Warning: Permanently added '10.128.0.107' (ED25519) to the list of known hosts.
2025/02/14 08:13:43 ignoring optional flag "sandboxArg"="0"
2025/02/14 08:13:45 parsed 1 programs
[ 260.323030][ T5857] cgroup: Unknown subsys name 'net'
[ 260.441405][ T5857] cgroup: Unknown subsys name 'cpuset'
[ 260.449679][ T5857] cgroup: Unknown subsys name 'rlimit'
[ 261.843779][ T5857] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 264.162577][ T5863] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 264.844251][ T5882] chnl_net:caif_netlink_parms(): no params data found
[ 264.927034][ T5882] bridge0: port 1(bridge_slave_0) entered blocking state
[ 264.935488][ T5882] bridge0: port 1(bridge_slave_0) entered disabled state
[ 264.942825][ T5882] bridge_slave_0: entered allmulticast mode
[ 264.949525][ T5882] bridge_slave_0: entered promiscuous mode
[ 264.960348][ T5882] bridge0: port 2(bridge_slave_1) entered blocking state
[ 264.968110][ T5882] bridge0: port 2(bridge_slave_1) entered disabled state
[ 264.975342][ T5882] bridge_slave_1: entered allmulticast mode
[ 264.982980][ T5882] bridge_slave_1: entered promiscuous mode
[ 265.010637][ T5882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 265.022213][ T5882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 265.050760][ T5882] team0: Port device team_slave_0 added
[ 265.059407][ T5882] team0: Port device team_slave_1 added
[ 265.082372][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 265.090241][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 265.116274][ T5882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 265.129880][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 265.136860][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 265.162844][ T5882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 265.197979][ T5882] hsr_slave_0: entered promiscuous mode
[ 265.204273][ T5882] hsr_slave_1: entered promiscuous mode
[ 265.294660][ T5882] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 265.304253][ T5882] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 265.313592][ T5882] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 265.322706][ T5882] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 265.347947][ T5882] bridge0: port 2(bridge_slave_1) entered blocking state
[ 265.355305][ T5882] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 265.363720][ T5882] bridge0: port 1(bridge_slave_0) entered blocking state
[ 265.370893][ T5882] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 265.422041][ T5882] 8021q: adding VLAN 0 to HW filter on device bond0
[ 265.440714][ T1154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 265.451487][ T1154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 265.466705][ T5882] 8021q: adding VLAN 0 to HW filter on device team0
[ 265.483341][ T1154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 265.490512][ T1154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 265.504141][ T1154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 265.511269][ T1154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 265.639764][ T5882] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 265.672365][ T5882] veth0_vlan: entered promiscuous mode
[ 265.682366][ T5882] veth1_vlan: entered promiscuous mode
[ 265.706217][ T5882] veth0_macvtap: entered promiscuous mode
[ 265.714809][ T5882] veth1_macvtap: entered promiscuous mode
[ 265.733691][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 265.746731][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 265.760271][ T5882] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 265.769774][ T5882] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 265.778553][ T5882] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 265.787262][ T5882] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 265.959864][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 266.049888][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 266.099248][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 266.107322][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 266.117354][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 266.133478][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 266.135362][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 266.141376][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 266.159985][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 266.214742][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 266.438939][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 266.451841][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 266.480998][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 266.490427][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/14 08:13:56 executed programs: 0
