Warning: Permanently added '10.128.1.8' (ED25519) to the list of known hosts.
2023/12/06 17:56:13 ignoring optional flag "sandboxArg"="0"
2023/12/06 17:56:13 parsed 1 programs
2023/12/06 17:56:13 executed programs: 0
[ 78.750644][ T5059] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 78.758777][ T5059] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.767559][ T5059] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.776679][ T5059] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.784500][ T5059] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 78.792394][ T5059] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.914110][ T5408] chnl_net:caif_netlink_parms(): no params data found
[ 78.969222][ T5408] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.976596][ T5408] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.984508][ T5408] bridge_slave_0: entered allmulticast mode
[ 78.991994][ T5408] bridge_slave_0: entered promiscuous mode
[ 78.999704][ T5408] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.007317][ T5408] bridge0: port 2(bridge_slave_1) entered disabled state
[ 79.014939][ T5408] bridge_slave_1: entered allmulticast mode
[ 79.022839][ T5408] bridge_slave_1: entered promiscuous mode
[ 79.047652][ T5408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 79.059096][ T5408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 79.090509][ T5408] team0: Port device team_slave_0 added
[ 79.100245][ T5408] team0: Port device team_slave_1 added
[ 79.123725][ T5408] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 79.131242][ T5408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.158388][ T5408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 79.171245][ T5408] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 79.178764][ T5408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.205291][ T5408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 79.243468][ T5408] hsr_slave_0: entered promiscuous mode
[ 79.249713][ T5408] hsr_slave_1: entered promiscuous mode
[ 80.001092][ T5408] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 80.013748][ T5408] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 80.024943][ T5408] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 80.038866][ T5408] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 80.145084][ T5408] 8021q: adding VLAN 0 to HW filter on device bond0
[ 80.173203][ T5408] 8021q: adding VLAN 0 to HW filter on device team0
[ 80.188352][ T27] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.195680][ T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 80.225272][ T27] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.232709][ T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 80.461946][ T5408] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 80.526835][ T5408] veth0_vlan: entered promiscuous mode
[ 80.543650][ T5408] veth1_vlan: entered promiscuous mode
[ 80.587782][ T5408] veth0_macvtap: entered promiscuous mode
[ 80.599706][ T5408] veth1_macvtap: entered promiscuous mode
[ 80.628488][ T5408] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.648268][ T5408] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.665406][ T5408] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.676869][ T5408] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.686506][ T5408] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.699275][ T5408] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.791352][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.800104][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.830840][ T5059] Bluetooth: hci0: command 0x0409 tx timeout
