Warning: Permanently added '[localhost]:63565' (ED25519) to the list of known hosts.
2024/06/21 16:16:20 ignoring optional flag "sandboxArg"="0"
2024/06/21 16:16:20 parsed 1 programs
[ 74.328450][ T39] kauditd_printk_skb: 73 callbacks suppressed
[ 74.328461][ T39] audit: type=1400 audit(1718986580.315:207): avc: denied { getattr } for pid=5393 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 74.359233][ T39] audit: type=1400 audit(1718986580.345:208): avc: denied { mounton } for pid=5403 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 74.367793][ T39] audit: type=1400 audit(1718986580.345:209): avc: denied { mount } for pid=5403 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 74.377239][ T39] audit: type=1400 audit(1718986580.355:210): avc: denied { read write } for pid=5403 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 74.388222][ T39] audit: type=1400 audit(1718986580.355:211): avc: denied { open } for pid=5403 comm="syz-executor" path="/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 74.405851][ T39] audit: type=1400 audit(1718986580.395:212): avc: denied { unlink } for pid=5403 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 74.878430][ T39] audit: type=1400 audit(1718986580.865:213): avc: denied { relabelto } for pid=5414 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 75.644005][ T5403] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/06/21 16:16:21 executed programs: 0
[ 75.691776][ T4635] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 75.695622][ T4635] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 75.698667][ T4635] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 75.702391][ T4635] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 75.707129][ T4635] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 75.710630][ T4635] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 75.718899][ T39] audit: type=1400 audit(1718986581.705:214): avc: denied { mounton } for pid=5419 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 75.883326][ T5419] chnl_net:caif_netlink_parms(): no params data found
[ 75.988415][ T5419] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.991733][ T5419] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.995100][ T5419] bridge_slave_0: entered allmulticast mode
[ 75.999157][ T5419] bridge_slave_0: entered promiscuous mode
[ 76.005313][ T5419] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.008522][ T5419] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.011775][ T5419] bridge_slave_1: entered allmulticast mode
[ 76.015486][ T39] audit: type=1400 audit(1718986582.005:215): avc: denied { search } for pid=4673 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 76.016178][ T5419] bridge_slave_1: entered promiscuous mode
[ 76.090198][ T5419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.098122][ T5419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.168037][ T5419] team0: Port device team_slave_0 added
[ 76.173977][ T5419] team0: Port device team_slave_1 added
[ 76.233730][ T5419] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.236862][ T5419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.249198][ T5419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.256632][ T5419] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.260130][ T5419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.271715][ T5419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.356797][ T5419] hsr_slave_0: entered promiscuous mode
[ 76.361339][ T5419] hsr_slave_1: entered promiscuous mode
[ 77.089338][ T5419] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 77.094503][ T5419] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 77.100270][ T5419] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 77.105717][ T5419] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 77.165069][ T5419] 8021q: adding VLAN 0 to HW filter on device bond0