[ 268.781672][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 268.790527][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 268.800422][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 268.808933][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 268.817043][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 268.825654][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 268.939201][ T5963] chnl_net:caif_netlink_parms(): no params data found
[ 268.998222][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state
[ 269.005406][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state
[ 269.012966][ T5963] bridge_slave_0: entered allmulticast mode
[ 269.020345][ T5963] bridge_slave_0: entered promiscuous mode
[ 269.028615][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state
[ 269.035778][ T5963] bridge0: port 2(bridge_slave_1) entered disabled state
[ 269.043432][ T5963] bridge_slave_1: entered allmulticast mode
[ 269.051336][ T5963] bridge_slave_1: entered promiscuous mode
[ 269.076731][ T5963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 269.088458][ T5963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 269.115576][ T5963] team0: Port device team_slave_0 added
[ 269.124324][ T5963] team0: Port device team_slave_1 added
[ 269.144424][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 269.151831][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 269.178905][ T5963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 269.193369][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 269.200411][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 269.226338][ T5963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 269.316193][ T5963] hsr_slave_0: entered promiscuous mode
[ 269.324722][ T5963] hsr_slave_1: entered promiscuous mode
[ 269.340356][ T5963] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 269.349423][ T5963] Cannot create hsr debugfs directory
[ 269.358293][ T35] bridge_slave_1: left allmulticast mode
[ 269.364194][ T35] bridge_slave_1: left promiscuous mode
[ 269.371068][ T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 269.382485][ T35] bridge_slave_0: left allmulticast mode
[ 269.388526][ T35] bridge_slave_0: left promiscuous mode
[ 269.394338][ T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 269.640225][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 269.652595][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 269.662828][ T35] bond0 (unregistering): Released all slaves
[ 269.775480][ T35] hsr_slave_0: left promiscuous mode
[ 269.781560][ T35] hsr_slave_1: left promiscuous mode
[ 269.787944][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 269.795547][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 269.804575][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 269.812383][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 269.826371][ T35] veth1_macvtap: left promiscuous mode
[ 269.832335][ T35] veth0_macvtap: left promiscuous mode
[ 269.838095][ T35] veth1_vlan: left promiscuous mode
[ 269.843608][ T35] veth0_vlan: left promiscuous mode
[ 270.163892][ T35] team0 (unregistering): Port device team_slave_1 removed
[ 270.195823][ T35] team0 (unregistering): Port device team_slave_0 removed
[ 270.868284][ T5144] Bluetooth: hci0: command tx timeout
[ 270.877676][ T5963] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 270.892299][ T5963] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 270.908219][ T5963] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 270.922339][ T5963] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 271.345393][ T5963] 8021q: adding VLAN 0 to HW filter on device bond0
[ 271.363760][ T5963] 8021q: adding VLAN 0 to HW filter on device team0
