Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts.
2024/03/15 00:28:24 ignoring optional flag "sandboxArg"="0"
2024/03/15 00:28:24 parsed 1 programs
2024/03/15 00:28:26 executed programs: 0
[ 88.833643][ T5417] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 88.885539][ T5071] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 88.893824][ T5071] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 88.901710][ T5071] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 88.909963][ T5071] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 88.918084][ T5071] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 88.925317][ T5071] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 89.037658][ T5424] chnl_net:caif_netlink_parms(): no params data found
[ 89.089864][ T5424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.097524][ T5424] bridge0: port 1(bridge_slave_0) entered disabled state
[ 89.104666][ T5424] bridge_slave_0: entered allmulticast mode
[ 89.112243][ T5424] bridge_slave_0: entered promiscuous mode
[ 89.119975][ T5424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.127612][ T5424] bridge0: port 2(bridge_slave_1) entered disabled state
[ 89.134925][ T5424] bridge_slave_1: entered allmulticast mode
[ 89.142093][ T5424] bridge_slave_1: entered promiscuous mode
[ 89.165137][ T5424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 89.176623][ T5424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 89.204601][ T5424] team0: Port device team_slave_0 added
[ 89.212471][ T5424] team0: Port device team_slave_1 added
[ 89.233386][ T5424] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 89.240505][ T5424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.266517][ T5424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 89.279511][ T5424] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 89.286473][ T5424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.312577][ T5424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 89.346771][ T5424] hsr_slave_0: entered promiscuous mode
[ 89.353052][ T5424] hsr_slave_1: entered promiscuous mode
[ 89.921643][ T5424] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 89.932558][ T5424] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 89.945159][ T5424] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 89.955600][ T5424] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 89.991401][ T5424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.998616][ T5424] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 90.006864][ T5424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.014104][ T5424] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 90.027484][ T783] bridge0: port 1(bridge_slave_0) entered disabled state
[ 90.035437][ T783] bridge0: port 2(bridge_slave_1) entered disabled state
[ 90.128105][ T5424] 8021q: adding VLAN 0 to HW filter on device bond0
[ 90.160323][ T5424] 8021q: adding VLAN 0 to HW filter on device team0
[ 90.173664][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.180901][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 90.208890][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.216426][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 90.433572][ T5424] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 90.491538][ T5424] veth0_vlan: entered promiscuous mode
[ 90.510827][ T5424] veth1_vlan: entered promiscuous mode
[ 90.549563][ T5424] veth0_macvtap: entered promiscuous mode
[ 90.561752][ T5424] veth1_macvtap: entered promiscuous mode
