Warning: Permanently added '10.128.1.138' (ED25519) to the list of known hosts. 2023/11/14 02:01:41 ignoring optional flag "sandboxArg"="0" 2023/11/14 02:01:42 parsed 1 programs 2023/11/14 02:01:42 executed programs: 0 [ 83.952464][ T2593] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 83.971948][ T2593] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 83.982258][ T2593] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 84.069411][ T2593] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 84.425964][ T2599] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 84.442342][ T2599] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 84.471109][ T2591] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 84.481903][ T2599] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 84.498751][ T2591] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 84.508799][ T2599] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 84.525179][ T2591] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 84.544907][ T2597] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 84.564661][ T2591] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 84.580404][ T2597] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 84.601575][ T2597] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 84.638195][ T2600] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 84.662158][ T2600] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 84.671911][ T2597] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 84.692212][ T2600] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.714087][ T2600] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.761251][ T2589] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 84.792095][ T2589] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 84.805631][ T2589] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 84.830794][ T2589] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 105.042964][ T2593] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.078821][ T2593] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.099737][ T2593] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.108466][ T2593] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.415678][ T2591] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.442869][ T2591] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.452162][ T2591] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.460991][ T2591] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.473327][ T2600] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.483883][ T2600] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.493211][ T2600] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.503220][ T2600] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.606105][ T2599] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.632772][ T2599] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.659467][ T2599] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.668287][ T2599] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.684816][ T2589] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.695631][ T2589] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.704580][ T2589] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.716279][ T2589] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.235669][ T2597] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.249461][ T2597] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.258192][ T2597] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.289733][ T2597] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.493861][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.515365][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.553014][ T952] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 106.570012][ T2610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.577911][ T2610] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.602255][ T2201] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 106.859817][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.867749][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.919662][ T952] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 