Warning: Permanently added '10.128.1.140' (ED25519) to the list of known hosts.
2025/03/22 18:48:43 ignoring optional flag "sandboxArg"="0"
2025/03/22 18:48:45 parsed 1 programs
[   90.484392][ T5841] cgroup: Unknown subsys name 'net'
[   90.582931][ T5841] cgroup: Unknown subsys name 'cpuset'
[   90.592117][ T5841] cgroup: Unknown subsys name 'rlimit'
[   92.406800][ T5841] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   95.375924][ T5848] chnl_net:caif_netlink_parms(): no params data found
[   95.449421][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.457597][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.465153][ T5848] bridge_slave_0: entered allmulticast mode
[   95.472240][ T5848] bridge_slave_0: entered promiscuous mode
[   95.481874][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.489170][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.496428][ T5848] bridge_slave_1: entered allmulticast mode
[   95.503893][ T5848] bridge_slave_1: entered promiscuous mode
[   95.531131][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.542825][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.573009][ T5848] team0: Port device team_slave_0 added
[   95.581546][ T5848] team0: Port device team_slave_1 added
[   95.604342][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.611663][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.637777][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.651100][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.658114][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.684146][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.723422][ T5848] hsr_slave_0: entered promiscuous mode
[   95.729817][ T5848] hsr_slave_1: entered promiscuous mode
[   95.847620][ T5848] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.858456][ T5848] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.869371][ T5848] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.879163][ T5848] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.906491][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.913780][ T5848] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.922092][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.929318][ T5848] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.988646][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.007973][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.017723][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.036837][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   96.055247][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.062440][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.074401][ T1099] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.081645][ T1099] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.246612][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.286336][ T5848] veth0_vlan: entered promiscuous mode
[   96.300083][ T5848] veth1_vlan: entered promiscuous mode
[   96.325904][ T5848] veth0_macvtap: entered promiscuous mode
[   96.335611][ T5848] veth1_macvtap: entered promiscuous mode
[   96.355250][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.367868][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.382017][ T5848] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.391772][ T5848] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.400740][ T5848] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.410075][ T5848] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.521217][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   96.632803][ T5848] syz-executor (5848) used greatest stack depth: 21472 bytes left
[   96.674470][   T68] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.749891][   T68] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.828358][   T68] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.936892][   T68] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.477927][  T941] cfg80211: failed to load regulatory.db
[   97.587472][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.595641][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.623595][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.633360][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.430061][   T68] bridge_slave_1: left allmulticast mode
[   99.436324][   T68] bridge_slave_1: left promiscuous mode
[   99.461452][   T68] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.493160][   T68] bridge_slave_0: left allmulticast mode
[   99.500560][   T68] bridge_slave_0: left promiscuous mode
[   99.506465][   T68] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.848197][   T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.862492][   T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.873087][   T68] bond0 (unregistering): Released all slaves
[  100.054219][   T68] hsr_slave_0: left promiscuous mode
[  100.099958][   T68] hsr_slave_1: left promiscuous mode
[  100.106141][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.131054][   T68] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.149817][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.157403][   T68] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.200091][   T68] veth1_macvtap: left promiscuous mode