[ 77.179390][ T5419] 8021q: adding VLAN 0 to HW filter on device team0
[ 77.188536][ T5210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.191990][ T5210] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 77.206581][ T5210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.209718][ T5210] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 77.261465][ T39] audit: type=1400 audit(1718986583.245:216): avc: denied { sys_module } for pid=5419 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 77.335442][ T5419] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 77.369129][ T5419] veth0_vlan: entered promiscuous mode
[ 77.378868][ T5419] veth1_vlan: entered promiscuous mode
[ 77.406714][ T5419] veth0_macvtap: entered promiscuous mode
[ 77.412934][ T5419] veth1_macvtap: entered promiscuous mode
[ 77.429245][ T5419] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 77.438117][ T5419] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 77.446824][ T5419] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.450702][ T5419] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.454718][ T5419] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.458288][ T5419] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.518454][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.521482][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 77.547845][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.551928][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 77.598278][ T5473] loop0: detected capacity change from 0 to 128
[ 77.607885][ T5473] VFS: Found a Xenix FS (block size = 512) on device loop0
[ 77.620236][ T5473] sysv_free_block: flc_count > flc_size
[ 77.623076][ T5473] sysv_free_block: flc_count > flc_size
[ 77.626378][ T5473] sysv_free_block: flc_count > flc_size
[ 77.628724][ T5473] sysv_free_block: flc_count > flc_size
[ 77.631182][ T5473] sysv_free_block: flc_count > flc_size
[ 77.634891][ T5473] sysv_free_block: flc_count > flc_size
[ 77.637460][ T5473] sysv_free_block: flc_count > flc_size
[ 77.639903][ T5473] sysv_free_block: flc_count > flc_size
[ 77.641941][ T5473] sysv_free_block: flc_count > flc_size
[ 77.644420][ T5473] sysv_free_block: flc_count > flc_size
[ 77.650339][ T5473] ==================================================================
[ 77.654134][ T5473] BUG: KASAN: use-after-free in sysv_new_block+0x7a7/0xa50
[ 77.657302][ T5473] Read of size 4 at addr ffff8880402fa0c8 by task syz-executor.0/5473
[ 77.662459][ T5473]
[ 77.663356][ T5473] CPU: 3 PID: 5473 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00148-g50736169ecc8 #0
[ 77.666983][ T5473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 77.670615][ T5473] Call Trace:
[ 77.671927][ T5473]
[ 77.673096][ T5473] dump_stack_lvl+0x116/0x1f0
[ 77.675137][ T5473] print_report+0xc3/0x620
[ 77.676963][ T5473] ? __virt_addr_valid+0x5e/0x580
[ 77.679125][ T5473] ? __phys_addr+0xc6/0x150
[ 77.680783][ T5473] kasan_report+0xd9/0x110
[ 77.682652][ T5473] ? sysv_new_block+0x7a7/0xa50
[ 77.684691][ T5473] ? sysv_new_block+0x7a7/0xa50
[ 77.686389][ T5473] sysv_new_block+0x7a7/0xa50
[ 77.688120][ T5473] get_block+0x261/0x1570
[ 77.689725][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.691515][ T5473] ? __pfx_lock_release+0x10/0x10
[ 77.693368][ T5473] ? do_raw_spin_lock+0x12d/0x2c0
[ 77.695288][ T5473] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 77.697117][ T5473] ? _raw_spin_unlock+0x28/0x50
[ 77.698845][ T5473] ? create_empty_buffers+0x3a5/0x480
[ 77.700832][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.702524][ T5473] __block_write_begin_int+0x4fb/0x16e0
[ 77.704485][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.706199][ T5473] ? __pfx___block_write_begin_int+0x10/0x10
