Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts.
2023/12/06 18:09:22 ignoring optional flag "sandboxArg"="0"
2023/12/06 18:09:23 parsed 1 programs
[   76.013499][   T23] cfg80211: failed to load regulatory.db
2023/12/06 18:09:24 executed programs: 0
[   76.197744][ T5411] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.248536][ T5067] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.256146][ T5067] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.263943][ T5067] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.271925][ T5067] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.279756][ T5067] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   76.287017][ T5067] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.393828][ T5418] chnl_net:caif_netlink_parms(): no params data found
[   76.445138][ T5418] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.452336][ T5418] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.460072][ T5418] bridge_slave_0: entered allmulticast mode
[   76.466691][ T5418] bridge_slave_0: entered promiscuous mode
[   76.475359][ T5418] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.482512][ T5418] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.489663][ T5418] bridge_slave_1: entered allmulticast mode
[   76.496293][ T5418] bridge_slave_1: entered promiscuous mode
[   76.520045][ T5418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.531324][ T5418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.558206][ T5418] team0: Port device team_slave_0 added
[   76.565789][ T5418] team0: Port device team_slave_1 added
[   76.588487][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.595702][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.622222][ T5418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.634579][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.641551][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.667498][ T5418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.702623][ T5418] hsr_slave_0: entered promiscuous mode
[   76.709111][ T5418] hsr_slave_1: entered promiscuous mode
[   77.643008][ T5418] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   77.654704][ T5418] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   77.666186][ T5418] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   77.677569][ T5418] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   77.777289][ T5418] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.802474][ T5418] 8021q: adding VLAN 0 to HW filter on device team0
[   77.817760][   T23] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.824917][   T23] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.842906][   T23] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.850106][   T23] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.047386][ T5418] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.097301][ T5418] veth0_vlan: entered promiscuous mode
[   78.113157][ T5418] veth1_vlan: entered promiscuous mode
[   78.150030][ T5418] veth0_macvtap: entered promiscuous mode
[   78.161074][ T5418] veth1_macvtap: entered promiscuous mode
[   78.185653][ T5418] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.203849][ T5418] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.216981][ T5418] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.226862][ T5418] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.239157][ T5418] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.248833][ T5418] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.329977][ T5067] Bluetooth: hci0: command 0x0409 tx timeout
