Warning: Permanently added '[localhost]:28602' (ED25519) to the list of known hosts.
2024/07/24 09:58:10 ignoring optional flag "sandboxArg"="0"
2024/07/24 09:58:11 parsed 1 programs
[ 107.678093][ T39] audit: type=1400 audit(1721815094.547:140): avc: denied { unlink } for pid=5478 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 108.353683][ T39] audit: type=1400 audit(1721815095.227:141): avc: denied { relabelto } for pid=5508 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 108.363940][ T39] audit: type=1400 audit(1721815095.227:142): avc: denied { write } for pid=5508 comm="mkswap" path="/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 108.374555][ T39] audit: type=1400 audit(1721815095.247:143): avc: denied { read } for pid=5478 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 108.405380][ T39] audit: type=1400 audit(1721815095.247:144): avc: denied { open } for pid=5478 comm="syz-executor" path="/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 109.585577][ T5478] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 112.500006][ T39] audit: type=1400 audit(1721815099.377:145): avc: denied { mount } for pid=5512 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 113.362096][ T5532] chnl_net:caif_netlink_parms(): no params data found
[ 113.504739][ T5532] bridge0: port 1(bridge_slave_0) entered blocking state
[ 113.509307][ T5532] bridge0: port 1(bridge_slave_0) entered disabled state
[ 113.513523][ T5532] bridge_slave_0: entered allmulticast mode
[ 113.517290][ T5532] bridge_slave_0: entered promiscuous mode
[ 113.530558][ T5532] bridge0: port 2(bridge_slave_1) entered blocking state
[ 113.534520][ T5532] bridge0: port 2(bridge_slave_1) entered disabled state
[ 113.538349][ T5532] bridge_slave_1: entered allmulticast mode
[ 113.541886][ T5532] bridge_slave_1: entered promiscuous mode
[ 113.618624][ T5532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 113.625550][ T5532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 113.721362][ T5532] team0: Port device team_slave_0 added
[ 113.728745][ T5532] team0: Port device team_slave_1 added
[ 113.793662][ T5532] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 113.796581][ T5532] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 113.811477][ T5532] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 113.818104][ T5532] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 113.821773][ T5532] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 113.835369][ T5532] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 113.914145][ T5532] hsr_slave_0: entered promiscuous mode
[ 113.921812][ T5532] hsr_slave_1: entered promiscuous mode
[ 114.218006][ T39] audit: type=1400 audit(1721815101.087:146): avc: denied { create } for pid=5540 comm="dhcpcd-run-hook" name="resolv.conf.lapb10.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 114.243992][ T39] audit: type=1400 audit(1721815101.087:147): avc: denied { write open } for pid=5540 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb10.link" dev="tmpfs" ino=1764 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 114.263902][ T39] audit: type=1400 audit(1721815101.087:148): avc: denied { append } for pid=5540 comm="dhcpcd-run-hook" name="resolv.conf.lapb10.link" dev="tmpfs" ino=1764 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 114.276822][ T39] audit: type=1400 audit(1721815101.087:149): avc: denied { getattr } for pid=5540 comm="dhcpcd-run-hook" path="/tmp/resolv.conf" dev="tmpfs" ino=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 114.287577][ T39] audit: type=1400 audit(1721815101.117:150): avc: denied { read } for pid=5542 comm="cmp" name="resolv.conf" dev="tmpfs" ino=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 114.298555][ T39] audit: type=1400 audit(1721815101.167:151): avc: denied { unlink } for pid=5543 comm="rm" name="resolv.conf.lapb10.link" dev="tmpfs" ino=1764 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 114.959573][ T5532] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 114.989118][ T5532] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 115.012440][ T5532] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 115.044211][ T5532] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 115.172679][ T5532] 8021q: adding VLAN 0 to HW filter on device bond0
[ 115.201009][ T5532] 8021q: adding VLAN 0 to HW filter on device team0
