Warning: Permanently added '10.128.1.177' (ECDSA) to the list of known hosts. 2023/07/08 20:32:42 ignoring optional flag "sandboxArg"="0" 2023/07/08 20:32:42 parsed 1 programs 2023/07/08 20:32:43 executed programs: 0 [ 70.222099][ T5333] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 70.261770][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.269729][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.277892][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.286174][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.294032][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.376904][ T5341] chnl_net:caif_netlink_parms(): no params data found [ 70.413896][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.421230][ T5341] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.428518][ T5341] bridge_slave_0: entered allmulticast mode [ 70.435253][ T5341] bridge_slave_0: entered promiscuous mode [ 70.442588][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.449893][ T5341] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.457046][ T5341] bridge_slave_1: entered allmulticast mode [ 70.463851][ T5341] bridge_slave_1: entered promiscuous mode [ 70.481340][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.492323][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.512917][ T5341] team0: Port device team_slave_0 added [ 70.521500][ T5341] team0: Port device team_slave_1 added [ 70.537537][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.544853][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.572215][ T5341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.584731][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.592010][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.618332][ T5341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.644551][ T5341] hsr_slave_0: entered promiscuous mode [ 70.651083][ T5341] hsr_slave_1: entered promiscuous mode [ 71.242199][ T5341] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.252242][ T5341] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.262223][ T5341] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.272157][ T5341] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.295383][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.302547][ T5341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.310238][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.317967][ T5341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.371533][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.380225][ T1122] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.388154][ T1122] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.398251][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 71.417100][ T5341] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.424781][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 71.434176][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.466487][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.475971][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.485328][ T5002] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.492663][ T5002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.501973][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 71.511704][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.522243][ T5002] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.529738][ T5002] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.537815][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.547982][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.558051][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.569362][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.579512][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.589667][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.604245][ T5341] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.619051][ T5341] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.632922][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.642346][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.651596][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.661640][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.670968][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.684346][ T5000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.881044][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 71.899669][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 71.911169][ T5341] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.975201][ T5341] veth0_vlan: entered promiscuous mode [ 71.987597][ T5341] veth1_vlan: entered promiscuous mode [ 71.995898][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 72.005315][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 72.014735][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 72.023462][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 72.031912][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 72.066462][ T5341] veth0_macvtap: entered promiscuous mode [ 72.077361][ T5341] veth1_macvtap: entered promiscuous mode [ 72.085146][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 72.093292][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 72.102677][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 72.111656][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 72.120460][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 72.129582][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 72.146827][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.169973][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 72.178196][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 72.189277][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 72.201197][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.210569][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 72.219705][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 72.230487][ T5341] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.249084][ T5341] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.257796][ T5341] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.288653][ T5341] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.339406][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 72.408411][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.431476][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.452004][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.454358][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 72.468717][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.478524][ T1122] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 72.581026][ T5422] loop0: detected capacity change from 0 to 4096 [ 72.593252][ T5422] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 72.605069][ T5422] ntfs3: loop0: RAW NTFS volume: Filesystem size 16384.00 Gb > volume size 0.00 Gb. Mount in read-only. [ 72.617376][ T5422] ntfs3: loop0: NTFS 16384.00 Gb is too big to use 32 bits per cluster. [ 72.628049][ T5422] ================================================================== [ 72.636422][ T5422] BUG: KASAN: use-after-free in bcmp+0xc0/0x1e0 [ 72.642851][ T5422] Read of size 8 at addr ffff888066465002 by task syz-executor.0/5422 [ 72.651106][ T5422] [ 72.653613][ T5422] CPU: 0 PID: 5422 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller #0 [ 72.662028][ T5422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 72.672346][ T5422] Call Trace: [ 72.675716][ T5422] [ 72.678646][ T5422] dump_stack_lvl+0x167/0x220 [ 72.683415][ T5422] ? nf_tcp_handle_invalid+0x4e0/0x4e0 [ 72.689052][ T5422] ? panic+0x4a0/0x4a0 [ 72.693124][ T5422] ? vprintk_emit+0x119/0x1f0 [ 72.697813][ T5422] ? _printk+0xce/0x110 [ 72.701974][ T5422] print_report+0x163/0x540 [ 72.706486][ T5422] ? bio_add_page+0x81/0x370 [ 72.711257][ T5422] ? should_fail_request+0x60/0x60 [ 72.716463][ T5422] ? bcmp+0xc0/0x1e0 [ 72.720400][ T5422] kasan_report+0x176/0x1b0 [ 72.724991][ T5422] ? bcmp+0xc0/0x1e0 [ 72.728978][ T5422] bcmp+0xc0/0x1e0 [ 72.732787][ T5422] ntfs_fill_super+0x975/0x3f30 [ 72.737657][ T5422] ? put_ntfs+0x260/0x260 [ 72.741994][ T5422] ? sb_set_blocksize+0x46/0xd0 [ 72.746844][ T5422] get_tree_bdev+0x3ce/0x600 [ 72.751438][ T5422] ? put_ntfs+0x260/0x260 [ 72.756027][ T5422] vfs_get_tree+0x7e/0x180 [ 72.760443][ T5422] do_new_mount+0x1e5/0x8f0 [ 72.764946][ T5422] ? do_move_mount_old+0x120/0x120 [ 72.770061][ T5422] ? user_path_at_empty+0xf1/0x140 [ 72.775170][ T5422] __se_sys_mount+0x232/0x2c0 [ 72.779912][ T5422] ? print_irqtrace_events+0x220/0x220 [ 72.785471][ T5422] ? __x64_sys_mount+0xc0/0xc0 [ 72.790235][ T5422] ? syscall_enter_from_user_mode+0x32/0x200 [ 72.796303][ T5422] ? lockdep_hardirqs_on+0x98/0xf0 [ 72.801420][ T5422] ? syscall_enter_from_user_mode+0x32/0x200 [ 72.807401][ T5422] do_syscall_64+0x41/0xc0 [ 72.811820][ T5422] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 72.818081][ T5422] RIP: 0033:0x7fc52228d8ba [ 72.822503][ T5422] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.842373][ T5422] RSP: 002b:00007fc522fe4f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 72.850871][ T5422] RAX: ffffffffffffffda RBX: 000000000001f1a5 RCX: 00007fc52228d8ba [ 72.859712][ T5422] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 00007fc522fe4fe0 [ 72.867692][ T5422] RBP: 00007fc522fe5020 R08: 00007fc522fe5020 R09: 0000000000800000 [ 72.875934][ T5422] R10: 0000000000800000 R11: 0000000000000246 R12: 00000000200000c0 [ 72.884255][ T5422] R13: 0000000020000000 R14: 00007fc522fe4fe0 R15: 0000000020000100 [ 72.892320][ T5422] [ 72.895350][ T5422] [ 72.897671][ T5422] The buggy address belongs to the physical page: [ 72.904163][ T5422] page:ffffea0001991940 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x66465 [ 72.914401][ T5422] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 72.921508][ T5422] page_type: 0xffffffff() [ 72.925869][ T5422] raw: 00fff00000000000 ffffea0001991fc8 ffffea0001991d48 0000000000000000 [ 72.934454][ T5422] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 72.943033][ T5422] page dumped because: kasan: bad access detected [ 72.949539][ T5422] page_owner tracks the page as freed [ 72.955167][ T5422] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5422, tgid 5420 (syz-executor.0), ts 72535343075, free_ts 72576115176 [ 72.975214][ T5422] post_alloc_hook+0x26e/0x290 [ 72.980251][ T5422] get_page_from_freelist+0x3197/0x3320 [ 72.985890][ T5422] __alloc_pages+0x255/0x650 [ 72.990571][ T5422] __folio_alloc+0x13/0x30 [ 72.995106][ T5422] vma_alloc_folio+0x48e/0x9f0 [ 72.999874][ T5422] handle_mm_fault+0x296e/0x43a0 [ 73.004905][ T5422] exc_page_fault+0x263/0x8c0 [ 73.009762][ T5422] asm_exc_page_fault+0x26/0x30 [ 73.014630][ T5422] page last free stack trace: [ 73.019435][ T5422] free_unref_page_prepare+0x817/0x940 [ 73.025067][ T5422] free_unref_page_list+0x54b/0x7e0 [ 73.030379][ T5422] release_pages+0x19c2/0x1b70 [ 73.035158][ T5422] tlb_flush_mmu+0xe9/0x1d0 [ 73.039659][ T5422] tlb_finish_mmu+0xb6/0x1c0 [ 73.044277][ T5422] unmap_region+0x247/0x2a0 [ 73.048780][ T5422] do_vmi_align_munmap+0xf3a/0x1540 [ 73.054067][ T5422] do_vmi_munmap+0x199/0x1f0 [ 73.058915][ T5422] __vm_munmap+0x1e8/0x3b0 [ 73.063327][ T5422] __x64_sys_munmap+0x64/0x70 [ 73.068109][ T5422] do_syscall_64+0x41/0xc0 [ 73.072797][ T5422] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 73.079047][ T5422] [ 73.081456][ T5422] Memory state around the buggy address: [ 73.087174][ T5422] ffff888066464f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.095587][ T5422] ffff888066464f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.104519][ T5422] >ffff888066465000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 73.112756][ T5422] ^ [ 73.116821][ T5422] ffff888066465080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 73.124971][ T5422] ffff888066465100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 73.133378][ T5422] ================================================================== [ 73.159650][ T5422] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 73.167221][ T5422] Kernel Offset: disabled [ 73.171631][ T5422] Rebooting in 86400 seconds..