[  100.206071][   T68] veth0_macvtap: left promiscuous mode
[  100.212194][   T68] veth1_vlan: left promiscuous mode
[  100.217796][   T68] veth0_vlan: left promiscuous mode
[  100.844640][   T68] team0 (unregistering): Port device team_slave_1 removed
[  100.885069][   T68] team0 (unregistering): Port device team_slave_0 removed
[  101.528418][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.538105][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.546833][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.565905][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.574340][ T5957] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  101.582099][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/03/22 18:49:02 executed programs: 0
[  103.398703][ T5148] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  103.411606][ T5148] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  103.422552][ T5148] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  103.431694][ T5148] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  103.439909][ T5148] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  103.448265][ T5148] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  103.742705][ T5999] chnl_net:caif_netlink_parms(): no params data found
[  103.830309][ T5999] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.837457][ T5999] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.845554][ T5999] bridge_slave_0: entered allmulticast mode
[  103.854731][ T5999] bridge_slave_0: entered promiscuous mode
[  103.863204][ T5999] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.870792][ T5999] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.877981][ T5999] bridge_slave_1: entered allmulticast mode
[  103.885107][ T5999] bridge_slave_1: entered promiscuous mode
[  103.917209][ T5999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  103.931196][ T5999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.972630][ T5999] team0: Port device team_slave_0 added
[  103.983049][ T5999] team0: Port device team_slave_1 added
[  104.022037][ T5999] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.030840][ T5999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.059087][ T5999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.072526][ T5999] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.079976][ T5999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.107585][ T5999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.167142][ T5999] hsr_slave_0: entered promiscuous mode
[  104.173947][ T5999] hsr_slave_1: entered promiscuous mode
[  104.716946][ T5999] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  104.728782][ T5999] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  104.744364][ T5999] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  104.757069][ T5999] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  104.862470][ T5999] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.892094][ T5999] 8021q: adding VLAN 0 to HW filter on device team0
[  104.905285][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.912504][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.943469][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.950687][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.984525][ T5999] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  104.995851][ T5999] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  105.197137][ T5999] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.255602][ T5999] veth0_vlan: entered promiscuous mode
[  105.275151][ T5999] veth1_vlan: entered promiscuous mode
[  105.307014][ T5999] veth0_macvtap: entered promiscuous mode
[  105.318628][ T5999] veth1_macvtap: entered promiscuous mode
[  105.344026][ T5999] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.358707][ T5999] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.373258][ T5999] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.383882][ T5999] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.393326][ T5999] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.402891][ T5999] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.488378][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.507944][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.531281][ T5148] Bluetooth: hci0: command tx timeout
[  105.541069][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.549660][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.608991][ T5148] Bluetooth: hci0: command tx timeout
2025/03/22 18:49:07 executed programs: 71
[  109.689494][ T5148] Bluetooth: hci0: command tx timeout
[  111.770257][ T5148] Bluetooth: hci0: command tx timeout
2025/03/22 18:49:12 executed programs: 296
2025/03/22 18:49:17 executed programs: 542
[  119.755544][ T5957] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  119.772526][ T5957] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  119.780773][ T5957] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  119.789810][ T5957] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  119.799224][ T5957] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  119.806743][ T5957] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  119.943844][ T6745] chnl_net:caif_netlink_parms(): no params data found
