Warning: Permanently added '10.128.1.63' (ED25519) to the list of known hosts.
2024/12/12 00:08:16 ignoring optional flag "sandboxArg"="0"
2024/12/12 00:08:16 parsed 1 programs
[ 76.450331][ T41] cfg80211: failed to load regulatory.db
[ 77.197572][ T4246] cgroup: Unknown subsys name 'net'
[ 77.333393][ T4246] cgroup: Unknown subsys name 'rlimit'
[ 78.545270][ T4246] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 80.083435][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.097120][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.107490][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 80.121471][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.129491][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.137956][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 80.718104][ T4275] chnl_net:caif_netlink_parms(): no params data found
[ 80.813487][ T4275] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.821857][ T4275] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.830330][ T4275] device bridge_slave_0 entered promiscuous mode
[ 80.839636][ T4275] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.846778][ T4275] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.854780][ T4275] device bridge_slave_1 entered promiscuous mode
[ 80.875594][ T4275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 80.886291][ T4275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 80.908036][ T4275] team0: Port device team_slave_0 added
[ 80.915108][ T4275] team0: Port device team_slave_1 added
[ 80.932711][ T4275] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.939822][ T4275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.965746][ T4275] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 80.978440][ T4275] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 80.985534][ T4275] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.011572][ T4275] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 81.040326][ T4275] device hsr_slave_0 entered promiscuous mode
[ 81.046948][ T4275] device hsr_slave_1 entered promiscuous mode
[ 81.156073][ T4275] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 81.179566][ T4275] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 81.188923][ T4275] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 81.198136][ T4275] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 81.268065][ T4275] 8021q: adding VLAN 0 to HW filter on device bond0
[ 81.281820][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 81.290795][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 81.310487][ T4275] 8021q: adding VLAN 0 to HW filter on device team0
[ 81.320649][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 81.330283][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 81.339834][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.347151][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 81.356205][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 81.377733][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 81.387060][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 81.396315][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.403556][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 81.415504][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 81.431981][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 81.445876][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 81.455488][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 81.464286][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 81.482753][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 81.492659][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 81.503348][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 81.512447][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 81.556374][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 81.565099][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 81.575400][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 81.703150][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 81.713155][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 81.741199][ T4275] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 81.757319][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 81.766647][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 81.789845][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 81.798583][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 81.807111][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 81.815356][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 81.831059][ T4275] device veth0_vlan entered promiscuous mode
[ 81.844989][ T4275] device veth1_vlan entered promiscuous mode
[ 81.870825][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 81.880200][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 81.889911][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 81.900832][ T4275] device veth0_macvtap entered promiscuous mode
[ 81.911358][ T4275] device veth1_macvtap entered promiscuous mode
[ 81.931174][ T4275] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 81.940474][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 81.949471][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 81.958075][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 81.980487][ T4275] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 81.987868][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 81.999262][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 82.010198][ T4275] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.019804][ T4275] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.029650][ T4275] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.038669][ T4275] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.144136][ T4275] syz-executor (4275) used greatest stack depth: 19576 bytes left