[ 90.590657][ T5424] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 90.605977][ T5424] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 90.619466][ T5424] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.631393][ T5424] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.641200][ T5424] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.650536][ T5424] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.722111][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.745750][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.777220][ T7] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.786283][ T7] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.841760][ T5492] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 90.915677][ T5497] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 90.963007][ T5501] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 90.988603][ T5071] Bluetooth: hci0: command tx timeout
[ 91.054290][ T5508] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 91.110270][ T5511] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 91.174193][ T5514] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 91.238011][ T5517] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 91.289406][ T5522] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 91.348229][ T5526] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 91.410573][ T5529] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.076264][ T5577] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 92.083319][ T5577] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 92.090022][ T5577] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 92.096476][ T5577] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 92.103422][ T5577] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 92.109928][ T5577] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 92.116399][ T5577] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 92.123010][ T5577] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 92.432305][ C1] ==================================================================
[ 92.440417][ C1] BUG: KASAN: slab-use-after-free in ip_skb_dst_mtu+0x830/0x9b0
[ 92.448079][ C1] Read of size 1 at addr ffff88807ecd4012 by task dhcpcd-run-hook/5600
[ 92.456336][ C1]
[ 92.458677][ C1] CPU: 1 PID: 5600 Comm: dhcpcd-run-hook Not tainted 6.8.0-syzkaller-05218-ge30cef001da2 #0
[ 92.469016][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[ 92.479062][ C1] Call Trace:
[ 92.482350][ C1]
[ 92.485271][ C1] dump_stack_lvl+0x1e7/0x2e0
[ 92.489944][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 92.495131][ C1] ? __pfx__printk+0x10/0x10
[ 92.499722][ C1] ? _printk+0xd5/0x120
[ 92.503915][ C1] ? __virt_addr_valid+0x183/0x520
[ 92.509034][ C1] ? __virt_addr_valid+0x183/0x520
[ 92.514157][ C1] print_report+0x169/0x550
[ 92.518678][ C1] ? __virt_addr_valid+0x183/0x520
[ 92.523808][ C1] ? __virt_addr_valid+0x183/0x520
[ 92.528940][ C1] ? __virt_addr_valid+0x44e/0x520
[ 92.534053][ C1] ? __phys_addr+0xba/0x170
[ 92.538642][ C1] ? ip_skb_dst_mtu+0x830/0x9b0
[ 92.543498][ C1] kasan_report+0x143/0x180
[ 92.547994][ C1] ? ip_skb_dst_mtu+0x830/0x9b0
[ 92.552839][ C1] ip_skb_dst_mtu+0x830/0x9b0
[ 92.557511][ C1] __ip_finish_output+0x12b/0x400
[ 92.562531][ C1] ipvlan_process_v4_outbound+0x3ef/0x700
[ 92.568248][ C1] ? __pfx_ipvlan_process_v4_outbound+0x10/0x10
[ 92.574482][ C1] ? rcu_lockdep_current_cpu_online+0x37/0x120
[ 92.580631][ C1] ? ipvlan_get_L3_hdr+0x4dd/0xc30
[ 92.585735][ C1] ? skb_pull+0xc1/0x1e0
[ 92.589976][ C1] ipvlan_queue_xmit+0xaa2/0x11f0
[ 92.595081][ C1] ? __pfx_ipvlan_queue_xmit+0x10/0x10
[ 92.600546][ C1] ? netif_skb_features+0x866/0xbb0
[ 92.605739][ C1] ? validate_xmit_skb+0xa04/0x1120
[ 92.610929][ C1] ipvlan_start_xmit+0x4a/0x150
[ 92.615793][ C1] dev_hard_start_xmit+0x26a/0x790
[ 92.620903][ C1] sch_direct_xmit+0x2b6/0x5f0
[ 92.625665][ C1] ? __pfx_sch_direct_xmit+0x10/0x10
[ 92.630949][ C1] __qdisc_run+0xbed/0x2150
[ 92.635450][ C1] qdisc_run+0xda/0x270
[ 92.639600][ C1] net_tx_action+0x877/0xa30
[ 92.644291][ C1] ? net_tx_action+0x6e3/0xa30
[ 92.649242][ C1] ? __pfx_net_tx_action+0x10/0x10
