Warning: Permanently added '10.128.1.114' (ED25519) to the list of known hosts. 2025/03/10 07:37:47 ignoring optional flag "sandboxArg"="0" 2025/03/10 07:37:48 parsed 1 programs [ 67.835897][ T2475] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.924325][ T1380] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.933625][ T1380] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.941166][ T1380] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.949079][ T1380] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.956688][ T1380] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.963849][ T1380] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.410641][ T2556] chnl_net:caif_netlink_parms(): no params data found [ 70.579672][ T2556] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.428655][ T2556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.985845][ T134] bond0 (unregistering): Released all slaves 2025/03/10 07:37:54 executed programs: 0 [ 73.245346][ T2025] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.252622][ T2025] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.260670][ T2025] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.268993][ T2025] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.276481][ T2025] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.283703][ T2025] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.429294][ T2973] chnl_net:caif_netlink_parms(): no params data found [ 74.586627][ T2973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.314970][ T1380] Bluetooth: hci0: command tx timeout [ 75.368926][ T2973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.794502][ T3376] ================================================================== [ 76.802591][ T3376] BUG: KASAN: slab-out-of-bounds in do_check+0xbe19/0xce40 [ 76.809780][ T3376] Read of size 4 at addr ffff8881013b5690 by task syz.2.16/3376 [ 76.817379][ T3376] [ 76.819722][ T3376] CPU: 1 UID: 0 PID: 3376 Comm: syz.2.16 Not tainted 6.14.0-rc3-syzkaller #0 [ 76.819728][ T3376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 76.819734][ T3376] Call Trace: [ 76.819738][ T3376] <TASK> [ 76.819741][ T3376] dump_stack_lvl+0x108/0x280 [ 76.819751][ T3376] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.819757][ T3376] ? __pfx__printk+0x10/0x10 [ 76.819763][ T3376] ? __virt_addr_valid+0x141/0x270 [ 76.819768][ T3376] ? __virt_addr_valid+0x229/0x270 [ 76.819773][ T3376] print_report+0x16e/0x5b0 [ 76.819779][ T3376] ? __virt_addr_valid+0x141/0x270 [ 76.819782][ T3376] ? __virt_addr_valid+0x229/0x270 [ 76.819787][ T3376] ? do_check+0xbe19/0xce40 [ 76.819792][ T3376] kasan_report+0x143/0x180 [ 76.819797][ T3376] ? do_check+0xbe19/0xce40 [ 76.819802][ T3376] do_check+0xbe19/0xce40 [ 76.819807][ T3376] ? stack_depot_save_flags+0x667/0x760 [ 76.819820][ T3376] ? kasan_save_track+0x3f/0x80 [ 76.819824][ T3376] ? __kmalloc_cache_noprof+0x238/0x430 [ 76.819829][ T3376] ? do_check_common+0x1d5/0x1e80 [ 76.819841][ T3376] ? __pfx_do_check+0x10/0x10 [ 76.819845][ T3376] ? __pfx_verbose+0x10/0x10 [ 76.819851][ T3376] ? __pfx_disasm_kfunc_name+0x10/0x10 [ 76.819855][ T3376] ? __asan_memset+0x23/0x50 [ 76.819862][ T3376] do_check_common+0x1526/0x1e80 [ 76.819870][ T3376] bpf_check+0x2175/0x1d6f0 [ 76.819876][ T3376] ? propagate_protected_usage+0x12b/0x1a0 [ 76.819882][ T3376] ? page_counter_try_charge+0xc6/0x2c0 [ 76.819889][ T3376] ? __lock_acquire+0x61d/0xc70 [ 76.819897][ T3376] ? obj_cgroup_charge_pages+0x187/0x2f0 [ 76.819904][ T3376] ? __lock_acquire+0x61d/0xc70 [ 76.819910][ T3376] ? __memcg_kmem_charge_page+0xe3/0x240 [ 76.819916][ T3376] ? __pfx_lock_release+0x10/0x10 [ 76.819921][ T3376] ? __pfx_get_page_from_freelist+0x10/0x10 [ 76.819927][ T3376] ? __lock_acquire+0x61d/0xc70 [ 76.819934][ T3376] ? is_bpf_text_address+0x2b/0x160 [ 76.819939][ T3376] ? __pfx_lock_release+0x10/0x10 [ 76.819944][ T3376] ? unwind_next_frame+0x18e6/0x22d0 [ 76.819951][ T3376] ? __lock_acquire+0x61d/0xc70 [ 76.819956][ T3376] ? __lock_acquire+0x61d/0xc70 [ 76.819962][ T3376] ? __pfx_bpf_check+0x10/0x10 [ 76.819968][ T3376] ? __pfx_lock_acquire+0x10/0x10 [ 76.819974][ T3376] ? __lock_acquire+0x61d/0xc70 [ 76.819981][ T3376] ? __lock_acquire+0x61d/0xc70 [ 76.819987][ T3376] ? bpf_prog_load+0x10a9/0x1de0 [ 76.819991][ T3376] ? __pfx_lock_release+0x10/0x10 [ 76.819996][ T3376] ? do_raw_spin_lock+0x14e/0x3b0 [ 76.820002][ T3376] ? bpf_prog_load+0x10a9/0x1de0 [ 76.820006][ T3376] ? bpf_prog_load+0x10a9/0x1de0 [ 76.820010][ T3376] ? ktime_get_with_offset+0x1f1/0x330 [ 76.820017][ T3376] ? __pfx_ktime_get_with_offset+0x10/0x10 [ 76.820022][ T3376] ? __asan_memset+0x23/0x50 [ 76.820027][ T3376] ? bpf_obj_name_cpy+0x29/0x120 [ 76.820033][ T3376] bpf_prog_load+0x1211/0x1de0 [ 76.820041][ T3376] ? __pfx_bpf_prog_load+0x10/0x10 [ 76.820050][ T3376] __sys_bpf+0x3fa/0x650 [ 76.820055][ T3376] ? __pfx___sys_bpf+0x10/0x10 [ 76.820062][ T3376] ? __up_read+0x28b/0x370 [ 76.820070][ T3376] __x64_sys_bpf+0x77/0x90 [ 76.820074][ T3376] do_syscall_64+0x8d/0x190 [ 76.820080][ T3376] ? clear_bhb_loop+0x55/0xb0 [ 76.820086][ T3376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.820095][ T3376] RIP: 0033:0x7f37cf78d169 [ 76.820103][ T3376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.820107][ T3376] RSP: 002b:00007f37d0512038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 76.820116][ T3376] RAX: ffffffffffffffda RBX: 00007f37cf9a5fa0 RCX: 00007f37cf78d169 [ 76.820119][ T3376] RDX: 0000000000000094 RSI: 00004000000009c0 RDI: 0000000000000005 [ 76.820123][ T3376] RBP: 00007f37cf80e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 76.820126][ T3376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.820128][ T3376] R13: 0000000000000001 R14: 00007f37cf9a5fa0 R15: 00007ffc9bce29b8 [ 76.820134][ T3376] </TASK> [ 76.820136][ T3376] [ 77.208892][ T3376] Allocated by task 3376: [ 77.213192][ T3376] kasan_save_track+0x3f/0x80 [ 77.217844][ T3376] __kasan_kmalloc+0x98/0xb0 [ 77.222409][ T3376] __kmalloc_cache_noprof+0x238/0x430 [ 77.227747][ T3376] do_check_common+0x1d5/0x1e80 [ 77.232567][ T3376] bpf_check+0x2175/0x1d6f0 [ 77.237044][ T3376] bpf_prog_load+0x1211/0x1de0 [ 77.241792][ T3376] __sys_bpf+0x3fa/0x650 [ 77.246028][ T3376] __x64_sys_bpf+0x77/0x90 [ 77.250446][ T3376] do_syscall_64+0x8d/0x190 [ 77.254929][ T3376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.260971][ T3376] [ 77.263278][ T3376] The buggy address belongs to the object at ffff8881013b5000 [ 77.263278][ T3376] which belongs to the cache kmalloc-2k of size 2048 [ 77.277482][ T3376] The buggy address is located 312 bytes to the right of [ 77.277482][ T3376] allocated 1368-byte region [ffff8881013b5000, ffff8881013b5558) [ 77.292285][ T3376] [ 77.294588][ T3376] The buggy address belongs to the physical page: [ 77.300982][ T3376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1013b0 [ 77.309810][ T3376] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 77.318295][ T3376] flags: 0x100000000000040(head|node=0|zone=2) [ 77.324520][ T3376] page_type: f5(slab) [ 77.328474][ T3376] raw: 0100000000000040 ffff888100042000 ffffea0005c9b600 dead000000000002 [ 77.337028][ T3376] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 77.345585][ T3376] head: 0100000000000040 ffff888100042000 ffffea0005c9b600 dead000000000002 [ 77.354225][ T3376] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 77.362865][ T3376] head: 0100000000000003 ffffea000404ec01 ffffffffffffffff 0000000000000000 [ 77.371502][ T3376] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 77.380151][ T3376] page dumped because: kasan: bad access detected [ 77.386554][ T3376] page_owner tracks the page as allocated [ 77.392239][ T3376] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 3190056249, free_ts 0 [ 77.411919][ T3376] post_alloc_hook+0x108/0x120 [ 77.416662][ T3376] get_page_from_freelist+0x4a33/0x4c60 [ 77.422211][ T3376] __alloc_frozen_pages_noprof+0x256/0x650 [ 77.428000][ T3376] alloc_pages_mpol+0x224/0x4e0 [ 77.432818][ T3376] allocate_slab+0x8b/0x350 [ 77.437287][ T3376] ___slab_alloc+0x9f6/0x1130 [ 77.441948][ T3376] __kmalloc_cache_noprof+0x299/0x430 [ 77.447289][ T3376] acpi_ds_create_walk_state+0xf2/0x280 [ 77.452801][ T3376] acpi_ps_execute_method+0x247/0x770 [ 77.458140][ T3376] acpi_ns_evaluate+0x5c8/0x8c0 [ 77.462958][ T3376] acpi_ut_evaluate_object+0x147/0x3d0 [ 77.468383][ T3376] acpi_rs_get_method_data+0xa8/0x130 [ 77.473724][ T3376] acpi_walk_resources+0x143/0x540 [ 77.478801][ T3376] acpi_pci_link_get_current+0x1e9/0x4a0 [ 77.484403][ T3376] acpi_pci_link_set+0x5f6/0x9e0 [ 77.489310][ T3376] acpi_pci_link_allocate_irq+0x9b0/0x1180 [ 77.495085][ T3376] page_owner free stack trace missing [ 77.500423][ T3376] [ 77.502720][ T3376] Memory state around the buggy address: [ 77.508317][ T3376] ffff8881013b5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.516346][ T3376] ffff8881013b5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.524374][ T3376] >ffff8881013b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.532399][ T3376] ^ [ 77.536953][ T3376] ffff8881013b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.544979][ T3376] ffff8881013b5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.553003][ T3376] ================================================================== [ 77.561352][ T3376] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 77.568754][ T3376] Kernel Offset: disabled [ 77.573059][ T3376] Rebooting in 86400 seconds..