[  119.970264][ T1099] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.048149][ T1099] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.063278][ T6745] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.070636][ T6745] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.077914][ T6745] bridge_slave_0: entered allmulticast mode
[  120.086042][ T6745] bridge_slave_0: entered promiscuous mode
[  120.095694][ T6745] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.103500][ T6745] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.111164][ T6745] bridge_slave_1: entered allmulticast mode
[  120.118013][ T6745] bridge_slave_1: entered promiscuous mode
[  120.134044][ T1099] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.168278][ T6745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.180915][ T6745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.212025][ T6745] team0: Port device team_slave_0 added
[  120.230304][ T1099] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.245510][ T6745] team0: Port device team_slave_1 added
[  120.268752][ T6745] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.276375][ T6745] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.302535][ T6745] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.315305][ T6745] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.323416][ T6745] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.349772][ T6745] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.393174][ T6745] hsr_slave_0: entered promiscuous mode
[  120.401676][ T6745] hsr_slave_1: entered promiscuous mode
[  120.407766][ T6745] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  120.416563][ T6745] Cannot create hsr debugfs directory
[  120.540194][ T1099] bridge_slave_1: left allmulticast mode
[  120.546003][ T1099] bridge_slave_1: left promiscuous mode
[  120.552373][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.561745][ T1099] bridge_slave_0: left allmulticast mode
[  120.567440][ T1099] bridge_slave_0: left promiscuous mode
[  120.573782][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.834496][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  120.845282][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  120.855873][ T1099] bond0 (unregistering): Released all slaves
[  121.172389][ T1099] hsr_slave_0: left promiscuous mode
[  121.178516][ T1099] hsr_slave_1: left promiscuous mode
[  121.186671][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.196798][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.207463][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.215235][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.235541][ T1099] veth1_macvtap: left promiscuous mode
[  121.241315][ T1099] veth0_macvtap: left promiscuous mode
[  121.246989][ T1099] veth1_vlan: left promiscuous mode
[  121.253393][ T1099] veth0_vlan: left promiscuous mode
[  121.664342][ T1099] team0 (unregistering): Port device team_slave_1 removed
[  121.699668][ T1099] team0 (unregistering): Port device team_slave_0 removed
[  121.856231][ T5148] Bluetooth: hci1: command tx timeout
[  122.105007][ T6745] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  122.122091][ T6745] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  122.146157][ T6745] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  122.164737][ T6745] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  122.297452][ T6745] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.338630][ T6745] 8021q: adding VLAN 0 to HW filter on device team0
[  122.362598][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.369842][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.390849][   T83] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.398027][   T83] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.623202][ T6745] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.665195][ T6745] veth0_vlan: entered promiscuous mode
[  122.678636][ T6745] veth1_vlan: entered promiscuous mode
[  122.706181][ T6745] veth0_macvtap: entered promiscuous mode
[  122.716296][ T6745] veth1_macvtap: entered promiscuous mode
[  122.732929][ T6745] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.746353][ T6745] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.757937][ T6745] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.767134][ T6745] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.776413][ T6745] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.785515][ T6745] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.844027][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.855454][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.888733][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.898437][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.963824][ T6790] ==================================================================
[  122.971951][ T6790] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330
