Warning: Permanently added '10.128.10.31' (ECDSA) to the list of known hosts.
2023/05/07 09:01:25 ignoring optional flag "sandboxArg"="0"
2023/05/07 09:01:25 parsed 1 programs
2023/05/07 09:01:25 executed programs: 0
[ 56.381710][ T4393] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 56.389436][ T4393] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 56.397559][ T4393] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 56.404804][ T4393] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 56.412233][ T4393] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 56.460878][ T5304] chnl_net:caif_netlink_parms(): no params data found
[ 56.483216][ T5304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 56.490350][ T5304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 56.497437][ T5304] bridge_slave_0: entered allmulticast mode
[ 56.503596][ T5304] bridge_slave_0: entered promiscuous mode
[ 56.510223][ T5304] bridge0: port 2(bridge_slave_1) entered blocking state
[ 56.517319][ T5304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 56.524336][ T5304] bridge_slave_1: entered allmulticast mode
[ 56.530650][ T5304] bridge_slave_1: entered promiscuous mode
[ 56.543197][ T5304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 56.553130][ T5304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 56.568767][ T5304] team0: Port device team_slave_0 added
[ 56.575284][ T5304] team0: Port device team_slave_1 added
[ 56.587071][ T5304] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 56.593995][ T5304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 56.620108][ T5304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 56.631972][ T5304] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 56.639064][ T5304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 56.665070][ T5304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 56.685774][ T5304] hsr_slave_0: entered promiscuous mode
[ 56.691723][ T5304] hsr_slave_1: entered promiscuous mode
[ 57.205996][ T5304] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 57.214594][ T5304] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 57.224618][ T5304] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 57.232973][ T5304] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 57.248851][ T5304] bridge0: port 2(bridge_slave_1) entered blocking state
[ 57.255937][ T5304] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 57.263197][ T5304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 57.270270][ T5304] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 57.301585][ T5304] 8021q: adding VLAN 0 to HW filter on device bond0
[ 57.313913][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 57.322580][ T4985] bridge0: port 1(bridge_slave_0) entered disabled state
[ 57.331421][ T4985] bridge0: port 2(bridge_slave_1) entered disabled state
[ 57.339720][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 57.351628][ T5304] 8021q: adding VLAN 0 to HW filter on device team0
[ 57.361492][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 57.369821][ T4985] bridge0: port 1(bridge_slave_0) entered blocking state
[ 57.376876][ T4985] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 57.387967][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 57.396430][ T4999] bridge0: port 2(bridge_slave_1) entered blocking state
[ 57.403482][ T4999] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 57.419154][ T5304] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 57.432585][ T5304] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 57.444656][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 57.453066][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 57.461729][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 57.471218][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 57.481114][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 57.489221][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 57.565516][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 57.574927][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 57.583575][ T5304] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 57.600431][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 57.609778][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 57.623549][ T5304] veth0_vlan: entered promiscuous mode
[ 57.631518][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 57.639748][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 57.651148][ T5304] veth1_vlan: entered promiscuous mode