106.930829][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.938664][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.966651][ T952] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.056197][ T2609] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.078060][ T2609] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.105353][ T952] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.127245][ T2607] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.144060][ T2607] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.163812][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.175368][ T742] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.182667][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.223535][ T952] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.235085][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.277804][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.289384][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.305868][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.331234][ T742] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.343677][ T742] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.370418][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.382385][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.402949][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.663006][ T5046] loop5: detected capacity change from 0 to 32768 2023/11/14 02:02:12 executed programs: 6 [ 107.959886][ T2609] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.967744][ T2609] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.989624][ T5057] loop3: detected capacity change from 0 to 32768 [ 108.006740][ T742] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 108.032355][ T2609] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.144627][ T2609] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.203951][ T742] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 108.335364][ T5070] loop0: detected capacity change from 0 to 32768 [ 108.696854][ T5077] loop1: detected capacity change from 0 to 32768 [ 108.741450][ T5080] loop2: detected capacity change from 0 to 32768 [ 108.795762][ T5084] loop5: detected capacity change from 0 to 32768 [ 109.491631][ T5089] loop3: detected capacity change from 0 to 32768 [ 109.574316][ T5093] loop4: detected capacity change from 0 to 32768 [ 109.692576][ T5095] loop0: detected capacity change from 0 to 32768 [ 109.959624][ T5100] loop2: detected capacity change from 0 to 32768 [ 110.290572][ T5102] loop5: detected capacity change from 0 to 32768 [ 110.533355][ T5104] loop1: detected capacity change from 0 to 32768 [ 110.799336][ T5109] loop0: detected capacity change from 0 to 32768 [ 110.811165][ T5112] loop4: detected capacity change from 0 to 32768 [ 111.270571][ T5114] loop3: detected capacity change from 0 to 32768 [ 111.478913][ T5117] loop2: detected capacity change from 0 to 32768 [ 111.601171][ T5120] loop5: detected capacity change from 0 to 32768 [ 111.892615][ T5128] loop1: detected capacity change from 0 to 32768 [ 112.144391][ T5127] loop0: detected capacity change from 0 to 32768 [ 112.191497][ T5125] loop4: detected capacity change from 0 to 32768 [ 112.775125][ T5133] loop3: detected capacity change from 0 to 32768 2023/11/14 02:02:17 executed programs: 26 [ 112.985957][ T5136] loop5: detected capacity change from 0 to 32768 [ 113.216381][ T5140] loop2: detected capacity change from 0 to 32768 [ 113.216773][ T5144] loop1: detected capacity change from 0 to 32768 [ 113.262768][ T5142] loop0: detected capacity change from 0 to 32768 [ 113.797927][ T5146] loop4: detected capacity change from 0 to 32768 [ 113.994137][ T5150] loop3: detected capacity change from 0 to 32768 [ 114.402977][ T5157] loop2: detected capacity change from 0 to 32768 [ 114.447766][ T5154] loop5: detected capacity change from 0 to 32768 [ 114.621742][ T5162] loop1: detected capacity change from 0 to 32768 [ 114.761300][ T5160] loop0: detected capacity change from 0 to 32768 [ 115.385003][ T5165] loop4: detected capacity change from 0 to 32768 [ 115.413491][ T5167] loop3: detected capacity change from 0 to 32768 [ 115.754472][ T5171] loop2: detected capacity change from 0 to 32768 [ 116.013112][ T5178] loop1: detected capacity change from 0 to 32768 [ 116.051506][ T5174] loop5: detected capacity change from 0 to 32768 [ 116.517938][ T5180] loop0: detected capacity change from 0 to 32768 [ 116.667322][ T5184] loop4: detected capacity change from 0 to 32768 [ 116.782345][ T5183] loop3: detected capacity change from 0 to 32768 [ 117.081978][ T5187] loop1: detected capacity change from 0 to 32768 [ 117.275093][ T5189] loop5: detected capacity change from 0 to 32768 [ 117.502301][ T5191] loop2: detected capacity change from 0 to 32768 [ 117.787977][ T5196] loop0: detected capacity change from 0 to 32768 2023/11/14 02:02:22 executed programs: 48 [ 118.003707][ T5198] loop3: detected capacity change from 0 to 32768 [ 118.396129][ T5201] loop4: detected capacity change from 0 to 32768 [ 118.507916][ T5204] loop1: detected capacity change from 0 to 32768 [ 118.568583][ T5207] loop5: detected capacity change from 0 to 32768 [ 118.813255][ T83] ================================================================== [ 118.821352][ T83] BUG: KASAN: use-after-free in jfs_lazycommit+0x7da/0xb20 [ 118.828562][ T83] Read of size 4 at addr ffff88804d71d294 by task jfsCommit/83 [ 118.836106][ T83] [ 118.838432][ T83] CPU: 0 PID: 83 Comm: jfsCommit Not tainted 6.1.62-syzkaller #0 [ 118.846153][ T83] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 118.856393][ T83] Call Trace: [ 118.859679][ T83] [ 118.862609][ T83] dump_stack_lvl+0x210/0x2fc [ 118.867293][ T83] ? nf_tcp_handle_invalid+0x5d0/0x5d0 [ 118.872924][ T83] ? panic+0x56e/0x56e [ 118.876985][ T83] ? _printk+0xd1/0x111 [ 118.881128][ T83] print_report+0x15f/0x4f0 [ 118.885616][ T83] ? preempt_schedule_common+0xa6/0xd0 [ 118.891066][ T83] ? preempt_schedule+0xd9/0xe0 [ 118.895906][ T83] ? __virt_addr_valid+0x20d/0x2a0 [ 118.901007][ T83] ? __phys_addr+0x8c/0x120 [ 118.905500][ T83] ? jfs_lazycommit+0x7da/0xb20 [ 118.910335][ T83] kasan_report+0x136/0x160 [ 118.914823][ T83] ? jfs_lazycommit+0x7da/0xb20 [ 118.919773][ T83] jfs_lazycommit+0x7da/0xb20 [ 118.924438][ T83] ? txFreelock+0x580/0x580 [ 118.928925][ T83] ? do_task_dead+0xa0/0xa0 [ 118.933430][ T83] ? _raw_spin_unlock+0x40/0x40 [ 118.938354][ T83] ? __kthread_parkme+0x125/0x170 [ 118.943372][ T83] kthread+0x210/0x270 [ 118.947440][ T83] ? txFreelock+0x580/0x580 [ 118.951927][ T83] ? kthread_blkcg+0xd0/0xd0 [ 118.956503][ T83] ret_from_fork+0x1f/0x30 [ 118.960933][ T83] [ 118.963937][ T83] [ 118.966265][ T83] Allocated by task 5204: [ 118.970580][ T83] kasan_set_track+0x4b/0x70 [ 118.975159][ T83] __kasan_kmalloc+0x97/0xb0 [ 118.979770][ T83] jfs_fill_super+0xfb/0xc40 [ 118.984344][ T83] mount_bdev+0x2ad/0x3b0 [ 118.988663][ T83] legacy_get_tree+0xeb/0x180 [ 118.993329][ T83] vfs_get_tree+0x89/0x1b0 [ 118.997741][ T83] do_new_mount+0x291/0xa80 [ 119.002241][ T83] __se_sys_mount+0x2c4/0x3b0 [ 119.006903][ T83] do_syscall_64+0x3d/0xb0 [ 119.011314][ T83] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.017195][ T83] [ 119.019504][ T83] Freed by task 2599: [ 119.023469][ T83] kasan_set_track+0x4b/0x70 [ 119.028136][ T83] kasan_save_free_info+0x27/0x40 [ 119.033147][ T83] ____kasan_slab_free+0x122/0x1e0 [ 119.038239][ T83] __kmem_cache_free+0x2b4/0x470 [ 119.043169][ T83] generic_shutdown_super+0x128/0x340 [ 119.048532][ T83] kill_block_super+0x7a/0xb0 [ 119.053201][ T83] deactivate_locked_super+0xa0/0x110 [ 119.058612][ T83] cleanup_mnt+0x332/0x3b0 [ 119.063025][ T83] task_work_run+0x246/0x2f0 [ 119.067615][ T83] exit_to_user_mode_loop+0xbd/0xe0 [ 119.072798][ T83] exit_to_user_mode_prepare+0x6c/0xc0 [ 119.078241][ T83] syscall_exit_to_user_mode+0x27/0x1c0 [ 119.083780][ T83] do_syscall_64+0x49/0xb0 [ 119.088185][ T83] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.094085][ T83] [ 119.096406][ T83] Last potentially related work creation: [ 119.102116][ T83] kasan_save_stack+0x3b/0x60 [ 119.106885][ T83] __kasan_record_aux_stack+0xb0/0xc0 [ 119.112317][ T83] kvfree_call_rcu+0xda/0x850 [ 119.116983][ T83] drop_sysctl_table+0x317/0x460 [ 119.121918][ T83] drop_sysctl_table+0x329/0x460 [ 119.126865][ T83] unregister_sysctl_table+0x75/0x120 [ 