[ 77.708298][ T5473] block_write_begin+0xb1/0x4a0
[ 77.710178][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.711941][ T5473] sysv_write_begin+0x31/0xe0
[ 77.714006][ T5473] generic_perform_write+0x272/0x620
[ 77.716145][ T5473] ? __pfx_generic_perform_write+0x10/0x10
[ 77.718758][ T5473] ? generic_write_checks+0x322/0x490
[ 77.721166][ T5473] __generic_file_write_iter+0x1fd/0x240
[ 77.723227][ T5473] generic_file_write_iter+0xe7/0x350
[ 77.725462][ T5473] vfs_write+0x6b6/0x1140
[ 77.727147][ T5473] ? __pfx_generic_file_write_iter+0x10/0x10
[ 77.729545][ T5473] ? __pfx___might_resched+0x10/0x10
[ 77.731455][ T5473] ? __pfx_vfs_write+0x10/0x10
[ 77.733182][ T5473] ? __pfx___mutex_lock+0x10/0x10
[ 77.734480][ T5203] Bluetooth: hci0: command tx timeout
[ 77.735257][ T5473] ? __fget_files+0x256/0x400
[ 77.735282][ T5473] ksys_write+0x12f/0x260
[ 77.740695][ T5473] ? __pfx_ksys_write+0x10/0x10
[ 77.742763][ T5473] do_syscall_64+0xcd/0x250
[ 77.744865][ T5473] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.747701][ T5473] RIP: 0033:0x7fcd9767dda9
[ 77.749585][ T5473] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 77.756623][ T5473] RSP: 002b:00007fcd983f10c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 77.759591][ T5473] RAX: ffffffffffffffda RBX: 00007fcd977abf80 RCX: 00007fcd9767dda9
[ 77.762494][ T5473] RDX: 00000000fffffd5e RSI: 000000002000ad00 RDI: 0000000000000004
[ 77.765367][ T5473] RBP: 00007fcd976ca47a R08: 0000000000000000 R09: 0000000000000000
[ 77.768352][ T5473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 77.771030][ T5473] R13: 000000000000000b R14: 00007fcd977abf80 R15: 00007fffa85f1ab8
[ 77.773691][ T5473]
[ 77.774752][ T5473]
[ 77.775578][ T5473] The buggy address belongs to the physical page:
[ 77.777929][ T5473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x1a1 pfn:0x402fa
[ 77.780951][ T5473] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 77.783357][ T5473] raw: 00fff00000000000 ffffea0000cab408 ffff88806b344bf0 0000000000000000
[ 77.786912][ T5473] raw: 00000000000001a1 0000000000000000 00000000ffffffff 0000000000000000
[ 77.790060][ T5473] page dumped because: kasan: bad access detected
[ 77.792398][ T5473] page_owner tracks the page as freed
[ 77.794551][ T5473] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5467, tgid 5467 (dhcpcd-run-hook), ts 77465129141, free_ts 77581288849
[ 77.801070][ T5473] post_alloc_hook+0x2d1/0x350
[ 77.802708][ T5473] get_page_from_freelist+0x136a/0x2e50
[ 77.804570][ T5473] __alloc_pages_noprof+0x22b/0x2460
[ 77.806369][ T5473] alloc_pages_mpol_noprof+0x275/0x610
[ 77.808268][ T5473] vma_alloc_folio_noprof+0xad/0x1f0
[ 77.810114][ T5473] do_wp_page+0x1acd/0x3340
[ 77.811688][ T5473] __handle_mm_fault+0x2311/0x5410
[ 77.813440][ T5473] handle_mm_fault+0x476/0xa00
[ 77.815094][ T5473] do_user_addr_fault+0x426/0xe50
[ 77.816821][ T5473] exc_page_fault+0x5c/0xc0
[ 77.818484][ T5473] asm_exc_page_fault+0x26/0x30
[ 77.820303][ T5473] page last free pid 5467 tgid 5467 stack trace:
[ 77.822471][ T5473] free_unref_folios+0x991/0x1310
[ 77.824283][ T5473] folios_put_refs+0x487/0x6d0
[ 77.826169][ T5473] free_pages_and_swap_cache+0x36d/0x510
[ 77.828512][ T5473] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 77.830883][ T5473] tlb_finish_mmu+0x168/0x7b0
[ 77.832477][ T5473] exit_mmap+0x3d1/0xb20
[ 77.833943][ T5473] __mmput+0x12a/0x4d0
[ 77.835330][ T5473] mmput+0x62/0x70
[ 77.836607][ T5473] do_exit+0x9b7/0x2ba0
[ 77.838020][ T5473] do_group_exit+0xd3/0x2a0
[ 77.839634][ T5473] __x64_sys_exit_group+0x3e/0x50
[ 77.841466][ T5473] do_syscall_64+0xcd/0x250
[ 77.843095][ T5473] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.845403][ T5473]
[ 77.846271][ T5473] Memory state around the buggy address:
