Warning: Permanently added '10.128.1.86' (ED25519) to the list of known hosts.
2023/10/03 11:27:42 ignoring optional flag "sandboxArg"="0"
2023/10/03 11:27:42 parsed 1 programs
2023/10/03 11:27:42 executed programs: 0
[   67.152818][ T2241] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   70.111100][ T2659] loop0: detected capacity change from 0 to 8192
[   70.119506][ T2659] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   70.132840][ T2659] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   70.142161][ T2659] REISERFS (device loop0): using ordered data mode
[   70.148665][ T2659] reiserfs: using flush barriers
[   70.154180][ T2659] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   70.170491][ T2659] REISERFS (device loop0): checking transaction log (loop0)
[   70.194968][ T2659] REISERFS (device loop0): Using r5 hash to sort names
[   70.201894][ T2659] REISERFS (device loop0): using 3.5.x disk format
[   70.215426][    C0] ==================================================================
[   70.215580][   T27] general protection fault, probably for non-canonical address 0xdffffc000000000a: 0000 [#1] PREEMPT SMP KASAN
[   70.223464][    C0] BUG: KASAN: use-after-free in rb_next+0xe9/0x130
[   70.235136][   T27] KASAN: null-ptr-deref in range [0x0000000000000050-0x0000000000000057]
[   70.241595][    C0] Read of size 8 at addr ffff8880005d9fa6 by task swapper/0/0
[   70.249962][   T27] CPU: 1 PID: 27 Comm: kworker/1:1 Not tainted 6.6.0-rc4-syzkaller #0
[   70.257373][    C0] 
[   70.257375][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.6.0-rc4-syzkaller #0
[   70.265569][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[   70.267883][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[   70.275730][   T27] Workqueue: ipv6_addrconf addrconf_dad_work
[   70.285749][    C0] Call Trace:
[   70.295851][   T27] 
[   70.301803][    C0]  <IRQ>
[   70.305059][   T27] RIP: 0010:fib6_add+0xbcd/0x4780
[   70.307356][    C0]  dump_stack_lvl+0x5c/0xb0
[   70.310257][   T27] Code: fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 e4 37 00 00 49 8d 50 50 4c 8b 73 50 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <80> 3c 01 00 0f 85 f2 37 00 00 49 8b 40 50 4c 39 f0 0f 85 bf 27 00
[   70.315238][    C0]  print_report+0xc4/0x620
[   70.319703][   T27] RSP: 0018:ffffc90000a3f830 EFLAGS: 00010216
[   70.339316][    C0]  kasan_report+0xda/0x110
[   70.343690][   T27] 
[   70.349802][    C0]  ? rb_next+0xe9/0x130
[   70.354178][   T27] RAX: dffffc0000000000 RBX: ffff88800e397000 RCX: 000000000000000a
[   70.356466][    C0]  ? rb_next+0xe9/0x130
[   70.360578][   T27] RDX: 0000000000000050 RSI: ffffffff85476bc0 RDI: ffffffff857bdcc0
[   70.368511][    C0]  rb_next+0xe9/0x130
[   70.372625][   T27] RBP: ffffc90000a3f978 R08: 0000000000000000 R09: ffff88806d9d9d98
[   70.380558][    C0]  timerqueue_del+0xb4/0x120
[   70.384494][   T27] R10: 0000000000000003 R11: ffff88806d9d9da0 R12: ffff88806d9d9d80
[   70.392444][    C0]  __remove_hrtimer+0x77/0x210
[   70.396997][   T27] R13: 0000000000000080 R14: 00000000000080fe R15: 0000000000000080
[   70.404943][    C0]  __hrtimer_run_queues+0x486/0x9c0
[   70.409669][   T27] FS:  0000000000000000(0000) GS:ffff8880ba900000(0000) knlGS:0000000000000000
[   70.417602][    C0]  ? lock_sync+0x190/0x190
[   70.422762][   T27] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.431650][    C0]  ? enqueue_hrtimer+0x260/0x260
[   70.436024][   T27] CR2: 00007f5c29fff000 CR3: 000000007defa000 CR4: 0000000000350ee0
[   70.442568][    C0]  hrtimer_interrupt+0x2e4/0x7e0
[   70.447463][   T27] Call Trace:
[   70.455569][    C0]  __sysvec_apic_timer_interrupt+0x105/0x3f0
[   70.460465][   T27]  <TASK>
[   70.463728][    C0]  sysvec_apic_timer_interrupt+0x89/0xb0
[   70.469664][   T27]  ? die_addr+0x3b/0xa0
[   70.472649][    C0]  </IRQ>
[   70.478236][   T27]  ? exc_general_protection+0x150/0x220
[   70.482347][    C0]  <TASK>
[   70.485243][   T27]  ? asm_exc_general_protection+0x26/0x30
[   70.490831][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   70.493729][   T27]  ? fib6_add+0xbcd/0x4780
[   70.499405][    C0] RIP: 0010:acpi_safe_halt+0x1b/0x20
[   70.505342][   T27]  ? lock_acquire+0x1ae/0x510
[   70.509716][    C0] Code: ed c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 65 48 8b 04 25 40 93 03 00 48 8b 00 a8 08 75 0c eb 07 0f 00 2d a7 bc 6c 00 fb f4 <fa> c3 0f 1f 00 0f b6 47 08 3c 01 74 0b 3c 02 74 05 8b 7f 04 eb 9f
[   70.514956][   T27]  ? fib6_update_sernum_stub+0x80/0x80
[   70.519596][    C0] RSP: 0018:ffffffff86407d70 EFLAGS: 00000246
[   70.539179][   T27]  ? do_raw_spin_lock+0x12e/0x2b0
