Warning: Permanently added '10.128.1.120' (ED25519) to the list of known hosts.
2023/08/31 08:53:40 ignoring optional flag "sandboxArg"="0"
2023/08/31 08:53:40 parsed 1 programs
2023/08/31 08:53:40 executed programs: 0
[   71.130023][ T5367] syz-execprog[5367]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   71.140892][ T5367] syz-execprog[5367]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   71.184972][   T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.192473][   T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.200437][   T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.207962][   T49] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   71.216723][   T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.307729][ T5379] chnl_net:caif_netlink_parms(): no params data found
[   71.351368][ T5379] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.358892][ T5379] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.366162][ T5379] bridge_slave_0: entered allmulticast mode
[   71.373774][ T5379] bridge_slave_0: entered promiscuous mode
[   71.381433][ T5379] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.388642][ T5379] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.395834][ T5379] bridge_slave_1: entered allmulticast mode
[   71.402714][ T5379] bridge_slave_1: entered promiscuous mode
[   71.423423][ T5379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.434988][ T5379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.459195][ T5379] team0: Port device team_slave_0 added
[   71.466990][ T5379] team0: Port device team_slave_1 added
[   71.486838][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.494404][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.520310][ T5379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.531986][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.538990][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.566165][ T5379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.595905][ T5379] hsr_slave_0: entered promiscuous mode
[   71.602085][ T5379] hsr_slave_1: entered promiscuous mode
[   71.724156][ T1237] ieee802154 phy0 wpan0: encryption failed: -22
[   71.731093][ T1237] ieee802154 phy1 wpan1: encryption failed: -22
[   72.170570][ T5379] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.182544][ T5379] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.194048][ T5379] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.206379][ T5379] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.233179][ T5379] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.240559][ T5379] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.248091][ T5379] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.255580][ T5379] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.323380][ T5379] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.341184][ T2067] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.350118][ T2067] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.365473][ T5379] 8021q: adding VLAN 0 to HW filter on device team0
[   72.379935][ T2067] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.387270][ T2067] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.414764][ T2067] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.422267][ T2067] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.446921][ T5379] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   72.460852][ T5379] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.588339][ T5379] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.632827][ T5379] veth0_vlan: entered promiscuous mode
[   72.645349][ T5379] veth1_vlan: entered promiscuous mode
[   72.676611][ T5379] veth0_macvtap: entered promiscuous mode
[   72.687017][ T5379] veth1_macvtap: entered promiscuous mode
