Warning: Permanently added '10.128.1.55' (ED25519) to the list of known hosts.
2024/12/22 22:28:33 ignoring optional flag "sandboxArg"="0"
2024/12/22 22:28:34 parsed 1 programs
[   71.268053][ T5828] cgroup: Unknown subsys name 'net'
[   71.417303][ T5828] cgroup: Unknown subsys name 'cpuset'
[   71.425503][ T5828] cgroup: Unknown subsys name 'rlimit'
[   71.716094][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[   71.722550][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[   72.747500][ T5828] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   75.500110][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   76.648993][ T5859] chnl_net:caif_netlink_parms(): no params data found
[   76.715485][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.723216][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.730723][ T5859] bridge_slave_0: entered allmulticast mode
[   76.738228][ T5859] bridge_slave_0: entered promiscuous mode
[   76.747431][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.757097][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.764637][ T5859] bridge_slave_1: entered allmulticast mode
[   76.771371][ T5859] bridge_slave_1: entered promiscuous mode
[   76.799096][ T5859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.810813][ T5859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.848855][ T5859] team0: Port device team_slave_0 added
[   76.856928][ T5859] team0: Port device team_slave_1 added
[   76.882937][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.890385][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.916453][ T5859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.930107][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.937483][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.963587][ T5859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.004995][ T5859] hsr_slave_0: entered promiscuous mode
[   77.011524][ T5859] hsr_slave_1: entered promiscuous mode
[   77.151378][ T5859] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   77.164550][ T5859] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   77.175808][ T5859] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   77.185745][ T5859] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   77.220027][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.227334][ T5859] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.235513][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.242642][ T5859] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.304355][ T5859] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.322737][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.333151][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.352660][ T5859] 8021q: adding VLAN 0 to HW filter on device team0
[   77.369804][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.377024][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.390390][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.397512][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.514385][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.547714][ T5859] veth0_vlan: entered promiscuous mode
[   77.557775][ T5859] veth1_vlan: entered promiscuous mode
[   77.581340][ T5859] veth0_macvtap: entered promiscuous mode
[   77.590306][ T5859] veth1_macvtap: entered promiscuous mode
[   77.606808][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.618367][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.630098][ T5859] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.639246][ T5859] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.649305][ T5859] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.658141][ T5859] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.769146][ T5859] syz-executor (5859) used greatest stack depth: 17776 bytes left
[   77.801017][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.916657][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.966438][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.046058][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.352414][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.365340][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.392571][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.400903][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.917373][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   78.926621][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   78.936097][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   78.945631][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   78.953297][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   78.961037][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/12/22 22:28:44 executed programs: 0
