Warning: Permanently added '10.128.0.151' (ED25519) to the list of known hosts.
2024/11/25 01:20:28 ignoring optional flag "sandboxArg"="0"
2024/11/25 01:20:29 parsed 1 programs
[   74.698118][ T4249] cgroup: Unknown subsys name 'net'
[   74.860095][ T4249] cgroup: Unknown subsys name 'rlimit'
[   76.359530][ T4249] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   80.015602][ T4311] chnl_net:caif_netlink_parms(): no params data found
[   80.091334][ T4311] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.099530][ T4311] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.107644][ T4311] device bridge_slave_0 entered promiscuous mode
[   80.116965][ T4311] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.124192][ T4311] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.132179][ T4311] device bridge_slave_1 entered promiscuous mode
[   80.155772][ T4311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.166743][ T4311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.194357][ T4311] team0: Port device team_slave_0 added
[   80.202152][ T4311] team0: Port device team_slave_1 added
[   80.223336][ T4311] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.230291][ T4311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.256330][ T4311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.277099][ T4311] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.284174][ T4311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.310225][ T4311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.351034][ T4311] device hsr_slave_0 entered promiscuous mode
[   80.358096][ T4311] device hsr_slave_1 entered promiscuous mode
[   80.473992][ T4311] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   80.485808][ T4311] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   80.495009][ T4311] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   80.504673][ T4311] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   80.538603][ T4311] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.545852][ T4311] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.553861][ T4311] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.561025][ T4311] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.620458][ T4311] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.633646][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   80.647046][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.655506][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.665243][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   80.692193][ T4311] 8021q: adding VLAN 0 to HW filter on device team0
[   80.706688][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   80.715227][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.722684][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.744957][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   80.755043][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.762170][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.778578][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   80.787810][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   80.800851][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   80.816266][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   80.835629][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   80.846698][ T4311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   81.019858][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   81.028394][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   81.041816][ T4311] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.060641][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   81.070333][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   81.090245][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   81.099609][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   81.109043][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   81.117084][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   81.127768][ T4311] device veth0_vlan entered promiscuous mode
[   81.141800][ T4311] device veth1_vlan entered promiscuous mode
[   81.162888][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   81.171269][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   81.180126][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   81.189132][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   81.199835][ T4311] device veth0_macvtap entered promiscuous mode
[   81.210287][ T4311] device veth1_macvtap entered promiscuous mode
[   81.226575][ T4311] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.234868][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   81.243370][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   81.251824][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   81.261021][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   81.272935][ T4311] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.281693][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   81.291012][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   81.303835][ T4311] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.312683][ T4311] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.321903][ T4311] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.331131][ T4311] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.449035][ T4330] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   81.465649][ T4330] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   81.473863][ T4330] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   81.482244][ T4330] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   81.491024][ T4330] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   81.498591][ T4330] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   81.523570][   T75] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.802289][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.813645][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.827574][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   81.850436][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.861611][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.872890][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2024/11/25 01:20:39 executed programs: 0
