Warning: Permanently added '10.128.15.192' (ED25519) to the list of known hosts.
2024/11/19 13:11:16 ignoring optional flag "sandboxArg"="0"
2024/11/19 13:11:16 parsed 1 programs
[   62.111867][ T4245] cgroup: Unknown subsys name 'net'
[   62.249482][ T4245] cgroup: Unknown subsys name 'rlimit'
[   63.528520][ T4245] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   65.033909][ T4263] chnl_net:caif_netlink_parms(): no params data found
[   65.080132][ T4263] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.088024][ T4263] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.096492][ T4263] device bridge_slave_0 entered promiscuous mode
[   65.108228][ T4263] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.115478][ T4263] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.123135][ T4263] device bridge_slave_1 entered promiscuous mode
[   65.142938][ T4263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.156187][ T4263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.178949][ T4263] team0: Port device team_slave_0 added
[   65.186043][ T4263] team0: Port device team_slave_1 added
[   65.203624][ T4263] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.210733][ T4263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.236994][ T4263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.250775][ T4263] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.257993][ T4263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.283971][ T4263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.313147][ T4263] device hsr_slave_0 entered promiscuous mode
[   65.319942][ T4263] device hsr_slave_1 entered promiscuous mode
[   65.432082][ T4263] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.442933][ T4263] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.452031][ T4263] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.461252][ T4263] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.482815][ T4263] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.490096][ T4263] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.497886][ T4263] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.505019][ T4263] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.556440][ T4263] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.570055][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.581122][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.591223][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.599727][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   65.617274][ T4263] 8021q: adding VLAN 0 to HW filter on device team0
[   65.629264][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.638998][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.646217][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.661490][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.669948][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.677170][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.698225][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.708845][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.719572][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.732001][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.743752][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.756775][ T4263] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.863859][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   65.871537][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   65.885311][ T4263] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.905517][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   65.923303][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   65.932235][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   65.940331][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   65.951121][ T4263] device veth0_vlan entered promiscuous mode
[   65.963943][ T4263] device veth1_vlan entered promiscuous mode
[   65.982070][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   65.990388][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   65.999180][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   66.012316][ T4263] device veth0_macvtap entered promiscuous mode
[   66.022378][ T4263] device veth1_macvtap entered promiscuous mode
[   66.039673][ T4263] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.048648][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   66.057807][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   66.069938][ T4263] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.077971][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.092862][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   66.111527][ T4263] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.120714][ T4263] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.130026][ T4263] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.138886][ T4263] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.251710][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.779739][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.795183][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.809225][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.810542][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.825252][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.833674][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   67.560239][ T4313] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.568909][ T4313] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.577564][ T4314] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.586097][ T4314] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.593645][ T4314] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   67.601496][ T4314] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/11/19 13:11:24 executed programs: 0