[   78.332313][ T2792] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.357420][ T2792] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.392518][ T2792] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.401684][ T2792] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.466334][ T5498] loop0: detected capacity change from 0 to 512
[   78.476877][ T5498] EXT4-fs: Ignoring removed bh option
[   78.485624][ T5498] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   78.512201][ T5498] EXT4-fs (loop0): 1 truncate cleaned up
[   78.518374][ T5498] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.576942][ T5498] ==================================================================
[   78.585031][ T5498] BUG: KASAN: use-after-free in ext4_search_dir+0x1b7/0x1d0
[   78.592339][ T5498] Read of size 1 at addr ffff8880644753ed by task syz-executor.0/5498
[   78.600493][ T5498] 
[   78.602816][ T5498] CPU: 0 PID: 5498 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
[   78.613138][ T5498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   78.623222][ T5498] Call Trace:
[   78.626505][ T5498]  <TASK>
[   78.629428][ T5498]  dump_stack_lvl+0xd9/0x1b0
[   78.634039][ T5498]  print_report+0xc4/0x620
[   78.638470][ T5498]  ? __virt_addr_valid+0x5e/0x2d0
[   78.643515][ T5498]  ? __phys_addr+0xc6/0x140
[   78.648030][ T5498]  kasan_report+0xda/0x110
[   78.652457][ T5498]  ? ext4_search_dir+0x1b7/0x1d0
[   78.657406][ T5498]  ? ext4_search_dir+0x1b7/0x1d0
[   78.662357][ T5498]  ext4_search_dir+0x1b7/0x1d0
[   78.667133][ T5498]  ext4_find_inline_entry+0x28e/0x440
[   78.672513][ T5498]  ? ext4_try_create_inline_dir+0x2f0/0x2f0
[   78.678434][ T5498]  __ext4_find_entry+0x85e/0x1050
[   78.683497][ T5498]  ? ext4_fname_setup_ci_filename+0x2b7/0x490
[   78.689591][ T5498]  ? ext4_dx_find_entry+0x5a0/0x5a0
[   78.694808][ T5498]  ? ext4_fname_prepare_lookup+0x17e/0x350
[   78.700635][ T5498]  ext4_lookup+0x543/0x740
[   78.705103][ T5498]  ? make_vfsuid+0x108/0x160
[   78.709784][ T5498]  ? ext4_resetent+0x260/0x260
[   78.714641][ T5498]  ? tomoyo_path_mknod+0x132/0x180
[   78.719825][ T5498]  ? make_vfsgid+0x108/0x160
[   78.724431][ T5498]  ? inode_permission+0xdd/0x5e0
[   78.729384][ T5498]  ? bpf_lsm_inode_create+0x9/0x10
[   78.734504][ T5498]  ? ext4_resetent+0x260/0x260
[   78.739294][ T5498]  lookup_open.isra.0+0x926/0x13b0
[   78.744429][ T5498]  ? try_lookup_one_len+0x1a0/0x1a0
[   78.749639][ T5498]  ? lock_sync+0x190/0x190
[   78.754072][ T5498]  ? preempt_count_sub+0x160/0x160
[   78.759287][ T5498]  ? mnt_get_write_access+0x20c/0x300
[   78.764666][ T5498]  path_openat+0x922/0x2c50
[   78.769175][ T5498]  ? path_lookupat+0x770/0x770
[   78.773946][ T5498]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[   78.779947][ T5498]  do_filp_open+0x1de/0x430
[   78.784466][ T5498]  ? may_open_dev+0xf0/0xf0
[   78.788979][ T5498]  ? find_held_lock+0x2d/0x110
[   78.793755][ T5498]  ? _raw_spin_unlock+0x28/0x40
[   78.798600][ T5498]  ? alloc_fd+0x2da/0x6c0
[   78.802922][ T5498]  do_sys_openat2+0x176/0x1e0
[   78.807593][ T5498]  ? build_open_flags+0x690/0x690
[   78.812613][ T5498]  ? xfd_validate_state+0x5d/0x180
[   78.817734][ T5498]  __x64_sys_open+0x154/0x1e0
[   78.822407][ T5498]  ? do_sys_open+0x160/0x160
[   78.826989][ T5498]  ? syscall_enter_from_user_mode+0x7f/0x120
[   78.832963][ T5498]  ? lockdep_hardirqs_on+0x7d/0x110
[   78.838176][ T5498]  do_syscall_64+0x40/0x110