[ 115.212433][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.220851][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 115.231036][ T826] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.233967][ T826] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 115.306820][ T39] audit: type=1400 audit(1721815102.177:152): avc: denied { sys_module } for pid=5532 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 115.419355][ T5532] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 115.468333][ T5532] veth0_vlan: entered promiscuous mode
[ 115.477332][ T5532] veth1_vlan: entered promiscuous mode
[ 115.515629][ T5532] veth0_macvtap: entered promiscuous mode
[ 115.531029][ T5532] veth1_macvtap: entered promiscuous mode
[ 115.547993][ T5532] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 115.557075][ T5532] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 115.567566][ T5532] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.573751][ T5532] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.580294][ T5532] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.584577][ T5532] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.837874][ T66] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 115.997204][ T66] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 116.005913][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.015602][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.047204][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.053184][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.120515][ T66] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 116.305407][ T66] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 117.128115][ T39] audit: type=1401 audit(1721815103.997:153): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 118.528707][ T5282] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 118.546624][ T5282] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 118.553095][ T5282] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 118.565569][ T5282] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 118.572443][ T5282] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 118.579501][ T5282] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/07/24 09:58:25 executed programs: 0
[ 118.782532][ T67] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 118.795544][ T67] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 118.803616][ T67] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 118.810564][ T67] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 118.814868][ T67] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 118.819352][ T67] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 119.053700][ T5695] chnl_net:caif_netlink_parms(): no params data found
[ 119.368834][ T5695] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.388100][ T5695] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.391338][ T5695] bridge_slave_0: entered allmulticast mode
[ 119.394686][ T5695] bridge_slave_0: entered promiscuous mode
[ 119.399958][ T5695] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.408834][ T5695] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.413173][ T5695] bridge_slave_1: entered allmulticast mode
[ 119.417135][ T5695] bridge_slave_1: entered promiscuous mode
[ 119.564059][ T5695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 119.574996][ T5695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 119.661907][ T5695] team0: Port device team_slave_0 added
[ 119.695851][ T5695] team0: Port device team_slave_1 added
[ 119.811245][ T5695] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 119.813759][ T5695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 119.829294][ T5695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 119.836007][ T5695] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 119.840740][ T5695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 119.851865][ T5695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 119.991533][ T5695] hsr_slave_0: entered promiscuous mode
[ 119.998968][ T5695] hsr_slave_1: entered promiscuous mode
[ 120.001597][ T5695] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 120.005933][ T5695] Cannot create hsr debugfs directory
[ 120.858631][ T67] Bluetooth: hci1: command tx timeout
[ 121.254674][ T66] bridge_slave_1: left allmulticast mode
[ 121.262396][ T66] bridge_slave_1: left promiscuous mode
[ 121.265912][ T66] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.273220][ T66] bridge_slave_0: left allmulticast mode
[ 121.276808][ T66] bridge_slave_0: left promiscuous mode
