Warning: Permanently added '10.128.0.112' (ED25519) to the list of known hosts.
2025/02/24 16:43:59 ignoring optional flag "sandboxArg"="0"
2025/02/24 16:44:00 parsed 1 programs
[  467.782372][ T5872] cgroup: Unknown subsys name 'net'
[  467.919159][ T5872] cgroup: Unknown subsys name 'cpuset'
[  467.928008][ T5872] cgroup: Unknown subsys name 'rlimit'
[  469.542259][ T5872] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  472.431801][ T5878] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  472.871984][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  472.886388][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  472.940929][ T5893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  472.949128][ T5893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  475.228820][ T5148] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  475.237846][ T5148] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  475.245762][ T5148] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  475.261227][ T5148] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  475.269583][ T5148] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  475.277138][ T5148] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  476.193214][ T5952] chnl_net:caif_netlink_parms(): no params data found
[  476.273380][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.280718][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.289163][ T5952] bridge_slave_0: entered allmulticast mode
[  476.296578][ T5952] bridge_slave_0: entered promiscuous mode
[  476.306209][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.313354][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.320787][ T5952] bridge_slave_1: entered allmulticast mode
[  476.327600][ T5952] bridge_slave_1: entered promiscuous mode
[  476.355565][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  476.370519][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  476.400763][ T5952] team0: Port device team_slave_0 added
[  476.409564][ T5952] team0: Port device team_slave_1 added
[  476.432041][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[  476.439563][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.465704][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  476.479375][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[  476.486422][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.512953][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  476.549026][ T5952] hsr_slave_0: entered promiscuous mode
[  476.555598][ T5952] hsr_slave_1: entered promiscuous mode
[  476.673995][ T5952] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  476.684008][ T5952] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  476.694289][ T5952] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  476.704855][ T5952] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  476.734500][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.741766][ T5952] bridge0: port 2(bridge_slave_1) entered forwarding state
[  476.749952][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.757124][ T5952] bridge0: port 1(bridge_slave_0) entered forwarding state
[  476.818446][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[  476.838189][ T5893] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.847725][ T5893] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.868161][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[  476.883205][ T3452] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.890423][ T3452] bridge0: port 1(bridge_slave_0) entered forwarding state
[  476.904372][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.911554][ T5893] bridge0: port 2(bridge_slave_1) entered forwarding state
[  477.081033][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[  477.121963][ T5952] veth0_vlan: entered promiscuous mode
[  477.133081][ T5952] veth1_vlan: entered promiscuous mode
[  477.161569][ T5952] veth0_macvtap: entered promiscuous mode
[  477.171649][ T5952] veth1_macvtap: entered promiscuous mode
[  477.193301][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[  477.206793][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[  477.221040][ T5952] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  477.230633][ T5952] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  477.239641][ T5952] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  477.249335][ T5952] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  477.420578][ T5893] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.479548][ T5893] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.540304][ T5893] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.646812][ T5893] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/02/24 16:44:15 executed programs: 0
