Warning: Permanently added '10.128.0.176' (ED25519) to the list of known hosts.
2024/09/13 08:39:56 parsed 1 programs
2024/09/13 08:39:56 executed programs: 0
[ 46.786424][ T23] kauditd_printk_skb: 11 callbacks suppressed
[ 46.786437][ T23] audit: type=1400 audit(1726216796.520:87): avc: denied { mounton } for pid=421 comm="syz-executor.2" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 46.787955][ T421] cgroup1: Unknown subsys name 'perf_event'
[ 46.792332][ T23] audit: type=1400 audit(1726216796.520:88): avc: denied { mounton } for pid=421 comm="syz-executor.2" path="/syzcgroup/cpu" dev="sda1" ino=1931 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 46.816832][ T424] cgroup1: Unknown subsys name 'perf_event'
[ 46.833549][ T429] cgroup1: Unknown subsys name 'perf_event'
[ 46.845316][ T427] cgroup1: Unknown subsys name 'perf_event'
[ 46.850779][ T430] cgroup1: Unknown subsys name 'perf_event'
[ 46.855887][ T427] cgroup1: Unknown subsys name 'net_cls'
[ 46.861212][ T430] cgroup1: Unknown subsys name 'net_cls'
[ 46.867473][ T431] cgroup1: Unknown subsys name 'perf_event'
[ 46.872293][ T429] cgroup1: Unknown subsys name 'net_cls'
[ 46.886107][ T431] cgroup1: Unknown subsys name 'net_cls'
[ 46.894365][ T421] cgroup1: Unknown subsys name 'net_cls'
[ 46.900268][ T424] cgroup1: Unknown subsys name 'net_cls'
[ 47.075678][ T421] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.082798][ T421] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.090116][ T421] device bridge_slave_0 entered promiscuous mode
[ 47.100446][ T430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.107433][ T430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.114634][ T430] device bridge_slave_0 entered promiscuous mode
[ 47.125398][ T421] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.132400][ T421] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.139967][ T421] device bridge_slave_1 entered promiscuous mode
[ 47.165827][ T430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.172645][ T430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.179992][ T430] device bridge_slave_1 entered promiscuous mode
[ 47.224190][ T424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.231128][ T424] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.238520][ T424] device bridge_slave_0 entered promiscuous mode
[ 47.248621][ T424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.255445][ T424] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.262798][ T424] device bridge_slave_1 entered promiscuous mode
[ 47.306739][ T429] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.313561][ T429] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.320892][ T429] device bridge_slave_0 entered promiscuous mode
[ 47.337278][ T429] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.344230][ T429] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.351593][ T429] device bridge_slave_1 entered promiscuous mode
[ 47.374324][ T427] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.381324][ T427] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.388605][ T427] device bridge_slave_0 entered promiscuous mode
[ 47.408568][ T431] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.415388][ T431] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.422959][ T431] device bridge_slave_0 entered promiscuous mode
[ 47.430496][ T427] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.437579][ T427] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.444761][ T427] device bridge_slave_1 entered promiscuous mode
[ 47.484598][ T431] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.491547][ T431] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.498842][ T431] device bridge_slave_1 entered promiscuous mode
[ 47.611571][ T421] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.618409][ T421] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.625526][ T421] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.632301][ T421] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.676806][ T424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.683644][ T424] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.690766][ T424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.697529][ T424] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.708568][ T429] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.715393][ T429] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.722537][ T429] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.729486][ T429] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.748247][ T430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.755073][ T430] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.762203][ T430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.769053][ T430] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.796619][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 