[ 92.654373][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 92.660705][ C1] ? do_raw_spin_unlock+0x13c/0x8b0
[ 92.665912][ C1] __do_softirq+0x2bc/0x943
[ 92.670500][ C1] ? __irq_exit_rcu+0xf2/0x1c0
[ 92.675340][ C1] ? __pfx___do_softirq+0x10/0x10
[ 92.680372][ C1] ? irqtime_account_irq+0xd4/0x1e0
[ 92.685651][ C1] __irq_exit_rcu+0xf2/0x1c0
[ 92.690228][ C1] ? __pfx___irq_exit_rcu+0x10/0x10
[ 92.695414][ C1] irq_exit_rcu+0x9/0x30
[ 92.699641][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 92.705419][ C1]
[ 92.708597][ C1]
[ 92.711513][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 92.717488][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp2+0x11/0x90
[ 92.724338][ C1] Code: 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 65 48 8b 14 25 80 ce 03 00 <65> 8b 05 60 da 6e 7e a9 00 01 ff 00 74 10 a9 00 01 00 00 74 5b 83
[ 92.743935][ C1] RSP: 0018:ffffc90004fd71b8 EFLAGS: 00000293
[ 92.750003][ C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff88807b310000
[ 92.757963][ C1] RDX: ffff88807b310000 RSI: 0000000000000001 RDI: 0000000000000003
[ 92.765919][ C1] RBP: ffffc90004fd7290 R08: ffffffff81f53403 R09: ffffffff81f52883
[ 92.773876][ C1] R10: 0000000000000004 R11: ffff88807b310000 R12: 0000000000000000
[ 92.781835][ C1] R13: ffffffffffffffff R14: 1ffffffff28a3588 R15: 0000000000000000
[ 92.789799][ C1] ? policy_nodemask+0x53/0x720
[ 92.794648][ C1] ? alloc_pages_mpol+0x193/0x650
[ 92.799670][ C1] alloc_pages_mpol+0x193/0x650
[ 92.804516][ C1] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 92.809925][ C1] ? mem_cgroup_commit_charge+0x21e/0x380
[ 92.815645][ C1] ? alloc_pages+0xef/0x170
[ 92.820142][ C1] pte_alloc_one+0x88/0x5d0
[ 92.824636][ C1] ? __pfx_pte_alloc_one+0x10/0x10
[ 92.829746][ C1] ? blk_cgroup_congested+0x1d/0x220
[ 92.835028][ C1] ? blk_cgroup_congested+0x20e/0x220
[ 92.840401][ C1] __do_fault+0xd0/0x460
[ 92.844635][ C1] __handle_mm_fault+0x21fe/0x72d0
[ 92.849753][ C1] ? __pfx___handle_mm_fault+0x10/0x10
[ 92.855206][ C1] ? mt_find+0x226/0x850
[ 92.859438][ C1] ? __pfx_lock_release+0x10/0x10
[ 92.864457][ C1] ? mt_find+0x62d/0x850
[ 92.868690][ C1] ? mt_find+0x226/0x850
[ 92.872929][ C1] ? find_vma+0x142/0x1c0
[ 92.877242][ C1] ? __pfx_find_vma+0x10/0x10
[ 92.881904][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 92.887873][ C1] handle_mm_fault+0x3c2/0x8a0
[ 92.892633][ C1] exc_page_fault+0x2a8/0x890
[ 92.897300][ C1] asm_exc_page_fault+0x26/0x30
[ 92.902146][ C1] RIP: 0010:rep_stos_alternative+0x40/0x80
[ 92.907945][ C1] Code: ff c7 48 ff c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 90 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[ 92.927637][ C1] RSP: 0018:ffffc90004fd7990 EFLAGS: 00050206
[ 92.933713][ C1] RAX: 0000000000000000 RBX: 0000000000000f30 RCX: 0000000000000f30
[ 92.941677][ C1] RDX: 0000000000000000 RSI: ffffffff8baad3a0 RDI: 00007fcc7e0140d0
[ 92.949634][ C1] RBP: 1ffff11002254719 R08: ffffffff8f86ae2f R09: 1ffffffff1f0d5c5
[ 92.957594][ C1] R10: dffffc0000000000 R11: fffffbfff1f0d5c6 R12: 00007fcc7e0140d0
[ 92.965554][ C1] R13: ffff8880112a38a8 R14: 00007fcc7e014298 R15: ffff8880112a38c8
[ 92.973521][ C1] elf_load+0x4c5/0x6f0
[ 92.977675][ C1] load_elf_interp+0x443/0xac0
[ 92.982431][ C1] load_elf_binary+0x190f/0x2590
[ 92.987368][ C1] ? load_elf_binary+0x871/0x2590
[ 92.992418][ C1] ? __pfx_load_elf_binary+0x10/0x10
[ 92.997699][ C1] ? _raw_read_unlock+0x28/0x50
[ 93.002546][ C1] ? load_misc_binary+0x6e5/0xc20
[ 93.007659][ C1] bprm_execve+0xaf8/0x1790
[ 93.012245][ C1] ? __pfx_bprm_execve+0x10/0x10
[ 93.017172][ C1] ? copy_strings+0x439/0x490
[ 93.021841][ C1] do_execveat_common+0x553/0x700
[ 93.026868][ C1] __x64_sys_execve+0x92/0xb0
[ 93.031555][ C1] do_syscall_64+0xfb/0x240
[ 93.036053][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 93.041944][ C1] RIP: 0033:0x7f780b33bef7
[ 93.046439][ C1] Code: Unable to access opcode bytes at 0x7f780b33becd.
