Warning: Permanently added '10.128.1.89' (ED25519) to the list of known hosts. 2024/11/22 05:37:22 ignoring optional flag "sandboxArg"="0" 2024/11/22 05:37:22 parsed 1 programs [ 67.543737][ T3269] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.789011][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.797335][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.804675][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.813384][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.820828][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.828072][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.257650][ T3281] chnl_net:caif_netlink_parms(): no params data found [ 70.564345][ T3281] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.404591][ T3281] 8021q: adding VLAN 0 to HW filter on device batadv0 2024/11/22 05:37:29 executed programs: 0 [ 72.906376][ T2256] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.914251][ T2256] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.926517][ T2459] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.933753][ T2459] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.953372][ T3728] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.972115][ T2455] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.987066][ T3732] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.994165][ T3732] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.997045][ T3733] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 73.002950][ T3732] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.008563][ T3733] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.016012][ T3732] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 73.022844][ T3734] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.030194][ T3732] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.036228][ T3733] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 73.043526][ T3732] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 73.050701][ T3734] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 73.058260][ T3732] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.064290][ T3734] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 73.071694][ T3732] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.078450][ T3733] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.087692][ T3732] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 73.092368][ T3734] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.099848][ T3732] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 73.113909][ T3733] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.114843][ T3732] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 73.121238][ T3733] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.138003][ T3733] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 73.160138][ T3736] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 73.167399][ T3736] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.421592][ T11] bond0 (unregistering): Released all slaves [ 73.680456][ T3729] chnl_net:caif_netlink_parms(): no params data found [ 73.696300][ T3720] chnl_net:caif_netlink_parms(): no params data found [ 73.760098][ T3724] chnl_net:caif_netlink_parms(): no params data found [ 73.827725][ T3725] chnl_net:caif_netlink_parms(): no params data found [ 73.845619][ T3721] chnl_net:caif_netlink_parms(): no params data found [ 75.188435][ T3728] Bluetooth: hci0: command tx timeout [ 75.188453][ T3736] Bluetooth: hci2: command tx timeout [ 75.193941][ T3732] Bluetooth: hci1: command tx timeout [ 75.204856][ T3728] Bluetooth: hci4: command tx timeout [ 75.266543][ T3732] Bluetooth: hci3: command tx timeout [ 77.268446][ T3732] Bluetooth: hci2: command tx timeout [ 77.273892][ T3732] Bluetooth: hci1: command tx timeout [ 77.279643][ T3728] Bluetooth: hci0: command tx timeout [ 77.284068][ T3736] Bluetooth: hci4: command tx timeout [ 77.345722][ T3733] Bluetooth: hci3: command tx timeout [ 78.307806][ T3729] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.470015][ T3724] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.494253][ T3720] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.509630][ T3721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.534707][ T3725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.345234][ T3733] Bluetooth: hci4: command tx timeout [ 79.350676][ T3733] Bluetooth: hci1: command tx timeout [ 