[   67.924769][ T4314] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.933729][ T4314] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.944883][ T4314] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.953282][ T4314] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.961402][ T4314] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   67.968902][ T4314] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   68.094035][ T4323] chnl_net:caif_netlink_parms(): no params data found
[   68.134109][ T4323] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.141709][ T4323] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.149649][ T4323] device bridge_slave_0 entered promiscuous mode
[   68.157814][ T4323] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.170494][ T4323] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.178400][ T4323] device bridge_slave_1 entered promiscuous mode
[   68.199369][ T4323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.210221][ T4323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.232633][ T4323] team0: Port device team_slave_0 added
[   68.239735][ T4323] team0: Port device team_slave_1 added
[   68.259763][ T4323] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.266865][ T4323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.292901][ T4323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.305147][ T4323] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.312100][ T4323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.338402][ T4323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.366848][ T4323] device hsr_slave_0 entered promiscuous mode
[   68.373753][ T4323] device hsr_slave_1 entered promiscuous mode
[   68.380491][ T4323] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   68.388379][ T4323] Cannot create hsr debugfs directory
[   69.003674][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.005021][ T4314] Bluetooth: hci0: command 0x0409 tx timeout
[   71.285065][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.368586][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[   71.370312][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.375229][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[   72.095102][ T4314] Bluetooth: hci0: command 0x041b tx timeout
[   72.148568][   T11] device hsr_slave_0 left promiscuous mode
[   72.157244][   T11] device hsr_slave_1 left promiscuous mode
[   72.166906][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.174872][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[   72.183353][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   72.192853][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[   72.200752][   T11] device bridge_slave_1 left promiscuous mode
[   72.207829][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.217891][   T11] device bridge_slave_0 left promiscuous mode
[   72.224094][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.243029][   T11] device veth1_macvtap left promiscuous mode
[   72.249522][   T11] device veth0_macvtap left promiscuous mode
[   72.256025][   T11] device veth1_vlan left promiscuous mode
[   72.261973][   T11] device veth0_vlan left promiscuous mode
[   72.523284][   T11] team0 (unregistering): Port device team_slave_1 removed
[   72.550255][   T11] team0 (unregistering): Port device team_slave_0 removed
[   72.576806][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   72.602566][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   72.816127][   T11] bond0 (unregistering): Released all slaves
[   72.892759][ T4323] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.901492][ T4323] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.912574][ T4323] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.921422][ T4323] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.979980][ T4323] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.997898][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   73.008035][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   73.018468][ T4323] 8021q: adding VLAN 0 to HW filter on device team0
[   73.028283][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   73.037676][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   73.047274][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.054404][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.063202][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   73.077305][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   73.095108][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   73.103589][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.110731][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.121490][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   73.137944][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   73.152124][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   73.162465][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   73.171562][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   73.183826][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   73.200187][ T4323] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   73.210691][ T4323] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   73.222756][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   