[  122.979879][ T6790] Read of size 8 at addr ffff888032abd800 by task syz.0.616/6790
[  122.987633][ T6790] 
[  122.989992][ T6790] CPU: 0 UID: 0 PID: 6790 Comm: syz.0.616 Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
[  122.990019][ T6790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  122.990035][ T6790] Call Trace:
[  122.990045][ T6790]  <TASK>
[  122.990054][ T6790]  dump_stack_lvl+0x116/0x1f0
[  122.990095][ T6790]  print_report+0xc3/0x670
[  122.990115][ T6790]  ? __virt_addr_valid+0x5e/0x590
[  122.990137][ T6790]  ? __phys_addr+0xc6/0x150
[  122.990165][ T6790]  kasan_report+0xd9/0x110
[  122.990185][ T6790]  ? force_devcd_write+0x317/0x330
[  122.990219][ T6790]  ? force_devcd_write+0x317/0x330
[  122.990254][ T6790]  force_devcd_write+0x317/0x330
[  122.990287][ T6790]  ? __pfx_force_devcd_write+0x10/0x10
[  122.990320][ T6790]  ? __debugfs_file_get+0x1ff/0x850
[  122.990352][ T6790]  ? __pfx___debugfs_file_get+0x10/0x10
[  122.990382][ T6790]  ? rcu_is_watching+0x12/0xc0
[  122.990407][ T6790]  ? trace_lock_acquire+0x14e/0x1f0
[  122.990436][ T6790]  full_proxy_write+0x13c/0x200
[  122.990467][ T6790]  ? __pfx_full_proxy_write+0x10/0x10
[  122.990498][ T6790]  vfs_write+0x24c/0x1150
[  122.990533][ T6790]  ? __pfx_vfs_write+0x10/0x10
[  122.990563][ T6790]  ? do_futex+0x123/0x350
[  122.990591][ T6790]  ? __pfx_do_futex+0x10/0x10
[  122.990622][ T6790]  ? __x64_sys_futex+0x1e1/0x4c0
[  122.990650][ T6790]  ? __x64_sys_futex+0x1ea/0x4c0
[  122.990679][ T6790]  ksys_write+0x12b/0x250
[  122.990711][ T6790]  ? __pfx_ksys_write+0x10/0x10
[  122.990746][ T6790]  do_syscall_64+0xcd/0x250
[  122.990783][ T6790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.990825][ T6790] RIP: 0033:0x7f7fb298d169
[  122.990843][ T6790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.990868][ T6790] RSP: 002b:00007ffcd882ac98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  122.990889][ T6790] RAX: ffffffffffffffda RBX: 00007f7fb2ba5fa0 RCX: 00007f7fb298d169
[  122.990904][ T6790] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  122.990918][ T6790] RBP: 00007f7fb2a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  122.990932][ T6790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  122.990946][ T6790] R13: 00007f7fb2ba5fa0 R14: 00007f7fb2ba5fa0 R15: 0000000000000003
[  122.990966][ T6790]  </TASK>
[  122.990974][ T6790] 
[  123.218712][ T6790] Allocated by task 5999:
[  123.223053][ T6790]  kasan_save_stack+0x33/0x60
[  123.227768][ T6790]  kasan_save_track+0x14/0x30
[  123.232476][ T6790]  __kasan_kmalloc+0xaa/0xb0
[  123.237098][ T6790]  vhci_open+0x4c/0x430
[  123.241295][ T6790]  misc_open+0x35a/0x420
[  123.245649][ T6790]  chrdev_open+0x237/0x6a0
[  123.250101][ T6790]  do_dentry_open+0x735/0x1c40
[  123.254899][ T6790]  vfs_open+0x82/0x3f0
[  123.259024][ T6790]  path_openat+0x1e88/0x2d80
[  123.263649][ T6790]  do_filp_open+0x20c/0x470
[  123.268211][ T6790]  do_sys_openat2+0x17a/0x1e0
[  123.272913][ T6790]  __x64_sys_openat+0x175/0x210
[  123.277788][ T6790]  do_syscall_64+0xcd/0x250
[  123.282400][ T6790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.288328][ T6790] 
[  123.290674][ T6790] Freed by task 5999:
[  123.294670][ T6790]  kasan_save_stack+0x33/0x60
[  123.299378][ T6790]  kasan_save_track+0x14/0x30
[  123.304110][ T6790]  kasan_save_free_info+0x3b/0x60
[  123.309168][ T6790]  __kasan_slab_free+0x51/0x70
[  123.313994][ T6790]  kfree+0x2c4/0x4d0
[  123.317921][ T6790]  vhci_release+0xbb/0xf0
[  123.322283][ T6790]  __fput+0x3ff/0xb70
[  123.326324][ T6790]  task_work_run+0x14e/0x250
[  123.330942][ T6790]  do_exit+0xad8/0x2db0
[  123.335121][ T6790]  do_group_exit+0xd3/0x2a0
[  123.339656][ T6790]  get_signal+0x24ed/0x26c0
[  123.344194][ T6790]  arch_do_signal_or_restart+0x90/0x7e0
[  123.349767][ T6790]  syscall_exit_to_user_mode+0x150/0x2a0
[  123.355432][ T6790]  do_syscall_64+0xda/0x250
[  123.359982][ T6790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.365908][ T6790] 
[  123.368244][ T6790] The buggy address belongs to the object at ffff888032abd800
[  123.368244][ T6790]  which belongs to the cache kmalloc-1k of size 1024
[  123.382573][ T6790] The buggy address is located 0 bytes inside of
[  123.382573][ T6790]  freed 1024-byte region [ffff888032abd800, ffff888032abdc00)
[  123.396393][ T6790] 
[  123.398748][ T6790] The buggy address belongs to the physical page:
[  123.405179][ T6790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x32ab8
[  123.414000][ T6790] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  123.422561][ T6790] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  123.430136][ T6790] page_type: f5(slab)
[  123.434138][ T6790] raw: 00fff00000000040 ffff88801b041dc0 ffffea00004bce00 0000000000000002
[  123.442741][ T6790] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  123.451343][ T6790] head: 00fff00000000040 ffff88801b041dc0 ffffea00004bce00 0000000000000002
[  123.460148][ T6790] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  123.468867][ T6790] head: 00fff00000000003 ffffea0000caae01 ffffffffffffffff 0000000000000000