47.804191][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.811763][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.818714][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.825520][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.833261][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.840189][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.847186][ T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.854099][ T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.908397][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 47.916345][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 47.924248][ T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.930987][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.938941][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 47.946971][ T24] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.953778][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.996917][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 48.004633][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 48.012832][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 48.021390][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 48.029714][ T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.036545][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 48.043939][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 48.051964][ T24] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.058790][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.065911][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 48.073788][ T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.080611][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 48.087797][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 48.095490][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 48.115740][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 48.123952][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 48.132464][ T24] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.139295][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.146987][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 48.154817][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 48.162596][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 48.170398][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 48.178174][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 48.186021][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 48.193723][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 48.201744][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 48.227429][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 48.235585][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 48.244477][ T5] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.251308][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 48.258765][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 48.266553][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 48.274182][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 48.282408][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 48.290579][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 48.298713][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 48.306906][ T5] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.313716][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.321101][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 48.328345][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 48.335590][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 48.359459][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 48.367857][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 48.376416][ T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.383239][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 48.391063][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 48.399112][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 48.407264][ T24] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.414073][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.421280][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 48.428971][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 48.436829][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 48.444627][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 48.452752][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 48.460734][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 48.515077][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 48.524339][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 48.532417][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 48.540270][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 48.548426][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 48.556341][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 48.564429][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 48.572568][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 48.580656][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 48.588925][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 48.597038][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 