[   82.016178][ T4330] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   82.024775][ T4330] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   82.032427][ T4330] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   82.040772][ T4330] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   82.048767][ T4330] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   82.056494][ T4330] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   82.191295][ T4341] chnl_net:caif_netlink_parms(): no params data found
[   82.245291][ T4341] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.252444][ T4341] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.261057][ T4341] device bridge_slave_0 entered promiscuous mode
[   82.274891][ T4341] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.282050][ T4341] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.290111][ T4341] device bridge_slave_1 entered promiscuous mode
[   82.314155][ T4341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.326370][ T4341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.357068][ T4341] team0: Port device team_slave_0 added
[   82.365365][ T4341] team0: Port device team_slave_1 added
[   82.385725][ T4341] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.392697][ T4341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.419018][ T4341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.436103][ T4341] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.443157][ T4341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.469204][ T4341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.508095][ T4341] device hsr_slave_0 entered promiscuous mode
[   82.514891][ T4341] device hsr_slave_1 entered promiscuous mode
[   82.521533][ T4341] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.529753][ T4341] Cannot create hsr debugfs directory
[   84.093922][ T4330] Bluetooth: hci0: command 0x0409 tx timeout
[   84.135895][   T75] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.173179][   T47] Bluetooth: hci0: command 0x041b tx timeout
[   86.253197][   T75] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.316017][   T75] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.585468][   T41] cfg80211: failed to load regulatory.db
[   87.113914][   T75] device hsr_slave_0 left promiscuous mode
[   87.122488][   T75] device hsr_slave_1 left promiscuous mode
[   87.132948][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.140948][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.154294][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.161742][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[   87.172459][   T75] device bridge_slave_1 left promiscuous mode
[   87.180005][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.195728][   T75] device bridge_slave_0 left promiscuous mode
[   87.202021][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.236107][   T75] device veth1_macvtap left promiscuous mode
[   87.242544][   T75] device veth0_macvtap left promiscuous mode
[   87.251552][   T75] device veth1_vlan left promiscuous mode
[   87.258422][   T75] device veth0_vlan left promiscuous mode
[   87.584109][   T75] team0 (unregistering): Port device team_slave_1 removed
[   87.611752][   T75] team0 (unregistering): Port device team_slave_0 removed
[   87.640202][   T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   87.669733][   T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   87.921533][   T75] bond0 (unregistering): Released all slaves
[   87.991267][ T4341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.001703][ T4341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.013773][ T4341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.028513][ T4341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.097189][ T4341] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.119103][ T4341] 8021q: adding VLAN 0 to HW filter on device team0
[   88.126196][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   88.134987][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   88.146186][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   88.155659][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   88.164508][ T4337] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.171628][ T4337] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.182534][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   88.192808][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   88.202818][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   88.215772][ T4337] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.222870][ T4337] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.235959][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   88.249840][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   88.257857][ T4330] Bluetooth: hci0: command 0x040f tx timeout