[   70.544595][    C0] 
[   70.550619][   T27]  ? spin_bug+0x1d0/0x1d0
[   70.555686][    C0] RAX: 0000000000004000 RBX: 0000000000000001 RCX: ffffffff8516b5fe
[   70.557973][   T27]  ? netlink_connect+0x490/0x490
[   70.562347][    C0] RDX: 0000000000000001 RSI: ffff88814125a000 RDI: ffff88814125a064
[   70.570366][   T27]  ? inet6_fill_ifaddr+0x579/0xc90
[   70.575351][    C0] RBP: ffff88814125a064 R08: 0000000000000001 R09: ffffed10175069a5
[   70.583285][   T27]  ip6_ins_rt+0xad/0x100
[   70.588369][    C0] R10: ffff8880ba834d2b R11: 0000000000000000 R12: ffff88814168e000
[   70.596392][   T27]  ? ip6_dst_neigh_lookup+0xc0/0xc0
[   70.600682][    C0] R13: ffffffff86c5a2a0 R14: 0000000000000000 R15: 0000000000000000
[   70.608635][   T27]  ? nlmsg_notify+0x6e/0x160
[   70.613963][    C0]  ? ct_kernel_exit+0x12e/0x180
[   70.621898][   T27]  __ipv6_ifa_notify+0xac6/0xf50
[   70.626447][    C0]  acpi_idle_enter+0xc5/0x160
[   70.631254][   T27]  ? modify_prefix_route+0x810/0x810
[   70.636153][    C0]  cpuidle_enter_state+0x82/0x500
[   70.640875][   T27]  ? lockdep_hardirqs_on+0x7d/0x100
[   70.646117][    C0]  ? mark_tsc_async_resets+0x30/0x30
[   70.651099][   T27]  ? mod_delayed_work_on+0x110/0x110
[   70.656252][    C0]  cpuidle_enter+0x49/0xa0
[   70.661496][   T27]  ? addrconf_dad_completed+0x14f/0xe50
[   70.666738][    C0]  do_idle+0x315/0x3f0
[   70.671115][   T27]  addrconf_dad_completed+0x14f/0xe50
[   70.676635][    C0]  ? arch_cpu_idle_exit+0x30/0x30
[   70.680662][   T27]  ? addrconf_dad_work+0x65a/0xe80
[   70.685995][    C0]  cpu_startup_entry+0x50/0x60
[   70.691004][   T27]  ? addrconf_rs_timer+0x730/0x730
[   70.696167][    C0]  rest_init+0x14a/0x220
[   70.700902][   T27]  ? mark_held_locks+0x9f/0xe0
[   70.705978][    C0]  arch_call_rest_init+0xe/0x20
[   70.710179][   T27]  ? addrconf_dad_work+0x67b/0xe80
[   70.714904][    C0]  start_kernel+0x2f0/0x330
[   70.719802][   T27]  addrconf_dad_work+0x67b/0xe80
[   70.724880][    C0]  x86_64_start_reservations+0x18/0x30
[   70.729348][   T27]  ? addrconf_dad_completed+0xe50/0xe50
[   70.734241][    C0]  x86_64_start_kernel+0xb2/0xc0
[   70.739656][   T27]  process_one_work+0x789/0x12a0
[   70.745158][    C0]  secondary_startup_64_no_verify+0x166/0x16b
[   70.750052][   T27]  ? lock_sync+0x190/0x190
[   70.754975][    C0]  </TASK>
[   70.760999][   T27]  ? init_worker_pool+0x750/0x750
[   70.765381][    C0] 
[   70.768372][   T27]  ? assign_work+0x163/0x230
[   70.773441][    C0] The buggy address belongs to the physical page:
[   70.775736][   T27]  worker_thread+0x6fb/0x1170
[   70.780294][    C0] page:ffffea0000017640 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5d9
[   70.786667][   T27]  ? lockdep_hardirqs_on+0x7d/0x100
[   70.791302][    C0] flags: 0x7ff00000000000(node=0|zone=0|lastcpupid=0x7ff)
[   70.801323][   T27]  ? __kthread_parkme+0xb8/0x1f0
[   70.806488][    C0] page_type: 0xffffffff()
[   70.813641][   T27]  ? process_one_work+0x12a0/0x12a0
[   70.818573][    C0] raw: 007ff00000000000 ffffea0000017648 ffffea0000017648 0000000000000000
[   70.822946][   T27]  kthread+0x2ed/0x3d0
[   70.828101][    C0] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   70.836733][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[   70.840764][    C0] page dumped because: kasan: bad access detected
[   70.849401][   T27]  ? kthread_complete_and_exit+0x20/0x20
[   70.854560][    C0] page_owner info is not present (never set?)
[   70.861019][   T27]  ret_from_fork+0x2c/0x70
[   70.866609][    C0] 
[   70.866610][    C0] Memory state around the buggy address:
[   70.872635][   T27]  ? kthread_complete_and_exit+0x20/0x20
[   70.877029][    C0]  ffff8880005d9e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.879322][   T27]  ret_from_fork_asm+0x11/0x20
[   70.884913][    C0]  ffff8880005d9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.890513][   T27]  </TASK>
[   70.898541][    C0] >ffff8880005d9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.903353][   T27] Modules linked in:
[   70.911373][    C0]                                ^
[   70.914363][   T27] 
[   70.922382][    C0]  ffff8880005da000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.926287][   T27] ---[ end trace 0000000000000000 ]---
[   70.931437][    C0]  ffff8880005da080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.933734][   T27] RIP: 0010:fib6_add+0xbcd/0x4780
[   70.941840][    C0] ==================================================================
[   70.941844][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   70.942981][    C0] Kernel Offset: disabled