[ 82.160026][ T32] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 82.673999][ T4310] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 82.683201][ T4310] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 82.692313][ T4310] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 82.701258][ T4310] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 82.709908][ T4310] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 82.717139][ T4310] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/12/12 00:08:24 executed programs: 0
[ 83.355508][ T4310] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 83.364382][ T4310] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 83.372420][ T4310] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 83.381093][ T4310] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 83.389296][ T4310] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 83.396816][ T4310] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 83.492632][ T4328] chnl_net:caif_netlink_parms(): no params data found
[ 83.532651][ T4328] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.540768][ T4328] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.548691][ T4328] device bridge_slave_0 entered promiscuous mode
[ 83.556991][ T4328] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.564218][ T4328] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.572166][ T4328] device bridge_slave_1 entered promiscuous mode
[ 83.593374][ T4328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 83.604127][ T4328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 83.626496][ T4328] team0: Port device team_slave_0 added
[ 83.634378][ T4328] team0: Port device team_slave_1 added
[ 83.652412][ T4328] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 83.659704][ T4328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 83.686017][ T4328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 83.698454][ T4328] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 83.705423][ T4328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 83.731988][ T4328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 83.762501][ T4328] device hsr_slave_0 entered promiscuous mode
[ 83.769300][ T4328] device hsr_slave_1 entered promiscuous mode
[ 83.776251][ T4328] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 83.784354][ T4328] Cannot create hsr debugfs directory
[ 84.527851][ T32] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 85.488915][ T48] Bluetooth: hci0: command 0x0409 tx timeout
[ 86.858118][ T32] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 86.928867][ T32] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 87.568913][ T4310] Bluetooth: hci0: command 0x041b tx timeout
[ 87.725115][ T4328] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 87.738880][ T32] device hsr_slave_0 left promiscuous mode
[ 87.745545][ T32] device hsr_slave_1 left promiscuous mode
[ 87.752880][ T32] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 87.760693][ T32] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 87.768997][ T32] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 87.776386][ T32] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 87.784104][ T32] device bridge_slave_1 left promiscuous mode
[ 87.791244][ T32] bridge0: port 2(bridge_slave_1) entered disabled state
[ 87.801731][ T32] device bridge_slave_0 left promiscuous mode
[ 87.808018][ T32] bridge0: port 1(bridge_slave_0) entered disabled state
[ 87.826139][ T32] device veth1_macvtap left promiscuous mode
[ 87.832536][ T32] device veth0_macvtap left promiscuous mode
[ 87.838750][ T32] device veth1_vlan left promiscuous mode
[ 87.844663][ T32] device veth0_vlan left promiscuous mode
[ 88.112608][ T32] team0 (unregistering): Port device team_slave_1 removed
[ 88.138643][ T32] team0 (unregistering): Port device team_slave_0 removed
[ 88.164262][ T32] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 88.191054][ T32] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 88.415863][ T32] bond0 (unregistering): Released all slaves
[ 88.475617][ T4328] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 88.485355][ T4328] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 88.494190][ T4328] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 88.557033][ T4328] 8021q: adding VLAN 0 to HW filter on device bond0
[ 88.571199][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 88.580271][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 88.601999][ T4328] 8021q: adding VLAN 0 to HW filter on device team0