[  478.180795][ T5148] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  478.191454][ T5148] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  478.199928][ T5148] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  478.209122][ T5148] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  478.217095][ T5148] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  478.224474][ T5148] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  478.369776][ T5980] chnl_net:caif_netlink_parms(): no params data found
[  478.444055][ T5980] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.451709][ T5980] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.459345][ T5980] bridge_slave_0: entered allmulticast mode
[  478.466976][ T5980] bridge_slave_0: entered promiscuous mode
[  478.476035][ T5980] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.483257][ T5980] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.490649][ T5980] bridge_slave_1: entered allmulticast mode
[  478.497645][ T5980] bridge_slave_1: entered promiscuous mode
[  478.526947][ T5980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  478.540089][ T5980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  478.571587][ T5980] team0: Port device team_slave_0 added
[  478.581436][ T5980] team0: Port device team_slave_1 added
[  478.606674][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_0
[  478.613668][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.644293][ T5980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  478.658137][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_1
[  478.665901][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.693167][ T5980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  478.745301][ T5980] hsr_slave_0: entered promiscuous mode
[  478.751959][ T5980] hsr_slave_1: entered promiscuous mode
[  478.761221][ T5980] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  478.770407][ T5980] Cannot create hsr debugfs directory
[  480.212044][ T5893] bridge_slave_1: left allmulticast mode
[  480.219071][ T5893] bridge_slave_1: left promiscuous mode
[  480.225787][ T5893] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.240788][ T5893] bridge_slave_0: left allmulticast mode
[  480.246621][ T5893] bridge_slave_0: left promiscuous mode
[  480.252320][ T5893] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.305960][   T54] Bluetooth: hci0: command tx timeout
[  480.555555][ T5893] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  480.567129][ T5893] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  480.578495][ T5893] bond0 (unregistering): Released all slaves
[  480.688817][ T5893] hsr_slave_0: left promiscuous mode
[  480.694957][ T5893] hsr_slave_1: left promiscuous mode
[  480.703811][ T5893] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  480.711654][ T5893] batman_adv: batadv0: Removing interface: batadv_slave_0
[  480.720424][ T5893] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  480.727952][ T5893] batman_adv: batadv0: Removing interface: batadv_slave_1
[  480.756245][ T5893] veth1_macvtap: left promiscuous mode
[  480.762250][ T5893] veth0_macvtap: left promiscuous mode
[  480.768317][ T5893] veth1_vlan: left promiscuous mode
[  480.773904][ T5893] veth0_vlan: left promiscuous mode
[  481.223459][ T5893] team0 (unregistering): Port device team_slave_1 removed
[  481.258941][ T5893] team0 (unregistering): Port device team_slave_0 removed
[  481.723212][ T5980] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  481.743105][ T5980] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  481.768593][ T5980] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  481.801336][ T5980] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  481.923055][ T5980] 8021q: adding VLAN 0 to HW filter on device bond0
[  481.958988][ T5980] 8021q: adding VLAN 0 to HW filter on device team0
[  481.982332][ T5971] bridge0: port 1(bridge_slave_0) entered blocking state
[  481.989473][ T5971] bridge0: port 1(bridge_slave_0) entered forwarding state