[   88.274367][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   88.285745][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   88.294441][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   88.303999][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   88.312473][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   88.321377][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   88.331970][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   88.343063][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   88.352530][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   88.365944][ T4341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   88.536849][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   88.546236][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   88.559691][ T4341] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.578584][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   88.587342][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   88.606165][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   88.615263][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   88.629797][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   88.637753][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   88.647402][ T4341] device veth0_vlan entered promiscuous mode
[   88.658850][ T4341] device veth1_vlan entered promiscuous mode
[   88.685351][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   88.693924][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   88.701937][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   88.711289][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   88.721198][ T4341] device veth0_macvtap entered promiscuous mode
[   88.736490][ T4341] device veth1_macvtap entered promiscuous mode
[   88.752618][ T4341] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.760291][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   88.769440][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   88.778058][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   88.787156][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   88.803919][ T4341] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.811543][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   88.820568][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   88.832443][ T4341] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.841555][ T4341] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.850398][ T4341] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.859946][ T4341] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.915968][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.927239][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.940138][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   88.959343][ T4337] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.967519][ T4337] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.982002][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   89.032230][ T4385] loop0: detected capacity change from 0 to 128
[   89.051601][ T4385] VFS: Found a Xenix FS (block size = 1024) on device loop0
[   89.063678][ T4385] syz.0.15: attempt to access beyond end of device
[   89.063678][ T4385] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128
[   89.078157][ T4385] Buffer I/O error on dev loop0, logical block 3245768, async page read
[   89.087935][ T4385] ==================================================================
[   89.096014][ T4385] BUG: KASAN: use-after-free in sysv_new_inode+0x107e/0x1210
[   89.103420][ T4385] Read of size 2 at addr ffff88806ab271ce by task syz.0.15/4385
[   89.111054][ T4385] 
[   89.113398][ T4385] CPU: 1 PID: 4385 Comm: syz.0.15 Not tainted 6.1.119-syzkaller #0
[   89.121295][ T4385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.131342][ T4385] Call Trace:
[   89.134641][ T4385]  <TASK>
[   89.137580][ T4385]  dump_stack_lvl+0x1e3/0x2cb
[   89.142256][ T4385]  ? nf_tcp_handle_invalid+0x642/0x642
[   89.147709][ T4385]  ? panic+0x764/0x764
[   89.151776][ T4385]  ? _printk+0xd1/0x111
[   89.155933][ T4385]  ? __virt_addr_valid+0x17f/0x530
[   89.161043][ T4385]  ? __virt_addr_valid+0x17f/0x530
[   89.166153][ T4385]  print_report+0x15f/0x4f0
[   89.170649][ T4385]  ? __virt_addr_valid+0x17f/0x530
[   89.175771][ T4385]  ? __virt_addr_valid+0x17f/0x530
[   89.180923][ T4385]  ? __virt_addr_valid+0x45b/0x530
[   89.186062][ T4385]  ? __phys_addr+0xb6/0x170
[   89.190566][ T4385]  ? sysv_new_inode+0x107e/0x1210
[   89.195588][ T4385]  kasan_report+0x136/0x160
[   89.200094][ T4385]  ? sysv_new_inode+0x107e/0x1210
[   89.205120][ T4385]  sysv_new_inode+0x107e/0x1210
[   89.209974][ T4385]  ? mark_lock+0x9a/0x340
[   89.214319][ T4385]  ? sysv_free_inode+0x840/0x840
[   89.219307][ T4385]  ? _raw_spin_unlock_irq+0x1f/0x40
[   89.224512][ T4385]  ? lockdep_hardirqs_on+0x94/0x130
[   89.229710][ T4385]  sysv_mkdir+0x3a/0x120
[   89.233969][ T4385]  vfs_mkdir+0x3b6/0x590
[   89.238236][ T4385]  do_mkdirat+0x225/0x360
[   89.242573][ T4385]  ? vfs_mkdir+0x590/0x590
[   89.247025][ T4385]  ? getname_flags+0x1f9/0x4f0
[   89.251791][ T4385]  __x64_sys_mkdirat+0x85/0x90
[   89.256580][ T4385]  do_syscall_64+0x3b/0xb0
[   89.260993][ T4385]  ? clear_bhb_loop+0x45/0xa0
[   89.265671][ T4385]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   89.271565][ T4385] RIP: 0033:0x7f7083f7e819
[   89.276001][ T4385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.295627][ T4385] RSP: 002b:00007ffcf0176158 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   89.304059][ T4385] RAX: ffffffffffffffda RBX: 00007f7084135fa0 RCX: 00007f7083f7e819
