[ 71.714490][ T40] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.171' (ED25519) to the list of known hosts. 2025/03/22 04:22:04 ignoring optional flag "sandboxArg"="0" 2025/03/22 04:22:05 parsed 1 programs [ 77.369725][ T4296] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 78.451097][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.459124][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.501312][ T1753] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.509463][ T1753] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.958309][ T4312] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.966826][ T4312] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.975808][ T4312] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.984458][ T4312] netdevsim netdevsim0 netdevsim3: renamed from eth3 2025/03/22 04:22:15 executed programs: 0 [ 89.879024][ T4742] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 89.890573][ T4742] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 89.900087][ T4742] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 89.909851][ T4742] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 90.152045][ T4735] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.166016][ T4735] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.184800][ T4729] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.204303][ T4735] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.217970][ T4728] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 90.228072][ T4729] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.255269][ T4735] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.267578][ T4728] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 90.285749][ T4729] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.295577][ T4727] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.316342][ T4728] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 90.325773][ T4728] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 90.335771][ T4729] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.356320][ T4727] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.375352][ T4727] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.407117][ T4727] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.272591][ T911] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.280691][ T911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.356809][ T1753] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.364823][ T1753] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/03/22 04:22:36 executed programs: 10 [ 104.745461][ T1753] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.753507][ T1753] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.757768][ T1949] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.768660][ T1949] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.980698][ T2473] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.988811][ T2473] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.010874][ T1753] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.019145][ T1753] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.028218][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.036123][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.050172][ T6816] loop5: detected capacity change from 0 to 32768 [ 105.064162][ T1949] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.072080][ T1949] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.179602][ T6816] ================================================================== [ 105.187711][ T6816] BUG: KASAN: slab-out-of-bounds in diWrite+0xa48/0x1410 [ 105.194766][ T6816] Write of size 32 at addr ffff888116f110c0 by task syz.5.20/6816 [ 105.202587][ T6816] [ 105.204948][ T6816] CPU: 1 UID: 0 PID: 6816 Comm: syz.5.20 Not tainted 6.14.0-rc7-syzkaller #0 [ 105.204972][ T6816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 105.204989][ T6816] Call Trace: [ 105.204995][ T6816] [ 105.205001][ T6816] dump_stack_lvl+0x231/0x330 [ 105.205028][ T6816] ? __pfx_dump_stack_lvl+0x10/0x10 [ 105.205048][ T6816] ? __pfx__printk+0x10/0x10 [ 105.205062][ T6816] ? _printk+0xd5/0x120 [ 105.205076][ T6816] ? __virt_addr_valid+0x169/0x380 [ 105.205097][ T6816] print_report+0x16e/0x5b0 [ 105.205114][ T6816] ? __virt_addr_valid+0x169/0x380 [ 105.205130][ T6816] ? __virt_addr_valid+0x2c1/0x380 [ 105.205147][ T6816] ? __phys_addr+0x90/0x130 [ 105.205164][ T6816] ? diWrite+0xa48/0x1410 [ 105.205178][ T6816] kasan_report+0x143/0x180 [ 105.205192][ T6816] ? diWrite+0xa48/0x1410 [ 105.205206][ T6816] kasan_check_range+0x282/0x290 [ 105.205220][ T6816] ? diWrite+0xa48/0x1410 [ 105.205232][ T6816] __asan_memcpy+0x40/0x70 [ 105.205250][ T6816] diWrite+0xa48/0x1410 [ 105.205263][ T6816] txCommit+0xa1a/0x6a50 [ 105.205277][ T6816] ? add_index+0x30e/0x1410 [ 105.205295][ T6816] ? __pfx_add_index+0x10/0x10 [ 105.205313][ T6816] ? __pfx_txCommit+0x10/0x10 [ 105.205326][ T6816] ? rcu_is_watching+0x1f/0xa0 [ 105.205344][ T6816] ? __mark_inode_dirty+0x33e/0xc40 [ 105.205361][ T6816] ? policy_nodemask+0x224/0x390 [ 105.205377][ T6816] add_missing_indices+0x857/0xb80 [ 105.205396][ T6816] ? __pfx_add_missing_indices+0x10/0x10 [ 105.205414][ T6816] ? set_page_refcounted+0xa1/0x1e0 [ 105.205429][ T6816] ? alloc_pages_noprof+0x121/0x160 [ 105.205444][ T6816] jfs_readdir+0x206f/0x3c10 [ 105.205465][ T6816] ? __pfx_jfs_readdir+0x10/0x10 [ 105.205484][ T6816] ? down_write+0x12e/0x190 [ 105.205503][ T6816] ? __pfx_down_write+0x10/0x10 [ 105.205520][ T6816] ? do_sys_openat2+0x17a/0x1d0 [ 105.205537][ T6816] ? __pfx_jfs_readdir+0x10/0x10 [ 105.205553][ T6816] wrap_directory_iterator+0x91/0xd0 [ 105.205576][ T6816] iterate_dir+0x596/0x740 [ 105.205596][ T6816] __se_sys_getdents64+0x1d2/0x4a0 [ 105.205619][ T6816] ? __pfx___se_sys_getdents64+0x10/0x10 [ 105.205639][ T6816] ? __pfx_filldir64+0x10/0x10 [ 105.205661][ T6816] ? switch_fpu_return+0x10f/0x180 [ 105.205683][ T6816] do_syscall_64+0x8d/0x190 [ 105.205701][ T6816] ? clear_bhb_loop+0x35/0x90 [ 105.205720][ T6816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.205744][ T6816] RIP: 0033:0x7fcd65f8cde9 [ 105.205762][ T6816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.205774][ T6816] RSP: 002b:00007fcd66e25038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 105.205791][ T6816] RAX: ffffffffffffffda RBX: 00007fcd661a5fa0 RCX: 00007fcd65f8cde9 [ 105.205801][ T6816] RDX: 0000000000001000 RSI: 0000400000000f80 RDI: 0000000000000005 [ 105.205810][ T6816] RBP: 00007fcd6600e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 105.205824][ T6816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.205833][ T6816] R13: 0000000000000000 R14: 00007fcd661a5fa0 R15: 00007ffce01386d8 [ 105.205844][ T6816] [ 105.205849][ T6816] [ 105.511945][ T6816] Allocated by task 6574: [ 105.516262][ T6816] kasan_save_track+0x3f/0x80 [ 105.520942][ T6816] __kasan_slab_alloc+0x66/0x80 [ 105.525871][ T6816] kmem_cache_alloc_noprof+0x1b9/0x410 [ 105.531325][ T6816] vm_area_dup+0x60/0x150 [ 105.536161][ T6816] __split_vma+0x14d/0xb00 [ 105.540623][ T6816] vma_modify+0x280/0x390 [ 105.544961][ T6816] vma_modify_flags+0x315/0x370 [ 105.549904][ T6816] mprotect_fixup+0x452/0xa70 [ 105.554578][ T6816] do_mprotect_pkey+0x99d/0xdb0 [ 105.559429][ T6816] __x64_sys_mprotect+0x80/0x90 [ 105.564269][ T6816] do_syscall_64+0x8d/0x190 [ 105.568760][ T6816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.574639][ T6816] [ 105.576947][ T6816] Freed by task 6574: [ 105.580906][ T6816] kasan_save_track+0x3f/0x80 [ 105.585573][ T6816] kasan_save_free_info+0x40/0x50 [ 105.590672][ T6816] __kasan_slab_free+0x59/0x70 [ 105.595440][ T6816] kmem_cache_free+0x17e/0x470 [ 105.600194][ T6816] __vm_area_free+0x42/0x60 [ 105.604794][ T6816] exit_mmap+0x6c6/0xc70 [ 105.609120][ T6816] __mmput+0x115/0x410 [ 105.613172][ T6816] exit_mm+0x132/0x200 [ 105.617240][ T6816] do_exit+0x923/0x2d10 [ 105.621377][ T6816] do_group_exit+0x207/0x2c0 [ 105.625957][ T6816] __x64_sys_exit_group+0x3f/0x40 [ 105.631000][ T6816] x64_sys_call+0x26a8/0x26b0 [ 105.635697][ T6816] do_syscall_64+0x8d/0x190 [ 105.640197][ T6816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.646084][ T6816] [ 105.648394][ T6816] The buggy address belongs to the object at ffff888116f11000 [ 105.648394][ T6816] which belongs to the cache vma_lock of size 152 [ 105.662171][ T6816] The buggy address is located 40 bytes to the right of [ 105.662171][ T6816] allocated 152-byte region [ffff888116f11000, ffff888116f11098) [ 105.676761][ T6816] [ 105.679164][ T6816] The buggy address belongs to the physical page: [ 105.685742][ T6816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116f11 [ 105.694857][ T6816] memcg:ffff8881043c2401 [ 105.699180][ T6816] anon flags: 0x100000000000000(node=0|zone=2) [ 105.705342][ T6816] page_type: f5(slab) [ 105.709312][ T6816] raw: 0100000000000000 ffff888100e98c80 0000000000000000 dead000000000001 [ 105.717974][ T6816] raw: 0000000000000000 0000000000120012 00000000f5000000 ffff8881043c2401 [ 105.726643][ T6816] page dumped because: kasan: bad access detected [ 105.733061][ T6816] page_owner tracks the page as allocated [ 105.738834][ T6816] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4713, tgid 4713 (modprobe), ts 83904948990, free_ts 83873695340 [ 105.757859][ T6816] post_alloc_hook+0x108/0x120 [ 105.762623][ T6816] get_page_from_freelist+0x46dc/0x48b0 [ 105.768170][ T6816] __alloc_frozen_pages_noprof+0x256/0x650 [ 105.773973][ T6816] alloc_pages_mpol+0x311/0x630 [ 105.778995][ T6816] allocate_slab+0x8b/0x350 [ 105.783486][ T6816] ___slab_alloc+0x9f6/0x1130 [ 105.788250][ T6816] kmem_cache_alloc_noprof+0x279/0x410 [ 105.793783][ T6816] vm_area_dup+0x60/0x150 [ 105.798279][ T6816] __split_vma+0x14d/0xb00 [ 105.802857][ T6816] vma_modify+0x280/0x390 [ 105.807185][ T6816] vma_modify_flags+0x315/0x370 [ 105.812026][ T6816] mprotect_fixup+0x452/0xa70 [ 105.816722][ T6816] do_mprotect_pkey+0x99d/0xdb0 [ 105.821564][ T6816] __x64_sys_mprotect+0x80/0x90 [ 105.826420][ T6816] do_syscall_64+0x8d/0x190 [ 105.830928][ T6816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.836810][ T6816] page last free pid 17 tgid 17 stack trace: [ 105.842859][ T6816] free_frozen_pages+0xc07/0xe80 [ 105.847797][ T6816] __tlb_remove_table+0x2f9/0x3e0 [ 105.852812][ T6816] tlb_remove_table_rcu+0x76/0xf0 [ 105.857855][ T6816] rcu_core+0xcb3/0x1630 [ 105.862080][ T6816] handle_softirqs+0x1ba/0x580 [ 105.866846][ T6816] run_ksoftirqd+0x28/0x40 [ 105.871421][ T6816] smpboot_thread_fn+0x460/0x8e0 [ 105.876460][ T6816] kthread+0x695/0x780 [ 105.880606][ T6816] ret_from_fork+0x4b/0x80 [ 105.885139][ T6816] ret_from_fork_asm+0x1a/0x30 [ 105.889892][ T6816] [ 105.892215][ T6816] Memory state around the buggy address: [ 105.897829][ T6816] ffff888116f10f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.905969][ T6816] ffff888116f11000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.914074][ T6816] >ffff888116f11080: fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb [ 105.922208][ T6816] ^ [ 105.928378][ T6816] ffff888116f11100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 105.936435][ T6816] ffff888116f11180: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb [ 105.944488][ T6816] ================================================================== [ 105.953509][ T6816] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 105.961069][ T6816] Kernel Offset: disabled [ 105.965391][ T6816] Rebooting in 86400 seconds..