Warning: Permanently added '10.128.1.49' (ED25519) to the list of known hosts.
2023/09/12 05:49:23 ignoring optional flag "sandboxArg"="0"
2023/09/12 05:49:24 parsed 1 programs
2023/09/12 05:49:24 executed programs: 0
[   72.438158][ T4435] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   72.445413][ T4435] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   72.453598][ T4435] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   72.461699][ T4435] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   72.469776][ T4435] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   72.477175][ T4435] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   72.566685][ T5383] chnl_net:caif_netlink_parms(): no params data found
[   72.610317][ T5383] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.617702][ T5383] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.625833][ T5383] bridge_slave_0: entered allmulticast mode
[   72.632565][ T5383] bridge_slave_0: entered promiscuous mode
[   72.640341][ T5383] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.647767][ T5383] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.655429][ T5383] bridge_slave_1: entered allmulticast mode
[   72.662254][ T5383] bridge_slave_1: entered promiscuous mode
[   72.682615][ T5383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.694215][ T5383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.716551][ T5383] team0: Port device team_slave_0 added
[   72.724018][ T5383] team0: Port device team_slave_1 added
[   72.742107][ T5383] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.749312][ T5383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.776018][ T5383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.788064][ T5383] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.795314][ T5383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.821752][ T5383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.851445][ T5383] hsr_slave_0: entered promiscuous mode
[   72.857487][ T5383] hsr_slave_1: entered promiscuous mode
[   73.591534][ T5383] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   73.609819][ T5383] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   73.622432][ T5383] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   73.634096][ T5383] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   73.725527][ T5383] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.744659][ T5383] 8021q: adding VLAN 0 to HW filter on device team0
[   73.756684][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.764033][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.813287][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.820686][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.983642][ T5383] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.027115][ T5383] veth0_vlan: entered promiscuous mode
[   74.041913][ T5383] veth1_vlan: entered promiscuous mode
[   74.075311][ T5383] veth0_macvtap: entered promiscuous mode
[   74.085039][ T5383] veth1_macvtap: entered promiscuous mode
[   74.107084][ T5383] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.126292][ T5383] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.142020][ T5383] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.153315][ T5383] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.163538][ T5383] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.173119][ T5383] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.235638][    T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.252673][    T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.280436][ T5043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.288725][ T5043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.347558][ T5465] loop0: detected capacity change from 0 to 512
[   74.355529][ T5465] EXT4-fs: Ignoring removed bh option
[   74.361999][ T5465] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   74.378042][ T5465] EXT4-fs (loop0): 1 truncate cleaned up
[   74.384374][ T5465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.405517][ T5465] ==================================================================
[   74.413791][ T5465] BUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1b0
[   74.421014][ T5465] Read of size 1 at addr ffff88806f3f03ed by task syz-executor.0/5465
[   74.429270][ T5465] 
[   74.431696][ T5465] CPU: 1 PID: 5465 Comm: syz-executor.0 Not tainted 6.6.0-rc1-syzkaller #0
[   74.440472][ T5465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   74.451326][ T5465] Call Trace:
[   74.454620][ T5465]  <TASK>
[   74.457566][ T5465]  dump_stack_lvl+0x1e7/0x2d0
[   74.462673][ T5465]  ? nf_tcp_handle_invalid+0x650/0x650
