Warning: Permanently added '10.128.1.117' (ED25519) to the list of known hosts.
2025/02/11 12:31:58 ignoring optional flag "sandboxArg"="0"
2025/02/11 12:31:59 parsed 1 programs
[ 72.186976][ T5840] cgroup: Unknown subsys name 'net'
[ 72.295605][ T5840] cgroup: Unknown subsys name 'cpuset'
[ 72.304467][ T5840] cgroup: Unknown subsys name 'rlimit'
[ 73.690474][ T5840] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 76.107463][ T5846] chnl_net:caif_netlink_parms(): no params data found
[ 76.180624][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.188464][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.196191][ T5846] bridge_slave_0: entered allmulticast mode
[ 76.203556][ T5846] bridge_slave_0: entered promiscuous mode
[ 76.212351][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.219596][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.227164][ T5846] bridge_slave_1: entered allmulticast mode
[ 76.234009][ T5846] bridge_slave_1: entered promiscuous mode
[ 76.256945][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.267874][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.294432][ T5846] team0: Port device team_slave_0 added
[ 76.301550][ T5846] team0: Port device team_slave_1 added
[ 76.321364][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.328418][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.354732][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.367424][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.374454][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.401179][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.433046][ T5846] hsr_slave_0: entered promiscuous mode
[ 76.439203][ T5846] hsr_slave_1: entered promiscuous mode
[ 76.530641][ T5846] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 76.541715][ T5846] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 76.551892][ T5846] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 76.561856][ T5846] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 76.586192][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.593562][ T5846] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 76.601549][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.608708][ T5846] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 76.660046][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[ 76.677554][ T52] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.686566][ T52] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.704827][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[ 76.719674][ T52] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.726870][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 76.740344][ T52] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.747542][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 76.875019][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 76.910307][ T5846] veth0_vlan: entered promiscuous mode
[ 76.921473][ T5846] veth1_vlan: entered promiscuous mode
[ 76.945919][ T5846] veth0_macvtap: entered promiscuous mode
[ 76.956435][ T5846] veth1_macvtap: entered promiscuous mode
[ 76.972505][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 76.987344][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 76.998909][ T5846] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.008288][ T5846] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.018700][ T5846] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.028716][ T5846] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.109542][ T5846] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 77.248610][ T29] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.319344][ T29] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.393655][ T29] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.489043][ T29] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.830615][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.839996][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 77.867710][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.876343][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.712198][ T5907] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 78.722575][ T5907] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.731267][ T5907] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.739803][ T5907] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.748169][ T5907] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 78.755608][ T5907] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/02/11 12:32:10 executed programs: 0