119.132241][ T83] neigh_sysctl_unregister+0x74/0x90 [ 119.137525][ T83] inetdev_event+0x961/0x1050 [ 119.142451][ T83] raw_notifier_call_chain+0xd3/0x110 [ 119.147818][ T83] dev_change_name+0x6b9/0x900 [ 119.152568][ T83] do_setlink+0xacb/0x3f10 [ 119.156991][ T83] rtnl_newlink+0x16f8/0x2020 [ 119.161683][ T83] rtnetlink_rcv_msg+0xa9b/0xe50 [ 119.166618][ T83] netlink_rcv_skb+0x1cd/0x410 [ 119.171374][ T83] netlink_unicast+0x7b2/0x940 [ 119.176214][ T83] netlink_sendmsg+0x936/0xce0 [ 119.180962][ T83] __sys_sendto+0x4ed/0x760 [ 119.185452][ T83] __x64_sys_sendto+0xda/0xf0 [ 119.190117][ T83] do_syscall_64+0x3d/0xb0 [ 119.194521][ T83] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.200402][ T83] [ 119.202721][ T83] The buggy address belongs to the object at ffff88804d71d200 [ 119.202721][ T83] which belongs to the cache kmalloc-256 of size 256 [ 119.217102][ T83] The buggy address is located 148 bytes inside of [ 119.217102][ T83] 256-byte region [ffff88804d71d200, ffff88804d71d300) [ 119.230443][ T83] [ 119.232758][ T83] The buggy address belongs to the physical page: [ 119.239157][ T83] page:ffffea000135c700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4d71c [ 119.249551][ T83] head:ffffea000135c700 order:1 compound_mapcount:0 compound_pincount:0 [ 119.257855][ T83] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 119.265819][ T83] raw: 00fff00000010200 ffffea0001d58900 dead000000000004 ffff88800b041b40 [ 119.274387][ T83] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 119.282958][ T83] page dumped because: kasan: bad access detected [ 119.289348][ T83] page_owner tracks the page as allocated [ 119.295043][ T83] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 2591, tgid 2591 (syz-executor.3), ts 84538751381, free_ts 84523765438 [ 119.317945][ T83] post_alloc_hook+0x286/0x2b0 [ 119.322731][ T83] get_page_from_freelist+0x2fdd/0x3170 [ 119.328273][ T83] __alloc_pages+0x251/0x640 [ 119.332847][ T83] alloc_slab_page+0x6a/0x150 [ 119.337510][ T83] new_slab+0x70/0x250 [ 119.341566][ T83] ___slab_alloc+0x9df/0xe70 [ 119.346226][ T83] __kmem_cache_alloc_node+0x195/0x250 [ 119.351683][ T83] kmalloc_trace+0x26/0xc0 [ 119.356276][ T83] ____ip_mc_inc_group+0x1f9/0x870 [ 119.361376][ T83] ip_mc_up+0xf2/0x1a0 [ 119.365428][ T83] inetdev_event+0xc2f/0x1050 [ 119.370107][ T83] raw_notifier_call_chain+0xd3/0x110 [ 119.375467][ T83] __dev_notify_flags+0x2ab/0x520 [ 119.380475][ T83] dev_change_flags+0xe7/0x190 [ 119.385226][ T83] do_setlink+0xf5d/0x3f10 [ 119.389685][ T83] rtnl_newlink+0x16f8/0x2020 [ 119.394439][ T83] page last free stack trace: [ 119.399178][ T83] free_unref_page_prepare+0xd6c/0xf00 [ 119.404624][ T83] free_unref_page+0x33/0x390 [ 119.409291][ T83] qlist_free_all+0x76/0xe0 [ 119.413784][ T83] kasan_quarantine_reduce+0x156/0x170 [ 119.419229][ T83] __kasan_slab_alloc+0x1f/0x70 [ 119.424065][ T83] slab_post_alloc_hook+0x54/0x3e0 [ 119.429165][ T83] kmem_cache_alloc_node+0x13a/0x2d0 [ 119.434473][ T83] __alloc_skb+0xe7/0x820 [ 119.438794][ T83] devlink_trap_policer_notify+0x63/0x1b0 [ 119.444503][ T83] devlink_register+0x176/0x530 [ 119.449343][ T83] nsim_drv_probe+0x99d/0xaf0 [ 119.454004][ T83] really_probe+0x384/0xcd0 [ 119.458498][ T83] __driver_probe_device+0x1a2/0x3d0 [ 119.463772][ T83] driver_probe_device+0x50/0x420 [ 119.468784][ T83] __device_attach_driver+0x2cf/0x510 [ 119.474145][ T83] bus_for_each_drv+0x183/0x200 [ 119.478988][ T83] [ 119.481302][ T83] Memory state around the buggy address: [ 119.486942][ T83] ffff88804d71d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 119.494985][ T83] ffff88804d71d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 119.503029][ T83] >ffff88804d71d280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 119.511072][ T83] ^ [ 119.515642][ T83] ffff88804d71d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 119.523703][ T83] ffff88804d71d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 119.531748][ T83] ================================================================== [ 119.539793][ T83] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 119.547160][ T83] Kernel Offset: disabled [ 119.551471][ T83] Rebooting in 86400 seconds..