[ 77.848334][ T5473] ffff8880402f9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.851840][ T5473] ffff8880402fa000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.855382][ T5473] >ffff8880402fa080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.858901][ T5473] ^
[ 77.861973][ T5473] ffff8880402fa100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.865678][ T5473] ffff8880402fa180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.869127][ T5473] ==================================================================
[ 77.872649][ T5473] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 77.875414][ T5473] CPU: 2 PID: 5473 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00148-g50736169ecc8 #0
[ 77.880133][ T5473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 77.884690][ T5473] Call Trace:
[ 77.886188][ T5473]
[ 77.887499][ T5473] dump_stack_lvl+0x3d/0x1f0
[ 77.889565][ T5473] panic+0x6f5/0x7a0
[ 77.891317][ T5473] ? __pfx_panic+0x10/0x10
[ 77.893365][ T5473] ? irqentry_exit+0x3b/0x90
[ 77.895624][ T5473] ? lockdep_hardirqs_on+0x7c/0x110
[ 77.898142][ T5473] ? preempt_schedule_thunk+0x1a/0x30
[ 77.900614][ T5473] ? preempt_schedule_common+0x44/0xc0
[ 77.903051][ T5473] ? check_panic_on_warn+0x1f/0xb0
[ 77.905312][ T5473] check_panic_on_warn+0xab/0xb0
[ 77.907457][ T5473] end_report+0x117/0x180
[ 77.909411][ T5473] kasan_report+0xe9/0x110
[ 77.911426][ T5473] ? sysv_new_block+0x7a7/0xa50
[ 77.913541][ T5473] ? sysv_new_block+0x7a7/0xa50
[ 77.915572][ T5473] sysv_new_block+0x7a7/0xa50
[ 77.917824][ T5473] get_block+0x261/0x1570
[ 77.920023][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.922257][ T5473] ? __pfx_lock_release+0x10/0x10
[ 77.924717][ T5473] ? do_raw_spin_lock+0x12d/0x2c0
[ 77.926957][ T5473] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 77.929238][ T5473] ? _raw_spin_unlock+0x28/0x50
[ 77.931413][ T5473] ? create_empty_buffers+0x3a5/0x480
[ 77.933774][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.935919][ T5473] __block_write_begin_int+0x4fb/0x16e0
[ 77.938392][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.940544][ T5473] ? __pfx___block_write_begin_int+0x10/0x10
[ 77.943341][ T5473] block_write_begin+0xb1/0x4a0
[ 77.945530][ T5473] ? __pfx_get_block+0x10/0x10
[ 77.947697][ T5473] sysv_write_begin+0x31/0xe0
[ 77.949798][ T5473] generic_perform_write+0x272/0x620
[ 77.952206][ T5473] ? __pfx_generic_perform_write+0x10/0x10
[ 77.954968][ T5473] ? generic_write_checks+0x322/0x490
[ 77.957553][ T5473] __generic_file_write_iter+0x1fd/0x240
[ 77.960147][ T5473] generic_file_write_iter+0xe7/0x350
[ 77.962549][ T5473] vfs_write+0x6b6/0x1140
[ 77.964474][ T5473] ? __pfx_generic_file_write_iter+0x10/0x10
[ 77.967136][ T5473] ? __pfx___might_resched+0x10/0x10
[ 77.969502][ T5473] ? __pfx_vfs_write+0x10/0x10
[ 77.971672][ T5473] ? __pfx___mutex_lock+0x10/0x10
[ 77.973939][ T5473] ? __fget_files+0x256/0x400
[ 77.976183][ T5473] ksys_write+0x12f/0x260
[ 77.978166][ T5473] ? __pfx_ksys_write+0x10/0x10
[ 77.980337][ T5473] do_syscall_64+0xcd/0x250
[ 77.982389][ T5473] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.985016][ T5473] RIP: 0033:0x7fcd9767dda9
[ 77.987025][ T5473] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 77.995448][ T5473] RSP: 002b:00007fcd983f10c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 77.999085][ T5473] RAX: ffffffffffffffda RBX: 00007fcd977abf80 RCX: 00007fcd9767dda9
[ 78.002557][ T5473] RDX: 00000000fffffd5e RSI: 000000002000ad00 RDI: 0000000000000004
[ 78.006062][ T5473] RBP: 00007fcd976ca47a R08: 0000000000000000 R09: 0000000000000000
[ 78.009500][ T5473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 78.012990][ T5473] R13: 000000000000000b R14: 00007fcd977abf80 R15: 00007fffa85f1ab8
[ 78.016413][ T5473]
[ 78.018266][ T5473] Kernel Offset: disabled
[ 78.019758][ T5473] Rebooting in 86400 seconds..