[ 80.436379][ T29] bridge_slave_1: left allmulticast mode
[ 80.450551][ T29] bridge_slave_1: left promiscuous mode
[ 80.456671][ T5145] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 80.465958][ T5145] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 80.468182][ T29] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.474141][ T5145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 80.489992][ T5145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 80.499260][ T29] bridge_slave_0: left allmulticast mode
[ 80.499326][ T5145] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 80.507860][ T29] bridge_slave_0: left promiscuous mode
[ 80.513681][ T5145] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 80.526420][ T29] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.763449][ T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 80.774761][ T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 80.784721][ T29] bond0 (unregistering): Released all slaves
[ 80.920618][ T29] hsr_slave_0: left promiscuous mode
[ 80.927987][ T29] hsr_slave_1: left promiscuous mode
[ 80.934313][ T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 80.941782][ T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 80.950460][ T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 80.958048][ T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 80.978078][ T29] veth1_macvtap: left promiscuous mode
[ 80.984156][ T29] veth0_macvtap: left promiscuous mode
[ 80.989836][ T29] veth1_vlan: left promiscuous mode
[ 80.995383][ T29] veth0_vlan: left promiscuous mode
[ 81.385306][ T29] team0 (unregistering): Port device team_slave_1 removed
[ 81.416031][ T29] team0 (unregistering): Port device team_slave_0 removed
[ 81.723202][ T5949] chnl_net:caif_netlink_parms(): no params data found
[ 81.861303][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.874349][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.881597][ T5949] bridge_slave_0: entered allmulticast mode
[ 81.890042][ T5949] bridge_slave_0: entered promiscuous mode
[ 81.899162][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.906483][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.913874][ T5949] bridge_slave_1: entered allmulticast mode
[ 81.928799][ T5949] bridge_slave_1: entered promiscuous mode
[ 81.974072][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.993903][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 82.040395][ T5949] team0: Port device team_slave_0 added
[ 82.057945][ T5949] team0: Port device team_slave_1 added
[ 82.105861][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.113432][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.142535][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.608070][ T5145] Bluetooth: hci0: command tx timeout
[ 82.663587][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.670581][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.702138][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.778045][ T5949] hsr_slave_0: entered promiscuous mode
[ 82.785500][ T5949] hsr_slave_1: entered promiscuous mode
[ 83.531792][ T5949] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 83.550663][ T5949] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 83.577692][ T5949] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 83.594060][ T5949] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 83.749408][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[ 83.781578][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.796568][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.803857][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.826454][ T29] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.833743][ T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.870903][ T5949] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 83.882681][ T5949] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 84.049731][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 84.096114][ T5949] veth0_vlan: entered promiscuous mode
