Warning: Permanently added '10.128.0.78' (ED25519) to the list of known hosts. 2024/11/04 03:59:40 ignoring optional flag "sandboxArg"="0" 2024/11/04 03:59:40 parsed 1 programs [ 57.737899] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.284376] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 58.291420] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 58.305801] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 58.312579] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 58.572727] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.579846] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.586380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.593058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.621571] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 58.628588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.636348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.645598] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 58.653249] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.661187] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.669373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.677815] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.900978] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 58.909194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.941229] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 58.948087] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 58.955394] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 58.962551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.969990] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.976793] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.984764] device veth0_vlan entered promiscuous mode [ 59.085408] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 59.093443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.149004] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 59.157270] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 59.165927] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.174903] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.455291] device veth0_vlan left promiscuous mode 2024/11/04 03:59:43 executed programs: 0 [ 59.850065] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 59.857404] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 59.871921] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 59.881566] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 60.214234] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 60.221445] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.250175] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 60.257481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.265650] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.274927] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 60.282071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.289943] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.298555] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 60.306323] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 60.314431] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 60.321952] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 60.332151] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 60.339082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.346677] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.354946] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 60.361758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.370160] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.628756] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 60.637287] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 60.644695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 60.652297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.697018] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 60.703946] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 60.710183] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 60.717975] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 60.724549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 60.731717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.740295] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.747073] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.754251] device veth0_vlan entered promiscuous mode [ 60.858121] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 60.866864] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 60.873786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.881347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.932123] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 60.940192] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 60.949437] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 60.956366] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.964215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.972721] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 60.979765] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.987460] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.106824] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 61.117124] attempt to access beyond end of device [ 61.122072] loop2: rw=0, want=6491538, limit=128 [ 61.127421] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 61.135353] ================================================================== [ 61.142711] BUG: KASAN: use-after-free in sysv_new_inode+0x6cc/0x13c0 [ 61.149276] Read of size 2 at addr ffff8800920a41ce by task syz.2.15/4750 [ 61.156209] [ 61.157813] CPU: 0 PID: 4750 Comm: syz.2.15 Not tainted 4.19.0-syzkaller #0 [ 61.165009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 61.174379] Call Trace: [ 61.176957] dump_stack+0x10c/0x17a [ 61.180567] print_address_description.cold.6+0x9/0x244 [ 61.185911] kasan_report.cold.7+0x242/0x305 [ 61.190323] ? sysv_new_inode+0x6cc/0x13c0 [ 61.194535] __asan_report_load2_noabort+0x14/0x20 [ 61.199543] sysv_new_inode+0x6cc/0x13c0 [ 61.203591] ? smk_tskacc+0x227/0x3d0 [ 61.207379] ? do_raw_spin_unlock+0x172/0x260 [ 61.211858] ? sysv_free_inode+0x900/0x900 [ 61.216069] ? smack_inode_permission+0x179/0x300 [ 61.220914] ? from_kgid+0x7f/0xc0 [ 61.224626] ? smack_inode_getattr+0x1f0/0x1f0 [ 61.229182] sysv_symlink+0x82/0x140 [ 61.232960] vfs_symlink+0x2ff/0x500 [ 61.236651] do_symlinkat+0x192/0x1e0 [ 61.240433] ? debug_smp_processor_id+0x17/0x20 [ 61.245095] ? __ia32_sys_unlink+0x50/0x50 [ 61.249342] __x64_sys_symlink+0x54/0x80 [ 61.253417] do_syscall_64+0xd0/0x340 [ 61.257212] ? prepare_exit_to_usermode+0xec/0x130 [ 61.262225] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.267429] RIP: 0033:0x7f5e4ef28719 [ 61.271383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.290260] RSP: 002b:00007f5e4e9a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 61.297959] RAX: ffffffffffffffda RBX: 00007f5e4f0dff80 RCX: 00007f5e4ef28719 [ 61.305348] RDX: 0000000000000000 RSI: 00000000200059c0 RDI: 00000000200049c0 [ 61.312613] RBP: 00007f5e4ef9b32e R08: 0000000000000000 R09: 0000000000000000 [ 61.319855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 61.327109] R13: 0000000000000000 R14: 00007f5e4f0dff80 R15: 00007fff37462a28 [ 61.334365] [ 61.335970] The buggy address belongs to the page: [ 61.340891] page:ffffea0002482900 count:0 mapcount:0 mapping:0000000000000000 index:0x1 [ 61.349184] flags: 0xfff00000000000() [ 61.352971] raw: 00fff00000000000 ffffea0002482948 ffffea00024828c8 0000000000000000 [ 61.360937] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 61.368790] page dumped because: kasan: bad access detected [ 61.374478] page_owner info is not active (free page?) [ 61.379727] [ 61.381328] Memory state around the buggy address: [ 61.386228] ffff8800920a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 61.393562] ffff8800920a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 61.400912] >ffff8800920a4180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 61.408243] ^ [ 61.413980] ffff8800920a4200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 61.421314] ffff8800920a4280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 61.428641] ================================================================== [ 61.435978] Disabling lock debugging due to kernel taint [ 61.443475] Kernel panic - not syncing: panic_on_warn set ... [ 61.443475] [ 61.450926] Kernel Offset: disabled [ 61.454536] Rebooting in 86400 seconds..