[ 80.847208][ T2468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.856606][ T2468] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.943380][ T5473] loop0: detected capacity change from 0 to 512
[ 80.952652][ T5473] EXT4-fs: Ignoring removed bh option
[ 80.967264][ T5473] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[ 81.005086][ T5473] EXT4-fs (loop0): 1 truncate cleaned up
[ 81.011546][ T5473] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 81.064084][ T5473] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #12: block 7: comm syz-executor.0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4061898738, rec_len=7079, size=56 fake=0
[ 81.142572][ T5408] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 81.215163][ T5487] loop0: detected capacity change from 0 to 512
[ 81.223439][ T5487] EXT4-fs: Ignoring removed bh option
[ 81.229868][ T5487] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[ 81.265495][ T5487] EXT4-fs (loop0): 1 truncate cleaned up
[ 81.271802][ T5487] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 81.326027][ T5487] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #12: block 7: comm syz-executor.0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4061898738, rec_len=7079, size=56 fake=0
[ 81.403617][ T5408] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 81.482031][ T5496] loop0: detected capacity change from 0 to 512
[ 81.491250][ T5496] EXT4-fs: Ignoring removed bh option
[ 81.501060][ T5496] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[ 81.525931][ T5496] EXT4-fs (loop0): 1 truncate cleaned up
[ 81.532984][ T5496] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 81.581178][ T5496] ==================================================================
[ 81.589462][ T5496] BUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1b0
[ 81.596950][ T5496] Read of size 1 at addr ffff888076eba3ed by task syz-executor.0/5496
[ 81.605209][ T5496]
[ 81.607581][ T5496] CPU: 0 PID: 5496 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
[ 81.617945][ T5496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 81.628031][ T5496] Call Trace:
[ 81.631412][ T5496]
[ 81.634401][ T5496] dump_stack_lvl+0x1e7/0x2d0
[ 81.639907][ T5496] ? nf_tcp_handle_invalid+0x650/0x650
[ 81.646014][ T5496] ? panic+0x850/0x850
[ 81.650194][ T5496] ? _printk+0xd5/0x120
[ 81.654467][ T5496] print_report+0x163/0x540
[ 81.659006][ T5496] ? __virt_addr_valid+0x22f/0x2e0
[ 81.664325][ T5496] ? __phys_addr+0xba/0x170
[ 81.668870][ T5496] ? ext4_search_dir+0xf2/0x1b0
[ 81.673852][ T5496] kasan_report+0x142/0x170
[ 81.678391][ T5496] ? ext4_search_dir+0xf2/0x1b0
[ 81.683276][ T5496] ext4_search_dir+0xf2/0x1b0
[ 81.687990][ T5496] ext4_find_inline_entry+0x4ba/0x5e0
[ 81.693413][ T5496] ? ext4_try_create_inline_dir+0x320/0x320
[ 81.699445][ T5496] ? tomoyo_path_number_perm+0x71a/0x870
[ 81.705225][ T5496] __ext4_find_entry+0x2b4/0x1b30
[ 81.710286][ T5496] ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 81.715792][ T5496] ? ext4_ci_compare+0x660/0x660
[ 81.720764][ T5496] ? ext4_fname_prepare_lookup+0x3b9/0x4e0
[ 81.726692][ T5496] ? smk_tskacc+0x2ff/0x360
[ 81.731230][ T5496] ext4_lookup+0x17a/0x750
[ 81.735680][ T5496] ? smack_inode_rename+0x310/0x310
[ 81.740920][ T5496] ? ext4_add_entry+0x1000/0x1000
[ 81.745981][ T5496] ? generic_permission+0x1df/0x550
[ 81.751312][ T5496] ? bpf_lsm_inode_create+0x9/0x10
[ 81.756721][ T5496] ? security_inode_create+0xb8/0x100
[ 81.762133][ T5496] ? ext4_add_entry+0x1000/0x1000
[ 81.767262][ T5496] path_openat+0x1010/0x3290
[ 81.771989][ T5496] ? do_filp_open+0x490/0x490