[ 84.113860][ T5949] veth1_vlan: entered promiscuous mode
[ 84.141828][ T5949] veth0_macvtap: entered promiscuous mode
[ 84.154666][ T5949] veth1_macvtap: entered promiscuous mode
[ 84.175459][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 84.195164][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 84.208720][ T5949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.217727][ T5949] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.226797][ T5949] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.236052][ T5949] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.321140][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.339270][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.369152][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.377349][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.682856][ T5145] Bluetooth: hci0: command tx timeout
2025/02/11 12:32:15 executed programs: 32
[ 86.763857][ T5145] Bluetooth: hci0: command tx timeout
[ 87.325350][ T1221] cfg80211: failed to load regulatory.db
[ 88.853873][ T5145] Bluetooth: hci0: command tx timeout
2025/02/11 12:32:20 executed programs: 247
2025/02/11 12:32:25 executed programs: 472
[ 98.357575][ T5907] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 98.368904][ T5907] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 98.377914][ T5907] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 98.387666][ T5907] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 98.396279][ T5907] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 98.403703][ T5907] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 98.517345][ T283] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.531216][ T6649] chnl_net:caif_netlink_parms(): no params data found
[ 98.558670][ T283] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.599192][ T6649] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.606852][ T6649] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.614382][ T6649] bridge_slave_0: entered allmulticast mode
[ 98.621040][ T6649] bridge_slave_0: entered promiscuous mode
[ 98.638145][ T283] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.652873][ T6649] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.660204][ T6649] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.667506][ T6649] bridge_slave_1: entered allmulticast mode
[ 98.674942][ T6649] bridge_slave_1: entered promiscuous mode
[ 98.708393][ T283] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.723006][ T6649] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.736936][ T6649] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.767467][ T6649] team0: Port device team_slave_0 added
[ 98.776123][ T6649] team0: Port device team_slave_1 added
[ 98.830964][ T6649] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 98.844979][ T6649] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.874541][ T6649] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 98.894012][ T6649] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 98.902282][ T6649] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.928625][ T6649] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 98.940030][ T283] bridge_slave_1: left allmulticast mode
[ 98.946061][ T283] bridge_slave_1: left promiscuous mode
[ 98.951931][ T283] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.960847][ T283] bridge_slave_0: left allmulticast mode
[ 98.966955][ T283] bridge_slave_0: left promiscuous mode
[ 98.973427][ T283] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.255695][ T283] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 99.266545][ T283] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 99.276719][ T283] bond0 (unregistering): Released all slaves
[ 99.337206][ T6649] hsr_slave_0: entered promiscuous mode
[ 99.359369][ T6649] hsr_slave_1: entered promiscuous mode
[ 99.375081][ T6649] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 99.392402][ T6649] Cannot create hsr debugfs directory
[ 99.612170][ T283] hsr_slave_0: left promiscuous mode
[ 99.617909][ T283] hsr_slave_1: left promiscuous mode