73.231093][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   73.239823][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   73.249587][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   73.258281][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   73.267366][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   73.411822][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   73.421547][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   73.438734][ T4323] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.466421][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   73.475990][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.505667][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   73.513973][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.531750][ T4323] device veth0_vlan entered promiscuous mode
[   73.539108][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.547655][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.560719][ T4323] device veth1_vlan entered promiscuous mode
[   73.592703][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   73.601936][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   73.612344][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   73.630684][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.645270][ T4323] device veth0_macvtap entered promiscuous mode
[   73.653728][ T4323] device veth1_macvtap entered promiscuous mode
[   73.668959][ T4323] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.676985][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   73.686994][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   73.695488][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   73.703977][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   73.717229][ T4323] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.725424][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   73.734041][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   73.745081][ T4323] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.753833][ T4323] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.762968][ T4323] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.773149][ T4323] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.816714][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.829259][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.842752][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   73.854524][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.862532][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.871794][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   73.912207][ T4382] loop0: detected capacity change from 0 to 128
[   73.926419][ T4382] VFS: Found a Xenix FS (block size = 1024) on device loop0
[   73.937730][ T4382] syz.0.15: attempt to access beyond end of device
[   73.937730][ T4382] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128
[   73.953286][ T4382] Buffer I/O error on dev loop0, logical block 3245768, async page read
[   73.964106][ T4382] ==================================================================
[   73.972196][ T4382] BUG: KASAN: use-after-free in sysv_new_inode+0x107e/0x1210
[   73.979568][ T4382] Read of size 2 at addr ffff88806a6cc1ce by task syz.0.15/4382
[   73.987189][ T4382] 
[   73.989512][ T4382] CPU: 0 PID: 4382 Comm: syz.0.15 Not tainted 6.1.118-syzkaller #0
[   73.997390][ T4382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   74.007527][ T4382] Call Trace:
[   74.010801][ T4382]  <TASK>
[   74.013725][ T4382]  dump_stack_lvl+0x1e3/0x2cb
[   74.018405][ T4382]  ? nf_tcp_handle_invalid+0x642/0x642
[   74.023862][ T4382]  ? panic+0x764/0x764
[   74.027932][ T4382]  ? _printk+0xd1/0x111
[   74.032078][ T4382]  ? __virt_addr_valid+0x17f/0x530
[   74.037185][ T4382]  ? __virt_addr_valid+0x17f/0x530
[   74.042288][ T4382]  print_report+0x15f/0x4f0
[   74.046790][ T4382]  ? __virt_addr_valid+0x17f/0x530
[   74.051894][ T4382]  ? __virt_addr_valid+0x17f/0x530
[   74.057000][ T4382]  ? __virt_addr_valid+0x45b/0x530
[   74.062111][ T4382]  ? __phys_addr+0xb6/0x170
[   74.066610][ T4382]  ? sysv_new_inode+0x107e/0x1210
[   74.071633][ T4382]  kasan_report+0x136/0x160
[   74.076128][ T4382]  ? sysv_new_inode+0x107e/0x1210
[   74.081152][ T4382]  sysv_new_inode+0x107e/0x1210
[   74.086008][ T4382]  ? from_kgid+0x1a3/0x730
[   74.090430][ T4382]  ? make_kgid+0x6f0/0x6f0
[   74.094843][ T4382]  ? sysv_free_inode+0x840/0x840
[   74.099789][ T4382]  ? generic_permission+0x27c/0x4f0
[   74.104990][ T4382]  sysv_symlink+0x9b/0x180
[   74.109405][ T4382]  vfs_symlink+0x247/0x3d0
[   74.113824][ T4382]  do_symlinkat+0x21e/0x390
[   74.118323][ T4382]  ? __check_object_size+0x4dd/0xa30
[   74.123606][ T4382]  ? vfs_symlink+0x3d0/0x3d0
[   74.128197][ T4382]  ? getname_flags+0x1f9/0x4f0
[   74.132964][ T4382]  ? lockdep_hardirqs_on+0x94/0x130
[   74.138160][ T4382]  __x64_sys_symlink+0x7a/0x90
[   74.142942][ T4382]  do_syscall_64+0x3b/0xb0
[   74.147346][ T4382]  ? clear_bhb_loop+0x45/0xa0
[   74.152015][ T4382]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   74.157924][ T4382] RIP: 0033:0x7fbf95b7e759
[   74.162339][ T4382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.181938][ T4382] RSP: 002b:00007ffdc2a32868 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[   74.190343][ T4382] RAX: ffffffffffffffda RBX: 00007fbf95d35f80 RCX: 00007fbf95b7e759
[   74.198309][ T4382] RDX: 0000000000000000 RSI: 00000000200059c0 RDI: 00000000200049c0