[ 93.053448][ C1] RSP: 002b:00007f780b1e5e78 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 93.061937][ C1] RAX: ffffffffffffffda RBX: 00007ffd4893afa0 RCX: 00007f780b33bef7
[ 93.069973][ C1] RDX: 000055fe2564d5c0 RSI: 00007ffd4893b490 RDI: 000055fe1f629df6
[ 93.078039][ C1] RBP: 00007f780b1e5ff0 R08: 0000000000000000 R09: 0000000000000000
[ 93.086004][ C1] R10: 0000000000000008 R11: 0000000000000246 R12: 00007ffd4893b2b8
[ 93.094138][ C1] R13: 00007f780b1e5f28 R14: 0000000000000000 R15: 0000000000000041
[ 93.102109][ C1]
[ 93.105116][ C1]
[ 93.107428][ C1] Allocated by task 5599:
[ 93.111740][ C1] kasan_save_track+0x3f/0x80
[ 93.116408][ C1] __kasan_kmalloc+0x98/0xb0
[ 93.120995][ C1] __kmalloc+0x231/0x4a0
[ 93.125235][ C1] sk_prot_alloc+0xe0/0x210
[ 93.129732][ C1] sk_alloc+0x38/0x370
[ 93.133792][ C1] packet_create+0x104/0x790
[ 93.138401][ C1] __sock_create+0x490/0x920
[ 93.142978][ C1] __sys_socket+0x150/0x3c0
[ 93.147467][ C1] __x64_sys_socket+0x7a/0x90
[ 93.152130][ C1] do_syscall_64+0xfb/0x240
[ 93.156622][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 93.162547][ C1]
[ 93.164856][ C1] Freed by task 5600:
[ 93.168819][ C1] kasan_save_track+0x3f/0x80
[ 93.173484][ C1] kasan_save_free_info+0x40/0x50
[ 93.178525][ C1] poison_slab_object+0xa6/0xe0
[ 93.183366][ C1] __kasan_slab_free+0x37/0x60
[ 93.188120][ C1] kfree+0x14a/0x380
[ 93.192015][ C1] __sk_destruct+0x476/0x5f0
[ 93.196596][ C1] ip_defrag+0x20a/0x26b0
[ 93.200916][ C1] ipv4_conntrack_defrag+0x3de/0x5a0
[ 93.206276][ C1] nf_hook_slow+0xc3/0x220
[ 93.210695][ C1] nf_hook+0x2c4/0x450
[ 93.214757][ C1] __ip_local_out+0x3d9/0x4e0
[ 93.219423][ C1] ip_local_out+0x26/0x70
[ 93.223743][ C1] ipvlan_process_v4_outbound+0x3ef/0x700
[ 93.229481][ C1] ipvlan_queue_xmit+0xaa2/0x11f0
[ 93.234517][ C1] ipvlan_start_xmit+0x4a/0x150
[ 93.239374][ C1] dev_hard_start_xmit+0x26a/0x790
[ 93.244500][ C1] sch_direct_xmit+0x2b6/0x5f0
[ 93.249277][ C1] __qdisc_run+0xbed/0x2150
[ 93.253782][ C1] qdisc_run+0xda/0x270
[ 93.257952][ C1] net_tx_action+0x877/0xa30
[ 93.262558][ C1] __do_softirq+0x2bc/0x943
[ 93.267070][ C1]
[ 93.269388][ C1] The buggy address belongs to the object at ffff88807ecd4000
[ 93.269388][ C1] which belongs to the cache kmalloc-4k of size 4096
[ 93.283430][ C1] The buggy address is located 18 bytes inside of
[ 93.283430][ C1] freed 4096-byte region [ffff88807ecd4000, ffff88807ecd5000)
[ 93.297673][ C1]
[ 93.299993][ C1] The buggy address belongs to the physical page:
[ 93.306389][ C1] page:ffffea0001fb3400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ecd0
[ 93.316531][ C1] head:ffffea0001fb3400 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 93.325450][ C1] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 93.333435][ C1] page_type: 0xffffffff()
[ 93.337760][ C1] raw: 00fff00000000840 ffff888014c42140 dead000000000122 0000000000000000
[ 93.346340][ C1] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[ 93.354911][ C1] page dumped because: kasan: bad access detected