[ 99.630987][ T283] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 99.642090][ T283] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 99.663914][ T283] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 99.671362][ T283] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 99.693989][ T283] veth1_macvtap: left promiscuous mode
[ 99.699704][ T283] veth0_macvtap: left promiscuous mode
[ 99.705946][ T283] veth1_vlan: left promiscuous mode
[ 99.711298][ T283] veth0_vlan: left promiscuous mode
[ 100.007645][ T283] team0 (unregistering): Port device team_slave_1 removed
[ 100.049696][ T283] team0 (unregistering): Port device team_slave_0 removed
[ 100.442454][ T5907] Bluetooth: hci1: command tx timeout
[ 100.639182][ T6649] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.653610][ T6649] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.665416][ T6649] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 100.677525][ T6649] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 100.763052][ T6649] 8021q: adding VLAN 0 to HW filter on device bond0
[ 100.787031][ T6649] 8021q: adding VLAN 0 to HW filter on device team0
[ 100.801976][ T29] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.809744][ T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 100.823425][ T283] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.830650][ T283] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.010792][ T6649] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 101.058395][ T6649] veth0_vlan: entered promiscuous mode
[ 101.071641][ T6649] veth1_vlan: entered promiscuous mode
[ 101.109155][ T6649] veth0_macvtap: entered promiscuous mode
[ 101.119803][ T6649] veth1_macvtap: entered promiscuous mode
[ 101.140666][ T6649] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 101.153807][ T6649] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 101.166056][ T6649] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.176935][ T6649] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.186712][ T6649] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.196285][ T6649] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.259626][ T283] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.273661][ T283] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.299437][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.309444][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/11 12:32:31 executed programs: 602
[ 101.418204][ T6709] ==================================================================
[ 101.426306][ T6709] BUG: KASAN: slab-use-after-free in force_devcd_write+0x31f/0x350
[ 101.434243][ T6709] Read of size 8 at addr ffff8880259a6800 by task syz.0.616/6709
[ 101.441991][ T6709]
[ 101.444334][ T6709] CPU: 1 UID: 0 PID: 6709 Comm: syz.0.616 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[ 101.444362][ T6709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 101.444381][ T6709] Call Trace:
[ 101.444388][ T6709]
[ 101.444400][ T6709] dump_stack_lvl+0x116/0x1f0
[ 101.444441][ T6709] print_report+0xc3/0x620
[ 101.444466][ T6709] ? __virt_addr_valid+0x5e/0x590
[ 101.444485][ T6709] ? __phys_addr+0xc6/0x150
[ 101.444516][ T6709] kasan_report+0xd9/0x110
[ 101.444540][ T6709] ? force_devcd_write+0x31f/0x350
[ 101.444568][ T6709] ? force_devcd_write+0x31f/0x350
[ 101.444596][ T6709] force_devcd_write+0x31f/0x350
[ 101.444622][ T6709] ? __pfx_force_devcd_write+0x10/0x10
[ 101.444649][ T6709] ? __debugfs_file_get+0x1ff/0x850
[ 101.444682][ T6709] ? __pfx___debugfs_file_get+0x10/0x10
[ 101.444715][ T6709] ? rcu_is_watching+0x12/0xc0
[ 101.444746][ T6709] ? trace_lock_acquire+0x14e/0x1f0
[ 101.444769][ T6709] full_proxy_write+0x13c/0x200
[ 101.444802][ T6709] ? __pfx_full_proxy_write+0x10/0x10
[ 101.444833][ T6709] vfs_write+0x24c/0x1150
[ 101.444857][ T6709] ? __pfx_vfs_write+0x10/0x10
[ 101.444877][ T6709] ? do_futex+0x123/0x350
[ 101.444898][ T6709] ? __pfx_do_futex+0x10/0x10
[ 101.444923][ T6709] ? __x64_sys_futex+0x1e1/0x4c0
[ 101.444945][ T6709] ? __x64_sys_futex+0x1ea/0x4c0
[ 101.444968][ T6709] ksys_write+0x12b/0x250
[ 101.444989][ T6709] ? __pfx_ksys_write+0x10/0x10
[ 101.445014][ T6709] do_syscall_64+0xcd/0x250
[ 101.445042][ T6709] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.445072][ T6709] RIP: 0033:0x7f68c6b8cde9