[  123.477563][ T6790] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  123.486247][ T6790] page dumped because: kasan: bad access detected
[  123.492701][ T6790] page_owner tracks the page as allocated
[  123.498426][ T6790] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5753, tgid 5753 (dhcpcd-run-hook), ts 72661590465, free_ts 72601781760
[  123.521303][ T6790]  post_alloc_hook+0x181/0x1b0
[  123.526109][ T6790]  get_page_from_freelist+0xfce/0x2f80
[  123.531632][ T6790]  __alloc_frozen_pages_noprof+0x221/0x2470
[  123.537563][ T6790]  alloc_pages_mpol+0x1fc/0x540
[  123.542432][ T6790]  new_slab+0x23d/0x330
[  123.546614][ T6790]  ___slab_alloc+0xc5d/0x1720
[  123.551349][ T6790]  __slab_alloc.constprop.0+0x56/0xb0
[  123.556752][ T6790]  __kmalloc_noprof+0x2ec/0x510
[  123.561632][ T6790]  load_elf_phdrs+0x103/0x210
[  123.566340][ T6790]  load_elf_binary+0x153d/0x4fc0
[  123.571309][ T6790]  bprm_execve+0x8dd/0x16d0
[  123.575846][ T6790]  do_execveat_common.isra.0+0x4a2/0x610
[  123.581532][ T6790]  __x64_sys_execve+0x8c/0xb0
[  123.586278][ T6790]  do_syscall_64+0xcd/0x250
[  123.590861][ T6790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.596833][ T6790] page last free pid 5750 tgid 5750 stack trace:
[  123.603195][ T6790]  free_frozen_pages+0x6db/0xfb0
[  123.608201][ T6790]  __put_partials+0x14c/0x170
[  123.612924][ T6790]  qlist_free_all+0x4e/0x120
[  123.617636][ T6790]  kasan_quarantine_reduce+0x195/0x1e0
[  123.623226][ T6790]  __kasan_slab_alloc+0x69/0x90
[  123.628118][ T6790]  kmem_cache_alloc_noprof+0x226/0x3d0
[  123.633701][ T6790]  getname_flags.part.0+0x4c/0x550
[  123.638845][ T6790]  getname+0x8d/0xe0
[  123.642774][ T6790]  do_sys_openat2+0x104/0x1e0
[  123.647480][ T6790]  __x64_sys_openat+0x175/0x210
[  123.652386][ T6790]  do_syscall_64+0xcd/0x250
[  123.657014][ T6790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.662987][ T6790] 
[  123.665407][ T6790] Memory state around the buggy address:
[  123.671055][ T6790]  ffff888032abd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.679150][ T6790]  ffff888032abd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.687340][ T6790] >ffff888032abd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.695417][ T6790]                    ^
[  123.699498][ T6790]  ffff888032abd880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.707595][ T6790]  ffff888032abd900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.715673][ T6790] ==================================================================
[  123.748054][ T6790] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  123.755515][ T6790] CPU: 0 UID: 0 PID: 6790 Comm: syz.0.616 Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
[  123.766156][ T6790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  123.776255][ T6790] Call Trace:
[  123.779555][ T6790]  <TASK>
[  123.782517][ T6790]  dump_stack_lvl+0x3d/0x1f0
[  123.787144][ T6790]  panic+0x71d/0x800
[  123.791117][ T6790]  ? __pfx_panic+0x10/0x10
[  123.795561][ T6790]  ? preempt_schedule_thunk+0x1a/0x30
[  123.800973][ T6790]  ? preempt_schedule_common+0x44/0xc0
[  123.806471][ T6790]  ? check_panic_on_warn+0x1f/0xb0
[  123.811614][ T6790]  check_panic_on_warn+0xab/0xb0
[  123.816583][ T6790]  end_report+0x117/0x180
[  123.820958][ T6790]  kasan_report+0xe9/0x110
[  123.825422][ T6790]  ? force_devcd_write+0x317/0x330
[  123.830628][ T6790]  ? force_devcd_write+0x317/0x330
[  123.835786][ T6790]  force_devcd_write+0x317/0x330
[  123.840768][ T6790]  ? __pfx_force_devcd_write+0x10/0x10
[  123.846293][ T6790]  ? __debugfs_file_get+0x1ff/0x850
[  123.851892][ T6790]  ? __pfx___debugfs_file_get+0x10/0x10
[  123.857482][ T6790]  ? rcu_is_watching+0x12/0xc0
[  123.862289][ T6790]  ? trace_lock_acquire+0x14e/0x1f0
[  123.867534][ T6790]  full_proxy_write+0x13c/0x200
[  123.872427][ T6790]  ? __pfx_full_proxy_write+0x10/0x10
[  123.877845][ T6790]  vfs_write+0x24c/0x1150
[  123.882213][ T6790]  ? __pfx_vfs_write+0x10/0x10
[  123.887009][ T6790]  ? do_futex+0x123/0x350
[  123.891395][ T6790]  ? __pfx_do_futex+0x10/0x10
[  123.896107][ T6790]  ? __x64_sys_futex+0x1e1/0x4c0
[  123.901078][ T6790]  ? __x64_sys_futex+0x1ea/0x4c0
[  123.906054][ T6790]  ksys_write+0x12b/0x250
[  123.910423][ T6790]  ? __pfx_ksys_write+0x10/0x10
[  123.915311][ T6790]  do_syscall_64+0xcd/0x250
[  123.919858][ T6790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.925796][ T6790] RIP: 0033:0x7f7fb298d169
[  123.930242][ T6790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.949879][ T6790] RSP: 002b:00007ffcd882ac98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  123.958317][ T6790] RAX: ffffffffffffffda RBX: 00007f7fb2ba5fa0 RCX: 00007f7fb298d169
[  123.966307][ T6790] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  123.974297][ T6790] RBP: 00007f7fb2a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  123.982288][ T6790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.990305][ T6790] R13: 00007f7fb2ba5fa0 R14: 00007f7fb2ba5fa0 R15: 0000000000000003
[  123.998314][ T6790]  </TASK>
[  124.001646][ T6790] Kernel Offset: disabled
[  124.005989][ T6790] Rebooting in 86400 seconds..