[   78.842684][ T5498]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   78.848574][ T5498] RIP: 0033:0x7f6bec07cb29
[   78.852976][ T5498] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   78.872702][ T5498] RSP: 002b:00007f6beb3fe0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   78.881102][ T5498] RAX: ffffffffffffffda RBX: 00007f6bec19bf80 RCX: 00007f6bec07cb29
[   78.889064][ T5498] RDX: 0000000000000000 RSI: 0000000000141042 RDI: 0000000020000100
[   78.897022][ T5498] RBP: 00007f6bec0c847a R08: 0000000000000000 R09: 0000000000000000
[   78.904979][ T5498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.912938][ T5498] R13: 000000000000000b R14: 00007f6bec19bf80 R15: 00007ffe0e8bc748
[   78.920905][ T5498]  </TASK>
[   78.923910][ T5498] 
[   78.926218][ T5498] The buggy address belongs to the physical page:
[   78.932624][ T5498] page:ffffea0001911d40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x64475
[   78.942777][ T5498] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   78.949870][ T5498] page_type: 0xffffffff()
[   78.954184][ T5498] raw: 00fff00000000000 ffffea0001911d88 ffffea0001911d08 0000000000000000
[   78.962755][ T5498] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   78.971316][ T5498] page dumped because: kasan: bad access detected
[   78.977709][ T5498] page_owner tracks the page as freed
[   78.983055][ T5498] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5487, tgid 5487 (sed), ts 78211384685, free_ts 78216270749
[   79.001008][ T5498]  post_alloc_hook+0x2d0/0x350
[   79.005881][ T5498]  get_page_from_freelist+0xa25/0x36d0
[   79.011332][ T5498]  __alloc_pages+0x22e/0x2420
[   79.015998][ T5498]  alloc_pages_mpol+0x258/0x5f0
[   79.020841][ T5498]  vma_alloc_folio+0xad/0x220
[   79.025507][ T5498]  __handle_mm_fault+0xe07/0x3d70
[   79.030523][ T5498]  handle_mm_fault+0x47a/0xa10
[   79.035315][ T5498]  do_user_addr_fault+0x30b/0x1000
[   79.040431][ T5498]  exc_page_fault+0x5d/0xc0
[   79.044929][ T5498]  asm_exc_page_fault+0x26/0x30
[   79.049767][ T5498] page last free stack trace:
[   79.054438][ T5498]  free_unref_page_prepare+0x4fa/0xaa0
[   79.059890][ T5498]  free_unref_page_list+0xe6/0xb40
[   79.064989][ T5498]  release_pages+0x32a/0x14f0
[   79.069655][ T5498]  tlb_batch_pages_flush+0x9a/0x190
[   79.074932][ T5498]  tlb_finish_mmu+0x14b/0x6f0
[   79.079601][ T5498]  exit_mmap+0x38b/0xa70
[   79.083832][ T5498]  __mmput+0x12a/0x4d0
[   79.087888][ T5498]  mmput+0x62/0x70
[   79.091595][ T5498]  do_exit+0x9ad/0x2ae0
[   79.095733][ T5498]  do_group_exit+0xd4/0x2a0
[   79.100225][ T5498]  __x64_sys_exit_group+0x3e/0x50
[   79.105241][ T5498]  do_syscall_64+0x40/0x110
[   79.109739][ T5498]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   79.115628][ T5498] 
[   79.117937][ T5498] Memory state around the buggy address:
[   79.123559][ T5498]  ffff888064475280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   79.131612][ T5498]  ffff888064475300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   79.139657][ T5498] >ffff888064475380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   79.147697][ T5498]                                                           ^
[   79.155130][ T5498]  ffff888064475400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   79.163176][ T5498]  ffff888064475480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   79.171216][ T5498] ==================================================================
[   79.188608][ T5498] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   79.195820][ T5498] CPU: 1 PID: 5498 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