[ 57.658153][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 57.665868][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 57.674169][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 57.688599][ T5304] veth0_macvtap: entered promiscuous mode
[ 57.695705][ T5304] veth1_macvtap: entered promiscuous mode
[ 57.703589][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 57.711983][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 57.720293][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 57.728626][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 57.740553][ T5304] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 57.750062][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 57.758261][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 57.766790][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 57.776773][ T5304] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 57.785104][ T5304] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.794662][ T5304] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.803882][ T5304] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.812646][ T5304] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.823449][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 57.832361][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 57.870889][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 57.885171][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 57.900918][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 57.910369][ T973] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 57.918786][ T973] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 57.927380][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 57.981556][ T5417] loop0: detected capacity change from 0 to 8192
[ 57.992332][ T5417] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 58.005974][ T5417] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 58.015315][ T5417] REISERFS (device loop0): using ordered data mode
[ 58.023182][ T5417] reiserfs: using flush barriers
[ 58.029729][ T5417] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 58.048146][ T5417] REISERFS (device loop0): checking transaction log (loop0)
[ 58.103385][ T5417] REISERFS (device loop0): Using r5 hash to sort names
[ 58.112100][ T5417] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 58.123338][ T5417] ==================================================================
[ 58.131378][ T5417] BUG: KASAN: use-after-free in strlen+0x7d/0xa0
[ 58.137681][ T5417] Read of size 1 at addr ffff88806e56e9cc by task syz-executor.0/5417
[ 58.145809][ T5417]
[ 58.148114][ T5417] CPU: 1 PID: 5417 Comm: syz-executor.0 Not tainted 6.3.0-syzkaller #0
[ 58.156370][ T5417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[ 58.166402][ T5417] Call Trace:
[ 58.169661][ T5417]
[ 58.172569][ T5417] dump_stack_lvl+0x64/0xb0
[ 58.177054][ T5417] print_address_description.constprop.0+0x2c/0x3c0
[ 58.183619][ T5417] ? strlen+0x7d/0xa0
[ 58.187575][ T5417] kasan_report+0x11c/0x130
[ 58.192053][ T5417] ? strlen+0x7d/0xa0
[ 58.196018][ T5417] strlen+0x7d/0xa0
[ 58.199800][ T5417] set_de_name_and_namelen+0x47a/0x670
[ 58.205237][ T5417] search_by_entry_key+0x46a/0x980
[ 58.210328][ T5417] reiserfs_readdir_inode+0x22e/0x1320
[ 58.215765][ T5417] ? save_trace+0x29e/0xb20
[ 58.220254][ T5417] ? lockdep_unlock+0x11b/0x290
[ 58.225079][ T5417] ? __lock_acquire+0x280a/0x5df0
[ 58.230081][ T5417] ? reiserfs_dir_fsync+0x150/0x150
[ 58.235254][ T5417] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 58.241213][ T5417] ? __down_read_common+0x884/0xf30
[ 58.246396][ T5417] iterate_dir+0x47f/0x6c0
[ 58.250790][ T5417] __x64_sys_getdents64+0x128/0x240
[ 58.256398][ T5417] ? __ia32_sys_getdents+0x240/0x240
[ 58.261655][ T5417] ? fillonedir+0x320/0x320
[ 58.266134][ T5417] ? syscall_enter_from_user_mode+0x26/0x80
[ 58.272005][ T5417] do_syscall_64+0x39/0xb0
[ 58.276401][ T5417] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.282266][ T5417] RIP: 0033:0x7f780e28c0d9
[ 58.286658][ T5417] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 58.306240][ T5417] RSP: 002b:00007f780f010168 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 58.314803][ T5417] RAX: ffffffffffffffda RBX: 00007f780e3abf80 RCX: 00007f780e28c0d9
[ 58.322758][ T5417] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 58.330707][ T5417] RBP: 00007f780e2e7ae9 R08: 0000000000000000 R09: 0000000000000000
[ 58.338744][ T5417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 58.346700][ T5417] R13: 00007ffe025ec84f R14: 00007f780f010300 R15: 0000000000022000
[ 58.354656][ T5417]
[ 58.357660][ T5417]
[ 58.359962][ T5417] The buggy address belongs to the physical page:
[ 58.366361][ T5417] page:ffffea0001b95b80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6e56e