[   72.707531][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.723879][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.736213][ T5379] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.745968][ T5379] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.756548][ T5379] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.766937][ T5379] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.826985][ T4769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.841296][ T4769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.865414][ T2067] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.874509][ T2067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.910705][ T5453] syz-executor.0[5453]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   72.977650][ T5453] loop0: detected capacity change from 0 to 8192
[   72.987262][ T5453] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   73.001644][ T5453] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   73.012848][ T5453] REISERFS (device loop0): using ordered data mode
[   73.020263][ T5453] reiserfs: using flush barriers
[   73.026982][ T5453] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   73.046185][ T5453] REISERFS (device loop0): checking transaction log (loop0)
[   73.055163][ T5453] REISERFS (device loop0): Using r5 hash to sort names
[   73.063061][ T5453] ==================================================================
[   73.071249][ T5453] BUG: KASAN: use-after-free in strlen+0x58/0x70
[   73.077794][ T5453] Read of size 1 at addr ffff88806c9d77a3 by task syz-executor.0/5453
[   73.086136][ T5453] 
[   73.088481][ T5453] CPU: 0 PID: 5453 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-08894-gb97d64c72259 #0
[   73.098484][ T5453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   73.108567][ T5453] Call Trace:
[   73.112042][ T5453]  <TASK>
[   73.115947][ T5453]  dump_stack_lvl+0x1e7/0x2d0
[   73.120827][ T5453]  ? nf_tcp_handle_invalid+0x650/0x650
[   73.126308][ T5453]  ? panic+0x770/0x770
[   73.130394][ T5453]  ? _printk+0xd5/0x120
[   73.134666][ T5453]  print_report+0x163/0x540
[   73.139565][ T5453]  ? __virt_addr_valid+0x22f/0x2e0
[   73.144697][ T5453]  ? __phys_addr+0xba/0x170
[   73.149312][ T5453]  ? strlen+0x58/0x70
[   73.153475][ T5453]  kasan_report+0x175/0x1b0
[   73.158040][ T5453]  ? strlen+0x58/0x70
[   73.162067][ T5453]  strlen+0x58/0x70
[   73.165911][ T5453]  reiserfs_find_entry+0x982/0x19b0
[   73.171243][ T5453]  ? reiserfs_get_parent+0x2d0/0x2d0
[   73.176607][ T5453]  ? d_alloc_parallel+0x3bc/0x13a0
[   73.181770][ T5453]  ? mutex_lock_nested+0x1b/0x20
[   73.186829][ T5453]  reiserfs_lookup+0x1e2/0x580
[   73.191626][ T5453]  ? reiserfs_init_priv_inode+0x150/0x150
[   73.197390][ T5453]  ? d_hash_and_lookup+0x1b0/0x1b0
[   73.202718][ T5453]  ? __init_waitqueue_head+0xae/0x150
[   73.208596][ T5453]  __lookup_slow+0x282/0x3e0
[   73.213402][ T5453]  ? lookup_one_len+0x2d0/0x2d0
[   73.218390][ T5453]  lookup_one_len+0x18b/0x2d0
[   73.223454][ T5453]  ? lookup_one_common+0x460/0x460
[   73.228791][ T5453]  reiserfs_lookup_privroot+0x89/0x180
[   73.234298][ T5453]  reiserfs_fill_super+0x195b/0x2620
[   73.239626][ T5453]  ? reiserfs_kill_sb+0x150/0x150
[   73.244696][ T5453]  ? __down_write_common+0x161/0x200
[   73.250021][ T5453]  mount_bdev+0x237/0x300
[   73.254387][ T5453]  ? reiserfs_kill_sb+0x150/0x150
[   73.259877][ T5453]  ? set_bdev_super_fc+0xa0/0xa0
[   73.264844][ T5453]  ? vfs_parse_fs_string+0x190/0x230
[   73.270247][ T5453]  ? vfs_parse_fs_param+0x410/0x410
[   73.275809][ T5453]  ? cap_capable+0x1b4/0x240
[   73.280524][ T5453]  legacy_get_tree+0xef/0x190
[   73.285228][ T5453]  ? remove_save_link+0x540/0x540
[   73.290463][ T5453]  vfs_get_tree+0x8c/0x280
[   73.295105][ T5453]  do_new_mount+0x28f/0xae0