[  482.003781][ T5988] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.010972][ T5988] bridge0: port 2(bridge_slave_1) entered forwarding state
[  482.300129][ T5980] 8021q: adding VLAN 0 to HW filter on device batadv0
[  482.339864][ T5980] veth0_vlan: entered promiscuous mode
[  482.351672][ T5980] veth1_vlan: entered promiscuous mode
[  482.377299][ T5980] veth0_macvtap: entered promiscuous mode
[  482.386509][ T5980] veth1_macvtap: entered promiscuous mode
[  482.396084][   T54] Bluetooth: hci0: command tx timeout
[  482.411024][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_0
[  482.424843][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_1
[  482.440025][ T5980] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  482.449070][ T5980] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  482.458027][ T5980] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  482.472698][ T5980] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  482.528431][ T5988] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  482.545009][ T5988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  482.569269][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  482.577823][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/24 16:44:20 executed programs: 9
[  484.465245][   T54] Bluetooth: hci0: command tx timeout
[  486.549077][   T54] Bluetooth: hci0: command tx timeout
2025/02/24 16:44:25 executed programs: 90
2025/02/24 16:44:30 executed programs: 174
2025/02/24 16:44:35 executed programs: 258
2025/02/24 16:44:40 executed programs: 344
[  506.947254][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  506.953948][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
2025/02/24 16:44:45 executed programs: 427
2025/02/24 16:44:50 executed programs: 511
2025/02/24 16:44:55 executed programs: 596
[  518.697262][ T5148] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  518.708309][ T5148] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  518.717589][ T5148] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  518.726624][ T5148] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  518.735377][ T5148] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  518.742766][ T5148] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  518.857791][ T6635] chnl_net:caif_netlink_parms(): no params data found
[  518.908966][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.953143][ T6635] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.960558][ T6635] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.967943][ T6635] bridge_slave_0: entered allmulticast mode
[  518.975756][ T6635] bridge_slave_0: entered promiscuous mode
[  518.983706][ T6635] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.992177][ T6635] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.999832][ T6635] bridge_slave_1: entered allmulticast mode
[  519.007432][ T6635] bridge_slave_1: entered promiscuous mode
[  519.022772][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.054524][ T6635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  519.067062][ T6635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  519.104186][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.123087][ T6635] team0: Port device team_slave_0 added
[  519.131071][ T6635] team0: Port device team_slave_1 added
[  519.153031][ T6635] batman_adv: batadv0: Adding interface: batadv_slave_0
[  519.160368][ T6635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.187166][ T6635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  519.210144][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.224108][ T6635] batman_adv: batadv0: Adding interface: batadv_slave_1
[  519.231289][ T6635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.257545][ T6635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  519.297375][ T6635] hsr_slave_0: entered promiscuous mode
[  519.304215][ T6635] hsr_slave_1: entered promiscuous mode
[  519.393352][   T11] bridge_slave_1: left allmulticast mode
[  519.399653][   T11] bridge_slave_1: left promiscuous mode
[  519.405531][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.414970][   T11] bridge_slave_0: left allmulticast mode
[  519.421610][   T11] bridge_slave_0: left promiscuous mode
[  519.429662][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.660043][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  519.670947][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  519.681839][   T11] bond0 (unregistering): Released all slaves