[ 81.776767][ T5496] do_filp_open+0x234/0x490
[ 81.781309][ T5496] ? vfs_tmpfile+0x500/0x500
[ 81.785939][ T5496] ? _raw_spin_unlock+0x28/0x40
[ 81.790824][ T5496] ? alloc_fd+0x59c/0x640
[ 81.795198][ T5496] do_sys_openat2+0x13e/0x1d0
[ 81.799914][ T5496] ? do_sys_open+0x230/0x230
[ 81.804627][ T5496] __x64_sys_open+0x225/0x270
[ 81.809520][ T5496] ? do_sys_openat2+0x1d0/0x1d0
[ 81.814498][ T5496] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 81.821638][ T5496] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 81.827827][ T5496] do_syscall_64+0x45/0x110
[ 81.832459][ T5496] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 81.838486][ T5496] RIP: 0033:0x7ffb8867c959
[ 81.843245][ T5496] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 81.863360][ T5496] RSP: 002b:00007ffb8947b0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 81.871812][ T5496] RAX: ffffffffffffffda RBX: 00007ffb8879bf80 RCX: 00007ffb8867c959
[ 81.879828][ T5496] RDX: 0000000000000000 RSI: 0000000000141042 RDI: 0000000020000100
[ 81.887927][ T5496] RBP: 00007ffb886d8c88 R08: 0000000000000000 R09: 0000000000000000
[ 81.895932][ T5496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 81.904021][ T5496] R13: 000000000000000b R14: 00007ffb8879bf80 R15: 00007ffe408b5b78
[ 81.912040][ T5496]
[ 81.915082][ T5496]
[ 81.917420][ T5496] The buggy address belongs to the physical page:
[ 81.923844][ T5496] page:ffffea0001dbae80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x76eba
[ 81.934114][ T5496] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 81.941250][ T5496] page_type: 0xffffffff()
[ 81.945604][ T5496] raw: 00fff00000000000 ffffea0001c488c8 ffffea0001cac948 0000000000000000
[ 81.954304][ T5496] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 81.963166][ T5496] page dumped because: kasan: bad access detected
[ 81.969685][ T5496] page_owner tracks the page as freed
[ 81.975159][ T5496] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5500, tgid 5500 (dhcpcd-run-hook), ts 81532015497, free_ts 81575925016
[ 81.993583][ T5496] post_alloc_hook+0x1e6/0x210
[ 81.998717][ T5496] get_page_from_freelist+0x33ea/0x3570
[ 82.004428][ T5496] __alloc_pages+0x255/0x680
[ 82.009396][ T5496] alloc_pages_mpol+0x3de/0x640
[ 82.014387][ T5496] vma_alloc_folio+0xf3/0x3f0
[ 82.019092][ T5496] do_wp_page+0x125e/0x4d40
[ 82.023799][ T5496] handle_mm_fault+0x1b1c/0x6680
[ 82.028758][ T5496] exc_page_fault+0x456/0x870
[ 82.033464][ T5496] asm_exc_page_fault+0x26/0x30
[ 82.038558][ T5496] page last free stack trace:
[ 82.043399][ T5496] free_unref_page_prepare+0x931/0xa60
[ 82.049044][ T5496] free_unref_page_list+0x5a0/0x840
[ 82.054339][ T5496] release_pages+0x2117/0x2400
[ 82.059270][ T5496] tlb_flush_mmu+0x34c/0x4e0
[ 82.064043][ T5496] tlb_finish_mmu+0xd4/0x1f0
[ 82.068659][ T5496] exit_mmap+0x4d3/0xc60
[ 82.073137][ T5496] __mmput+0x115/0x3c0
[ 82.077244][ T5496] exit_mm+0x21f/0x300
[ 82.081435][ T5496] do_exit+0x9b7/0x2750
[ 82.085620][ T5496] do_group_exit+0x206/0x2c0
[ 82.090328][ T5496] __x64_sys_exit_group+0x3f/0x40
[ 82.095485][ T5496] do_syscall_64+0x45/0x110
[ 82.100104][ T5496] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 82.106210][ T5496]
[ 82.108549][ T5496] Memory state around the buggy address:
[ 82.114288][ T5496] ffff888076eba280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 82.122542][ T5496] ffff888076eba300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 82.132015][ T5496] >ffff888076eba380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 82.140730][ T5496] ^