[ 271.375603][ T67] bridge0: port 1(bridge_slave_0) entered blocking state
[ 271.383358][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 271.399122][ T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 271.406266][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 271.677819][ T5963] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 271.736538][ T5963] veth0_vlan: entered promiscuous mode
[ 271.749632][ T5963] veth1_vlan: entered promiscuous mode
[ 271.772051][ T5963] veth0_macvtap: entered promiscuous mode
[ 271.780497][ T5963] veth1_macvtap: entered promiscuous mode
[ 271.834442][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 271.855957][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 271.867269][ T5963] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 271.878859][ T5963] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 271.887846][ T5963] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 271.896566][ T5963] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 271.982133][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 271.999250][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 272.028880][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 272.036749][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 272.957467][ T5144] Bluetooth: hci0: command tx timeout
2025/02/14 08:14:01 executed programs: 30
[ 275.037580][ T5144] Bluetooth: hci0: command tx timeout
[ 277.118688][ T5144] Bluetooth: hci0: command tx timeout
2025/02/14 08:14:06 executed programs: 120
2025/02/14 08:14:11 executed programs: 232
2025/02/14 08:14:16 executed programs: 345
2025/02/14 08:14:21 executed programs: 459
2025/02/14 08:14:26 executed programs: 572
[ 300.353044][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 300.361713][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 300.370054][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 300.379791][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 300.389713][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 300.397088][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 300.518801][ T1154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 300.536984][ T6610] chnl_net:caif_netlink_parms(): no params data found
[ 300.600465][ T1154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 300.614173][ T6610] bridge0: port 1(bridge_slave_0) entered blocking state
[ 300.622056][ T6610] bridge0: port 1(bridge_slave_0) entered disabled state
[ 300.629433][ T6610] bridge_slave_0: entered allmulticast mode
[ 300.636093][ T6610] bridge_slave_0: entered promiscuous mode
[ 300.652513][ T1154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 300.665528][ T6610] bridge0: port 2(bridge_slave_1) entered blocking state
[ 300.674065][ T6610] bridge0: port 2(bridge_slave_1) entered disabled state
[ 300.681359][ T6610] bridge_slave_1: entered allmulticast mode
[ 300.688447][ T6610] bridge_slave_1: entered promiscuous mode
[ 300.723003][ T1154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 300.739893][ T6610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 300.750973][ T6610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 300.775006][ T6610] team0: Port device team_slave_0 added
[ 300.784776][ T6610] team0: Port device team_slave_1 added
[ 300.812111][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 300.819277][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 300.845284][ T6610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 300.866906][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 300.874013][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 300.900241][ T6610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 300.972032][ T1154] bridge_slave_1: left allmulticast mode
[ 300.977875][ T1154] bridge_slave_1: left promiscuous mode
[ 300.983657][ T1154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 300.993189][ T1154] bridge_slave_0: left allmulticast mode
[ 300.999288][ T1154] bridge_slave_0: left promiscuous mode
[ 301.004983][ T1154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 301.263329][ T1154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 301.275499][ T1154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 301.286773][ T1154] bond0 (unregistering): Released all slaves