[ 121.280382][ T66] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.595430][ T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 121.602283][ T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 121.608227][ T66] bond0 (unregistering): Released all slaves
[ 121.918807][ T66] hsr_slave_0: left promiscuous mode
[ 121.922258][ T66] hsr_slave_1: left promiscuous mode
[ 121.927732][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 121.934953][ T66] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 121.939866][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 121.943269][ T66] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 121.971801][ T66] veth1_macvtap: left promiscuous mode
[ 121.974497][ T66] veth0_macvtap: left promiscuous mode
[ 121.977124][ T66] veth1_vlan: left promiscuous mode
[ 121.980620][ T66] veth0_vlan: left promiscuous mode
[ 122.842028][ T66] team0 (unregistering): Port device team_slave_1 removed
[ 122.947288][ T66] team0 (unregistering): Port device team_slave_0 removed
[ 122.948202][ T67] Bluetooth: hci1: command tx timeout
[ 124.112391][ T5695] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 124.131090][ T5695] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 124.154038][ T5695] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 124.182575][ T5695] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 124.320765][ T5695] 8021q: adding VLAN 0 to HW filter on device bond0
[ 124.339930][ T5695] 8021q: adding VLAN 0 to HW filter on device team0
[ 124.348510][ T5308] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.351817][ T5308] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 124.363635][ T5308] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.366800][ T5308] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 124.426276][ T5695] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 124.851172][ T5695] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 124.946363][ T5695] veth0_vlan: entered promiscuous mode
[ 124.959401][ T5695] veth1_vlan: entered promiscuous mode
[ 124.997121][ T5695] veth0_macvtap: entered promiscuous mode
[ 125.005107][ T5695] veth1_macvtap: entered promiscuous mode
[ 125.023690][ T5695] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 125.029181][ T67] Bluetooth: hci1: command tx timeout
[ 125.037175][ T5695] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 125.045325][ T5695] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 125.050704][ T5695] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 125.055470][ T5695] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 125.059680][ T5695] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 125.183370][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 125.186422][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 125.218743][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 125.221614][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/07/24 09:58:32 executed programs: 2
[ 125.311096][ T39] audit: type=1400 audit(1721815112.177:154): avc: denied { prog_load } for pid=5758 comm="syz.0.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 125.320105][ T39] audit: type=1400 audit(1721815112.177:155): avc: denied { bpf } for pid=5758 comm="syz.0.15" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 125.347058][ T39] audit: type=1400 audit(1721815112.177:156): avc: denied { perfmon } for pid=5758 comm="syz.0.15" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 125.374844][ T39] audit: type=1400 audit(1721815112.247:157): avc: denied { create } for pid=5758 comm="syz.0.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 125.383365][ T39] audit: type=1400 audit(1721815112.247:158): avc: denied { ioctl } for pid=5758 comm="syz.0.15" path="socket:[11340]" dev="sockfs" ino=11340 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 125.411254][ T39] audit: type=1400 audit(1721815112.287:159): avc: denied { prog_run } for pid=5758 comm="syz.0.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 126.559105][ C0] ==================================================================
[ 126.563102][ C0] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x41c/0x4e0
[ 126.567932][ C0] Read of size 4 at addr ffffc9000331fa50 by task syz.0.36/5802
[ 126.579627][ C0]
[ 126.580818][ C0] CPU: 0 UID: 0 PID: 5802 Comm: syz.0.36 Not tainted 6.10.0-syzkaller-12246-g786c8248dbd3-dirty #0
[ 126.585588][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 126.590262][ C0] Call Trace:
[ 126.591599][ C0]
[ 126.592978][ C0] dump_stack_lvl+0x116/0x1f0
[ 126.595153][ C0] print_report+0xc3/0x620