[ 93.361310][ C1] page_owner tracks the page as allocated
[ 93.367009][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5597, tgid 5597 (rm), ts 92394714458, free_ts 92344057905
[ 93.388097][ C1] post_alloc_hook+0x1ea/0x210
[ 93.392945][ C1] get_page_from_freelist+0x33ea/0x3580
[ 93.398494][ C1] __alloc_pages+0x256/0x680
[ 93.403082][ C1] alloc_slab_page+0x5f/0x160
[ 93.407837][ C1] new_slab+0x84/0x2f0
[ 93.411894][ C1] ___slab_alloc+0xd1b/0x13e0
[ 93.416566][ C1] __kmalloc+0x2e3/0x4a0
[ 93.420809][ C1] tomoyo_realpath_from_path+0xcf/0x5e0
[ 93.426347][ C1] tomoyo_check_open_permission+0x255/0x500
[ 93.432226][ C1] security_file_open+0x69/0x570
[ 93.437151][ C1] do_dentry_open+0x327/0x15a0
[ 93.441911][ C1] path_openat+0x2860/0x3240
[ 93.446490][ C1] do_filp_open+0x235/0x490
[ 93.450985][ C1] do_sys_openat2+0x13e/0x1d0
[ 93.455669][ C1] __x64_sys_openat+0x247/0x2a0
[ 93.460515][ C1] do_syscall_64+0xfb/0x240
[ 93.465012][ C1] page last free pid 5596 tgid 5594 stack trace:
[ 93.471322][ C1] free_unref_page_prepare+0x968/0xa90
[ 93.476775][ C1] free_unref_page+0x37/0x3f0
[ 93.481443][ C1] free_large_kmalloc+0x105/0x1c0
[ 93.486462][ C1] kfree+0x1c1/0x380
[ 93.490352][ C1] skb_release_data+0x585/0x870
[ 93.495207][ C1] consume_skb+0xb3/0x160
[ 93.499530][ C1] tbf_enqueue+0x738/0x8d0
[ 93.503943][ C1] dev_qdisc_enqueue+0x4b/0x250
[ 93.508786][ C1] __dev_queue_xmit+0xdfe/0x3b10
[ 93.513738][ C1] packet_sendmsg+0x4932/0x63d0
[ 93.518604][ C1] __sock_sendmsg+0x221/0x270
[ 93.523281][ C1] __sys_sendto+0x3a4/0x4f0
[ 93.527781][ C1] __x64_sys_sendto+0xde/0x100
[ 93.532628][ C1] do_syscall_64+0xfb/0x240
[ 93.537122][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 93.543018][ C1]
[ 93.545342][ C1] Memory state around the buggy address:
[ 93.551054][ C1] ffff88807ecd3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 93.559189][ C1] ffff88807ecd3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 93.567238][ C1] >ffff88807ecd4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 93.575285][ C1] ^
[ 93.579893][ C1] ffff88807ecd4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 93.587940][ C1] ffff88807ecd4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 93.596002][ C1] ==================================================================
[ 93.604276][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 93.611481][ C1] CPU: 1 PID: 5600 Comm: dhcpcd-run-hook Not tainted 6.8.0-syzkaller-05218-ge30cef001da2 #0
[ 93.620180][ T5071] Bluetooth: hci0: command tx timeout
[ 93.626934][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[ 93.637032][ C1] Call Trace:
[ 93.640311][ C1]
[ 93.643153][ C1] dump_stack_lvl+0x1e7/0x2e0
[ 93.647845][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 93.653043][ C1] ? __pfx__printk+0x10/0x10
[ 93.657629][ C1] ? vscnprintf+0x5d/0x90
[ 93.661957][ C1] panic+0x349/0x860
[ 93.665844][ C1] ? check_panic_on_warn+0x21/0xb0
[ 93.670953][ C1] ? __pfx_panic+0x10/0x10
[ 93.675359][ C1] ? mark_lock+0x9a/0x350