[ 301.301298][ T6610] hsr_slave_0: entered promiscuous mode
[ 301.307548][ T6610] hsr_slave_1: entered promiscuous mode
[ 301.541342][ T1154] hsr_slave_0: left promiscuous mode
[ 301.552339][ T1154] hsr_slave_1: left promiscuous mode
[ 301.558717][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 301.566151][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 301.575323][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 301.584426][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 301.610052][ T1154] veth1_macvtap: left promiscuous mode
[ 301.615648][ T1154] veth0_macvtap: left promiscuous mode
[ 301.622989][ T1154] veth1_vlan: left promiscuous mode
[ 301.630875][ T1154] veth0_vlan: left promiscuous mode
[ 302.024014][ T1154] team0 (unregistering): Port device team_slave_1 removed
[ 302.055986][ T1154] team0 (unregistering): Port device team_slave_0 removed
[ 302.468509][ T5144] Bluetooth: hci1: command tx timeout
[ 302.536091][ T6610] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 302.557955][ T6610] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 302.572167][ T6610] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 302.583667][ T6610] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 302.664987][ T6610] 8021q: adding VLAN 0 to HW filter on device bond0
[ 302.690330][ T6610] 8021q: adding VLAN 0 to HW filter on device team0
[ 302.706289][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 302.713473][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 302.732776][ T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 302.739955][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 302.919287][ T6610] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 302.951128][ T6610] veth0_vlan: entered promiscuous mode
[ 302.961954][ T6610] veth1_vlan: entered promiscuous mode
[ 302.984879][ T6610] veth0_macvtap: entered promiscuous mode
[ 302.993091][ T6610] veth1_macvtap: entered promiscuous mode
[ 303.007502][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 303.020567][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 303.032274][ T6610] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 303.041519][ T6610] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 303.050608][ T6610] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 303.059536][ T6610] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 303.109045][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 303.116947][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 303.139759][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 303.148056][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 303.223668][ T6652] ==================================================================
[ 303.231793][ T6652] BUG: KASAN: slab-use-after-free in force_devcd_write+0x31f/0x350
[ 303.239696][ T6652] Read of size 8 at addr ffff88807b81e800 by task syz.0.616/6652
[ 303.247403][ T6652]
[ 303.249725][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.0.616 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0
[ 303.249741][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 303.249755][ T6652] Call Trace:
[ 303.249761][ T6652]
[ 303.249770][ T6652] dump_stack_lvl+0x116/0x1f0
[ 303.249796][ T6652] print_report+0xc3/0x620
[ 303.249814][ T6652] ? __virt_addr_valid+0x5e/0x590
[ 303.249826][ T6652] ? __phys_addr+0xc6/0x150
[ 303.249846][ T6652] kasan_report+0xd9/0x110
[ 303.249861][ T6652] ? force_devcd_write+0x31f/0x350
[ 303.249877][ T6652] ? force_devcd_write+0x31f/0x350
[ 303.249893][ T6652] force_devcd_write+0x31f/0x350
[ 303.249909][ T6652] ? __pfx_force_devcd_write+0x10/0x10
[ 303.249924][ T6652] ? __debugfs_file_get+0x1ff/0x850
[ 303.249945][ T6652] ? __pfx___debugfs_file_get+0x10/0x10
[ 303.249964][ T6652] ? rcu_is_watching+0x12/0xc0
[ 303.249983][ T6652] ? trace_lock_acquire+0x14e/0x1f0
[ 303.249996][ T6652] full_proxy_write+0x13c/0x200
[ 303.250016][ T6652] ? __pfx_full_proxy_write+0x10/0x10
[ 303.250036][ T6652] vfs_write+0x24c/0x1150
[ 303.250063][ T6652] ? __pfx_vfs_write+0x10/0x10
[ 303.250074][ T6652] ? do_futex+0x123/0x350
[ 303.250090][ T6652] ? __pfx_do_futex+0x10/0x10
[ 303.250104][ T6652] ? __x64_sys_futex+0x1e1/0x4c0
[ 303.250116][ T6652] ? __x64_sys_futex+0x1ea/0x4c0