[ 126.597140][ C0] ? __virt_addr_valid+0x5e/0x590
[ 126.599368][ C0] kasan_report+0xd9/0x110
[ 126.601439][ C0] ? xdp_do_check_flushed+0x41c/0x4e0
[ 126.603884][ C0] ? xdp_do_check_flushed+0x41c/0x4e0
[ 126.606182][ C0] xdp_do_check_flushed+0x41c/0x4e0
[ 126.608182][ C0] __napi_poll.constprop.0+0xd1/0x550
[ 126.610232][ C0] net_rx_action+0xa92/0x1010
[ 126.612057][ C0] ? __pfx_net_rx_action+0x10/0x10
[ 126.613817][ C0] ? __pfx_mark_lock+0x10/0x10
[ 126.615802][ C0] ? kvm_sched_clock_read+0x11/0x20
[ 126.617843][ C0] ? sched_clock+0x38/0x60
[ 126.619597][ C0] ? sched_clock_cpu+0x6d/0x4d0
[ 126.621475][ C0] ? mark_held_locks+0x9f/0xe0
[ 126.623337][ C0] handle_softirqs+0x216/0x8f0
[ 126.625246][ C0] ? trace_csd_function_exit+0x173/0x1f0
[ 126.627820][ C0] ? __pfx_handle_softirqs+0x10/0x10
[ 126.630234][ C0] irq_exit_rcu+0xbb/0x120
[ 126.632312][ C0] sysvec_call_function+0x95/0xb0
[ 126.634530][ C0]
[ 126.635833][ C0]
[ 126.637128][ C0] asm_sysvec_call_function+0x1a/0x20
[ 126.639454][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 126.641926][ C0] Code: be b0 01 00 00 e8 a0 ff ff ff 31 c0 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 65 48 8b 15 94 54 79 7e 65 8b 05 95 54 79 7e a9 00 01
[ 126.649341][ C0] RSP: 0018:ffffc9000331f3e8 EFLAGS: 00000283
[ 126.652045][ C0] RAX: dffffc0000000000 RBX: ffffc9000331f470 RCX: ffffffff813cf026
[ 126.655775][ C0] RDX: 1ffff92000663e90 RSI: ffffffff813cf082 RDI: ffffc9000331f480
[ 126.659862][ C0] RBP: ffffc9000331fcd0 R08: 0000000000000004 R09: 0000000000000001
[ 126.663635][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90003318000
[ 126.667125][ C0] R13: ffffc90003320000 R14: 0000000000000001 R15: 0000000000000001
[ 126.670583][ C0] ? unwind_next_frame+0x1126/0x23a0
[ 126.672808][ C0] ? unwind_next_frame+0x1182/0x23a0
[ 126.675041][ C0] unwind_next_frame+0x11af/0x23a0
[ 126.677297][ C0] ? do_exit+0x9bf/0x2bb0
[ 126.695136][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 126.697716][ C0] arch_stack_walk+0x100/0x170
[ 126.699749][ C0] ? do_group_exit+0xd3/0x2a0
[ 126.701732][ C0] ? unlink_anon_vmas+0x173/0x820
[ 126.703975][ C0] stack_trace_save+0x95/0xd0
[ 126.708329][ C0] ? __pfx_stack_trace_save+0x10/0x10
[ 126.710745][ C0] ? __pfx_mark_lock+0x10/0x10
[ 126.712934][ C0] ? __lock_acquire+0xbdd/0x3cb0
[ 126.715197][ C0] kasan_save_stack+0x33/0x60
[ 126.717315][ C0] ? kasan_save_stack+0x33/0x60
[ 126.719412][ C0] ? kasan_save_track+0x14/0x30
[ 126.721407][ C0] ? kasan_save_free_info+0x3b/0x60
[ 126.723548][ C0] ? poison_slab_object+0xf7/0x160
[ 126.725724][ C0] ? __kasan_slab_free+0x32/0x50
[ 126.727851][ C0] ? kmem_cache_free+0x12f/0x3a0
[ 126.729700][ C0] ? unlink_anon_vmas+0x173/0x820
[ 126.731664][ C0] ? free_pgtables+0x33c/0x950
[ 126.733315][ C0] ? exit_mmap+0x3c9/0xb20
[ 126.734886][ C0] ? __mmput+0x12a/0x480
[ 126.736327][ C0] ? mmput+0x62/0x70
[ 126.737640][ C0] ? do_exit+0x9bf/0x2bb0
[ 126.739317][ C0] kasan_save_track+0x14/0x30
[ 126.741076][ C0] kasan_save_free_info+0x3b/0x60
[ 126.743095][ C0] poison_slab_object+0xf7/0x160
[ 126.745216][ C0] __kasan_slab_free+0x32/0x50
[ 126.747255][ C0] kmem_cache_free+0x12f/0x3a0
[ 126.749289][ C0] ? unlink_anon_vmas+0x173/0x820
[ 126.751485][ C0] unlink_anon_vmas+0x173/0x820
[ 126.753544][ C0] free_pgtables+0x33c/0x950
[ 126.755526][ C0] ? __pfx_free_pgtables+0x10/0x10
[ 126.757697][ C0] ? __pfx_down_write+0x10/0x10
[ 126.759809][ C0] exit_mmap+0x3c9/0xb20
[ 126.761642][ C0] ? __pfx_exit_mmap+0x10/0x10
[ 126.763852][ C0] __mmput+0x12a/0x480
[ 126.765596][ C0] mmput+0x62/0x70
[ 126.767217][ C0] do_exit+0x9bf/0x2bb0
[ 126.769126][ C0] ? get_signal+0x8f2/0x2770
[ 126.771196][ C0] ? __pfx_do_exit+0x10/0x10
[ 126.773213][ C0] ? do_raw_spin_lock+0x12d/0x2c0
[ 126.775487][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 126.777858][ C0] do_group_exit+0xd3/0x2a0
[ 126.779856][ C0] get_signal+0x25fd/0x2770
[ 126.781808][ C0] ? vfs_write+0x917/0x1140
[ 126.783740][ C0] ? vfs_write+0x14d/0x1140
[ 126.785651][ C0] ? __pfx_get_signal+0x10/0x10
[ 126.787623][ C0] ? __pfx_do_futex+0x10/0x10
[ 126.789649][ C0] arch_do_signal_or_restart+0x90/0x7e0
[ 126.792002][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 126.794646][ C0] ? ksys_write+0x1ab/0x260
[ 126.796713][ C0] ? __pfx_ksys_write+0x10/0x10
[ 126.798884][ C0] syscall_exit_to_user_mode+0x150/0x2a0
[ 126.801356][ C0] do_syscall_64+0xda/0x250
[ 126.803260][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.805703][ C0] RIP: 0033:0x7f0dd5175b59
[ 126.807706][ C0] Code: Unable to access opcode bytes at 0x7f0dd5175b2f.