[ 101.445089][ T6709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 101.445110][ T6709] RSP: 002b:00007fff50d5c308 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 101.445130][ T6709] RAX: ffffffffffffffda RBX: 00007f68c6da5fa0 RCX: 00007f68c6b8cde9
[ 101.445145][ T6709] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[ 101.445158][ T6709] RBP: 00007f68c6c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 101.445172][ T6709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 101.445185][ T6709] R13: 00007f68c6da5fa0 R14: 00007f68c6da5fa0 R15: 0000000000000003
[ 101.445206][ T6709]
[ 101.445213][ T6709]
[ 101.672573][ T6709] Allocated by task 5949:
[ 101.676902][ T6709] kasan_save_stack+0x33/0x60
[ 101.681582][ T6709] kasan_save_track+0x14/0x30
[ 101.686252][ T6709] __kasan_kmalloc+0xaa/0xb0
[ 101.690836][ T6709] vhci_open+0x4c/0x430
[ 101.694989][ T6709] misc_open+0x35a/0x420
[ 101.699233][ T6709] chrdev_open+0x237/0x6a0
[ 101.703644][ T6709] do_dentry_open+0x735/0x1c40
[ 101.708412][ T6709] vfs_open+0x82/0x3f0
[ 101.712479][ T6709] path_openat+0x1e88/0x2d80
[ 101.717082][ T6709] do_filp_open+0x20c/0x470
[ 101.721597][ T6709] do_sys_openat2+0x17a/0x1e0
[ 101.726275][ T6709] __x64_sys_openat+0x175/0x210
[ 101.731149][ T6709] do_syscall_64+0xcd/0x250
[ 101.735760][ T6709] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.741677][ T6709]
[ 101.743998][ T6709] Freed by task 5949:
[ 101.747967][ T6709] kasan_save_stack+0x33/0x60
[ 101.752640][ T6709] kasan_save_track+0x14/0x30
[ 101.757352][ T6709] kasan_save_free_info+0x3b/0x60
[ 101.762378][ T6709] __kasan_slab_free+0x51/0x70
[ 101.767226][ T6709] kfree+0x2c4/0x4d0
[ 101.771126][ T6709] vhci_release+0xbb/0xf0
[ 101.775802][ T6709] __fput+0x3ff/0xb70
[ 101.779791][ T6709] task_work_run+0x14e/0x250
[ 101.784382][ T6709] do_exit+0xad8/0x2d70
[ 101.788544][ T6709] do_group_exit+0xd3/0x2a0
[ 101.793052][ T6709] get_signal+0x2576/0x2610
[ 101.797572][ T6709] arch_do_signal_or_restart+0x90/0x7e0
[ 101.803124][ T6709] syscall_exit_to_user_mode+0x150/0x2a0
[ 101.808767][ T6709] do_syscall_64+0xda/0x250
[ 101.813361][ T6709] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.819254][ T6709]
[ 101.821569][ T6709] The buggy address belongs to the object at ffff8880259a6800
[ 101.821569][ T6709] which belongs to the cache kmalloc-1k of size 1024
[ 101.835618][ T6709] The buggy address is located 0 bytes inside of
[ 101.835618][ T6709] freed 1024-byte region [ffff8880259a6800, ffff8880259a6c00)
[ 101.849332][ T6709]
[ 101.851660][ T6709] The buggy address belongs to the physical page:
[ 101.858068][ T6709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x259a0
[ 101.866840][ T6709] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 101.875340][ T6709] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 101.882893][ T6709] page_type: f5(slab)
[ 101.886873][ T6709] raw: 00fff00000000040 ffff88801b041dc0 ffffea0000d13800 dead000000000002
[ 101.895451][ T6709] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 101.904039][ T6709] head: 00fff00000000040 ffff88801b041dc0 ffffea0000d13800 dead000000000002
[ 101.912707][ T6709] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 101.921370][ T6709] head: 00fff00000000003 ffffea0000966801 ffffffffffffffff 0000000000000000
[ 101.930037][ T6709] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 101.938706][ T6709] page dumped because: kasan: bad access detected
[ 101.945287][ T6709] page_owner tracks the page as allocated
[ 101.951018][ T6709] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5501, tgid 5501 (dhcpcd), ts 46207992184, free_ts 46177097484
[ 101.971862][ T6709] post_alloc_hook+0x181/0x1b0
[ 101.976713][ T6709] get_page_from_freelist+0xfce/0x2f80
[ 101.982605][ T6709] __alloc_frozen_pages_noprof+0x221/0x2470
[ 101.988498][ T6709] alloc_pages_mpol+0x1fc/0x540
[ 101.993353][ T6709] new_slab+0x23d/0x330
[ 101.997502][ T6709] ___slab_alloc+0xbfa/0x1600
[ 102.002172][ T6709] __slab_alloc.constprop.0+0x56/0xb0
[ 102.007536][ T6709] __kmalloc_node_noprof+0x2f0/0x520
[ 102.012904][ T6709] qdisc_alloc+0xbb/0xc50
[ 102.017233][ T6709] qdisc_create_dflt+0x73/0x430
[ 102.022082][ T6709] dev_activate+0x63a/0x12b0
[ 102.026674][ T6709] __dev_open+0x3e4/0x540
[ 102.031182][ T6709] __dev_change_flags+0x561/0x720