[   73.299811][ T5453]  ? do_move_mount_old+0x170/0x170
[   73.305216][ T5453]  ? user_path_at_empty+0x12f/0x180
[   73.310460][ T5453]  __se_sys_mount+0x2d9/0x3c0
[   73.315579][ T5453]  ? __x64_sys_mount+0xc0/0xc0
[   73.320461][ T5453]  ? rcu_is_watching+0x15/0xb0
[   73.325352][ T5453]  ? __x64_sys_mount+0x20/0xc0
[   73.330245][ T5453]  do_syscall_64+0x41/0xc0
[   73.334690][ T5453]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.341136][ T5453] RIP: 0033:0x7fc3f207e05a
[   73.345859][ T5453] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   73.366185][ T5453] RSP: 002b:00007fc3f2ebeee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   73.374717][ T5453] RAX: ffffffffffffffda RBX: 00007fc3f2ebef80 RCX: 00007fc3f207e05a
[   73.382895][ T5453] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007fc3f2ebef40
[   73.390981][ T5453] RBP: 00000000200000c0 R08: 00007fc3f2ebef80 R09: 0000000000008001
[   73.399151][ T5453] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000020000040
[   73.407242][ T5453] R13: 00007fc3f2ebef40 R14: 0000000000001122 R15: 0000000020000080
[   73.415577][ T5453]  </TASK>
[   73.418614][ T5453] 
[   73.420952][ T5453] The buggy address belongs to the physical page:
[   73.427567][ T5453] page:ffffea0001b275c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6c9d7
[   73.437992][ T5453] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   73.445123][ T5453] page_type: 0xffffffff()
[   73.449481][ T5453] raw: 00fff00000000000 ffffea0001b2f988 ffffea0001b2f748 0000000000000000
[   73.458197][ T5453] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   73.466971][ T5453] page dumped because: kasan: bad access detected
[   73.473485][ T5453] page_owner tracks the page as freed
[   73.478955][ T5453] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5456, tgid 5456 (sed), ts 72967602733, free_ts 72980187261
[   73.495994][ T5453]  post_alloc_hook+0x1e6/0x210
[   73.500908][ T5453]  get_page_from_freelist+0x31ec/0x3370
[   73.506575][ T5453]  __alloc_pages+0x255/0x670
[   73.511282][ T5453]  __folio_alloc+0x13/0x30
[   73.515811][ T5453]  vma_alloc_folio+0x48a/0x9a0
[   73.520869][ T5453]  handle_mm_fault+0x1f87/0x5ee0
[   73.525924][ T5453]  exc_page_fault+0x266/0x7d0
[   73.530645][ T5453]  asm_exc_page_fault+0x26/0x30
[   73.535540][ T5453] page last free stack trace:
[   73.540315][ T5453]  free_unref_page_prepare+0x8c3/0x9f0
[   73.545809][ T5453]  free_unref_page_list+0x596/0x830
[   73.551077][ T5453]  release_pages+0x2113/0x23f0
[   73.555870][ T5453]  tlb_flush_mmu+0x34c/0x4e0
[   73.560488][ T5453]  tlb_finish_mmu+0xd4/0x1f0
[   73.565397][ T5453]  exit_mmap+0x4d3/0xc50
[   73.569759][ T5453]  __mmput+0x115/0x3c0
[   73.573861][ T5453]  exit_mm+0x21f/0x300
[   73.577956][ T5453]  do_exit+0x612/0x2290
[   73.582134][ T5453]  do_group_exit+0x206/0x2c0
[   73.586924][ T5453]  __x64_sys_exit_group+0x3f/0x40
[   73.592060][ T5453]  do_syscall_64+0x41/0xc0
[   73.596589][ T5453]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.602682][ T5453] 
[   73.605018][ T5453] Memory state around the buggy address:
[   73.610746][ T5453]  ffff88806c9d7680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.618926][ T5453]  ffff88806c9d7700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.627188][ T5453] >ffff88806c9d7780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.635532][ T5453]                                ^
[   73.640661][ T5453]  ffff88806c9d7800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.649281][ T5453]  ffff88806c9d7880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.657531][ T5453] ==================================================================
[   73.666728][ T4434] Bluetooth: hci0: command 0x0409 tx timeout