[ 126.810721][ C0] RSP: 002b:00007f0dd5f6a0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 126.814366][ C0] RAX: fffffffffffffe00 RBX: 00007f0dd5305f68 RCX: 00007f0dd5175b59
[ 126.817792][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0dd5305f68
[ 126.821091][ C0] RBP: 00007f0dd5305f60 R08: 00007f0dd5f6a6c0 R09: 00007f0dd5f6a6c0
[ 126.824479][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dd5305f6c
[ 126.827660][ C0] R13: 000000000000000b R14: 00007ffd8748bdc0 R15: 00007ffd8748bea8
[ 126.830967][ C0]
[ 126.832193][ C0]
[ 126.833151][ C0] The buggy address belongs to stack of task syz.0.36/5802
[ 126.835969][ C0] and is located at offset 24 in frame:
[ 126.838133][ C0] exit_mmap+0x0/0xb20
[ 126.840003][ C0]
[ 126.841087][ C0] This frame has 2 objects:
[ 126.843023][ C0] [32, 96) 'vmi'
[ 126.843033][ C0] [128, 256) 'tlb'
[ 126.844625][ C0]
[ 126.847341][ C0] The buggy address belongs to the virtual mapping at
[ 126.847341][ C0] [ffffc90003318000, ffffc90003321000) created by:
[ 126.847341][ C0] kernel_clone+0xfd/0x980
[ 126.855051][ C0]
[ 126.856137][ C0] The buggy address belongs to the physical page:
[ 126.858827][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888029ce3690 pfn:0x29ce3
[ 126.863151][ C0] memcg:ffff88801dd09c02
[ 126.865025][ C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 126.868081][ C0] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 126.871855][ C0] raw: ffff888029ce3690 0000000000000000 00000001ffffffff ffff88801dd09c02
[ 126.875474][ C0] page dumped because: kasan: bad access detected
[ 126.877837][ C0] page_owner tracks the page as allocated
[ 126.880167][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 5781, tgid 5781 (syz.0.26), ts 125931643135, free_ts 125907940889
[ 126.887714][ C0] post_alloc_hook+0x2d1/0x350
[ 126.889989][ C0] get_page_from_freelist+0x1351/0x2e50
[ 126.892484][ C0] __alloc_pages_noprof+0x22b/0x2460
[ 126.894853][ C0] alloc_pages_mpol_noprof+0x275/0x610
[ 126.897266][ C0] __vmalloc_node_range_noprof+0xa6a/0x1520
[ 126.899916][ C0] copy_process+0x2f3b/0x8de0
[ 126.901984][ C0] kernel_clone+0xfd/0x980
[ 126.903987][ C0] __do_sys_clone3+0x1f5/0x270
[ 126.905882][ C0] do_syscall_64+0xcd/0x250
[ 126.907869][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.910489][ C0] page last free pid 5780 tgid 5779 stack trace:
[ 126.913027][ C0] free_unref_page+0x64a/0xe40
[ 126.914920][ C0] __folio_put+0x31c/0x3e0
[ 126.916671][ C0] free_page_and_swap_cache+0x249/0x2c0
[ 126.918849][ C0] tlb_remove_table_rcu+0x89/0xe0
[ 126.920793][ C0] rcu_core+0x828/0x16b0
[ 126.922375][ C0] handle_softirqs+0x216/0x8f0
[ 126.924402][ C0] irq_exit_rcu+0xbb/0x120
[ 126.926133][ C0] sysvec_apic_timer_interrupt+0x95/0xb0
[ 126.928356][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 126.930615][ C0]
[ 126.931515][ C0] Memory state around the buggy address:
[ 126.933647][ C0] ffffc9000331f900: 00 00 00 f1 f1 f1 f1 f1 f1 00 00 00 00 00 00 00
[ 126.936923][ C0] ffffc9000331f980: 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00