[  519.952911][   T11] hsr_slave_0: left promiscuous mode
[  519.959113][   T11] hsr_slave_1: left promiscuous mode
[  519.967364][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  519.974813][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  519.987146][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  519.994589][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  520.013842][   T11] veth1_macvtap: left promiscuous mode
[  520.019490][   T11] veth0_macvtap: left promiscuous mode
[  520.025578][   T11] veth1_vlan: left promiscuous mode
[  520.030954][   T11] veth0_vlan: left promiscuous mode
[  520.404735][   T11] team0 (unregistering): Port device team_slave_1 removed
[  520.438775][   T11] team0 (unregistering): Port device team_slave_0 removed
[  520.793946][ T5148] Bluetooth: hci1: command tx timeout
[  520.855745][ T6635] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  520.870419][ T6635] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  520.886535][ T6635] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  520.897633][ T6635] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  521.022236][ T6635] 8021q: adding VLAN 0 to HW filter on device bond0
[  521.044545][ T6635] 8021q: adding VLAN 0 to HW filter on device team0
[  521.059990][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.067205][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  521.093286][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.100514][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  521.272103][ T6635] 8021q: adding VLAN 0 to HW filter on device batadv0
[  521.307115][ T6635] veth0_vlan: entered promiscuous mode
[  521.318401][ T6635] veth1_vlan: entered promiscuous mode
[  521.344126][ T6635] veth0_macvtap: entered promiscuous mode
[  521.353477][ T6635] veth1_macvtap: entered promiscuous mode
[  521.368860][ T6635] batman_adv: batadv0: Interface activated: batadv_slave_0
[  521.382654][ T6635] batman_adv: batadv0: Interface activated: batadv_slave_1
[  521.393620][ T6635] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  521.402999][ T6635] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  521.411783][ T6635] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  521.420585][ T6635] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  521.472528][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  521.485938][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  521.507700][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  521.516113][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  521.613989][ T6675] ==================================================================
[  521.622103][ T6675] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330
[  521.630028][ T6675] Read of size 8 at addr ffff88802a73a000 by task syz.0.616/6675
[  521.637754][ T6675] 
[  521.640099][ T6675] CPU: 0 UID: 0 PID: 6675 Comm: syz.0.616 Not tainted 6.14.0-rc4-syzkaller #0
[  521.640124][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  521.640141][ T6675] Call Trace:
[  521.640148][ T6675]  <TASK>
[  521.640159][ T6675]  dump_stack_lvl+0x116/0x1f0
[  521.640194][ T6675]  print_report+0xc3/0x670
[  521.640249][ T6675]  ? __virt_addr_valid+0x5e/0x590
[  521.640272][ T6675]  ? __phys_addr+0xc6/0x150
[  521.640295][ T6675]  kasan_report+0xd9/0x110
[  521.640315][ T6675]  ? force_devcd_write+0x317/0x330
[  521.640345][ T6675]  ? force_devcd_write+0x317/0x330
[  521.640382][ T6675]  force_devcd_write+0x317/0x330
[  521.640412][ T6675]  ? __pfx_force_devcd_write+0x10/0x10
[  521.640442][ T6675]  ? __debugfs_file_get+0x1ff/0x850
[  521.640471][ T6675]  ? __pfx___debugfs_file_get+0x10/0x10
[  521.640501][ T6675]  ? rcu_is_watching+0x12/0xc0
[  521.640525][ T6675]  ? trace_lock_acquire+0x14e/0x1f0
[  521.640553][ T6675]  full_proxy_write+0x13c/0x200
[  521.640583][ T6675]  ? __pfx_full_proxy_write+0x10/0x10
[  521.640613][ T6675]  vfs_write+0x24c/0x1150
[  521.640647][ T6675]  ? __pfx_vfs_write+0x10/0x10
[  521.640677][ T6675]  ? do_futex+0x123/0x350
[  521.640704][ T6675]  ? __pfx_do_futex+0x10/0x10
[  521.640735][ T6675]  ? __x64_sys_futex+0x1e1/0x4c0
[  521.640762][ T6675]  ? __x64_sys_futex+0x1ea/0x4c0
[  521.640792][ T6675]  ksys_write+0x12b/0x250
[  521.640822][ T6675]  ? __pfx_ksys_write+0x10/0x10
[  521.640858][ T6675]  do_syscall_64+0xcd/0x250