[ 102.036201][ T6709] dev_change_flags+0x8f/0x160
[ 102.040962][ T6709] devinet_ioctl+0x11d7/0x1f40
[ 102.045725][ T6709] inet_ioctl+0x3aa/0x3f0
[ 102.050056][ T6709] page last free pid 5587 tgid 5587 stack trace:
[ 102.056457][ T6709] free_frozen_pages+0x6db/0xfb0
[ 102.061388][ T6709] qlist_free_all+0x4e/0x120
[ 102.065972][ T6709] kasan_quarantine_reduce+0x195/0x1e0
[ 102.071434][ T6709] __kasan_slab_alloc+0x69/0x90
[ 102.076373][ T6709] kmem_cache_alloc_noprof+0x1c8/0x3b0
[ 102.081828][ T6709] mas_alloc_nodes+0x18b/0x880
[ 102.086686][ T6709] mas_node_count_gfp+0x105/0x130
[ 102.091709][ T6709] mas_preallocate+0x53f/0xce0
[ 102.096479][ T6709] commit_merge+0x701/0x10a0
[ 102.101063][ T6709] vma_expand+0x3fd/0x9c0
[ 102.105396][ T6709] relocate_vma_down+0x216/0x480
[ 102.110415][ T6709] setup_arg_pages+0x565/0xcd0
[ 102.115171][ T6709] load_elf_binary+0xaf9/0x4ff0
[ 102.120028][ T6709] bprm_execve+0x8dd/0x16d0
[ 102.124533][ T6709] do_execveat_common.isra.0+0x4a2/0x610
[ 102.130270][ T6709] __x64_sys_execve+0x8c/0xb0
[ 102.135038][ T6709]
[ 102.137352][ T6709] Memory state around the buggy address:
[ 102.142977][ T6709] ffff8880259a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.151039][ T6709] ffff8880259a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.159092][ T6709] >ffff8880259a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 102.167146][ T6709] ^
[ 102.171205][ T6709] ffff8880259a6880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 102.179610][ T6709] ffff8880259a6900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 102.187664][ T6709] ==================================================================
[ 102.242120][ T6709] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 102.249347][ T6709] CPU: 0 UID: 0 PID: 6709 Comm: syz.0.616 Not tainted 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0
[ 102.259930][ T6709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 102.270079][ T6709] Call Trace:
[ 102.273365][ T6709]
[ 102.276289][ T6709] dump_stack_lvl+0x3d/0x1f0
[ 102.280889][ T6709] panic+0x71d/0x800
[ 102.284787][ T6709] ? __pfx_panic+0x10/0x10
[ 102.289200][ T6709] ? preempt_schedule_thunk+0x1a/0x30
[ 102.294575][ T6709] ? preempt_schedule_common+0x44/0xc0
[ 102.300056][ T6709] ? check_panic_on_warn+0x1f/0xb0
[ 102.305270][ T6709] check_panic_on_warn+0xab/0xb0
[ 102.310221][ T6709] end_report+0x117/0x180
[ 102.314557][ T6709] kasan_report+0xe9/0x110
[ 102.318977][ T6709] ? force_devcd_write+0x31f/0x350
[ 102.324266][ T6709] ? force_devcd_write+0x31f/0x350
[ 102.329485][ T6709] force_devcd_write+0x31f/0x350
[ 102.334445][ T6709] ? __pfx_force_devcd_write+0x10/0x10
[ 102.339916][ T6709] ? __debugfs_file_get+0x1ff/0x850
[ 102.345214][ T6709] ? __pfx___debugfs_file_get+0x10/0x10
[ 102.351370][ T6709] ? rcu_is_watching+0x12/0xc0
[ 102.356140][ T6709] ? trace_lock_acquire+0x14e/0x1f0
[ 102.361334][ T6709] full_proxy_write+0x13c/0x200
[ 102.366191][ T6709] ? __pfx_full_proxy_write+0x10/0x10
[ 102.371653][ T6709] vfs_write+0x24c/0x1150
[ 102.375986][ T6709] ? __pfx_vfs_write+0x10/0x10
[ 102.380747][ T6709] ? do_futex+0x123/0x350
[ 102.385082][ T6709] ? __pfx_do_futex+0x10/0x10
[ 102.389760][ T6709] ? __x64_sys_futex+0x1e1/0x4c0
[ 102.394690][ T6709] ? __x64_sys_futex+0x1ea/0x4c0
[ 102.399623][ T6709] ksys_write+0x12b/0x250
[ 102.403949][ T6709] ? __pfx_ksys_write+0x10/0x10
[ 102.408849][ T6709] do_syscall_64+0xcd/0x250
[ 102.413350][ T6709] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 102.419275][ T6709] RIP: 0033:0x7f68c6b8cde9
[ 102.423773][ T6709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 102.443772][ T6709] RSP: 002b:00007fff50d5c308 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 102.452356][ T6709] RAX: ffffffffffffffda RBX: 00007f68c6da5fa0 RCX: 00007f68c6b8cde9
[ 102.460322][ T6709] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[ 102.468376][ T6709] RBP: 00007f68c6c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 102.476348][ T6709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 102.484311][ T6709] R13: 00007f68c6da5fa0 R14: 00007f68c6da5fa0 R15: 0000000000000003
[ 102.492284][ T6709]
[ 102.495633][ T6709] Kernel Offset: disabled
[ 102.499983][ T6709] Rebooting in 86400 seconds..