] team0: Port device team_slave_1 added
[   83.545964][ T5411] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.553116][ T5411] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.579339][ T5411] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.591960][ T5411] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.599060][ T5411] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.625224][ T5411] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.660249][ T5411] hsr_slave_0: entered promiscuous mode
[   83.667913][ T5411] hsr_slave_1: entered promiscuous mode
[   84.250233][ T5411] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.261873][ T5411] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.274339][ T5411] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.285826][ T5411] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.321648][ T5411] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.329472][ T5411] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.337274][ T5411] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.344736][ T5411] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.389327][ T5067] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.400074][ T5067] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.460335][ T5411] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.488688][ T5411] 8021q: adding VLAN 0 to HW filter on device team0
[   84.502692][   T55] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.509918][   T55] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.541102][   T55] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.548360][   T55] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.763743][ T5411] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.819301][ T5411] veth0_vlan: entered promiscuous mode
[   84.835657][ T5411] veth1_vlan: entered promiscuous mode
[   84.877735][ T5411] veth0_macvtap: entered promiscuous mode
[   84.890114][ T5411] veth1_macvtap: entered promiscuous mode
[   84.919071][ T5411] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.934836][ T5411] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.951441][ T5411] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.964563][ T5411] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.973484][ T5411] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.984758][ T5411] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.081112][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.105560][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.140310][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.149974][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.232498][ T5478] loop0: detected capacity change from 0 to 512
[   85.240813][ T5478] EXT4-fs: Ignoring removed bh option
[   85.251289][ T5478] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   85.267633][   T50] Bluetooth: hci0: command 0x0409 tx timeout
[   85.292935][ T5478] EXT4-fs (loop0): 1 truncate cleaned up
[   85.298729][ T5478] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.349163][ T5478] ==================================================================
[   85.357369][ T5478] BUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1b0
[   85.364686][ T5478] Read of size 1 at addr ffff888075a18d23 by task syz-executor.0/5478
[   85.372948][ T5478] 
[   85.375375][ T5478] CPU: 0 PID: 5478 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
[   85.385805][ T5478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   85.396499][ T5478] Call Trace:
[   85.399803][ T5478]  <TASK>
[   85.402751][ T5478]  dump_stack_lvl+0x1e7/0x2d0
[   85.407723][ T5478]  ? nf_tcp_handle_invalid+0x650/0x650
[   85.413434][ T5478]  ? panic+0x850/0x850
[   85.417907][ T5478]  ? _printk+0xd5/0x120
[   85.422100][ T5478]  print_report+0x163/0x540
[   85.426626][ T5478]  ? __virt_addr_valid+0x22f/0x2e0
[   85.431933][ T5478]  ? __phys_addr+0xba/0x170
[   85.436667][ T5478]  ? ext4_search_dir+0xf2/0x1b0
[   85.441548][ T5478]  kasan_report+0x142/0x170
[   85.446427][ T5478]  ? ext4_search_dir+0xf2/0x1b0