[   79.509431][ T5144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   79.519391][ T5144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   79.528432][ T5144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   79.538301][ T5144] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   79.546374][ T5144] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   79.554440][ T5144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   79.666130][ T5924] chnl_net:caif_netlink_parms(): no params data found
[   79.709055][ T5924] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.716686][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.724179][ T5924] bridge_slave_0: entered allmulticast mode
[   79.730755][ T5924] bridge_slave_0: entered promiscuous mode
[   79.738934][ T5924] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.746218][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.753367][ T5924] bridge_slave_1: entered allmulticast mode
[   79.760396][ T5924] bridge_slave_1: entered promiscuous mode
[   79.780331][ T5924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.792583][ T5924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.819421][ T5924] team0: Port device team_slave_0 added
[   79.827813][ T5924] team0: Port device team_slave_1 added
[   79.847150][ T5924] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.854678][ T5924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.885388][ T5924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.899094][ T5924] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.906111][ T5924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.932194][ T5924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.963954][ T5924] hsr_slave_0: entered promiscuous mode
[   79.970300][ T5924] hsr_slave_1: entered promiscuous mode
[   79.976908][ T5924] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.984885][ T5924] Cannot create hsr debugfs directory
[   80.336803][   T12] bridge_slave_1: left allmulticast mode
[   80.343992][   T12] bridge_slave_1: left promiscuous mode
[   80.350597][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.369984][   T12] bridge_slave_0: left allmulticast mode
[   80.376744][   T12] bridge_slave_0: left promiscuous mode
[   80.383191][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.718852][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   80.730194][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   80.741126][   T12] bond0 (unregistering): Released all slaves
[   80.836998][   T12] hsr_slave_0: left promiscuous mode
[   80.843261][   T12] hsr_slave_1: left promiscuous mode
[   80.849573][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   80.859529][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   80.868311][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   80.878898][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.899185][   T12] veth1_macvtap: left promiscuous mode
[   80.905526][   T12] veth0_macvtap: left promiscuous mode
[   80.911146][   T12] veth1_vlan: left promiscuous mode
[   80.918578][   T12] veth0_vlan: left promiscuous mode
[   81.294984][   T12] team0 (unregistering): Port device team_slave_1 removed
[   81.325360][   T12] team0 (unregistering): Port device team_slave_0 removed
[   81.636837][   T53] Bluetooth: hci0: command tx timeout
[   81.860569][ T5924] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.871617][ T5924] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.885279][ T5924] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.905265][ T5924] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.969016][  T874] cfg80211: failed to load regulatory.db
[   82.223041][ T5924] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.242005][ T5924] 8021q: adding VLAN 0 to HW filter on device team0
[   82.259191][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.266358][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.291658][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.298898][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.344990][ T5924] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.641755][ T5924] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.718439][ T5924] veth0_vlan: entered promiscuous mode
[   82.748263][ T5924] veth1_vlan: entered promiscuous mode
[   82.818585][ T5924] veth0_macvtap: entered promiscuous mode
[   82.832827][ T5924] veth1_macvtap: entered promiscuous mode