[   73.694518][ T5453] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   73.701852][ T5453] CPU: 0 PID: 5453 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-08894-gb97d64c72259 #0
[   73.711927][ T5453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   73.722185][ T5453] Call Trace:
[   73.725560][ T5453]  <TASK>
[   73.728684][ T5453]  dump_stack_lvl+0x1e7/0x2d0
[   73.734001][ T5453]  ? nf_tcp_handle_invalid+0x650/0x650
[   73.739581][ T5453]  ? panic+0x770/0x770
[   73.743678][ T5453]  ? rcu_is_watching+0x15/0xb0
[   73.748662][ T5453]  ? vscnprintf+0x5d/0x80
[   73.753137][ T5453]  panic+0x30f/0x770
[   73.757155][ T5453]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   73.763444][ T5453]  ? check_panic_on_warn+0x21/0xa0
[   73.768589][ T5453]  ? __memcpy_flushcache+0x2b0/0x2b0
[   73.773991][ T5453]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   73.780010][ T5453]  ? _raw_spin_unlock+0x40/0x40
[   73.785245][ T5453]  check_panic_on_warn+0x82/0xa0
[   73.790335][ T5453]  ? strlen+0x58/0x70
[   73.794635][ T5453]  end_report+0x6e/0x130
[   73.798925][ T5453]  kasan_report+0x186/0x1b0
[   73.803548][ T5453]  ? strlen+0x58/0x70
[   73.807750][ T5453]  strlen+0x58/0x70
[   73.811704][ T5453]  reiserfs_find_entry+0x982/0x19b0
[   73.817128][ T5453]  ? reiserfs_get_parent+0x2d0/0x2d0
[   73.822632][ T5453]  ? d_alloc_parallel+0x3bc/0x13a0
[   73.827782][ T5453]  ? mutex_lock_nested+0x1b/0x20
[   73.832754][ T5453]  reiserfs_lookup+0x1e2/0x580
[   73.837578][ T5453]  ? reiserfs_init_priv_inode+0x150/0x150
[   73.843414][ T5453]  ? d_hash_and_lookup+0x1b0/0x1b0
[   73.848563][ T5453]  ? __init_waitqueue_head+0xae/0x150
[   73.854105][ T5453]  __lookup_slow+0x282/0x3e0
[   73.858820][ T5453]  ? lookup_one_len+0x2d0/0x2d0
[   73.863728][ T5453]  lookup_one_len+0x18b/0x2d0
[   73.868694][ T5453]  ? lookup_one_common+0x460/0x460
[   73.875058][ T5453]  reiserfs_lookup_privroot+0x89/0x180
[   73.880905][ T5453]  reiserfs_fill_super+0x195b/0x2620
[   73.886430][ T5453]  ? reiserfs_kill_sb+0x150/0x150
[   73.892106][ T5453]  ? __down_write_common+0x161/0x200
[   73.897774][ T5453]  mount_bdev+0x237/0x300
[   73.902225][ T5453]  ? reiserfs_kill_sb+0x150/0x150
[   73.907280][ T5453]  ? set_bdev_super_fc+0xa0/0xa0
[   73.912417][ T5453]  ? vfs_parse_fs_string+0x190/0x230
[   73.917934][ T5453]  ? vfs_parse_fs_param+0x410/0x410
[   73.923428][ T5453]  ? cap_capable+0x1b4/0x240
[   73.928167][ T5453]  legacy_get_tree+0xef/0x190
[   73.933580][ T5453]  ? remove_save_link+0x540/0x540
[   73.938640][ T5453]  vfs_get_tree+0x8c/0x280
[   73.943083][ T5453]  do_new_mount+0x28f/0xae0
[   73.947702][ T5453]  ? do_move_mount_old+0x170/0x170
[   73.953279][ T5453]  ? user_path_at_empty+0x12f/0x180
[   73.959120][ T5453]  __se_sys_mount+0x2d9/0x3c0
[   73.964209][ T5453]  ? __x64_sys_mount+0xc0/0xc0
[   73.969205][ T5453]  ? rcu_is_watching+0x15/0xb0
[   73.974199][ T5453]  ? __x64_sys_mount+0x20/0xc0
[   73.978998][ T5453]  do_syscall_64+0x41/0xc0
[   73.983440][ T5453]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.989553][ T5453] RIP: 0033:0x7fc3f207e05a
[   73.994162][ T5453] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   74.014311][ T5453] RSP: 002b:00007fc3f2ebeee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   74.023076][ T5453] RAX: ffffffffffffffda RBX: 00007fc3f2ebef80 RCX: 00007fc3f207e05a
[   74.031155][ T5453] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007fc3f2ebef40
[   74.039427][ T5453] RBP: 00000000200000c0 R08: 00007fc3f2ebef80 R09: 0000000000008001
[   74.047595][ T5453] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000020000040
[   74.056371][ T5453] R13: 00007fc3f2ebef40 R14: 0000000000001122 R15: 0000000020000080
[   74.064478][ T5453]  </TASK>
[   74.067750][ T5453] Kernel Offset: disabled
[   74.072080][ T5453] Rebooting in 86400 seconds..