[   74.468509][ T5465]  ? panic+0x770/0x770
[   74.472596][ T5465]  ? _printk+0xd5/0x120
[   74.476864][ T5465]  print_report+0x163/0x540
[   74.481778][ T5465]  ? ext4_get_inode_loc+0x1a0/0x1a0
[   74.487087][ T5465]  ? __virt_addr_valid+0x22f/0x2e0
[   74.492775][ T5465]  ? __phys_addr+0xba/0x170
[   74.497574][ T5465]  ? ext4_search_dir+0xf2/0x1b0
[   74.502666][ T5465]  kasan_report+0x175/0x1b0
[   74.507204][ T5465]  ? ext4_search_dir+0xf2/0x1b0
[   74.512265][ T5465]  ext4_search_dir+0xf2/0x1b0
[   74.517074][ T5465]  ext4_find_inline_entry+0x4ba/0x5e0
[   74.522572][ T5465]  ? ext4_try_create_inline_dir+0x320/0x320
[   74.529029][ T5465]  ? tomoyo_path_number_perm+0x6e4/0x840
[   74.535136][ T5465]  __ext4_find_entry+0x2b4/0x1b30
[   74.540398][ T5465]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[   74.545982][ T5465]  ? ext4_ci_compare+0x660/0x660
[   74.551219][ T5465]  ? ext4_fname_prepare_lookup+0x3b9/0x4e0
[   74.557238][ T5465]  ? smk_tskacc+0x2ff/0x360
[   74.561911][ T5465]  ext4_lookup+0x17a/0x750
[   74.566375][ T5465]  ? smack_inode_rename+0x310/0x310
[   74.572672][ T5465]  ? ext4_add_entry+0x1000/0x1000
[   74.577744][ T5465]  ? generic_permission+0x1df/0x550
[   74.583069][ T5465]  ? bpf_lsm_inode_create+0x9/0x10
[   74.588387][ T5465]  ? security_inode_create+0xb8/0x100
[   74.594059][ T5465]  ? ext4_add_entry+0x1000/0x1000
[   74.599226][ T5465]  path_openat+0x11f1/0x3180
[   74.603850][ T5465]  ? do_filp_open+0x490/0x490
[   74.608726][ T5465]  ? rcu_is_watching+0x15/0xb0
[   74.613515][ T5465]  do_filp_open+0x234/0x490
[   74.618040][ T5465]  ? vfs_tmpfile+0x4b0/0x4b0
[   74.622661][ T5465]  ? _raw_spin_unlock+0x28/0x40
[   74.627541][ T5465]  ? alloc_fd+0x59c/0x640
[   74.631993][ T5465]  do_sys_openat2+0x13e/0x1d0
[   74.636741][ T5465]  ? do_sys_open+0x230/0x230
[   74.641354][ T5465]  ? xfd_validate_state+0x6e/0x150
[   74.646491][ T5465]  ? restore_fpregs_from_fpstate+0x100/0x250
[   74.652504][ T5465]  __x64_sys_open+0x225/0x270
[   74.657210][ T5465]  ? do_sys_openat2+0x1d0/0x1d0
[   74.662086][ T5465]  ? rcu_is_watching+0x15/0xb0
[   74.666974][ T5465]  ? syscall_enter_from_user_mode+0x32/0x230
[   74.672990][ T5465]  do_syscall_64+0x41/0xc0
[   74.677438][ T5465]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   74.683356][ T5465] RIP: 0033:0x7f137567c959
[   74.687880][ T5465] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   74.707758][ T5465] RSP: 002b:00007f13763860c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   74.709712][ T4435] Bluetooth: hci0: command 0x0409 tx timeout
[   74.716515][ T5465] RAX: ffffffffffffffda RBX: 00007f137579bf80 RCX: 00007f137567c959
[   74.730480][ T5465] RDX: 0000000000000000 RSI: 0000000000141042 RDI: 0000000020000100
[   74.738477][ T5465] RBP: 00007f13756d8c88 R08: 0000000000000000 R09: 0000000000000000
[   74.746476][ T5465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.754487][ T5465] R13: 000000000000000b R14: 00007f137579bf80 R15: 00007fffe35b7448
[   74.762489][ T5465]  </TASK>
[   74.765523][ T5465] 
[   74.767937][ T5465] The buggy address belongs to the physical page:
[   74.774653][ T5465] page:ffffea0001bcfc00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6f3f0
[   74.785169][ T5465] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   74.792563][ T5465] page_type: 0xffffffff()
[   74.797039][ T5465] raw: 00fff00000000000 ffffea0001bcf888 ffffea0001bcef08 0000000000000000
[   74.805924][ T5465] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   74.814628][ T5465] page dumped because: kasan: bad access detected
[   74.821150][ T5465] page_owner tracks the page as freed
[   74.826535][ T5465] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5425, tgid 5425 (sed), ts 73597682029, free_ts 73604995962
[   74.844618][ T5465]  post_alloc_hook+0x1e6/0x210
[   74.849405][ T5465]  get_page_from_freelist+0x31db/0x3360
[   74.855065][ T5465]  __alloc_pages+0x255/0x670
[   74.860291][ T5465]  __folio_alloc+0x13/0x30
[   74.864734][ T5465]  vma_alloc_folio+0x48a/0x9a0
[   74.869610][ T5465]  handle_mm_fault+0x2359/0x6200
[   74.874572][ T5465]  exc_page_fault+0x455/0x860
[   74.879272][ T5465]  asm_exc_page_fault+0x26/0x30
[   74.884254][ T5465] page last free stack trace:
[   74.888943][ T5465]  free_unref_page_prepare+0x8c3/0x9f0
[   74.894437][ T5465]  free_unref_page_list+0x596/0x830
[   74.899676][ T5465]  release_pages+0x2113/0x23f0
[   74.904471][ T5465]  tlb_flush_mmu+0x34c/0x4e0
[   74.909092][ T5465]  tlb_finish_mmu+0xd4/0x1f0
[   74.913813][ T5465]  exit_mmap+0x4d3/0xc50
[   74.918083][ T5465]  __mmput+0x115/0x3c0
[   74.922258][ T5465]  exit_mm+0x21f/0x300
[   74.926351][ T5465]  do_exit+0x612/0x2290