[  521.640888][ T6675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.640922][ T6675] RIP: 0033:0x7fa617f8d169
[  521.640940][ T6675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.640965][ T6675] RSP: 002b:00007fffccd3de98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  521.640986][ T6675] RAX: ffffffffffffffda RBX: 00007fa6181a5fa0 RCX: 00007fa617f8d169
[  521.641001][ T6675] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  521.641015][ T6675] RBP: 00007fa61800e2a0 R08: 0000000000000000 R09: 0000000000000000
[  521.641029][ T6675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  521.641042][ T6675] R13: 00007fa6181a5fa0 R14: 00007fa6181a5fa0 R15: 0000000000000003
[  521.641063][ T6675]  </TASK>
[  521.641070][ T6675] 
[  521.865520][ T6675] Allocated by task 5980:
[  521.869853][ T6675]  kasan_save_stack+0x33/0x60
[  521.874543][ T6675]  kasan_save_track+0x14/0x30
[  521.879243][ T6675]  __kasan_kmalloc+0xaa/0xb0
[  521.883862][ T6675]  vhci_open+0x4c/0x430
[  521.888032][ T6675]  misc_open+0x35a/0x420
[  521.892278][ T6675]  chrdev_open+0x237/0x6a0
[  521.896707][ T6675]  do_dentry_open+0x735/0x1c40
[  521.901495][ T6675]  vfs_open+0x82/0x3f0
[  521.905591][ T6675]  path_openat+0x1e88/0x2d80
[  521.910217][ T6675]  do_filp_open+0x20c/0x470
[  521.914754][ T6675]  do_sys_openat2+0x17a/0x1e0
[  521.919437][ T6675]  __x64_sys_openat+0x175/0x210
[  521.924294][ T6675]  do_syscall_64+0xcd/0x250
[  521.928811][ T6675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.934719][ T6675] 
[  521.937041][ T6675] Freed by task 5980:
[  521.941027][ T6675]  kasan_save_stack+0x33/0x60
[  521.945739][ T6675]  kasan_save_track+0x14/0x30
[  521.950459][ T6675]  kasan_save_free_info+0x3b/0x60
[  521.955496][ T6675]  __kasan_slab_free+0x51/0x70
[  521.960289][ T6675]  kfree+0x2c4/0x4d0
[  521.964197][ T6675]  vhci_release+0xbb/0xf0
[  521.968537][ T6675]  __fput+0x3ff/0xb70
[  521.972532][ T6675]  task_work_run+0x14e/0x250
[  521.977136][ T6675]  do_exit+0xad8/0x2d70
[  521.981299][ T6675]  do_group_exit+0xd3/0x2a0
[  521.985813][ T6675]  get_signal+0x24ed/0x26c0
[  521.990344][ T6675]  arch_do_signal_or_restart+0x90/0x7e0
[  521.995911][ T6675]  syscall_exit_to_user_mode+0x150/0x2a0
[  522.001567][ T6675]  do_syscall_64+0xda/0x250
[  522.006092][ T6675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.012024][ T6675] 
[  522.014375][ T6675] The buggy address belongs to the object at ffff88802a73a000
[  522.014375][ T6675]  which belongs to the cache kmalloc-1k of size 1024
[  522.028454][ T6675] The buggy address is located 0 bytes inside of
[  522.028454][ T6675]  freed 1024-byte region [ffff88802a73a000, ffff88802a73a400)
[  522.042204][ T6675] 
[  522.044538][ T6675] The buggy address belongs to the physical page:
[  522.050980][ T6675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a738
[  522.059777][ T6675] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  522.068292][ T6675] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  522.075881][ T6675] page_type: f5(slab)
[  522.079887][ T6675] raw: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122
[  522.088486][ T6675] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  522.097105][ T6675] head: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122
[  522.105813][ T6675] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  522.114503][ T6675] head: 00fff00000000003 ffffea0000a9ce01 ffffffffffffffff 0000000000000000
[  522.123190][ T6675] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  522.131867][ T6675] page dumped because: kasan: bad access detected
[  522.138312][ T6675] page_owner tracks the page as allocated
[  522.144062][ T6675] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5679, tgid 5679 (dhcpcd), ts 66081165048, free_ts 65707782857
[  522.164945][ T6675]  post_alloc_hook+0x181/0x1b0
[  522.169748][ T6675]  get_page_from_freelist+0xfce/0x2f80
[  522.175237][ T6675]  __alloc_frozen_pages_noprof+0x221/0x2470
[  522.181164][ T6675]  alloc_pages_mpol+0x1fc/0x540
[  522.186031][ T6675]  new_slab+0x23d/0x330
[  522.190207][ T6675]  ___slab_alloc+0xc5d/0x1720
[  522.194903][ T6675]  __slab_alloc.constprop.0+0x56/0xb0
[  522.200306][ T6675]  __kmalloc_node_noprof+0x2f0/0x510
[  522.205627][ T6675]  __kvmalloc_node_noprof+0xad/0x1a0
[  522.210938][ T6675]  bpf_jit_binary_pack_alloc+0xc1/0x290
[  522.216516][ T6675]  bpf_int_jit_compile+0x575/0x1830
[  522.221738][ T6675]  bpf_prog_select_runtime+0x32a/0x4c0