[ 88.611868][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 88.620776][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 88.630271][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.637328][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 88.646001][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 88.662878][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 88.672718][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 88.683472][ T46] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.690606][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 88.700892][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 88.712089][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 88.723356][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 88.734376][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 88.744171][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 88.754832][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 88.764357][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 88.789171][ T4328] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 88.800352][ T4328] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 88.812841][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 88.821653][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 88.830752][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 88.839390][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 88.847566][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 89.000458][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 89.008085][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 89.019796][ T4328] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 89.039753][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 89.050009][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 89.078268][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 89.087528][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 89.096766][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 89.107183][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 89.119003][ T4328] device veth0_vlan entered promiscuous mode
[ 89.135717][ T4328] device veth1_vlan entered promiscuous mode
[ 89.164279][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 89.172729][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 89.181399][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 89.190510][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 89.201704][ T4328] device veth0_macvtap entered promiscuous mode
[ 89.210883][ T4328] device veth1_macvtap entered promiscuous mode
[ 89.224795][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.233285][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 89.241737][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 89.250672][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 89.260242][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 89.271251][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.295966][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 89.304635][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 89.314572][ T4328] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.323349][ T4328] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.333503][ T4328] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.342429][ T4328] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.396629][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.407717][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.435768][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 89.447131][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.455937][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.465654][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 89.522835][ T4375] loop0: detected capacity change from 0 to 128
[ 89.545049][ T4375] VFS: Found a Xenix FS (block size = 1024) on device loop0
[ 89.561784][ T4375] syz.0.15: attempt to access beyond end of device
[ 89.561784][ T4375] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128
[ 89.576889][ T4375] Buffer I/O error on dev loop0, logical block 3245768, async page read
[ 89.586857][ T4375] ==================================================================
[ 89.594957][ T4375] BUG: KASAN: use-after-free in sysv_new_inode+0x107e/0x1210
[ 89.602325][ T4375] Read of size 2 at addr ffff888069fb41ce by task syz.0.15/4375
[ 89.609956][ T4375]
[ 89.612276][ T4375] CPU: 1 PID: 4375 Comm: syz.0.15 Not tainted 6.1.119-syzkaller #0
[ 89.620181][ T4375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 89.630318][ T4375] Call Trace:
[ 89.633607][ T4375]
[ 89.636522][ T4375] dump_stack_lvl+0x1e3/0x2cb
[ 89.641200][ T4375] ? nf_tcp_handle_invalid+0x642/0x642
[ 89.646655][ T4375] ? panic+0x764/0x764
[ 89.650712][ T4375] ? _printk+0xd1/0x111
[ 89.654856][ T4375] ? __virt_addr_valid+0x17f/0x530
[ 89.659962][ T4375] ? __virt_addr_valid+0x17f/0x530
[ 89.665065][ T4375] print_report+0x15f/0x4f0
[ 89.669559][ T4375] ? __virt_addr_valid+0x17f/0x530
[ 89.674656][ T4375] ? __virt_addr_valid+0x17f/0x530
[ 89.679758][ T4375] ? __virt_addr_valid+0x45b/0x530
[ 89.684858][ T4375] ? __phys_addr+0xb6/0x170
[ 89.689355][ T4375] ? sysv_new_inode+0x107e/0x1210
[ 89.694371][ T4375] kasan_report+0x136/0x160
[ 89.698859][ T4375] ? sysv_new_inode+0x107e/0x1210
[ 89.703873][ T4375] sysv_new_inode+0x107e/0x1210
[ 89.708714][ T4375] ? from_kgid+0x1a3/0x730
[ 89.713122][ T4375] ? make_kgid+0x6f0/0x6f0
[ 89.717526][ T4375] ? sysv_free_inode+0x840/0x840
[ 89.722457][ T4375] ? generic_permission+0x27c/0x4f0
[ 89.727667][ T4375] sysv_symlink+0x9b/0x180
[ 89.732092][ T4375] vfs_symlink+0x247/0x3d0
[ 89.736512][ T4375] do_symlinkat+0x21e/0x390
[ 89.741012][ T4375] ? __check_object_size+0x4dd/0xa30
[ 89.746290][ T4375] ? vfs_symlink+0x3d0/0x3d0
[ 89.750871][ T4375] ? getname_flags+0x1f9/0x4f0
[ 89.755619][ T4375] ? lockdep_hardirqs_on+0x94/0x130
[ 89.760803][ T4375] __x64_sys_symlink+0x7a/0x90
[ 89.765591][ T4375] do_syscall_64+0x3b/0xb0
[ 89.769998][ T4375] ? clear_bhb_loop+0x45/0xa0
[ 89.774664][ T4375] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 89.780549][ T4375] RIP: 0033:0x7fe51737ff19
[ 89.784965][ T4375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 89.804561][ T4375] RSP: 002b:00007fe51822e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 89.812961][ T4375] RAX: ffffffffffffffda RBX: 00007fe517545fa0 RCX: 00007fe51737ff19