[   82.867966][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.896664][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.936243][ T5924] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.954288][ T5924] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.963040][ T5924] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.979908][ T5924] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.115836][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.132021][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.157144][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.173202][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.239461][ T6007] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input5
[   83.714560][   T53] Bluetooth: hci0: command tx timeout
2024/12/22 22:28:49 executed programs: 46
[   85.793798][   T53] Bluetooth: hci0: command tx timeout
[   87.884160][   T53] Bluetooth: hci0: command tx timeout
2024/12/22 22:28:54 executed programs: 327
[   94.387557][ T6010] ==================================================================
[   94.395759][ T6010] BUG: KASAN: slab-use-after-free in __mutex_lock+0x7fb/0xee0
[   94.403263][ T6010] Read of size 8 at addr ffff8880122a4060 by task khidpd_7fff0008/6010
[   94.411520][ T6010] 
[   94.413867][ T6010] CPU: 0 UID: 0 PID: 6010 Comm: khidpd_7fff0008 Not tainted 6.13.0-rc3-syzkaller-00154-g30b981796b94 #0
[   94.424961][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.435012][ T6010] Call Trace:
[   94.438279][ T6010]  <TASK>
[   94.441198][ T6010]  dump_stack_lvl+0x241/0x360
[   94.445873][ T6010]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.451065][ T6010]  ? __pfx__printk+0x10/0x10
[   94.455645][ T6010]  ? _printk+0xd5/0x120
[   94.459793][ T6010]  ? __virt_addr_valid+0x183/0x530
[   94.464894][ T6010]  ? __virt_addr_valid+0x183/0x530
[   94.469992][ T6010]  print_report+0x169/0x550
[   94.474484][ T6010]  ? __virt_addr_valid+0x183/0x530
[   94.479582][ T6010]  ? __virt_addr_valid+0x183/0x530
[   94.484679][ T6010]  ? __virt_addr_valid+0x45f/0x530
[   94.489794][ T6010]  ? __phys_addr+0xba/0x170
[   94.494306][ T6010]  ? __mutex_lock+0x7fb/0xee0
[   94.498993][ T6010]  kasan_report+0x143/0x180
[   94.503504][ T6010]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   94.509401][ T6010]  ? __mutex_lock+0x7fb/0xee0
[   94.514073][ T6010]  __mutex_lock+0x7fb/0xee0
[   94.518570][ T6010]  ? __mutex_lock+0x5ef/0xee0
[   94.523242][ T6010]  ? l2cap_unregister_user+0x6a/0x1c0
[   94.528611][ T6010]  ? __pfx___mutex_lock+0x10/0x10
[   94.533631][ T6010]  ? __pfx___timer_delete_sync+0x10/0x10
[   94.539253][ T6010]  l2cap_unregister_user+0x6a/0x1c0
[   94.544460][ T6010]  hidp_session_thread+0x450/0x490
[   94.549564][ T6010]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[   94.555452][ T6010]  ? __pfx_hidp_session_thread+0x10/0x10
[   94.561072][ T6010]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   94.566957][ T6010]  ? __pfx_hidp_session_wake_function+0x10/0x10
[   94.573189][ T6010]  ? __pfx_hidp_session_wake_function+0x10/0x10
[   94.579420][ T6010]  ? __kthread_parkme+0x169/0x1d0
[   94.584435][ T6010]  ? __pfx_hidp_session_thread+0x10/0x10
[   94.590059][ T6010]  kthread+0x2f0/0x390
[   94.594119][ T6010]  ? __pfx_hidp_session_thread+0x10/0x10
[   94.599740][ T6010]  ? __pfx_kthread+0x10/0x10
[   94.604317][ T6010]  ret_from_fork+0x4b/0x80
[   94.608720][ T6010]  ? __pfx_kthread+0x10/0x10
[   94.613301][ T6010]  ret_from_fork_asm+0x1a/0x30
[   94.618079][ T6010]  </TASK>
[   94.621085][ T6010] 
[   94.623398][ T6010] Allocated by task 5924:
[   94.627708][ T6010]  kasan_save_track+0x3f/0x80
[   94.632373][ T6010]  __kasan_kmalloc+0x98/0xb0
[   94.636953][ T6010]  __kmalloc_noprof+0x285/0x4c0
[   94.641790][ T6010]  hci_alloc_dev_priv+0x27/0x2030
[   94.646806][ T6010]  vhci_create_device+0x116/0x6a0
[   94.651824][ T6010]  vhci_write+0x3cf/0x490
[   94.656142][ T6010]  vfs_write+0xaeb/0xd30
[   94.660369][ T6010]  ksys_write+0x18f/0x2b0
[   94.664687][ T6010]  do_syscall_64+0xf3/0x230
[   94.669179][ T6010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.675068][ T6010] 
[   94.677377][ T6010] Freed by task 5924:
[   94.681345][ T6010]  kasan_save_track+0x3f/0x80
[   94.686014][ T6010]  kasan_save_free_info+0x40/0x50
[   94.691032][ T6010]  __kasan_slab_free+0x59/0x70
[   94.695784][ T6010]  kfree+0x196/0x430
[   94.699671][ T6010]  hci_release_dev+0x1525/0x16b0
[   94.704608][ T6010]  bt_host_release+0x83/0x90
[   94.709190][ T6010]  device_release+0x99/0x1c0
[   94.713771][ T6010]  kobject_put+0x22f/0x480
[   94.718179][ T6010]  vhci_release+0x88/0xd0
[   94.722498][ T6010]  __fput+0x23c/0xa50
[   94.726473][ T6010]  task_work_run+0x24f/0x310
[   94.731054][ T6010]  do_exit+0xa2f/0x28e0
[   94.735266][ T6010]  do_group_exit+0x207/0x2c0