[   74.930543][ T5465]  do_group_exit+0x206/0x2c0
[   74.935344][ T5465]  __x64_sys_exit_group+0x3f/0x40
[   74.940510][ T5465]  do_syscall_64+0x41/0xc0
[   74.945153][ T5465]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   74.951172][ T5465] 
[   74.953507][ T5465] Memory state around the buggy address:
[   74.959237][ T5465]  ffff88806f3f0280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.967320][ T5465]  ffff88806f3f0300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.975600][ T5465] >ffff88806f3f0380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.983756][ T5465]                                                           ^
[   74.991259][ T5465]  ffff88806f3f0400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.999337][ T5465]  ffff88806f3f0480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   75.007418][ T5465] ==================================================================
[   75.032180][ T5465] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   75.039414][ T5465] CPU: 1 PID: 5465 Comm: syz-executor.0 Not tainted 6.6.0-rc1-syzkaller #0
[   75.048026][ T5465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   75.058194][ T5465] Call Trace:
[   75.061492][ T5465]  <TASK>
[   75.064454][ T5465]  dump_stack_lvl+0x1e7/0x2d0
[   75.069162][ T5465]  ? nf_tcp_handle_invalid+0x650/0x650
[   75.074743][ T5465]  ? panic+0x770/0x770
[   75.078839][ T5465]  ? preempt_schedule_common+0x83/0xc0
[   75.084420][ T5465]  ? vscnprintf+0x5d/0x80
[   75.088860][ T5465]  panic+0x30f/0x770
[   75.092998][ T5465]  ? check_panic_on_warn+0x21/0xa0
[   75.098150][ T5465]  ? __memcpy_flushcache+0x2b0/0x2b0
[   75.103570][ T5465]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   75.109667][ T5465]  ? _raw_spin_unlock+0x40/0x40
[   75.114714][ T5465]  ? print_report+0x4fb/0x540
[   75.119775][ T5465]  check_panic_on_warn+0x82/0xa0
[   75.125006][ T5465]  ? ext4_search_dir+0xf2/0x1b0
[   75.130064][ T5465]  end_report+0x6e/0x130
[   75.134343][ T5465]  kasan_report+0x186/0x1b0
[   75.138874][ T5465]  ? ext4_search_dir+0xf2/0x1b0
[   75.143852][ T5465]  ext4_search_dir+0xf2/0x1b0
[   75.148611][ T5465]  ext4_find_inline_entry+0x4ba/0x5e0
[   75.154223][ T5465]  ? ext4_try_create_inline_dir+0x320/0x320
[   75.160330][ T5465]  ? tomoyo_path_number_perm+0x6e4/0x840
[   75.166002][ T5465]  __ext4_find_entry+0x2b4/0x1b30
[   75.171070][ T5465]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[   75.176565][ T5465]  ? ext4_ci_compare+0x660/0x660
[   75.181544][ T5465]  ? ext4_fname_prepare_lookup+0x3b9/0x4e0
[   75.187382][ T5465]  ? smk_tskacc+0x2ff/0x360
[   75.191923][ T5465]  ext4_lookup+0x17a/0x750
[   75.196368][ T5465]  ? smack_inode_rename+0x310/0x310
[   75.201590][ T5465]  ? ext4_add_entry+0x1000/0x1000
[   75.206848][ T5465]  ? generic_permission+0x1df/0x550
[   75.212158][ T5465]  ? bpf_lsm_inode_create+0x9/0x10
[   75.217293][ T5465]  ? security_inode_create+0xb8/0x100
[   75.222693][ T5465]  ? ext4_add_entry+0x1000/0x1000
[   75.228020][ T5465]  path_openat+0x11f1/0x3180
[   75.233084][ T5465]  ? do_filp_open+0x490/0x490
[   75.237786][ T5465]  ? rcu_is_watching+0x15/0xb0
[   75.242598][ T5465]  do_filp_open+0x234/0x490
[   75.247394][ T5465]  ? vfs_tmpfile+0x4b0/0x4b0
[   75.252110][ T5465]  ? _raw_spin_unlock+0x28/0x40
[   75.258640][ T5465]  ? alloc_fd+0x59c/0x640
[   75.263012][ T5465]  do_sys_openat2+0x13e/0x1d0
[   75.267939][ T5465]  ? do_sys_open+0x230/0x230
[   75.273031][ T5465]  ? xfd_validate_state+0x6e/0x150
[   75.278434][ T5465]  ? restore_fpregs_from_fpstate+0x100/0x250
[   75.286856][ T5465]  __x64_sys_open+0x225/0x270
[   75.291910][ T5465]  ? do_sys_openat2+0x1d0/0x1d0
[   75.296897][ T5465]  ? rcu_is_watching+0x15/0xb0
[   75.301694][ T5465]  ? syscall_enter_from_user_mode+0x32/0x230
[   75.308237][ T5465]  do_syscall_64+0x41/0xc0
[   75.312946][ T5465]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   75.319138][ T5465] RIP: 0033:0x7f137567c959
[   75.323838][ T5465] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   75.344420][ T5465] RSP: 002b:00007f13763860c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   75.352947][ T5465] RAX: ffffffffffffffda RBX: 00007f137579bf80 RCX: 00007f137567c959
[   75.361552][ T5465] RDX: 0000000000000000 RSI: 0000000000141042 RDI: 0000000020000100
[   75.369743][ T5465] RBP: 00007f13756d8c88 R08: 0000000000000000 R09: 0000000000000000
[   75.378344][ T5465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.386680][ T5465] R13: 000000000000000b R14: 00007f137579bf80 R15: 00007fffe35b7448
[   75.394854][ T5465]  </TASK>
[   75.398209][ T5465] Kernel Offset: disabled
[   75.403073][ T5465] Rebooting in 86400 seconds..