48.605089][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 48.610326][ T23] audit: type=1400 audit(1726216798.340:89): avc: denied { map_create } for pid=453 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 48.613655][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 48.640880][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 48.649384][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 48.649991][ T23] audit: type=1400 audit(1726216798.390:90): avc: denied { map_read map_write } for pid=453 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 48.666398][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 48.684762][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 48.696066][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 48.704095][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 48.717780][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 48.725450][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 48.751428][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 48.759141][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 48.767333][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 48.775364][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 48.783812][ T379] bridge0: port 1(bridge_slave_0) entered blocking state
[ 48.790740][ T379] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 48.797868][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 48.805912][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 48.813824][ T379] bridge0: port 2(bridge_slave_1) entered blocking state
[ 48.820669][ T379] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 48.827889][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 48.835488][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 48.843281][ T379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 48.867707][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 48.878539][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 48.891397][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 48.899685][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 48.929875][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 48.938879][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 48.947802][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 48.956165][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 48.964244][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 48.972373][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 48.980691][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 49.008062][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 49.036195][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 49.044533][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 49.052887][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 49.061176][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 49.131456][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 49.140506][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 49.162857][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 49.172826][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 49.185855][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 49.193764][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 49.246214][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 49.254282][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 49.262931][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 49.270994][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 50.116376][ T555] ==================================================================
[ 50.124372][ T555] BUG: KASAN: use-after-free in enqueue_timer+0xb7/0x300
[ 50.131195][ T555] Write of size 8 at addr ffff8881e99ab1c8 by task syz-executor.3/555
[ 50.139171][ T555]
[ 50.141349][ T555] CPU: 0 PID: 555 Comm: syz-executor.3 Not tainted 5.4.281-syzkaller-04949-gc8a568fb88e9 #0
[ 50.151499][ T555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 50.161398][ T555] Call Trace:
[ 50.164526][ T555] dump_stack+0x1d8/0x241
[ 50.168689][ T555] ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 50.174417][ T555] ? printk+0xd1/0x111
[ 50.178322][ T555] ? enqueue_timer+0xb7/0x300
[ 50.182838][ T555] ? wake_up_klogd+0xb2/0xf0
[ 50.187286][ T555] ? enqueue_timer+0xb7/0x300
[ 50.191777][ T555] print_address_description+0x8c/0x600
[ 50.197165][ T555] ? panic+0x89d/0x89d
[ 50.201064][ T555] ? enqueue_timer+0xb7/0x300
[ 50.205577][ T555] __kasan_report+0xf3/0x120
[ 50.210000][ T555] ? enqueue_timer+0xb7/0x300
[ 50.214512][ T555] kasan_report+0x30/0x60
[ 50.218772][ T555] enqueue_timer+0xb7/0x300
[ 50.223110][ T555] internal_add_timer+0x240/0x430
[ 50.227967][ T555] __mod_timer+0x6f1/0x13e0
[ 50.232308][ T555] ? mod_timer_pending+0x20/0x20
[ 50.237083][ T555] ? selinux_tun_dev_alloc_security+0x4d/0x130
[ 50.243104][ T555] ? selinux_tun_dev_alloc_security+0x5e/0x130
[ 50.249054][ T555] ? init_timer_key+0x2d/0x1f0
[ 50.253688][ T555] tun_net_init+0x287/0x540
[ 50.257998][ T555] register_netdevice+0x1c0/0x12a0