[   79.206151][ T5498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   79.216208][ T5498] Call Trace:
[   79.219567][ T5498]  <TASK>
[   79.222487][ T5498]  dump_stack_lvl+0xd9/0x1b0
[   79.227071][ T5498]  panic+0x6dc/0x790
[   79.230961][ T5498]  ? panic_smp_self_stop+0xa0/0xa0
[   79.236064][ T5498]  ? preempt_schedule_thunk+0x1a/0x30
[   79.241433][ T5498]  ? preempt_schedule_common+0x45/0xc0
[   79.246885][ T5498]  ? check_panic_on_warn+0x1f/0xb0
[   79.251989][ T5498]  check_panic_on_warn+0xab/0xb0
[   79.256924][ T5498]  end_report+0x108/0x150
[   79.261245][ T5498]  kasan_report+0xea/0x110
[   79.265654][ T5498]  ? ext4_search_dir+0x1b7/0x1d0
[   79.270595][ T5498]  ? ext4_search_dir+0x1b7/0x1d0
[   79.275533][ T5498]  ext4_search_dir+0x1b7/0x1d0
[   79.280298][ T5498]  ext4_find_inline_entry+0x28e/0x440
[   79.285657][ T5498]  ? ext4_try_create_inline_dir+0x2f0/0x2f0
[   79.291538][ T5498]  __ext4_find_entry+0x85e/0x1050
[   79.296557][ T5498]  ? ext4_fname_setup_ci_filename+0x2b7/0x490
[   79.302620][ T5498]  ? ext4_dx_find_entry+0x5a0/0x5a0
[   79.307814][ T5498]  ? ext4_fname_prepare_lookup+0x17e/0x350
[   79.313616][ T5498]  ext4_lookup+0x543/0x740
[   79.318025][ T5498]  ? make_vfsuid+0x108/0x160
[   79.322599][ T5498]  ? ext4_resetent+0x260/0x260
[   79.327357][ T5498]  ? tomoyo_path_mknod+0x132/0x180
[   79.332461][ T5498]  ? make_vfsgid+0x108/0x160
[   79.337040][ T5498]  ? inode_permission+0xdd/0x5e0
[   79.342057][ T5498]  ? bpf_lsm_inode_create+0x9/0x10
[   79.347188][ T5498]  ? ext4_resetent+0x260/0x260
[   79.351958][ T5498]  lookup_open.isra.0+0x926/0x13b0
[   79.357061][ T5498]  ? try_lookup_one_len+0x1a0/0x1a0
[   79.362256][ T5498]  ? lock_sync+0x190/0x190
[   79.366670][ T5498]  ? preempt_count_sub+0x160/0x160
[   79.371768][ T5498]  ? mnt_get_write_access+0x20c/0x300
[   79.377132][ T5498]  path_openat+0x922/0x2c50
[   79.381631][ T5498]  ? path_lookupat+0x770/0x770
[   79.386387][ T5498]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[   79.392378][ T5498]  do_filp_open+0x1de/0x430
[   79.396874][ T5498]  ? may_open_dev+0xf0/0xf0
[   79.401372][ T5498]  ? find_held_lock+0x2d/0x110
[   79.406140][ T5498]  ? _raw_spin_unlock+0x28/0x40
[   79.410979][ T5498]  ? alloc_fd+0x2da/0x6c0
[   79.415312][ T5498]  do_sys_openat2+0x176/0x1e0
[   79.419983][ T5498]  ? build_open_flags+0x690/0x690
[   79.425002][ T5498]  ? xfd_validate_state+0x5d/0x180
[   79.430109][ T5498]  __x64_sys_open+0x154/0x1e0
[   79.434799][ T5498]  ? do_sys_open+0x160/0x160
[   79.439383][ T5498]  ? syscall_enter_from_user_mode+0x7f/0x120
[   79.445356][ T5498]  ? lockdep_hardirqs_on+0x7d/0x110
[   79.450548][ T5498]  do_syscall_64+0x40/0x110
[   79.455039][ T5498]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   79.460949][ T5498] RIP: 0033:0x7f6bec07cb29
[   79.465351][ T5498] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   79.485134][ T5498] RSP: 002b:00007f6beb3fe0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   79.493532][ T5498] RAX: ffffffffffffffda RBX: 00007f6bec19bf80 RCX: 00007f6bec07cb29
[   79.501494][ T5498] RDX: 0000000000000000 RSI: 0000000000141042 RDI: 0000000020000100
[   79.509537][ T5498] RBP: 00007f6bec0c847a R08: 0000000000000000 R09: 0000000000000000
[   79.517498][ T5498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   79.525452][ T5498] R13: 000000000000000b R14: 00007f6bec19bf80 R15: 00007ffe0e8bc748
[   79.533415][ T5498]  </TASK>
[   79.536645][ T5498] Kernel Offset: disabled
[   79.540953][ T5498] Rebooting in 86400 seconds..