[ 303.250129][ T6652] ksys_write+0x12b/0x250
[ 303.250140][ T6652] ? __pfx_ksys_write+0x10/0x10
[ 303.250154][ T6652] do_syscall_64+0xcd/0x250
[ 303.250166][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 303.250185][ T6652] RIP: 0033:0x7f397d18cde9
[ 303.250196][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 303.250208][ T6652] RSP: 002b:00007ffc9c4a6598 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 303.250220][ T6652] RAX: ffffffffffffffda RBX: 00007f397d3a5fa0 RCX: 00007f397d18cde9
[ 303.250228][ T6652] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[ 303.250235][ T6652] RBP: 00007f397d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 303.250243][ T6652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 303.250250][ T6652] R13: 00007f397d3a5fa0 R14: 00007f397d3a5fa0 R15: 0000000000000003
[ 303.250261][ T6652]
[ 303.250265][ T6652]
[ 303.476008][ T6652] Allocated by task 5963:
[ 303.480335][ T6652] kasan_save_stack+0x33/0x60
[ 303.485027][ T6652] kasan_save_track+0x14/0x30
[ 303.489718][ T6652] __kasan_kmalloc+0xaa/0xb0
[ 303.494319][ T6652] vhci_open+0x4c/0x430
[ 303.498474][ T6652] misc_open+0x35a/0x420
[ 303.502737][ T6652] chrdev_open+0x237/0x6a0
[ 303.507153][ T6652] do_dentry_open+0x735/0x1c40
[ 303.511912][ T6652] vfs_open+0x82/0x3f0
[ 303.515981][ T6652] path_openat+0x1e88/0x2d80
[ 303.520570][ T6652] do_filp_open+0x20c/0x470
[ 303.525068][ T6652] do_sys_openat2+0x17a/0x1e0
[ 303.529749][ T6652] __x64_sys_openat+0x175/0x210
[ 303.534619][ T6652] do_syscall_64+0xcd/0x250
[ 303.539127][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 303.545028][ T6652]
[ 303.547348][ T6652] Freed by task 5963:
[ 303.551322][ T6652] kasan_save_stack+0x33/0x60
[ 303.555996][ T6652] kasan_save_track+0x14/0x30
[ 303.560683][ T6652] kasan_save_free_info+0x3b/0x60
[ 303.565708][ T6652] __kasan_slab_free+0x51/0x70
[ 303.570468][ T6652] kfree+0x2c4/0x4d0
[ 303.574356][ T6652] vhci_release+0xbb/0xf0
[ 303.578680][ T6652] __fput+0x3ff/0xb70
[ 303.582662][ T6652] task_work_run+0x14e/0x250
[ 303.587250][ T6652] do_exit+0xad8/0x2d70
[ 303.591399][ T6652] do_group_exit+0xd3/0x2a0
[ 303.595894][ T6652] get_signal+0x2576/0x2610
[ 303.600398][ T6652] arch_do_signal_or_restart+0x90/0x7e0
[ 303.605938][ T6652] syscall_exit_to_user_mode+0x150/0x2a0
[ 303.611574][ T6652] do_syscall_64+0xda/0x250
[ 303.616077][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 303.621982][ T6652]
[ 303.624299][ T6652] The buggy address belongs to the object at ffff88807b81e800
[ 303.624299][ T6652] which belongs to the cache kmalloc-1k of size 1024
[ 303.638355][ T6652] The buggy address is located 0 bytes inside of
[ 303.638355][ T6652] freed 1024-byte region [ffff88807b81e800, ffff88807b81ec00)
[ 303.652065][ T6652]
[ 303.654380][ T6652] The buggy address belongs to the physical page:
[ 303.660791][ T6652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b818
[ 303.669547][ T6652] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 303.678036][ T6652] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 303.686019][ T6652] page_type: f5(slab)
[ 303.690001][ T6652] raw: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[ 303.698584][ T6652] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 303.707168][ T6652] head: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[ 303.715834][ T6652] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 303.724504][ T6652] head: 00fff00000000003 ffffea0001ee0601 ffffffffffffffff 0000000000000000
[ 303.733518][ T6652] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 303.742267][ T6652] page dumped because: kasan: bad access detected
[ 303.748682][ T6652] page_owner tracks the page as allocated
[ 303.754383][ T6652] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5958, tgid 5958 (syz-executor), ts 268416226659, free_ts 268344676388
[ 303.775917][ T6652] post_alloc_hook+0x181/0x1b0
[ 303.780686][ T6652] get_page_from_freelist+0xfce/0x2f80
[ 303.786143][ T6652] __alloc_frozen_pages_noprof+0x221/0x2470
[ 303.792037][ T6652] alloc_pages_mpol+0x1fc/0x540
[ 303.796886][ T6652] new_slab+0x23d/0x330
[ 303.801039][ T6652] ___slab_alloc+0xbfa/0x1600
[ 303.805709][ T6652] __slab_alloc.constprop.0+0x56/0xb0
[ 303.811075][ T6652] __kmalloc_cache_noprof+0xf6/0x420