[ 126.940401][ C0] >ffffc9000331fa00: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00
[ 126.943978][ C0] ^
[ 126.946599][ C0] ffffc9000331fa80: 00 00 00 f2 f2 f2 f2 00 00 00 00 00 00 00 00 00
[ 126.949669][ C0] ffffc9000331fb00: 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00
[ 126.952448][ C0] ==================================================================
[ 126.955599][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 126.958685][ C0] CPU: 0 UID: 0 PID: 5802 Comm: syz.0.36 Not tainted 6.10.0-syzkaller-12246-g786c8248dbd3-dirty #0
[ 126.963311][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 126.967641][ C0] Call Trace:
[ 126.968899][ C0]
[ 126.970043][ C0] dump_stack_lvl+0x3d/0x1f0
[ 126.971837][ C0] panic+0x6f5/0x7a0
[ 126.973342][ C0] ? __pfx_panic+0x10/0x10
[ 126.974914][ C0] ? check_panic_on_warn+0x1f/0xb0
[ 126.976644][ C0] check_panic_on_warn+0xab/0xb0
[ 126.978322][ C0] end_report+0x117/0x180
[ 126.979831][ C0] kasan_report+0xe9/0x110
[ 126.981357][ C0] ? xdp_do_check_flushed+0x41c/0x4e0
[ 126.983438][ C0] ? xdp_do_check_flushed+0x41c/0x4e0
[ 126.985510][ C0] xdp_do_check_flushed+0x41c/0x4e0
[ 126.987530][ C0] __napi_poll.constprop.0+0xd1/0x550
[ 126.989592][ C0] net_rx_action+0xa92/0x1010
[ 126.991508][ C0] ? __pfx_net_rx_action+0x10/0x10
[ 126.993520][ C0] ? __pfx_mark_lock+0x10/0x10
[ 126.995480][ C0] ? kvm_sched_clock_read+0x11/0x20
[ 126.997787][ C0] ? sched_clock+0x38/0x60
[ 126.999640][ C0] ? sched_clock_cpu+0x6d/0x4d0
[ 127.001495][ C0] ? mark_held_locks+0x9f/0xe0
[ 127.003201][ C0] handle_softirqs+0x216/0x8f0
[ 127.004965][ C0] ? trace_csd_function_exit+0x173/0x1f0
[ 127.007174][ C0] ? __pfx_handle_softirqs+0x10/0x10
[ 127.009234][ C0] irq_exit_rcu+0xbb/0x120
[ 127.011045][ C0] sysvec_call_function+0x95/0xb0
[ 127.012989][ C0]
[ 127.014161][ C0]
[ 127.015345][ C0] asm_sysvec_call_function+0x1a/0x20
[ 127.017556][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 127.020005][ C0] Code: be b0 01 00 00 e8 a0 ff ff ff 31 c0 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 65 48 8b 15 94 54 79 7e 65 8b 05 95 54 79 7e a9 00 01
[ 127.027289][ C0] RSP: 0018:ffffc9000331f3e8 EFLAGS: 00000283
[ 127.029349][ C0] RAX: dffffc0000000000 RBX: ffffc9000331f470 RCX: ffffffff813cf026
[ 127.032097][ C0] RDX: 1ffff92000663e90 RSI: ffffffff813cf082 RDI: ffffc9000331f480
[ 127.035372][ C0] RBP: ffffc9000331fcd0 R08: 0000000000000004 R09: 0000000000000001
[ 127.038605][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90003318000
[ 127.042153][ C0] R13: ffffc90003320000 R14: 0000000000000001 R15: 0000000000000001
[ 127.045608][ C0] ? unwind_next_frame+0x1126/0x23a0
[ 127.047917][ C0] ? unwind_next_frame+0x1182/0x23a0
[ 127.050256][ C0] unwind_next_frame+0x11af/0x23a0
[ 127.052551][ C0] ? do_exit+0x9bf/0x2bb0
[ 127.054284][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 127.056649][ C0] arch_stack_walk+0x100/0x170
[ 127.058084][ C0] ? do_group_exit+0xd3/0x2a0
[ 127.059525][ C0] ? unlink_anon_vmas+0x173/0x820
[ 127.061423][ C0] stack_trace_save+0x95/0xd0