[ 93.679678][ C1] ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 93.685565][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 93.691463][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 93.697780][ C1] ? print_report+0x502/0x550
[ 93.702452][ C1] check_panic_on_warn+0x86/0xb0
[ 93.707401][ C1] ? ip_skb_dst_mtu+0x830/0x9b0
[ 93.712266][ C1] end_report+0x6e/0x140
[ 93.716529][ C1] kasan_report+0x154/0x180
[ 93.721027][ C1] ? ip_skb_dst_mtu+0x830/0x9b0
[ 93.725876][ C1] ip_skb_dst_mtu+0x830/0x9b0
[ 93.730556][ C1] __ip_finish_output+0x12b/0x400
[ 93.735580][ C1] ipvlan_process_v4_outbound+0x3ef/0x700
[ 93.741297][ C1] ? __pfx_ipvlan_process_v4_outbound+0x10/0x10
[ 93.747532][ C1] ? rcu_lockdep_current_cpu_online+0x37/0x120
[ 93.753682][ C1] ? ipvlan_get_L3_hdr+0x4dd/0xc30
[ 93.758800][ C1] ? skb_pull+0xc1/0x1e0
[ 93.763038][ C1] ipvlan_queue_xmit+0xaa2/0x11f0
[ 93.768060][ C1] ? __pfx_ipvlan_queue_xmit+0x10/0x10
[ 93.773518][ C1] ? netif_skb_features+0x866/0xbb0
[ 93.778796][ C1] ? validate_xmit_skb+0xa04/0x1120
[ 93.783996][ C1] ipvlan_start_xmit+0x4a/0x150
[ 93.788842][ C1] dev_hard_start_xmit+0x26a/0x790
[ 93.793952][ C1] sch_direct_xmit+0x2b6/0x5f0
[ 93.798711][ C1] ? __pfx_sch_direct_xmit+0x10/0x10
[ 93.804021][ C1] __qdisc_run+0xbed/0x2150
[ 93.808566][ C1] qdisc_run+0xda/0x270
[ 93.812748][ C1] net_tx_action+0x877/0xa30
[ 93.817541][ C1] ? net_tx_action+0x6e3/0xa30
[ 93.822396][ C1] ? __pfx_net_tx_action+0x10/0x10
[ 93.827509][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 93.833931][ C1] ? do_raw_spin_unlock+0x13c/0x8b0
[ 93.839128][ C1] __do_softirq+0x2bc/0x943
[ 93.843628][ C1] ? __irq_exit_rcu+0xf2/0x1c0
[ 93.848384][ C1] ? __pfx___do_softirq+0x10/0x10
[ 93.853410][ C1] ? irqtime_account_irq+0xd4/0x1e0
[ 93.858608][ C1] __irq_exit_rcu+0xf2/0x1c0
[ 93.863187][ C1] ? __pfx___irq_exit_rcu+0x10/0x10
[ 93.868383][ C1] irq_exit_rcu+0x9/0x30
[ 93.872620][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 93.878245][ C1]
[ 93.881163][ C1]
[ 93.884095][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 93.890090][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp2+0x11/0x90
[ 93.896933][ C1] Code: 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 65 48 8b 14 25 80 ce 03 00 <65> 8b 05 60 da 6e 7e a9 00 01 ff 00 74 10 a9 00 01 00 00 74 5b 83
[ 93.916617][ C1] RSP: 0018:ffffc90004fd71b8 EFLAGS: 00000293
[ 93.922765][ C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff88807b310000
[ 93.930777][ C1] RDX: ffff88807b310000 RSI: 0000000000000001 RDI: 0000000000000003
[ 93.938841][ C1] RBP: ffffc90004fd7290 R08: ffffffff81f53403 R09: ffffffff81f52883
[ 93.946818][ C1] R10: 0000000000000004 R11: ffff88807b310000 R12: 0000000000000000
[ 93.954956][ C1] R13: ffffffffffffffff R14: 1ffffffff28a3588 R15: 0000000000000000
[ 93.962948][ C1] ? policy_nodemask+0x53/0x720
[ 93.967803][ C1] ? alloc_pages_mpol+0x193/0x650
[ 93.972829][ C1] alloc_pages_mpol+0x193/0x650