[ 89.820917][ T4375] RDX: 0000000000000000 RSI: 00000000200059c0 RDI: 00000000200049c0
[ 89.828875][ T4375] RBP: 00007fe5173f3cc8 R08: 0000000000000000 R09: 0000000000000000
[ 89.836834][ T4375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 89.844793][ T4375] R13: 0000000000000000 R14: 00007fe517545fa0 R15: 00007ffea7be32e8
[ 89.852758][ T4375]
[ 89.855763][ T4375]
[ 89.858069][ T4375] The buggy address belongs to the physical page:
[ 89.864471][ T4375] page:ffffea0001a7ed00 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1 pfn:0x69fb4
[ 89.874868][ T4375] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.881975][ T4375] raw: 00fff00000000000 ffffea0001ac0708 ffffea0001a7ef08 0000000000000000
[ 89.890540][ T4375] raw: 0000000000000001 0000000000000002 00000000ffffff7f 0000000000000000
[ 89.899103][ T4375] page dumped because: kasan: bad access detected
[ 89.905502][ T4375] page_owner tracks the page as freed
[ 89.910846][ T4375] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 4348, tgid 4348 (rm), ts 87325667295, free_ts 87332022371
[ 89.928644][ T4375] post_alloc_hook+0x18d/0x1b0
[ 89.933420][ T4375] get_page_from_freelist+0x3731/0x38d0
[ 89.938951][ T4375] __alloc_pages+0x28d/0x770
[ 89.943544][ T4375] __folio_alloc+0xf/0x30
[ 89.947875][ T4375] vma_alloc_folio+0x486/0x990
[ 89.952634][ T4375] handle_mm_fault+0x2e8e/0x5340
[ 89.957570][ T4375] exc_page_fault+0x26f/0x620
[ 89.962233][ T4375] asm_exc_page_fault+0x22/0x30
[ 89.967076][ T4375] page last free stack trace:
[ 89.971727][ T4375] free_unref_page_prepare+0xf63/0x1120
[ 89.977259][ T4375] free_unref_page_list+0x663/0x900
[ 89.982457][ T4375] release_pages+0x2836/0x2b40
[ 89.987206][ T4375] tlb_flush_mmu+0xfc/0x210
[ 89.991696][ T4375] tlb_finish_mmu+0xce/0x1f0
[ 89.996271][ T4375] exit_mmap+0x3b3/0x980
[ 90.000501][ T4375] __mmput+0x115/0x3c0
[ 90.004552][ T4375] exit_mm+0x226/0x300
[ 90.008606][ T4375] do_exit+0x9f6/0x26a0
[ 90.012835][ T4375] do_group_exit+0x202/0x2b0
[ 90.017412][ T4375] __x64_sys_exit_group+0x3b/0x40
[ 90.022422][ T4375] do_syscall_64+0x3b/0xb0
[ 90.026826][ T4375] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 90.032723][ T4375]
[ 90.035028][ T4375] Memory state around the buggy address:
[ 90.040640][ T4375] ffff888069fb4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 90.048701][ T4375] ffff888069fb4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 90.056758][ T4375] >ffff888069fb4180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 90.064805][ T4375] ^
[ 90.071202][ T4375] ffff888069fb4200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 90.079245][ T4375] ffff888069fb4280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 90.087290][ T4375] ==================================================================
[ 90.108541][ T4310] Bluetooth: hci0: command 0x040f tx timeout
[ 90.113092][ T4375] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 90.113106][ T4375] CPU: 0 PID: 4375 Comm: syz.0.15 Not tainted 6.1.119-syzkaller #0
[ 90.113123][ T4375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 90.113131][ T4375] Call Trace:
[ 90.113136][ T4375]
[ 90.113142][ T4375] dump_stack_lvl+0x1e3/0x2cb
[ 90.113169][ T4375] ? nf_tcp_handle_invalid+0x642/0x642
[ 90.113190][ T4375] ? panic+0x764/0x764
[ 90.113204][ T4375] ? preempt_schedule_common+0xa6/0xd0
[ 90.113221][ T4375] ? vscnprintf+0x59/0x80
[ 90.113238][ T4375] panic+0x318/0x764
[ 90.113254][ T4375] ? check_panic_on_warn+0x1d/0xa0
[ 90.113271][ T4375] ? memcpy_page_flushcache+0xfc/0xfc
[ 90.113288][ T4375] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 90.113308][ T4375] ? _raw_spin_unlock+0x40/0x40
[ 90.113325][ T4375] ? print_report+0x4a3/0x4f0
[ 90.113343][ T4375] check_panic_on_warn+0x7e/0xa0
[ 90.113360][ T4375] ? sysv_new_inode+0x107e/0x1210
[ 90.113378][ T4375] end_report+0x66/0x110
[ 90.113393][ T4375] kasan_report+0x143/0x160
[ 90.113408][ T4375] ? sysv_new_inode+0x107e/0x1210
[ 90.113428][ T4375] sysv_new_inode+0x107e/0x1210
[ 90.113449][ T4375] ? from_kgid+0x1a3/0x730
[ 90.113469][ T4375] ? make_kgid+0x6f0/0x6f0
[ 90.113487][ T4375] ? sysv_free_inode+0x840/0x840
[ 90.113509][ T4375] ? generic_permission+0x27c/0x4f0
[ 90.113529][ T4375] sysv_symlink+0x9b/0x180
[ 90.113549][ T4375] vfs_symlink+0x247/0x3d0
[ 90.113570][ T4375] do_symlinkat+0x21e/0x390
[ 90.113589][ T4375] ? __check_object_size+0x4dd/0xa30
[ 90.113609][ T4375] ? vfs_symlink+0x3d0/0x3d0
[ 90.113628][ T4375] ? getname_flags+0x1f9/0x4f0
[ 90.113645][ T4375] ? lockdep_hardirqs_on+0x94/0x130
[ 90.113661][ T4375] __x64_sys_symlink+0x7a/0x90
[ 90.113680][ T4375] do_syscall_64+0x3b/0xb0
[ 90.113699][ T4375] ? clear_bhb_loop+0x45/0xa0
[ 90.113720][ T4375] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 90.113740][ T4375] RIP: 0033:0x7fe51737ff19
[ 90.113754][ T4375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 90.113766][ T4375] RSP: 002b:00007fe51822e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 90.113784][ T4375] RAX: ffffffffffffffda RBX: 00007fe517545fa0 RCX: 00007fe51737ff19
[ 90.113796][ T4375] RDX: 0000000000000000 RSI: 00000000200059c0 RDI: 00000000200049c0
[ 90.113806][ T4375] RBP: 00007fe5173f3cc8 R08: 0000000000000000 R09: 0000000000000000
[ 90.113816][ T4375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 90.113825][ T4375] R13: 0000000000000000 R14: 00007fe517545fa0 R15: 00007ffea7be32e8
[ 90.113841][ T4375]
[ 90.114772][ T4375] Kernel Offset: disabled
[ 90.378816][ T4375] Rebooting in 86400 seconds..