[ 127.062978][ C0] ? __pfx_stack_trace_save+0x10/0x10
[ 127.065182][ C0] ? __pfx_mark_lock+0x10/0x10
[ 127.067147][ C0] ? __lock_acquire+0xbdd/0x3cb0
[ 127.069306][ C0] kasan_save_stack+0x33/0x60
[ 127.071359][ C0] ? kasan_save_stack+0x33/0x60
[ 127.073683][ C0] ? kasan_save_track+0x14/0x30
[ 127.075681][ C0] ? kasan_save_free_info+0x3b/0x60
[ 127.077991][ C0] ? poison_slab_object+0xf7/0x160
[ 127.080200][ C0] ? __kasan_slab_free+0x32/0x50
[ 127.082291][ C0] ? kmem_cache_free+0x12f/0x3a0
[ 127.084500][ C0] ? unlink_anon_vmas+0x173/0x820
[ 127.086833][ C0] ? free_pgtables+0x33c/0x950
[ 127.089076][ C0] ? exit_mmap+0x3c9/0xb20
[ 127.091120][ C0] ? __mmput+0x12a/0x480
[ 127.093043][ C0] ? mmput+0x62/0x70
[ 127.094820][ C0] ? do_exit+0x9bf/0x2bb0
[ 127.096806][ C0] kasan_save_track+0x14/0x30
[ 127.098947][ C0] kasan_save_free_info+0x3b/0x60
[ 127.101165][ C0] poison_slab_object+0xf7/0x160
[ 127.103362][ C0] __kasan_slab_free+0x32/0x50
[ 127.105449][ C0] kmem_cache_free+0x12f/0x3a0
[ 127.107137][ C0] ? unlink_anon_vmas+0x173/0x820
[ 127.109199][ C0] unlink_anon_vmas+0x173/0x820
[ 127.111309][ C0] free_pgtables+0x33c/0x950
[ 127.113342][ C0] ? __pfx_free_pgtables+0x10/0x10
[ 127.115433][ C0] ? __pfx_down_write+0x10/0x10
[ 127.117499][ C0] exit_mmap+0x3c9/0xb20
[ 127.119335][ C0] ? __pfx_exit_mmap+0x10/0x10
[ 127.121382][ C0] __mmput+0x12a/0x480
[ 127.123151][ C0] mmput+0x62/0x70
[ 127.124906][ C0] do_exit+0x9bf/0x2bb0
[ 127.126762][ C0] ? get_signal+0x8f2/0x2770
[ 127.128673][ C0] ? __pfx_do_exit+0x10/0x10
[ 127.130701][ C0] ? do_raw_spin_lock+0x12d/0x2c0
[ 127.132910][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 127.135265][ C0] do_group_exit+0xd3/0x2a0
[ 127.137268][ C0] get_signal+0x25fd/0x2770
[ 127.139302][ C0] ? vfs_write+0x917/0x1140
[ 127.141310][ C0] ? vfs_write+0x14d/0x1140
[ 127.143340][ C0] ? __pfx_get_signal+0x10/0x10
[ 127.145353][ C0] ? __pfx_do_futex+0x10/0x10
[ 127.146791][ C0] arch_do_signal_or_restart+0x90/0x7e0
[ 127.148467][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 127.150789][ C0] ? ksys_write+0x1ab/0x260
[ 127.152426][ C0] ? __pfx_ksys_write+0x10/0x10
[ 127.154477][ C0] syscall_exit_to_user_mode+0x150/0x2a0
[ 127.156859][ C0] do_syscall_64+0xda/0x250
[ 127.158551][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.160811][ C0] RIP: 0033:0x7f0dd5175b59
[ 127.162501][ C0] Code: Unable to access opcode bytes at 0x7f0dd5175b2f.
[ 127.165248][ C0] RSP: 002b:00007f0dd5f6a0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 127.168214][ C0] RAX: fffffffffffffe00 RBX: 00007f0dd5305f68 RCX: 00007f0dd5175b59
[ 127.171052][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0dd5305f68
[ 127.173946][ C0] RBP: 00007f0dd5305f60 R08: 00007f0dd5f6a6c0 R09: 00007f0dd5f6a6c0
[ 127.185391][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dd5305f6c
[ 127.188608][ C0] R13: 000000000000000b R14: 00007ffd8748bdc0 R15: 00007ffd8748bea8
[ 127.191641][ C0]
[ 127.193476][ C0] Kernel Offset: disabled
[ 127.195175][ C0] Rebooting in 86400 seconds..