[ 50.263057][ T555] ? memset+0x1f/0x40
[ 50.266868][ T555] ? netdev_update_lockdep_key+0x10/0x10
[ 50.272331][ T555] ? alloc_netdev_mqs+0x99d/0xc70
[ 50.277199][ T555] tun_set_iff+0x7f7/0xdc0
[ 50.281455][ T555] __tun_chr_ioctl+0x8a9/0x1d00
[ 50.286134][ T555] ? tun_flow_create+0x250/0x250
[ 50.290994][ T555] ? tun_chr_poll+0x670/0x670
[ 50.295507][ T555] do_vfs_ioctl+0x742/0x1720
[ 50.299933][ T555] ? ioctl_preallocate+0x250/0x250
[ 50.304879][ T555] ? __fget+0x407/0x490
[ 50.308871][ T555] ? fget_many+0x20/0x20
[ 50.312952][ T555] ? switch_fpu_return+0x1d4/0x410
[ 50.317898][ T555] ? security_file_ioctl+0x7d/0xa0
[ 50.322846][ T555] __x64_sys_ioctl+0xd4/0x110
[ 50.327532][ T555] do_syscall_64+0xca/0x1c0
[ 50.331873][ T555] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 50.337613][ T555] RIP: 0033:0x454b09
[ 50.341329][ T555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b4 ff ff ff f7 d8 64 89 01 48
[ 50.360975][ T555] RSP: 002b:00007ffba6b9d0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 50.369220][ T555] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 0000000000454b09
[ 50.377035][ T555] RDX: 0000000020000300 RSI: 00000000400454ca RDI: 0000000000000003
[ 50.384841][ T555] RBP: 00000000000005b8 R08: 0000000000000000 R09: 0000000000000000
[ 50.392665][ T555] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004e4b40
[ 50.400556][ T555] R13: 00007ffba6b9d674 R14: 000000000054bf00 R15: 00000000004fb940
[ 50.408365][ T555]
[ 50.410538][ T555] Allocated by task 163:
[ 50.414621][ T555] __kasan_kmalloc+0x171/0x210
[ 50.419217][ T555] kmem_cache_alloc+0xd9/0x250
[ 50.423817][ T555] getname_flags+0xb8/0x4e0
[ 50.428204][ T555] user_path_at_empty+0x28/0x50
[ 50.432838][ T555] vfs_statx+0x115/0x210
[ 50.436929][ T555] __se_sys_newfstatat+0xce/0x770
[ 50.441781][ T555] do_syscall_64+0xca/0x1c0
[ 50.446120][ T555] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 50.451843][ T555]
[ 50.454014][ T555] Freed by task 163:
[ 50.457750][ T555] __kasan_slab_free+0x1b5/0x270
[ 50.462527][ T555] kmem_cache_free+0x10b/0x2c0
[ 50.467124][ T555] filename_lookup+0x50e/0x6e0
[ 50.471809][ T555] vfs_statx+0x115/0x210
[ 50.475890][ T555] __se_sys_newfstatat+0xce/0x770
[ 50.480748][ T555] do_syscall_64+0xca/0x1c0
[ 50.485088][ T555] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 50.490810][ T555]
[ 50.492995][ T555] The buggy address belongs to the object at ffff8881e99aa200
[ 50.492995][ T555] which belongs to the cache names_cache of size 4096
[ 50.506966][ T555] The buggy address is located 4040 bytes inside of
[ 50.506966][ T555] 4096-byte region [ffff8881e99aa200, ffff8881e99ab200)
[ 50.520234][ T555] The buggy address belongs to the page:
[ 50.525716][ T555] page:ffffea0007a66a00 refcount:1 mapcount:0 mapping:ffff8881f5d05400 index:0x0 compound_mapcount: 0
[ 50.536481][ T555] flags: 0x8000000000010200(slab|head)
[ 50.541768][ T555] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f5d05400
[ 50.550187][ T555] raw: 0000000000000000 0000000000070007 00000001ffffffff 0000000000000000
[ 50.558596][ T555] page dumped because: kasan: bad access detected
[ 50.564936][ T555] page_owner tracks the page as allocated
[ 50.570493][ T555] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC)
[ 50.585339][ T555] prep_new_page+0x18f/0x370
[ 50.589761][ T555] get_page_from_freelist+0x2d13/0x2d90
[ 50.595140][ T555] __alloc_pages_nodemask+0x393/0x840
[ 50.600357][ T555] alloc_slab_page+0x39/0x3c0
[ 50.604866][ T555] new_slab+0x97/0x440
[ 50.608764][ T555] ___slab_alloc+0x2fe/0x490
[ 50.613192][ T555] __slab_alloc+0x62/0xa0
[ 50.617361][ T555] kmem_cache_alloc+0x109/0x250
[ 50.622131][ T555] getname_flags+0xb8/0x4e0
[ 50.626473][ T555] do_sys_open+0x357/0x810
[ 50.630723][ T555] do_syscall_64+0xca/0x1c0
[ 50.635065][ T555] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 50.640786][ T555] page last free stack trace:
[ 50.645305][ T555] __free_pages_ok+0x847/0x950
[ 50.649940][ T555] __free_pages+0x91/0x140
[ 50.654159][ T555] device_release+0x6b/0x190
[ 50.658582][ T555] kobject_put+0x1e6/0x2f0
[ 50.662834][ T555] tun_set_iff+0x870/0xdc0
[ 50.667096][ T555] __tun_chr_ioctl+0x8a9/0x1d00
[ 50.671775][ T555] do_vfs_ioctl+0x742/0x1720
[ 50.676225][ T555] __x64_sys_ioctl+0xd4/0x110
[ 50.680715][ T555] do_syscall_64+0xca/0x1c0
[ 50.685054][ T555] entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 50.690893][ T555]
[ 50.693057][ T555] Memory state around the buggy address:
[ 50.698535][ T555] ffff8881e99ab080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.706514][ T555] ffff8881e99ab100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.714410][ T555] >ffff8881e99ab180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.722303][ T555] ^
[ 50.728557][ T555] ffff8881e99ab200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 50.736460][ T555] ffff8881e99ab280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 50.744351][ T555] ==================================================================
[ 50.752247][ T555] Disabling lock debugging due to kernel taint