[   85.451321][ T5478]  ext4_search_dir+0xf2/0x1b0
[   85.456032][ T5478]  ext4_find_inline_entry+0x4ba/0x5e0
[   85.461437][ T5478]  ? ext4_try_create_inline_dir+0x320/0x320
[   85.467448][ T5478]  __ext4_find_entry+0x2b4/0x1b30
[   85.472591][ T5478]  ? mark_lock+0x9a/0x350
[   85.476943][ T5478]  ? ext4_ci_compare+0x660/0x660
[   85.482085][ T5478]  ? ext4_fname_prepare_lookup+0x3b9/0x4e0
[   85.488019][ T5478]  ext4_lookup+0x17a/0x750
[   85.492470][ T5478]  ? __lock_acquire+0x1fd0/0x1fd0
[   85.497527][ T5478]  ? ext4_add_entry+0x1000/0x1000
[   85.502673][ T5478]  ? _raw_spin_unlock+0x28/0x40
[   85.507720][ T5478]  ? d_alloc+0x198/0x1d0
[   85.512065][ T5478]  lookup_one_qstr_excl+0x11b/0x250
[   85.517388][ T5478]  filename_create+0x297/0x530
[   85.522174][ T5478]  ? kern_path_create+0x50/0x50
[   85.527744][ T5478]  ? __lock_acquire+0x1fd0/0x1fd0
[   85.532881][ T5478]  ? __kasan_slab_alloc+0x66/0x70
[   85.538016][ T5478]  do_mkdirat+0xbd/0x3a0
[   85.542544][ T5478]  ? vfs_mkdir+0x4b0/0x4b0
[   85.547093][ T5478]  ? getname_flags+0x1fd/0x4f0
[   85.551903][ T5478]  ? lockdep_hardirqs_on+0x98/0x140
[   85.557300][ T5478]  __x64_sys_mkdirat+0x89/0xa0
[   85.562175][ T5478]  do_syscall_64+0x45/0x110
[   85.566708][ T5478]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   85.572758][ T5478] RIP: 0033:0x7f096ac7cae9
[   85.577198][ T5478] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   85.597085][ T5478] RSP: 002b:00007f0969ffe0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   85.607000][ T5478] RAX: ffffffffffffffda RBX: 00007f096ad9bf80 RCX: 00007f096ac7cae9
[   85.615192][ T5478] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[   85.623377][ T5478] RBP: 00007f096acc847a R08: 0000000000000000 R09: 0000000000000000
[   85.631455][ T5478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.639447][ T5478] R13: 000000000000000b R14: 00007f096ad9bf80 R15: 00007ffeff5235c8
[   85.647446][ T5478]  </TASK>
[   85.650478][ T5478] 
[   85.652806][ T5478] The buggy address belongs to the physical page:
[   85.659309][ T5478] page:ffffea0001d68600 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x75a18
[   85.669650][ T5478] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.676772][ T5478] page_type: 0xffffffff()
[   85.681125][ T5478] raw: 00fff00000000000 ffffea0001d68648 ffffea0001d6adc8 0000000000000000
[   85.689732][ T5478] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   85.698359][ T5478] page dumped because: kasan: bad access detected
[   85.704781][ T5478] page_owner tracks the page as freed
[   85.710336][ T5478] page last allocated via order 0, migratetype Movable, gfp_mask 0x152c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 5054, tgid 5054 (syz-executor), ts 55311574060, free_ts 81609461610
[   85.733808][ T5478]  post_alloc_hook+0x1e6/0x210
[   85.738605][ T5478]  get_page_from_freelist+0x33ea/0x3570
[   85.744176][ T5478]  __alloc_pages+0x255/0x680
[   85.748840][ T5478]  alloc_pages_mpol+0x3de/0x640
[   85.753709][ T5478]  folio_alloc+0x12a/0x330
[   85.758144][ T5478]  filemap_alloc_folio+0xde/0x500
[   85.763278][ T5478]  page_cache_ra_unbounded+0x1f2/0x7c0
[   85.768768][ T5478]  filemap_get_pages+0x742/0x2080
[   85.774164][ T5478]  filemap_read+0x41b/0xec0
[   85.778814][ T5478]  __kernel_read+0x425/0x8b0
[   85.783819][ T5478]  integrity_kernel_read+0xb0/0xf0
[   85.789020][ T5478]  ima_calc_file_hash+0xad1/0x1b30
[   85.794649][ T5478]  ima_collect_measurement+0x554/0xb30
[   85.803702][ T5478]  process_measurement+0x1373/0x21c0
[   85.809035][ T5478]  ima_file_check+0xf1/0x170
[   85.813839][ T5478]  path_openat+0x2897/0x3290
[   85.818535][ T5478] page last free stack trace:
[   85.823216][ T5478]  free_unref_page_prepare+0x931/0xa60
[   85.828691][ T5478]  free_unref_page_list+0x5a0/0x840
[   85.833906][ T5478]  release_pages+0x2117/0x2400
[   85.838694][ T5478]  __folio_batch_release+0x84/0x100
[   85.844004][ T5478]  truncate_inode_pages_range+0x457/0xf70
[   85.849885][ T5478]  ext4_evict_inode+0x21c/0xf30
[   85.854765][ T5478]  evict+0x2a4/0x630