[  522.227247][ T6675]  bpf_prepare_filter+0xd3d/0x1100
[  522.232388][ T6675]  __get_filter+0x20b/0x2b0
[  522.236914][ T6675]  sk_attach_filter+0x1e/0x180
[  522.241707][ T6675]  sk_setsockopt+0x2f03/0x3c00
[  522.246502][ T6675] page last free pid 5503 tgid 5503 stack trace:
[  522.252834][ T6675]  free_frozen_pages+0x6db/0xfb0
[  522.257813][ T6675]  __put_partials+0x14c/0x170
[  522.262521][ T6675]  qlist_free_all+0x4e/0x120
[  522.267155][ T6675]  kasan_quarantine_reduce+0x195/0x1e0
[  522.272653][ T6675]  __kasan_slab_alloc+0x69/0x90
[  522.277552][ T6675]  kmem_cache_alloc_node_noprof+0x223/0x3c0
[  522.283486][ T6675]  __alloc_skb+0x2b1/0x380
[  522.287936][ T6675]  alloc_skb_with_frags+0xe4/0x850
[  522.293081][ T6675]  sock_alloc_send_pskb+0x7f1/0x980
[  522.298321][ T6675]  unix_dgram_sendmsg+0x45e/0x18c0
[  522.303483][ T6675]  sock_write_iter+0x4fe/0x5b0
[  522.308283][ T6675]  do_iter_readv_writev+0x655/0x950
[  522.313511][ T6675]  vfs_writev+0x363/0xdd0
[  522.317869][ T6675]  do_writev+0x297/0x340
[  522.322138][ T6675]  do_syscall_64+0xcd/0x250
[  522.326672][ T6675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.332604][ T6675] 
[  522.334939][ T6675] Memory state around the buggy address:
[  522.340579][ T6675]  ffff88802a739f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  522.348655][ T6675]  ffff88802a739f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  522.356726][ T6675] >ffff88802a73a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  522.364791][ T6675]                    ^
[  522.368863][ T6675]  ffff88802a73a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  522.376936][ T6675]  ffff88802a73a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  522.385008][ T6675] ==================================================================
[  522.403643][ T6675] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  522.410908][ T6675] CPU: 1 UID: 0 PID: 6675 Comm: syz.0.616 Not tainted 6.14.0-rc4-syzkaller #0
[  522.419806][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  522.429902][ T6675] Call Trace:
[  522.433216][ T6675]  <TASK>
[  522.436181][ T6675]  dump_stack_lvl+0x3d/0x1f0
[  522.440829][ T6675]  panic+0x71d/0x800
[  522.444769][ T6675]  ? __pfx_panic+0x10/0x10
[  522.449238][ T6675]  ? preempt_schedule_thunk+0x1a/0x30
[  522.454662][ T6675]  ? preempt_schedule_common+0x44/0xc0
[  522.460169][ T6675]  ? check_panic_on_warn+0x1f/0xb0
[  522.465333][ T6675]  check_panic_on_warn+0xab/0xb0
[  522.470316][ T6675]  end_report+0x117/0x180
[  522.474697][ T6675]  kasan_report+0xe9/0x110
[  522.479165][ T6675]  ? force_devcd_write+0x317/0x330
[  522.484352][ T6675]  ? force_devcd_write+0x317/0x330
[  522.489532][ T6675]  force_devcd_write+0x317/0x330
[  522.494519][ T6675]  ? __pfx_force_devcd_write+0x10/0x10
[  522.500039][ T6675]  ? __debugfs_file_get+0x1ff/0x850
[  522.505287][ T6675]  ? __pfx___debugfs_file_get+0x10/0x10
[  522.510877][ T6675]  ? rcu_is_watching+0x12/0xc0
[  522.515680][ T6675]  ? trace_lock_acquire+0x14e/0x1f0
[  522.520924][ T6675]  full_proxy_write+0x13c/0x200
[  522.525818][ T6675]  ? __pfx_full_proxy_write+0x10/0x10
[  522.531232][ T6675]  vfs_write+0x24c/0x1150
[  522.535610][ T6675]  ? __pfx_vfs_write+0x10/0x10
[  522.540419][ T6675]  ? do_futex+0x123/0x350
[  522.544794][ T6675]  ? __pfx_do_futex+0x10/0x10
[  522.549571][ T6675]  ? __x64_sys_futex+0x1e1/0x4c0
[  522.554560][ T6675]  ? __x64_sys_futex+0x1ea/0x4c0
[  522.559623][ T6675]  ksys_write+0x12b/0x250
[  522.564019][ T6675]  ? __pfx_ksys_write+0x10/0x10
[  522.568983][ T6675]  do_syscall_64+0xcd/0x250
[  522.573548][ T6675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.579499][ T6675] RIP: 0033:0x7fa617f8d169
[  522.583947][ T6675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.603611][ T6675] RSP: 002b:00007fffccd3de98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  522.612070][ T6675] RAX: ffffffffffffffda RBX: 00007fa6181a5fa0 RCX: 00007fa617f8d169
[  522.620074][ T6675] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  522.628073][ T6675] RBP: 00007fa61800e2a0 R08: 0000000000000000 R09: 0000000000000000
[  522.636073][ T6675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  522.644072][ T6675] R13: 00007fa6181a5fa0 R14: 00007fa6181a5fa0 R15: 0000000000000003
[  522.652099][ T6675]  </TASK>
[  522.655527][ T6675] Kernel Offset: disabled
[  522.659861][ T6675] Rebooting in 86400 seconds..