[ 58.376485][ T5417] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 58.383568][ T5417] page_type: 0xffffffff()
[ 58.387867][ T5417] raw: 00fff00000000000 ffffea0001b95bc8 ffffea0001b95b48 0000000000000000
[ 58.396421][ T5417] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 58.404973][ T5417] page dumped because: kasan: bad access detected
[ 58.411356][ T5417] page_owner tracks the page as freed
[ 58.416700][ T5417] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, tgid 1 (swapper/0), ts 5657512856, free_ts 6164807364
[ 58.431427][ T5417] split_map_pages+0x1bb/0x470
[ 58.436256][ T5417] isolate_freepages_range+0x25e/0x2e0
[ 58.441688][ T5417] alloc_contig_range+0x2fa/0x4a0
[ 58.446785][ T5417] alloc_contig_pages+0x361/0x4d0
[ 58.451795][ T5417] debug_vm_pgtable+0x6b2/0x31a0
[ 58.456710][ T5417] do_one_initcall+0xc2/0x3c0
[ 58.461365][ T5417] kernel_init_freeable+0x541/0x950
[ 58.466626][ T5417] kernel_init+0x1a/0x1c0
[ 58.470933][ T5417] ret_from_fork+0x1f/0x30
[ 58.475330][ T5417] page last free stack trace:
[ 58.479980][ T5417] free_unref_page_prepare+0x620/0xc80
[ 58.485410][ T5417] free_unref_page+0x33/0x370
[ 58.490058][ T5417] free_contig_range+0xb5/0x180
[ 58.494966][ T5417] destroy_args+0x50a/0x700
[ 58.499534][ T5417] debug_vm_pgtable+0x18fd/0x31a0
[ 58.504540][ T5417] do_one_initcall+0xc2/0x3c0
[ 58.509198][ T5417] kernel_init_freeable+0x541/0x950
[ 58.514461][ T5417] kernel_init+0x1a/0x1c0
[ 58.518767][ T5417] ret_from_fork+0x1f/0x30
[ 58.523162][ T5417]
[ 58.525513][ T5417] Memory state around the buggy address:
[ 58.531118][ T5417] ffff88806e56e880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.539150][ T5417] ffff88806e56e900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.547183][ T5417] >ffff88806e56e980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.555218][ T5417] ^
[ 58.561604][ T5417] ffff88806e56ea00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.569643][ T5417] ffff88806e56ea80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.577679][ T5417] ==================================================================
[ 58.590531][ T4393] Bluetooth: hci0: command 0x0409 tx timeout
[ 58.609569][ T5417] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 58.616779][ T5417] CPU: 1 PID: 5417 Comm: syz-executor.0 Not tainted 6.3.0-syzkaller #0
[ 58.624996][ T5417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[ 58.635025][ T5417] Call Trace:
[ 58.638282][ T5417]
[ 58.641193][ T5417] dump_stack_lvl+0x64/0xb0
[ 58.645689][ T5417] panic+0x24f/0x540
[ 58.649566][ T5417] ? panic_smp_self_stop+0x70/0x70
[ 58.654658][ T5417] ? preempt_schedule_thunk+0x1a/0x20
[ 58.660094][ T5417] ? preempt_schedule_common+0x45/0xb0
[ 58.665531][ T5417] ? preempt_schedule_thunk+0x1a/0x20
[ 58.670878][ T5417] check_panic_on_warn+0x75/0x80
[ 58.675793][ T5417] end_report+0xe9/0x120
[ 58.680193][ T5417] ? strlen+0x7d/0xa0
[ 58.684149][ T5417] kasan_report+0xf9/0x130
[ 58.688541][ T5417] ? strlen+0x7d/0xa0
[ 58.692506][ T5417] strlen+0x7d/0xa0
[ 58.696310][ T5417] set_de_name_and_namelen+0x47a/0x670
[ 58.701754][ T5417] search_by_entry_key+0x46a/0x980
[ 58.707359][ T5417] reiserfs_readdir_inode+0x22e/0x1320
[ 58.712871][ T5417] ? save_trace+0x29e/0xb20
[ 58.717341][ T5417] ? lockdep_unlock+0x11b/0x290
[ 58.722690][ T5417] ? __lock_acquire+0x280a/0x5df0
[ 58.727681][ T5417] ? reiserfs_dir_fsync+0x150/0x150
[ 58.732849][ T5417] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 58.738796][ T5417] ? __down_read_common+0x884/0xf30
[ 58.743964][ T5417] iterate_dir+0x47f/0x6c0
[ 58.748350][ T5417] __x64_sys_getdents64+0x128/0x240
[ 58.753608][ T5417] ? __ia32_sys_getdents+0x240/0x240
[ 58.758862][ T5417] ? fillonedir+0x320/0x320
[ 58.763329][ T5417] ? syscall_enter_from_user_mode+0x26/0x80
[ 58.769185][ T5417] do_syscall_64+0x39/0xb0
[ 58.773569][ T5417] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.779426][ T5417] RIP: 0033:0x7f780e28c0d9
[ 58.783816][ T5417] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 58.803387][ T5417] RSP: 002b:00007f780f010168 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 58.811781][ T5417] RAX: ffffffffffffffda RBX: 00007f780e3abf80 RCX: 00007f780e28c0d9
[ 58.819759][ T5417] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 58.827869][ T5417] RBP: 00007f780e2e7ae9 R08: 0000000000000000 R09: 0000000000000000
[ 58.835824][ T5417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 58.843782][ T5417] R13: 00007ffe025ec84f R14: 00007f780f010300 R15: 0000000000022000
[ 58.851722][ T5417]
[ 58.855603][ T5417] Kernel Offset: disabled
[ 58.859895][ T5417] Rebooting in 86400 seconds..