[   85.858676][ T5478]  do_unlinkat+0x512/0x830
[   85.863108][ T5478]  __x64_sys_unlink+0x49/0x50
[   85.867802][ T5478]  do_syscall_64+0x45/0x110
[   85.872340][ T5478]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   85.878292][ T5478] 
[   85.880715][ T5478] Memory state around the buggy address:
[   85.886360][ T5478]  ffff888075a18c00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   85.894794][ T5478]  ffff888075a18c80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   85.902874][ T5478] >ffff888075a18d00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   85.911034][ T5478]                                ^
[   85.916157][ T5478]  ffff888075a18d80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   85.924324][ T5478]  ffff888075a18e00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   85.932571][ T5478] ==================================================================
[   85.948197][ T5478] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   85.955833][ T5478] CPU: 0 PID: 5478 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
[   85.966214][ T5478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   85.976324][ T5478] Call Trace:
[   85.979630][ T5478]  <TASK>
[   85.982575][ T5478]  dump_stack_lvl+0x1e7/0x2d0
[   85.987283][ T5478]  ? nf_tcp_handle_invalid+0x650/0x650
[   85.992859][ T5478]  ? panic+0x850/0x850
[   85.996966][ T5478]  ? vscnprintf+0x5d/0x80
[   86.001323][ T5478]  panic+0x349/0x850
[   86.005510][ T5478]  ? check_panic_on_warn+0x21/0xa0
[   86.010732][ T5478]  ? __memcpy_flushcache+0x2b0/0x2b0
[   86.016055][ T5478]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   86.022142][ T5478]  ? _raw_spin_unlock+0x40/0x40
[   86.027018][ T5478]  ? print_report+0x4fb/0x540
[   86.031730][ T5478]  check_panic_on_warn+0x82/0xa0
[   86.036767][ T5478]  ? ext4_search_dir+0xf2/0x1b0
[   86.041728][ T5478]  end_report+0x6e/0x140
[   86.046100][ T5478]  kasan_report+0x153/0x170
[   86.050721][ T5478]  ? ext4_search_dir+0xf2/0x1b0
[   86.055687][ T5478]  ext4_search_dir+0xf2/0x1b0
[   86.060401][ T5478]  ext4_find_inline_entry+0x4ba/0x5e0
[   86.065896][ T5478]  ? ext4_try_create_inline_dir+0x320/0x320
[   86.071914][ T5478]  __ext4_find_entry+0x2b4/0x1b30
[   86.077154][ T5478]  ? mark_lock+0x9a/0x350
[   86.081684][ T5478]  ? ext4_ci_compare+0x660/0x660
[   86.086652][ T5478]  ? ext4_fname_prepare_lookup+0x3b9/0x4e0
[   86.092514][ T5478]  ext4_lookup+0x17a/0x750
[   86.096966][ T5478]  ? __lock_acquire+0x1fd0/0x1fd0
[   86.102016][ T5478]  ? ext4_add_entry+0x1000/0x1000
[   86.107255][ T5478]  ? _raw_spin_unlock+0x28/0x40
[   86.112327][ T5478]  ? d_alloc+0x198/0x1d0
[   86.116687][ T5478]  lookup_one_qstr_excl+0x11b/0x250
[   86.121914][ T5478]  filename_create+0x297/0x530
[   86.126732][ T5478]  ? kern_path_create+0x50/0x50
[   86.131607][ T5478]  ? __lock_acquire+0x1fd0/0x1fd0
[   86.136882][ T5478]  ? __kasan_slab_alloc+0x66/0x70
[   86.141930][ T5478]  do_mkdirat+0xbd/0x3a0
[   86.146221][ T5478]  ? vfs_mkdir+0x4b0/0x4b0
[   86.150756][ T5478]  ? getname_flags+0x1fd/0x4f0
[   86.156073][ T5478]  ? lockdep_hardirqs_on+0x98/0x140
[   86.161417][ T5478]  __x64_sys_mkdirat+0x89/0xa0
[   86.166405][ T5478]  do_syscall_64+0x45/0x110
[   86.170945][ T5478]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   86.176874][ T5478] RIP: 0033:0x7f096ac7cae9
[   86.181395][ T5478] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   86.201463][ T5478] RSP: 002b:00007f0969ffe0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   86.210077][ T5478] RAX: ffffffffffffffda RBX: 00007f096ad9bf80 RCX: 00007f096ac7cae9
[   86.218088][ T5478] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[   86.226170][ T5478] RBP: 00007f096acc847a R08: 0000000000000000 R09: 0000000000000000
[   86.234518][ T5478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.242531][ T5478] R13: 000000000000000b R14: 00007f096ad9bf80 R15: 00007ffeff5235c8
[   86.250640][ T5478]  </TASK>
[   86.254084][ T5478] Kernel Offset: disabled
[   86.258689][ T5478] Rebooting in 86400 seconds..