79.353201][ T3732] Bluetooth: hci2: command tx timeout [ 79.362852][ T3736] Bluetooth: hci0: command tx timeout [ 79.425171][ T3736] Bluetooth: hci3: command tx timeout [ 81.428253][ T3736] Bluetooth: hci0: command tx timeout [ 81.433700][ T3736] Bluetooth: hci1: command tx timeout [ 81.441606][ T3732] Bluetooth: hci2: command tx timeout [ 81.447199][ T3728] Bluetooth: hci4: command tx timeout [ 81.505018][ T3736] Bluetooth: hci3: command tx timeout [ 81.964059][ T3720] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.997182][ T3729] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.028530][ T3725] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.048259][ T3721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.230998][ T3724] 8021q: adding VLAN 0 to HW filter on device batadv0 2024/11/22 05:37:44 executed programs: 10 [ 89.245145][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.015103][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.025239][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.105284][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 102.065409][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 113.888922][ T5551] ================================================================== [ 113.897186][ T5551] BUG: KASAN: vmalloc-out-of-bounds in vrealloc_noprof+0x294/0x2c0 [ 113.905114][ T5551] Write of size 2097120 at addr ffffc90006800020 by task syz.4.19/5551 [ 113.913408][ T5551] [ 113.915734][ T5551] CPU: 0 UID: 0 PID: 5551 Comm: syz.4.19 Not tainted 6.12.0-rc7-syzkaller #0 [ 113.924460][ T5551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 113.934488][ T5551] Call Trace: [ 113.937750][ T5551] [ 113.940681][ T5551] dump_stack_lvl+0x108/0x280 [ 113.945343][ T5551] ? __pfx_dump_stack_lvl+0x10/0x10 [ 113.950532][ T5551] ? __pfx__printk+0x10/0x10 [ 113.955107][ T5551] ? _printk+0xce/0x120 [ 113.959243][ T5551] print_report+0x169/0x550 [ 113.963735][ T5551] ? vrealloc_noprof+0x294/0x2c0 [ 113.968657][ T5551] kasan_report+0x143/0x180 [ 113.973162][ T5551] ? vrealloc_noprof+0x294/0x2c0 [ 113.978109][ T5551] kasan_check_range+0x282/0x290 [ 113.983158][ T5551] __asan_memset+0x23/0x50 [ 113.987589][ T5551] vrealloc_noprof+0x294/0x2c0 [ 113.992360][ T5551] check_stack_write+0x2a7b/0x3d80 [ 113.997458][ T5551] check_mem_access+0x12b8/0x2050 [ 114.002457][ T5551] ? __pfx_check_mem_access+0x10/0x10 [ 114.007799][ T5551] ? __pfx_check_cond_jmp_op+0x10/0x10 [ 114.013248][ T5551] ? __check_reg_arg+0xe2/0x440 [ 114.018069][ T5551] do_check+0x7158/0xd5c0 [ 114.022470][ T5551] ? __pfx_do_check+0x10/0x10 [ 114.027117][ T5551] ? mark_reg_not_init+0x493/0x7b0 [ 114.032290][ T5551] ? __asan_memcpy+0x40/0x70 [ 114.036855][ T5551] ? mark_reg_not_init+0x493/0x7b0 [ 114.041936][ T5551] do_check_common+0x1341/0x1d10 [ 114.046850][ T5551] bpf_check+0x6748/0x1db10 [ 114.051409][ T5551] ? __lock_acquire+0x61d/0xc70 [ 114.056232][ T5551] ? try_charge_memcg+0x240/0x1050 [ 114.061316][ T5551] ? __lock_acquire+0x61d/0xc70 [ 114.066145][ T5551] ? obj_cgroup_charge_pages+0x187/0x2f0 [ 114.071745][ T5551] ? __lock_acquire+0x61d/0xc70 [ 114.076566][ T5551] ? __memcg_kmem_charge_page+0xe3/0x240 [ 114.082197][ T5551] ? __pfx_lock_release+0x10/0x10 [ 114.087194][ T5551] ? fs_reclaim_acquire+0x93/0x130 [ 114.092299][ T5551] ? __lock_acquire+0x61d/0xc70 [ 114.097318][ T5551] ? is_bpf_text_address+0x2b/0x160 [ 114.102523][ T5551] ? __pfx_lock_release+0x10/0x10 [ 114.107545][ T5551] ? unwind_next_frame+0x18e6/0x22d0 [ 114.112817][ T5551] ? preempt_count_add+0x93/0x130 [ 114.117819][ T5551] ? is_bpf_text_address+0x149/0x160 [ 114.123079][ T5551] ? is_bpf_text_address+0x2b/0x160 [ 114.128245][ T5551] ? __pfx_bpf_check+0x10/0x10 [ 114.132980][ T5551] ? __lock_acquire+0x61d/0xc70 [ 114.137816][ T5551] ? __lock_acquire+0x61d/0xc70 [ 114.142674][ T5551] ? __pfx_lock_acquire+0x10/0x10 [ 114.147780][ T5551] ? __lock_acquire+0x61d/0xc70 [ 114.152601][ T5551] ? ktime_get_with_offset+0xce/0x260 [ 114.157938][ T5551] ? __pfx_lock_release+0x10/0x10 [ 114.162934][ T5551] ? ktime_get_with_offset+0xce/0x260 [ 114.168286][ T5551] ? ktime_get_with_offset+0xce/0x260 [ 114.173719][ T5551] ? timekeeping_get_ns+0x221/0x510 [ 114.178888][ T5551] ? __pfx_timekeeping_get_ns+0x10/0x10 [ 114.184437][ T5551] ? do_raw_spin_lock+0x14e/0x3b0 [ 114.189464][ T5551] ? bpf_prog_load+0x10ac/0x1de0 [ 114.194393][ T5551] ? ktime_get_with_offset+0xce/0x260 [ 114.200203][ T5551] ? __pfx_ktime_get_with_offset+0x10/0x10 [ 114.206156][ T5551] ? __asan_memset+0x23/0x50 [ 114.210717][ T5551] ? bpf_obj_name_cpy+0x29/0x120 [ 114.215622][ T5551] bpf_prog_load+0x1214/0x1de0 [ 114.220355][ T5551] ? __pfx_bpf_prog_load+0x10/0x10 [ 114.225450][ T5551] ? futex_wait+0xff/0x330 [ 114.229938][ T5551] __sys_bpf+0x3f6/0x650 [ 114.234266][ T5551] ? __pfx_do_futex+0x10/0x10 [ 114.239019][ T5551] ? __pfx___sys_bpf+0x10/0x10 [ 114.243898][ T5551] __x64_sys_bpf+0x77/0x90 [ 114.248401][ T5551] do_syscall_64+0x8d/0x190 [ 114.252889][ T5551] ? clear_bhb_loop+0x55/0xb0 [ 114.257551][ T5551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.263426][ T5551] RIP: 0033:0x7f365db7e819 [ 114.267839][ T5551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.287433][ T5551] RSP: 002b:00007f365ea19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 114.295826][ T5551] RAX: ffffffffffffffda RBX: 00007f365dd35fa0 RCX: 00007f365db7e819 [ 114.303773][ T5551] RDX: 0000000000000090 RSI: 0000000020000840 RDI: 0000000000000005 [ 114.311721][ T5551] RBP: 00007f365dbf175e R08: 0000000000000000 R09: 0000000000000000 [ 114.319671][ T5551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.327633][ T5551] R13: 0000000000000000 R14: 00007f365dd35fa0 R15: 00007ffe7c788948 [ 114.335589][ T5551] [ 114.338599][ T5551] [ 114.340897][ T5551] The buggy address belongs to the virtual mapping at [ 114.340897][ T5551] [ffffc90006400000, ffffc90006a01000) created by: [ 114.340897][ T5551] check_stack_write+0x2a7b/0x3d80 [ 114.359007][ T5551] [ 114.361307][ T5551] The buggy address belongs to the physical page: [ 114.367705][ T5551] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x65400 [ 114.376438][ T5551] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 114.383540][ T5551] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 114.392091][ T5551] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 114.400678][ T5551] page dumped because: kasan: bad access detected [ 114.407082][ T5551] page_owner tracks the page as allocated [ 114.412793][ T5551] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 5551, tgid 5546 (syz.4.19), ts 113887423751, free_ts 7029893823 [ 114.429776][ T5551] post_alloc_hook+0x10f/0x130 [ 114.434515][ T5551] get_page_from_freelist+0x3246/0x3390 [ 114.440035][ T5551] __alloc_pages_noprof+0x256/0x650 [ 114.445319][ T5551] alloc_pages_mpol_noprof+0x289/0x4e0 [ 114.450760][ T5551] __vmalloc_node_range_noprof+0x68f/0xfd0 [ 114.456537][ T5551] kvrealloc_noprof+0x142/0x190 [ 114.461357][ T5551] check_stack_write+0x2a7b/0x3d80 [ 114.466437][ T5551] check_mem_access+0x12b8/0x2050 [ 114.471429][ T5551] do_check+0x7158/0xd5c0 [ 114.475742][ T5551] do_check_common+0x1341/0x1d10 [ 114.480655][ T5551] bpf_check+0x6748/0x1db10 [ 114.485145][ T5551] bpf_prog_load+0x1214/0x1de0 [ 114.489876][ T5551] __sys_bpf+0x3f6/0x650 [ 114.494084][ T5551] __x64_sys_bpf+0x77/0x90 [ 114.498479][ T5551] do_syscall_64+0x8d/0x190 [ 114.502994][ T5551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.508870][ T5551] page last free pid 1 tgid 1 stack trace: [ 114.514649][ T5551] free_unref_page+0xc5d/0xf40 [ 114.519478][ T5551] free_contig_range+0x142/0x4c0 [ 114.524471][ T5551] destroy_args+0x72/0x6e0 [ 114.528855][ T5551] debug_vm_pgtable+0x3c2/0x5e0 [ 114.533775][ T5551] do_one_initcall+0x196/0x4d0 [ 114.538529][ T5551] do_initcall_level+0x11e/0x1e0 [ 114.543666][ T5551] do_initcalls+0x3e/0x70 [ 114.547975][ T5551] kernel_init_freeable+0x36a/0x4c0 [ 114.553255][ T5551] kernel_init+0x18/0x1b0 [ 114.557557][ T5551] ret_from_fork+0x32/0x60 [ 114.561972][ T5551] ret_from_fork_asm+0x1a/0x30 [ 114.566722][ T5551] [ 114.569041][ T5551] Memory state around the buggy address: [ 114.574737][ T5551] ffffc900067fff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 114.582872][ T5551] ffffc900067fff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 114.590943][ T5551] >ffffc90006800000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 114.599332][ T5551] ^ [ 114.604421][ T5551] ffffc90006800080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 114.612451][ T5551] ffffc90006800100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 114.620478][ T5551] ================================================================== [ 114.629072][ T5551] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 114.636606][ T5551] Kernel Offset: disabled [ 114.640918][ T5551] Rebooting in 86400 seconds..