[ 303.816356][ T6652] afs_alloc_call+0x51/0x640
[ 303.820944][ T6652] afs_charge_preallocation+0xff/0x330
[ 303.826403][ T6652] afs_open_socket+0x298/0x350
[ 303.831173][ T6652] afs_net_init+0x95d/0xc60
[ 303.835672][ T6652] ops_init+0x1df/0x5f0
[ 303.839829][ T6652] setup_net+0x21f/0x860
[ 303.844087][ T6652] copy_net_ns+0x2b4/0x6c0
[ 303.848500][ T6652] create_new_namespaces+0x3ea/0xad0
[ 303.853785][ T6652] page last free pid 5949 tgid 5949 stack trace:
[ 303.860100][ T6652] free_frozen_pages+0x6db/0xfb0
[ 303.865122][ T6652] vfree+0x174/0x950
[ 303.869031][ T6652] kcov_put+0x2a/0x40
[ 303.873016][ T6652] kcov_close+0xd/0x20
[ 303.877097][ T6652] __fput+0x3ff/0xb70
[ 303.881080][ T6652] task_work_run+0x14e/0x250
[ 303.885690][ T6652] do_exit+0xad8/0x2d70
[ 303.889842][ T6652] do_group_exit+0xd3/0x2a0
[ 303.894342][ T6652] get_signal+0x2576/0x2610
[ 303.898846][ T6652] arch_do_signal_or_restart+0x90/0x7e0
[ 303.904390][ T6652] syscall_exit_to_user_mode+0x150/0x2a0
[ 303.910033][ T6652] do_syscall_64+0xda/0x250
[ 303.914530][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 303.920425][ T6652]
[ 303.922741][ T6652] Memory state around the buggy address:
[ 303.928363][ T6652] ffff88807b81e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 303.936421][ T6652] ffff88807b81e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 303.944483][ T6652] >ffff88807b81e800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 303.952541][ T6652] ^
[ 303.956615][ T6652] ffff88807b81e880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 303.964673][ T6652] ffff88807b81e900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 303.972751][ T6652] ==================================================================
[ 303.985520][ T6652] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 303.992767][ T6652] CPU: 1 UID: 0 PID: 6652 Comm: syz.0.616 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0
[ 304.003379][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 304.013453][ T6652] Call Trace:
[ 304.016745][ T6652]
[ 304.019694][ T6652] dump_stack_lvl+0x3d/0x1f0
[ 304.024326][ T6652] panic+0x71d/0x800
[ 304.028243][ T6652] ? __pfx_panic+0x10/0x10
[ 304.032667][ T6652] ? preempt_schedule_thunk+0x1a/0x30
[ 304.038037][ T6652] ? preempt_schedule_common+0x44/0xc0
[ 304.043497][ T6652] ? check_panic_on_warn+0x1f/0xb0
[ 304.048614][ T6652] check_panic_on_warn+0xab/0xb0
[ 304.053539][ T6652] end_report+0x117/0x180
[ 304.057869][ T6652] kasan_report+0xe9/0x110
[ 304.062304][ T6652] ? force_devcd_write+0x31f/0x350
[ 304.067421][ T6652] ? force_devcd_write+0x31f/0x350
[ 304.072586][ T6652] force_devcd_write+0x31f/0x350
[ 304.077522][ T6652] ? __pfx_force_devcd_write+0x10/0x10
[ 304.082973][ T6652] ? __debugfs_file_get+0x1ff/0x850
[ 304.088192][ T6652] ? __pfx___debugfs_file_get+0x10/0x10
[ 304.093767][ T6652] ? rcu_is_watching+0x12/0xc0
[ 304.098537][ T6652] ? trace_lock_acquire+0x14e/0x1f0
[ 304.103727][ T6652] full_proxy_write+0x13c/0x200
[ 304.108598][ T6652] ? __pfx_full_proxy_write+0x10/0x10
[ 304.113966][ T6652] vfs_write+0x24c/0x1150
[ 304.118288][ T6652] ? __pfx_vfs_write+0x10/0x10
[ 304.123037][ T6652] ? do_futex+0x123/0x350
[ 304.127360][ T6652] ? __pfx_do_futex+0x10/0x10
[ 304.132040][ T6652] ? __x64_sys_futex+0x1e1/0x4c0
[ 304.136965][ T6652] ? __x64_sys_futex+0x1ea/0x4c0
[ 304.141889][ T6652] ksys_write+0x12b/0x250
[ 304.146203][ T6652] ? __pfx_ksys_write+0x10/0x10
[ 304.151061][ T6652] do_syscall_64+0xcd/0x250
[ 304.155561][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 304.161452][ T6652] RIP: 0033:0x7f397d18cde9
[ 304.165856][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 304.185466][ T6652] RSP: 002b:00007ffc9c4a6598 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 304.193885][ T6652] RAX: ffffffffffffffda RBX: 00007f397d3a5fa0 RCX: 00007f397d18cde9
[ 304.201860][ T6652] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[ 304.209928][ T6652] RBP: 00007f397d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 304.217888][ T6652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 304.225889][ T6652] R13: 00007f397d3a5fa0 R14: 00007f397d3a5fa0 R15: 0000000000000003
[ 304.233892][ T6652]
[ 304.237075][ T6652] Kernel Offset: disabled
[ 304.241396][ T6652] Rebooting in 86400 seconds..