[   74.206271][ T4382] RBP: 00007fbf95bf175e R08: 0000000000000000 R09: 0000000000000000
[   74.214237][ T4382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.222204][ T4382] R13: 00007fbf95d35f80 R14: 00007fbf95d35f80 R15: 000000000000130d
[   74.230172][ T4382]  </TASK>
[   74.233181][ T4382] 
[   74.235498][ T4382] The buggy address belongs to the physical page:
[   74.241901][ T4382] page:ffffea0001a9b300 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6a6cc
[   74.252042][ T4382] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   74.259147][ T4382] raw: 00fff00000000000 ffffea0001a9b348 ffffea0001a9b2c8 0000000000000000
[   74.267727][ T4382] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   74.276298][ T4382] page dumped because: kasan: bad access detected
[   74.282707][ T4382] page_owner tracks the page as freed
[   74.288058][ T4382] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 4245, tgid 4245 (syz-executor), ts 61634071071, free_ts 64680100848
[   74.306714][ T4382]  post_alloc_hook+0x18d/0x1b0
[   74.311470][ T4382]  get_page_from_freelist+0x3731/0x38d0
[   74.317011][ T4382]  __alloc_pages+0x28d/0x770
[   74.321589][ T4382]  __folio_alloc+0xf/0x30
[   74.325906][ T4382]  vma_alloc_folio+0x486/0x990
[   74.330655][ T4382]  handle_mm_fault+0x2e8e/0x5340
[   74.335579][ T4382]  exc_page_fault+0x26f/0x620
[   74.340244][ T4382]  asm_exc_page_fault+0x22/0x30
[   74.345088][ T4382] page last free stack trace:
[   74.349746][ T4382]  free_unref_page_prepare+0xf63/0x1120
[   74.355288][ T4382]  free_unref_page_list+0x663/0x900
[   74.360471][ T4382]  release_pages+0x2836/0x2b40
[   74.365224][ T4382]  tlb_flush_mmu+0xfc/0x210
[   74.369713][ T4382]  tlb_finish_mmu+0xce/0x1f0
[   74.374295][ T4382]  unmap_region+0x29f/0x2f0
[   74.378783][ T4382]  do_mas_align_munmap+0xec8/0x15f0
[   74.383968][ T4382]  do_mas_munmap+0x246/0x2b0
[   74.388543][ T4382]  __vm_munmap+0x268/0x370
[   74.392950][ T4382]  __x64_sys_munmap+0x5c/0x70
[   74.397622][ T4382]  do_syscall_64+0x3b/0xb0
[   74.402025][ T4382]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   74.407915][ T4382] 
[   74.410225][ T4382] Memory state around the buggy address:
[   74.415839][ T4382]  ffff88806a6cc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.423889][ T4382]  ffff88806a6cc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.431934][ T4382] >ffff88806a6cc180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.439978][ T4382]                                               ^
[   74.446375][ T4382]  ffff88806a6cc200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.454420][ T4382]  ffff88806a6cc280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.462466][ T4382] ==================================================================
[   74.470925][ T4314] Bluetooth: hci0: command 0x040f tx timeout
[   74.499424][ T4382] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   74.506651][ T4382] CPU: 0 PID: 4382 Comm: syz.0.15 Not tainted 6.1.118-syzkaller #0
[   74.514529][ T4382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   74.524578][ T4382] Call Trace:
[   74.527845][ T4382]  <TASK>
[   74.530756][ T4382]  dump_stack_lvl+0x1e3/0x2cb
[   74.535434][ T4382]  ? nf_tcp_handle_invalid+0x642/0x642
[   74.540871][ T4382]  ? panic+0x764/0x764
[   74.544931][ T4382]  ? preempt_schedule_common+0xa6/0xd0
[   74.550392][ T4382]  ? vscnprintf+0x59/0x80
[   74.554703][ T4382]  panic+0x318/0x764
[   74.558600][ T4382]  ? check_panic_on_warn+0x1d/0xa0
[   74.563690][ T4382]  ? memcpy_page_flushcache+0xfc/0xfc
[   74.569047][ T4382]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   74.575009][ T4382]  ? _raw_spin_unlock+0x40/0x40
[   74.579842][ T4382]  ? print_report+0x4a3/0x4f0
[   74.584499][ T4382]  check_panic_on_warn+0x7e/0xa0
[   74.589419][ T4382]  ? sysv_new_inode+0x107e/0x1210
[   74.594436][ T4382]  end_report+0x66/0x110
[   74.598680][ T4382]  kasan_report+0x143/0x160
[   74.603185][ T4382]  ? sysv_new_inode+0x107e/0x1210
[   74.608202][ T4382]  sysv_new_inode+0x107e/0x1210
[   74.613033][ T4382]  ? from_kgid+0x1a3/0x730
[   74.617430][ T4382]  ? make_kgid+0x6f0/0x6f0
[   74.621830][ T4382]  ? sysv_free_inode+0x840/0x840
[   74.626765][ T4382]  ? generic_permission+0x27c/0x4f0
[   74.631946][ T4382]  sysv_symlink+0x9b/0x180
[   74.636347][ T4382]  vfs_symlink+0x247/0x3d0
[   74.640749][ T4382]  do_symlinkat+0x21e/0x390
[   74.645243][ T4382]  ? __check_object_size+0x4dd/0xa30
[   74.650533][ T4382]  ? vfs_symlink+0x3d0/0x3d0
[   74.655111][ T4382]  ? getname_flags+0x1f9/0x4f0
[   74.659880][ T4382]  ? lockdep_hardirqs_on+0x94/0x130
[   74.665060][ T4382]  __x64_sys_symlink+0x7a/0x90
[   74.669810][ T4382]  do_syscall_64+0x3b/0xb0
[   74.674206][ T4382]  ? clear_bhb_loop+0x45/0xa0
[   74.678864][ T4382]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   74.684746][ T4382] RIP: 0033:0x7fbf95b7e759
[   74.689140][ T4382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.709185][ T4382] RSP: 002b:00007ffdc2a32868 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[   74.717580][ T4382] RAX: ffffffffffffffda RBX: 00007fbf95d35f80 RCX: 00007fbf95b7e759
[   74.725531][ T4382] RDX: 0000000000000000 RSI: 00000000200059c0 RDI: 00000000200049c0
[   74.733484][ T4382] RBP: 00007fbf95bf175e R08: 0000000000000000 R09: 0000000000000000
[   74.741435][ T4382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.749396][ T4382] R13: 00007fbf95d35f80 R14: 00007fbf95d35f80 R15: 000000000000130d
[   74.757355][ T4382]  </TASK>
[   74.760631][ T4382] Kernel Offset: disabled
[   74.764953][ T4382] Rebooting in 86400 seconds..