[ 93.977680][ C1] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 93.983053][ C1] ? mem_cgroup_commit_charge+0x21e/0x380
[ 93.988762][ C1] ? alloc_pages+0xef/0x170
[ 93.993264][ C1] pte_alloc_one+0x88/0x5d0
[ 93.997769][ C1] ? __pfx_pte_alloc_one+0x10/0x10
[ 94.002876][ C1] ? blk_cgroup_congested+0x1d/0x220
[ 94.008156][ C1] ? blk_cgroup_congested+0x20e/0x220
[ 94.013533][ C1] __do_fault+0xd0/0x460
[ 94.017768][ C1] __handle_mm_fault+0x21fe/0x72d0
[ 94.022885][ C1] ? __pfx___handle_mm_fault+0x10/0x10
[ 94.028341][ C1] ? mt_find+0x226/0x850
[ 94.032574][ C1] ? __pfx_lock_release+0x10/0x10
[ 94.037596][ C1] ? mt_find+0x62d/0x850
[ 94.041832][ C1] ? mt_find+0x226/0x850
[ 94.046073][ C1] ? find_vma+0x142/0x1c0
[ 94.050390][ C1] ? __pfx_find_vma+0x10/0x10
[ 94.055078][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 94.061084][ C1] handle_mm_fault+0x3c2/0x8a0
[ 94.065979][ C1] exc_page_fault+0x2a8/0x890
[ 94.070675][ C1] asm_exc_page_fault+0x26/0x30
[ 94.075613][ C1] RIP: 0010:rep_stos_alternative+0x40/0x80
[ 94.081423][ C1] Code: ff c7 48 ff c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 90 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[ 94.101019][ C1] RSP: 0018:ffffc90004fd7990 EFLAGS: 00050206
[ 94.107164][ C1] RAX: 0000000000000000 RBX: 0000000000000f30 RCX: 0000000000000f30
[ 94.115126][ C1] RDX: 0000000000000000 RSI: ffffffff8baad3a0 RDI: 00007fcc7e0140d0
[ 94.123106][ C1] RBP: 1ffff11002254719 R08: ffffffff8f86ae2f R09: 1ffffffff1f0d5c5
[ 94.131067][ C1] R10: dffffc0000000000 R11: fffffbfff1f0d5c6 R12: 00007fcc7e0140d0
[ 94.139029][ C1] R13: ffff8880112a38a8 R14: 00007fcc7e014298 R15: ffff8880112a38c8
[ 94.146998][ C1] elf_load+0x4c5/0x6f0
[ 94.151149][ C1] load_elf_interp+0x443/0xac0
[ 94.155905][ C1] load_elf_binary+0x190f/0x2590
[ 94.160851][ C1] ? load_elf_binary+0x871/0x2590
[ 94.165989][ C1] ? __pfx_load_elf_binary+0x10/0x10
[ 94.171490][ C1] ? _raw_read_unlock+0x28/0x50
[ 94.176340][ C1] ? load_misc_binary+0x6e5/0xc20
[ 94.181367][ C1] bprm_execve+0xaf8/0x1790
[ 94.186138][ C1] ? __pfx_bprm_execve+0x10/0x10
[ 94.191153][ C1] ? copy_strings+0x439/0x490
[ 94.196089][ C1] do_execveat_common+0x553/0x700
[ 94.201108][ C1] __x64_sys_execve+0x92/0xb0
[ 94.205774][ C1] do_syscall_64+0xfb/0x240
[ 94.210273][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 94.216162][ C1] RIP: 0033:0x7f780b33bef7
[ 94.220588][ C1] Code: Unable to access opcode bytes at 0x7f780b33becd.
[ 94.227678][ C1] RSP: 002b:00007f780b1e5e78 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 94.236169][ C1] RAX: ffffffffffffffda RBX: 00007ffd4893afa0 RCX: 00007f780b33bef7
[ 94.244129][ C1] RDX: 000055fe2564d5c0 RSI: 00007ffd4893b490 RDI: 000055fe1f629df6
[ 94.252107][ C1] RBP: 00007f780b1e5ff0 R08: 0000000000000000 R09: 0000000000000000
[ 94.260099][ C1] R10: 0000000000000008 R11: 0000000000000246 R12: 00007ffd4893b2b8
[ 94.268070][ C1] R13: 00007f780b1e5f28 R14: 0000000000000000 R15: 0000000000000041
[ 94.276046][ C1]
[ 94.279458][ C1] Kernel Offset: disabled
[ 94.283793][ C1] Rebooting in 86400 seconds..