2024/09/13 08:40:01 executed programs: 77
[ 53.865757][ C0] BUG: kernel NULL pointer dereference, address: 0000000000000000
[ 53.873454][ C0] #PF: supervisor instruction fetch in kernel mode
[ 53.879783][ C0] #PF: error_code(0x0010) - not-present page
[ 53.885598][ C0] PGD 1dc1db067 P4D 1dc1db067 PUD 1dc1dc067 PMD 0
[ 53.891935][ C0] Oops: 0010 [#1] PREEMPT SMP KASAN
[ 53.896978][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 5.4.281-syzkaller-04949-gc8a568fb88e9 #0
[ 53.907641][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 53.917540][ C0] RIP: 0010:0x0
[ 53.920837][ C0] Code: Bad RIP value.
[ 53.924742][ C0] RSP: 0018:ffff8881f6e09d18 EFLAGS: 00010202
[ 53.930644][ C0] RAX: ffffffff8154d46a RBX: 0000000000000101 RCX: ffffffff8581ad00
[ 53.938462][ C0] RDX: 0000000080000101 RSI: 0000000000000000 RDI: ffff8881e99ab1c0
[ 53.946268][ C0] RBP: ffff8881f6e09ec8 R08: ffffffff8154d0ae R09: 0000000000000003
[ 53.954163][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: 00000000ffff9f28
[ 53.961976][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881e99ab1c0
[ 53.969786][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 53.978552][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 53.984975][ C0] CR2: ffffffffffffffd6 CR3: 00000001dc1da000 CR4: 00000000003406b0
[ 53.992878][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 54.000683][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 54.008490][ C0] Call Trace:
[ 54.011617][ C0]
[ 54.014313][ C0] ? __die+0xb4/0x100
[ 54.018130][ C0] ? no_context+0xac7/0xd20
[ 54.022556][ C0] ? enqueue_timer+0x165/0x300
[ 54.027161][ C0] ? is_prefetch+0x4b0/0x4b0
[ 54.031582][ C0] ? _raw_spin_unlock_irqrestore+0x57/0x80
[ 54.037227][ C0] ? __do_page_fault+0xa72/0xbb0
[ 54.041998][ C0] ? __bad_area_nosemaphore+0xc0/0x470
[ 54.047304][ C0] ? page_fault+0x2f/0x40
[ 54.051458][ C0] ? __run_timers+0x84e/0xbe0
[ 54.055977][ C0] ? call_timer_fn+0x2a/0x390
[ 54.060484][ C0] call_timer_fn+0x36/0x390
[ 54.064834][ C0] __run_timers+0x879/0xbe0
[ 54.069167][ C0] ? enqueue_timer+0x300/0x300
[ 54.073764][ C0] ? check_preemption_disabled+0x9f/0x320
[ 54.079318][ C0] ? debug_smp_processor_id+0x20/0x20
[ 54.084526][ C0] ? lapic_next_event+0x5b/0x70
[ 54.089214][ C0] run_timer_softirq+0x63/0xf0
[ 54.093814][ C0] __do_softirq+0x23b/0x6b7
[ 54.098152][ C0] ? sched_clock_cpu+0x18/0x3a0
[ 54.102846][ C0] irq_exit+0x195/0x1c0
[ 54.106841][ C0] smp_apic_timer_interrupt+0x11a/0x460
[ 54.112212][ C0] apic_timer_interrupt+0xf/0x20
[ 54.116996][ C0]
[ 54.119849][ C0] RIP: 0010:default_idle+0x1f/0x30
[ 54.124799][ C0] Code: 90 90 90 90 90 90 90 90 90 90 90 e8 cb 0c e0 fd bf 01 00 00 00 89 c6 e8 5f 52 d7 fc 0f 1f 44 00 00 0f 00 2d 23 62 53 00 fb f4 ac 0c e0 fd bf ff ff ff ff 89 c6 e9 40 52 d7 fc 41 57 41 56 53
[ 54.144239][ C0] RSP: 0018:ffffffff85807d18 EFLAGS: 000002d2 ORIG_RAX: ffffffffffffff13
[ 54.152483][ C0] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff8581ad00
[ 54.160291][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 54.168102][ C0] RBP: ffffffff85807e20 R08: ffffffff82316a81 R09: fffffbfff0b035a1
[ 54.175918][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffff85eb7e28
[ 54.183726][ C0] R13: ffffffff8581ad00 R14: 1ffffffff0b035a0 R15: 0000000000000000
[ 54.191556][ C0] ? check_preemption_disabled+0x91/0x320
[ 54.197098][ C0] ? default_idle+0x11/0x30
[ 54.201433][ C0] do_idle+0x248/0x660
[ 54.205344][ C0] ? check_preemption_disabled+0x9f/0x320
[ 54.210893][ C0] ? idle_inject_timer_fn+0x60/0x60
[ 54.215940][ C0] cpu_startup_entry+0x14/0x20
[ 54.220528][ C0] ? time_init+0x33/0x33
[ 54.224606][ C0] start_kernel+0x6d9/0x81d
[ 54.228948][ C0] ? arch_call_rest_init+0xa/0xa
[ 54.233733][ C0] ? kasan_early_init+0x22d/0x27d
[ 54.238580][ C0] ? check_loader_disabled_bsp+0x95/0x16c
[ 54.244160][ C0] ? load_ucode_bsp+0xde/0x105
[ 54.248733][ C0] secondary_startup_64+0xa4/0xb0
[ 54.253591][ C0] Modules linked in:
[ 54.257333][ C0] CR2: 0000000000000000
[ 54.261324][ C0] ---[ end trace 5fe654336a8385ea ]---
[ 54.266619][ C0] RIP: 0010:0x0
[ 54.269912][ C0] Code: Bad RIP value.
[ 54.273814][ C0] RSP: 0018:ffff8881f6e09d18 EFLAGS: 00010202
[ 54.279716][ C0] RAX: ffffffff8154d46a RBX: 0000000000000101 RCX: ffffffff8581ad00
[ 54.287528][ C0] RDX: 0000000080000101 RSI: 0000000000000000 RDI: ffff8881e99ab1c0
[ 54.295337][ C0] RBP: ffff8881f6e09ec8 R08: ffffffff8154d0ae R09: 0000000000000003
[ 54.303150][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: 00000000ffff9f28
[ 54.310966][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881e99ab1c0
[ 54.318783][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 54.327627][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 54.334051][ C0] CR2: ffffffffffffffd6 CR3: 00000001dc1da000 CR4: 00000000003406b0
[ 54.341868][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 54.349814][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 54.357623][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 54.364891][ C0] Kernel Offset: disabled
[ 54.369011][ C0] Rebooting in 86400 seconds..