[   89.312026][ T4385] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c
[   89.319997][ T4385] RBP: 00007f7083ff175e R08: 0000000000000000 R09: 0000000000000000
[   89.327979][ T4385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   89.335945][ T4385] R13: 00007f7084135fa0 R14: 00007f7084135fa0 R15: 0000000000000acd
[   89.343920][ T4385]  </TASK>
[   89.346930][ T4385] 
[   89.349264][ T4385] The buggy address belongs to the physical page:
[   89.355673][ T4385] page:ffffea0001aac9c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6ab27
[   89.365843][ T4385] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.372994][ T4385] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[   89.381601][ T4385] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   89.390192][ T4385] page dumped because: kasan: bad access detected
[   89.396607][ T4385] page_owner tracks the page as freed
[   89.402049][ T4385] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 4309, tgid 4309 (syz-executor), ts 79704166760, free_ts 79807718808
[   89.419760][ T4385]  post_alloc_hook+0x18d/0x1b0
[   89.424524][ T4385]  get_page_from_freelist+0x3731/0x38d0
[   89.430062][ T4385]  __alloc_pages+0x28d/0x770
[   89.434646][ T4385]  __folio_alloc+0xf/0x30
[   89.438967][ T4385]  vma_alloc_folio+0x486/0x990
[   89.443719][ T4385]  handle_mm_fault+0x210c/0x5340
[   89.448651][ T4385]  exc_page_fault+0x26f/0x620
[   89.453347][ T4385]  asm_exc_page_fault+0x22/0x30
[   89.458231][ T4385] page last free stack trace:
[   89.462904][ T4385]  free_unref_page_prepare+0xf63/0x1120
[   89.468447][ T4385]  free_unref_page_list+0x663/0x900
[   89.473651][ T4385]  release_pages+0x2836/0x2b40
[   89.478449][ T4385]  tlb_flush_mmu+0xfc/0x210
[   89.482950][ T4385]  tlb_finish_mmu+0xce/0x1f0
[   89.487537][ T4385]  exit_mmap+0x3b3/0x980
[   89.491786][ T4385]  __mmput+0x115/0x3c0
[   89.495853][ T4385]  exit_mm+0x226/0x300
[   89.499937][ T4385]  do_exit+0x9f6/0x26a0
[   89.504101][ T4385]  do_group_exit+0x202/0x2b0
[   89.508700][ T4385]  __x64_sys_exit_group+0x3b/0x40
[   89.513739][ T4385]  do_syscall_64+0x3b/0xb0
[   89.518167][ T4385]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   89.524071][ T4385] 
[   89.526389][ T4385] Memory state around the buggy address:
[   89.532007][ T4385]  ffff88806ab27080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   89.540072][ T4385]  ffff88806ab27100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   89.548139][ T4385] >ffff88806ab27180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   89.556195][ T4385]                                               ^
[   89.562612][ T4385]  ffff88806ab27200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   89.570678][ T4385]  ffff88806ab27280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   89.578751][ T4385] ==================================================================
[   89.594752][ T4385] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   89.601985][ T4385] CPU: 1 PID: 4385 Comm: syz.0.15 Not tainted 6.1.119-syzkaller #0
[   89.609894][ T4385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.619951][ T4385] Call Trace:
[   89.623233][ T4385]  <TASK>
[   89.626163][ T4385]  dump_stack_lvl+0x1e3/0x2cb
[   89.630873][ T4385]  ? nf_tcp_handle_invalid+0x642/0x642
[   89.636337][ T4385]  ? panic+0x764/0x764
[   89.640418][ T4385]  ? preempt_schedule_common+0xa6/0xd0
[   89.645880][ T4385]  ? vscnprintf+0x59/0x80
[   89.650214][ T4385]  panic+0x318/0x764
[   89.654113][ T4385]  ? check_panic_on_warn+0x1d/0xa0
[   89.659230][ T4385]  ? memcpy_page_flushcache+0xfc/0xfc
[   89.664607][ T4385]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   89.670620][ T4385]  ? _raw_spin_unlock+0x40/0x40
[   89.675476][ T4385]  ? print_report+0x4a3/0x4f0
[   89.680157][ T4385]  check_panic_on_warn+0x7e/0xa0
[   89.685098][ T4385]  ? sysv_new_inode+0x107e/0x1210
[   89.690131][ T4385]  end_report+0x66/0x110
[   89.694384][ T4385]  kasan_report+0x143/0x160
[   89.698913][ T4385]  ? sysv_new_inode+0x107e/0x1210
[   89.703960][ T4385]  sysv_new_inode+0x107e/0x1210
[   89.708840][ T4385]  ? mark_lock+0x9a/0x340
[   89.713190][ T4385]  ? sysv_free_inode+0x840/0x840
[   89.718159][ T4385]  ? _raw_spin_unlock_irq+0x1f/0x40
[   89.723393][ T4385]  ? lockdep_hardirqs_on+0x94/0x130
[   89.728622][ T4385]  sysv_mkdir+0x3a/0x120
[   89.732910][ T4385]  vfs_mkdir+0x3b6/0x590
[   89.737167][ T4385]  do_mkdirat+0x225/0x360
[   89.741510][ T4385]  ? vfs_mkdir+0x590/0x590
[   89.745959][ T4385]  ? getname_flags+0x1f9/0x4f0
[   89.750732][ T4385]  __x64_sys_mkdirat+0x85/0x90
[   89.755517][ T4385]  do_syscall_64+0x3b/0xb0
[   89.759940][ T4385]  ? clear_bhb_loop+0x45/0xa0
[   89.764621][ T4385]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   89.770541][ T4385] RIP: 0033:0x7f7083f7e819
[   89.774977][ T4385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.794588][ T4385] RSP: 002b:00007ffcf0176158 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   89.803005][ T4385] RAX: ffffffffffffffda RBX: 00007f7084135fa0 RCX: 00007f7083f7e819
[   89.810981][ T4385] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c
[   89.818961][ T4385] RBP: 00007f7083ff175e R08: 0000000000000000 R09: 0000000000000000
[   89.826929][ T4385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   89.834896][ T4385] R13: 00007f7084135fa0 R14: 00007f7084135fa0 R15: 0000000000000acd
[   89.842874][ T4385]  </TASK>
[   89.846216][ T4385] Kernel Offset: disabled
[   89.850540][ T4385] Rebooting in 86400 seconds..