Warning: Permanently added '10.128.0.253' (ED25519) to the list of known hosts. 2023/12/17 06:26:16 ignoring optional flag "sandboxArg"="0" 2023/12/17 06:26:16 parsed 1 programs 2023/12/17 06:26:17 executed programs: 0 [ 47.737431][ T1968] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 47.763446][ T1300] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 47.770730][ T1300] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 47.778440][ T1300] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 47.786220][ T1300] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 47.793925][ T1300] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 47.801520][ T1300] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 47.919156][ T1973] chnl_net:caif_netlink_parms(): no params data found [ 48.884111][ T1973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.518240][ T1973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.869078][ T1300] Bluetooth: hci0: command 0x0409 tx timeout [ 50.692143][ T2374] "syz-executor.0" (2374) uses obsolete ecb(arc4) skcipher [ 50.700855][ T2374] ================================================================== [ 50.709005][ T2374] BUG: KASAN: slab-out-of-bounds in arc4_crypt+0x2a1/0x4e0 [ 50.716290][ T2374] Read of size 4 at addr ffff88817a8a6ee0 by task syz-executor.0/2374 [ 50.724499][ T2374] [ 50.726799][ T2374] CPU: 1 PID: 2374 Comm: syz-executor.0 Not tainted 6.7.0-rc1-syzkaller #0 [ 50.735445][ T2374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 50.745782][ T2374] Call Trace: [ 50.749054][ T2374] [ 50.751977][ T2374] dump_stack_lvl+0x3d/0x60 [ 50.756589][ T2374] print_report+0xc4/0x620 [ 50.761109][ T2374] kasan_report+0xda/0x110 [ 50.765502][ T2374] ? arc4_crypt+0x2a1/0x4e0 [ 50.770015][ T2374] ? arc4_crypt+0x2a1/0x4e0 [ 50.775133][ T2374] arc4_crypt+0x2a1/0x4e0 [ 50.779470][ T2374] ? cast6_setkey+0x10/0x10 [ 50.784037][ T2374] crypto_arc4_crypt+0x3e/0x50 [ 50.788774][ T2374] crypto_lskcipher_crypt_sg+0x214/0x400 [ 50.794466][ T2374] ? crypto_lskcipher_decrypt+0x150/0x150 [ 50.800513][ T2374] skcipher_recvmsg+0x932/0xcd0 [ 50.805343][ T2374] ? skcipher_bind+0x10/0x10 [ 50.809914][ T2374] ? skcipher_bind+0x10/0x10 [ 50.814490][ T2374] sock_recvmsg+0xcd/0x160 [ 50.819061][ T2374] ____sys_recvmsg+0x1b6/0x5d0 [ 50.823807][ T2374] ? kernel_recvmsg+0x80/0x80 [ 50.828471][ T2374] ? sched_ttwu_pending+0x3e0/0x3e0 [ 50.833649][ T2374] ? reacquire_held_locks+0x380/0x380 [ 50.839009][ T2374] ? find_held_lock+0x2d/0x110 [ 50.843921][ T2374] ___sys_recvmsg+0xe3/0x150 [ 50.848597][ T2374] ? copy_msghdr_from_user+0x120/0x120 [ 50.854026][ T2374] ? __fget_light+0x1e1/0x410 [ 50.858676][ T2374] ? reacquire_held_locks+0x380/0x380 [ 50.864036][ T2374] ? __fget_light+0x1e6/0x410 [ 50.868715][ T2374] __sys_recvmsg+0xe3/0x180 [ 50.873283][ T2374] ? __sys_recvmsg_sock+0x10/0x10 [ 50.878282][ T2374] ? fpregs_restore_userregs+0x121/0x220 [ 50.883900][ T2374] do_syscall_64+0x40/0x110 [ 50.888412][ T2374] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 50.894351][ T2374] RIP: 0033:0x7fd9b767cba9 [ 50.898746][ T2374] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 50.918421][ T2374] RSP: 002b:00007fd9b83a80c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 50.926814][ T2374] RAX: ffffffffffffffda RBX: 00007fd9b779bf80 RCX: 00007fd9b767cba9 [ 50.934856][ T2374] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000004 [ 50.942981][ T2374] RBP: 00007fd9b76c847a R08: 0000000000000000 R09: 0000000000000000 [ 50.950929][ T2374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 50.959226][ T2374] R13: 0000000000000006 R14: 00007fd9b779bf80 R15: 00007fff914525e8 [ 50.967534][ T2374] [ 50.970639][ T2374] [ 50.973038][ T2374] Allocated by task 78: [ 50.977189][ T2374] kasan_save_stack+0x33/0x50 [ 50.981934][ T2374] kasan_set_track+0x25/0x30 [ 50.986496][ T2374] __kasan_kmalloc+0xa2/0xb0 [ 50.991056][ T2374] __kmalloc+0x60/0x160 [ 50.995181][ T2374] acpi_ns_get_normalized_pathname+0x45/0x90 [ 51.001149][ T2374] acpi_ns_evaluate+0x1ab/0xbb0 [ 51.006263][ T2374] acpi_evaluate_object+0x311/0x8d0 [ 51.011438][ T2374] acpi_evaluate_integer+0xc8/0x1b0 [ 51.016628][ T2374] acpi_bus_get_status+0x154/0x2b0 [ 51.021715][ T2374] acpi_bus_attach+0xc4/0xa10 [ 51.026368][ T2374] device_for_each_child+0xe9/0x150 [ 51.031536][ T2374] acpi_dev_for_each_child+0x76/0xa0 [ 51.036819][ T2374] acpi_bus_attach+0x762/0xa10 [ 51.041573][ T2374] device_for_each_child+0xe9/0x150 [ 51.046743][ T2374] acpi_dev_for_each_child+0x76/0xa0 [ 51.052006][ T2374] acpi_bus_attach+0x762/0xa10 [ 51.056737][ T2374] device_for_each_child+0xe9/0x150 [ 51.062014][ T2374] acpi_dev_for_each_child+0x76/0xa0 [ 51.067366][ T2374] acpi_bus_attach+0x762/0xa10 [ 51.072105][ T2374] device_for_each_child+0xe9/0x150 [ 51.077275][ T2374] acpi_dev_for_each_child+0x76/0xa0 [ 51.082620][ T2374] acpi_bus_attach+0x762/0xa10 [ 51.087353][ T2374] acpi_bus_scan+0xad/0x400 [ 51.091825][ T2374] acpi_scan_init+0x1ea/0x630 [ 51.096472][ T2374] acpi_init+0x37b/0x870 [ 51.100681][ T2374] do_one_initcall+0xcf/0x3c0 [ 51.105442][ T2374] kernel_init_freeable+0x509/0x850 [ 51.110689][ T2374] kernel_init+0x1a/0x1c0 [ 51.115033][ T2374] ret_from_fork+0x2c/0x70 [ 51.119441][ T2374] ret_from_fork_asm+0x11/0x20 [ 51.124190][ T2374] [ 51.126499][ T2374] Last potentially related work creation: [ 51.132361][ T2374] kasan_save_stack+0x33/0x50 [ 51.137100][ T2374] kasan_set_track+0x25/0x30 [ 51.141659][ T2374] kasan_save_free_info+0x2b/0x40 [ 51.146912][ T2374] ____kasan_slab_free+0x15b/0x1b0 [ 51.152011][ T2374] slab_free_freelist_hook+0x114/0x1e0 [ 51.157444][ T2374] kmem_cache_free+0xe9/0x450 [ 51.162096][ T2374] kernfs_put+0x1f4/0x330 [ 51.166479][ T2374] kernfs_remove_by_name_ns+0xe3/0x130 [ 51.171994][ T2374] bus_remove_driver+0xe3/0x290 [ 51.176836][ T2374] pci_unregister_driver+0x25/0x260 [ 51.182042][ T2374] agp_amd64_init+0xdc/0x130 [ 51.186632][ T2374] do_one_initcall+0xcf/0x3c0 [ 51.191280][ T2374] kernel_init_freeable+0x509/0x850 [ 51.196550][ T2374] kernel_init+0x1a/0x1c0 [ 51.200855][ T2374] ret_from_fork+0x2c/0x70 [ 51.205243][ T2374] ret_from_fork_asm+0x11/0x20 [ 51.209976][ T2374] [ 51.212272][ T2374] Second to last potentially related work creation: [ 51.218836][ T2374] kasan_save_stack+0x33/0x50 [ 51.223505][ T2374] kasan_set_track+0x25/0x30 [ 51.228071][ T2374] kasan_save_free_info+0x2b/0x40 [ 51.233693][ T2374] ____kasan_slab_free+0x15b/0x1b0 [ 51.238954][ T2374] slab_free_freelist_hook+0x114/0x1e0 [ 51.244398][ T2374] kmem_cache_free+0xe9/0x450 [ 51.249131][ T2374] acpi_os_release_object+0x9/0x10 [ 51.254215][ T2374] acpi_ps_delete_parse_tree+0x72/0xb0 [ 51.259822][ T2374] acpi_ps_complete_this_op+0x5a0/0x9d0 [ 51.265336][ T2374] acpi_ps_complete_op+0x8e/0xa60 [ 51.270336][ T2374] acpi_ps_parse_loop+0x44a/0x1b10 [ 51.275427][ T2374] acpi_ps_parse_aml+0x195/0xa00 [ 51.280421][ T2374] acpi_ps_execute_method+0x4b9/0xa10 [ 51.285955][ T2374] acpi_ns_evaluate+0x670/0xbb0 [ 51.290870][ T2374] acpi_ut_evaluate_object+0xbc/0x410 [ 51.296219][ T2374] acpi_rs_get_method_data+0x72/0xd0 [ 51.301581][ T2374] acpi_walk_resources+0xf7/0x170 [ 51.306686][ T2374] acpi_pci_link_get_current+0x18d/0x360 [ 51.312309][ T2374] acpi_pci_link_set+0x4f7/0x980 [ 51.317218][ T2374] acpi_pci_link_allocate_irq+0x259/0xa90 [ 51.322937][ T2374] acpi_pci_irq_enable+0x213/0x5f0 [ 51.328031][ T2374] do_pci_enable_device+0x178/0x290 [ 51.333205][ T2374] pci_enable_device_flags+0x1bc/0x2a0 [ 51.338645][ T2374] virtio_pci_probe+0x177/0x2d0 [ 51.343482][ T2374] local_pci_probe+0xcf/0x170 [ 51.348216][ T2374] pci_device_probe+0x22c/0x690 [ 51.353226][ T2374] really_probe+0x1bf/0xb20 [ 51.357727][ T2374] __driver_probe_device+0x187/0x440 [ 51.362987][ T2374] driver_probe_device+0x45/0x110 [ 51.367987][ T2374] __driver_attach+0x1d1/0x490 [ 51.372769][ T2374] bus_for_each_dev+0x101/0x180 [ 51.377600][ T2374] bus_add_driver+0x298/0x570 [ 51.382262][ T2374] driver_register+0x12f/0x450 [ 51.387175][ T2374] do_one_initcall+0xcf/0x3c0 [ 51.391920][ T2374] kernel_init_freeable+0x509/0x850 [ 51.397202][ T2374] kernel_init+0x1a/0x1c0 [ 51.401525][ T2374] ret_from_fork+0x2c/0x70 [ 51.405914][ T2374] ret_from_fork_asm+0x11/0x20 [ 51.410674][ T2374] [ 51.412976][ T2374] The buggy address belongs to the object at ffff88817a8a6800 [ 51.412976][ T2374] which belongs to the cache kmalloc-1k of size 1024 [ 51.427000][ T2374] The buggy address is located 1024 bytes to the right of [ 51.427000][ T2374] allocated 736-byte region [ffff88817a8a6800, ffff88817a8a6ae0) [ 51.441721][ T2374] [ 51.444196][ T2374] The buggy address belongs to the physical page: [ 51.450582][ T2374] page:ffffea0005ea2800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x17a8a0 [ 51.460994][ T2374] head:ffffea0005ea2800 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 51.470078][ T2374] anon flags: 0x100000000000840(slab|head|node=0|zone=2) [ 51.477163][ T2374] page_type: 0xffffffff() [ 51.481548][ T2374] raw: 0100000000000840 ffff888100041dc0 0000000000000000 dead000000000001 [ 51.490186][ T2374] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 51.498736][ T2374] page dumped because: kasan: bad access detected [ 51.505132][ T2374] page_owner tracks the page as allocated [ 51.510920][ T2374] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1337, tgid 1337 (start-stop-daem), ts 6218472491, free_ts 5663739182 [ 51.531645][ T2374] post_alloc_hook+0x27f/0x2f0 [ 51.536387][ T2374] get_page_from_freelist+0x653/0x40c0 [ 51.542007][ T2374] __alloc_pages+0x1d0/0x470 [ 51.546566][ T2374] alloc_pages_mpol+0x175/0x4a0 [ 51.551384][ T2374] allocate_slab+0x24b/0x360 [ 51.555956][ T2374] ___slab_alloc+0x8ce/0x10e0 [ 51.560646][ T2374] __slab_alloc.constprop.0+0x4d/0x90 [ 51.565996][ T2374] __kmem_cache_alloc_node+0x150/0x350 [ 51.571435][ T2374] __kmalloc+0x4f/0x160 [ 51.575636][ T2374] tomoyo_init_log+0x11bb/0x1ee0 [ 51.580539][ T2374] tomoyo_supervisor+0x2a7/0xc40 [ 51.585452][ T2374] tomoyo_env_perm+0x16c/0x1d0 [ 51.590199][ T2374] tomoyo_find_next_domain+0xaf6/0x1db0 [ 51.595800][ T2374] tomoyo_bprm_check_security+0x109/0x170 [ 51.601519][ T2374] security_bprm_check+0x4f/0x70 [ 51.606530][ T2374] bprm_execve+0x5e4/0x14d0 [ 51.611000][ T2374] page last free stack trace: [ 51.615728][ T2374] free_unref_page_prepare+0x562/0xbd0 [ 51.621155][ T2374] free_unref_page+0x33/0x350 [ 51.625810][ T2374] free_contig_range+0xa1/0x150 [ 51.630636][ T2374] destroy_args+0x7cb/0xa40 [ 51.635117][ T2374] debug_vm_pgtable+0x19d8/0x2a80 [ 51.640197][ T2374] do_one_initcall+0xcf/0x3c0 [ 51.644843][ T2374] kernel_init_freeable+0x509/0x850 [ 51.650023][ T2374] kernel_init+0x1a/0x1c0 [ 51.654349][ T2374] ret_from_fork+0x2c/0x70 [ 51.658764][ T2374] ret_from_fork_asm+0x11/0x20 [ 51.663780][ T2374] [ 51.666081][ T2374] Memory state around the buggy address: [ 51.671832][ T2374] ffff88817a8a6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.679875][ T2374] ffff88817a8a6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.688052][ T2374] >ffff88817a8a6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.696119][ T2374] ^ [ 51.703376][ T2374] ffff88817a8a6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.711469][ T2374] ffff88817a8a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.719500][ T2374] ================================================================== [ 51.727916][ T2374] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 51.735356][ T2374] Kernel Offset: disabled [ 51.739662][ T2374] Rebooting in 86400 seconds..