[ 82.148566][ T5496] ffff888076eba400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 82.156897][ T5496] ffff888076eba480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 82.165989][ T5496] ==================================================================
[ 82.181407][ T780] cfg80211: failed to load regulatory.db
[ 82.189949][ T5496] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 82.197269][ T5496] CPU: 0 PID: 5496 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
[ 82.208733][ T5496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 82.218914][ T5496] Call Trace:
[ 82.222406][ T5496]
[ 82.225381][ T5496] dump_stack_lvl+0x1e7/0x2d0
[ 82.230191][ T5496] ? nf_tcp_handle_invalid+0x650/0x650
[ 82.235887][ T5496] ? panic+0x850/0x850
[ 82.239986][ T5496] ? vscnprintf+0x5d/0x80
[ 82.244447][ T5496] panic+0x349/0x850
[ 82.248375][ T5496] ? check_panic_on_warn+0x21/0xa0
[ 82.253774][ T5496] ? __memcpy_flushcache+0x2b0/0x2b0
[ 82.259411][ T5496] ? _raw_spin_unlock_irqrestore+0x12c/0x140
[ 82.265514][ T5496] ? _raw_spin_unlock+0x40/0x40
[ 82.270481][ T5496] ? print_report+0x4fb/0x540
[ 82.275286][ T5496] check_panic_on_warn+0x82/0xa0
[ 82.280431][ T5496] ? ext4_search_dir+0xf2/0x1b0
[ 82.285571][ T5496] end_report+0x6e/0x140
[ 82.290454][ T5496] kasan_report+0x153/0x170
[ 82.295065][ T5496] ? ext4_search_dir+0xf2/0x1b0
[ 82.300697][ T5496] ext4_search_dir+0xf2/0x1b0
[ 82.305558][ T5496] ext4_find_inline_entry+0x4ba/0x5e0
[ 82.311012][ T5496] ? ext4_try_create_inline_dir+0x320/0x320
[ 82.316902][ T5496] ? tomoyo_path_number_perm+0x71a/0x870
[ 82.322700][ T5496] __ext4_find_entry+0x2b4/0x1b30
[ 82.327897][ T5496] ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 82.333365][ T5496] ? ext4_ci_compare+0x660/0x660
[ 82.338297][ T5496] ? ext4_fname_prepare_lookup+0x3b9/0x4e0
[ 82.344288][ T5496] ? smk_tskacc+0x2ff/0x360
[ 82.348785][ T5496] ext4_lookup+0x17a/0x750
[ 82.353563][ T5496] ? smack_inode_rename+0x310/0x310
[ 82.358776][ T5496] ? ext4_add_entry+0x1000/0x1000
[ 82.363918][ T5496] ? generic_permission+0x1df/0x550
[ 82.369292][ T5496] ? bpf_lsm_inode_create+0x9/0x10
[ 82.374412][ T5496] ? security_inode_create+0xb8/0x100
[ 82.379959][ T5496] ? ext4_add_entry+0x1000/0x1000
[ 82.385420][ T5496] path_openat+0x1010/0x3290
[ 82.390290][ T5496] ? do_filp_open+0x490/0x490
[ 82.394975][ T5496] do_filp_open+0x234/0x490
[ 82.399586][ T5496] ? vfs_tmpfile+0x500/0x500
[ 82.404336][ T5496] ? _raw_spin_unlock+0x28/0x40
[ 82.409295][ T5496] ? alloc_fd+0x59c/0x640
[ 82.413637][ T5496] do_sys_openat2+0x13e/0x1d0
[ 82.418318][ T5496] ? do_sys_open+0x230/0x230
[ 82.422998][ T5496] __x64_sys_open+0x225/0x270
[ 82.427681][ T5496] ? do_sys_openat2+0x1d0/0x1d0
[ 82.432525][ T5496] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 82.438669][ T5496] ? syscall_enter_from_user_mode+0xa4/0x2d0
[ 82.444650][ T5496] do_syscall_64+0x45/0x110
[ 82.449146][ T5496] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 82.455477][ T5496] RIP: 0033:0x7ffb8867c959
[ 82.459896][ T5496] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 82.480358][ T5496] RSP: 002b:00007ffb8947b0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 82.489062][ T5496] RAX: ffffffffffffffda RBX: 00007ffb8879bf80 RCX: 00007ffb8867c959
[ 82.497560][ T5496] RDX: 0000000000000000 RSI: 0000000000141042 RDI: 0000000020000100
[ 82.505797][ T5496] RBP: 00007ffb886d8c88 R08: 0000000000000000 R09: 0000000000000000
[ 82.513756][ T5496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 82.521720][ T5496] R13: 000000000000000b R14: 00007ffb8879bf80 R15: 00007ffe408b5b78
[ 82.529809][ T5496]
[ 82.533119][ T5496] Kernel Offset: disabled
[ 82.537710][ T5496] Rebooting in 86400 seconds..