[   94.739845][ T6010]  get_signal+0x16b2/0x1750
[   94.744340][ T6010]  arch_do_signal_or_restart+0x96/0x860
[   94.749884][ T6010]  syscall_exit_to_user_mode+0xce/0x340
[   94.755424][ T6010]  do_syscall_64+0x100/0x230
[   94.760005][ T6010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.765893][ T6010] 
[   94.768204][ T6010] Last potentially related work creation:
[   94.773902][ T6010]  kasan_save_stack+0x3f/0x60
[   94.778567][ T6010]  __kasan_record_aux_stack+0xac/0xc0
[   94.783930][ T6010]  insert_work+0x3e/0x330
[   94.788252][ T6010]  __queue_work+0xb66/0xf50
[   94.792741][ T6010]  queue_work_on+0x1c2/0x380
[   94.797329][ T6010]  process_scheduled_works+0xa66/0x1840
[   94.802875][ T6010]  worker_thread+0x870/0xd30
[   94.807458][ T6010]  kthread+0x2f0/0x390
[   94.811517][ T6010]  ret_from_fork+0x4b/0x80
[   94.815920][ T6010]  ret_from_fork_asm+0x1a/0x30
[   94.820669][ T6010] 
[   94.822978][ T6010] Second to last potentially related work creation:
[   94.829546][ T6010]  kasan_save_stack+0x3f/0x60
[   94.834212][ T6010]  __kasan_record_aux_stack+0xac/0xc0
[   94.839578][ T6010]  insert_work+0x3e/0x330
[   94.843901][ T6010]  __queue_work+0xc8b/0xf50
[   94.848391][ T6010]  call_timer_fn+0x187/0x650
[   94.852972][ T6010]  __run_timer_base+0x695/0x8e0
[   94.857809][ T6010]  run_timer_softirq+0xb7/0x170
[   94.862645][ T6010]  handle_softirqs+0x2d4/0x9b0
[   94.867403][ T6010]  __irq_exit_rcu+0xf7/0x220
[   94.871987][ T6010]  irq_exit_rcu+0x9/0x30
[   94.876220][ T6010]  sysvec_apic_timer_interrupt+0xa6/0xc0
[   94.881843][ T6010]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   94.887819][ T6010] 
[   94.890132][ T6010] The buggy address belongs to the object at ffff8880122a4000
[   94.890132][ T6010]  which belongs to the cache kmalloc-8k of size 8192
[   94.904170][ T6010] The buggy address is located 96 bytes inside of
[   94.904170][ T6010]  freed 8192-byte region [ffff8880122a4000, ffff8880122a6000)
[   94.917970][ T6010] 
[   94.920289][ T6010] The buggy address belongs to the physical page:
[   94.926708][ T6010] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x122a0
[   94.935466][ T6010] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   94.943951][ T6010] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   94.951480][ T6010] page_type: f5(slab)
[   94.955455][ T6010] raw: 00fff00000000040 ffff88801ac42280 ffffea00009e0e00 0000000000000004
[   94.964022][ T6010] raw: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[   94.972588][ T6010] head: 00fff00000000040 ffff88801ac42280 ffffea00009e0e00 0000000000000004
[   94.981271][ T6010] head: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[   94.989926][ T6010] head: 00fff00000000003 ffffea000048a801 ffffffffffffffff 0000000000000000
[   94.998582][ T6010] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   95.007231][ T6010] page dumped because: kasan: bad access detected
[   95.013636][ T6010] page_owner tracks the page as allocated
[   95.019335][ T6010] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5499, tgid 5499 (dhcpcd), ts 37935092058, free_ts 37934986027
[   95.039990][ T6010]  post_alloc_hook+0x1f3/0x230
[   95.044757][ T6010]  get_page_from_freelist+0x365c/0x37a0
[   95.050291][ T6010]  __alloc_pages_noprof+0x292/0x710
[   95.055474][ T6010]  alloc_pages_mpol_noprof+0x3e8/0x680
[   95.060919][ T6010]  alloc_slab_page+0x6a/0x110
[   95.065583][ T6010]  allocate_slab+0x5a/0x2b0
[   95.070087][ T6010]  ___slab_alloc+0xc27/0x14a0
[   95.074754][ T6010]  __slab_alloc+0x58/0xa0
[   95.079072][ T6010]  __kmalloc_node_track_caller_noprof+0x2e9/0x4c0
[   95.085476][ T6010]  kmalloc_reserve+0x111/0x2a0
[   95.090228][ T6010]  __alloc_skb+0x1f3/0x440
[   95.094628][ T6010]  netlink_dump+0x1ee/0xe10
[   95.099116][ T6010]  __netlink_dump_start+0x5a2/0x790
[   95.104300][ T6010]  rtnetlink_rcv_msg+0xb3d/0xcf0
[   95.109227][ T6010]  netlink_rcv_skb+0x1e3/0x430
[   95.113979][ T6010]  netlink_unicast+0x7f6/0x990
[   95.118735][ T6010] page last free pid 5499 tgid 5499 stack trace:
[   95.125044][ T6010]  free_unref_page+0xd3f/0x1010
[   95.129886][ T6010]  __put_partials+0x160/0x1c0
[   95.134552][ T6010]  put_cpu_partial+0x17c/0x250
[   95.139305][ T6010]  __slab_free+0x290/0x380
[   95.143710][ T6010]  qlist_free_all+0x9a/0x140
[   95.148284][ T6010]  kasan_quarantine_reduce+0x14f/0x170
[   95.153730][ T6010]  __kasan_slab_alloc+0x23/0x80
[   95.158567][ T6010]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   95.164449][ T6010]  __alloc_skb+0x1c3/0x440
[   95.168851][ T6010]  netlink_sendmsg+0x638/0xcb0
[   95.173601][ T6010]  __sock_sendmsg+0x221/0x270
[   95.178267][ T6010]  __sys_sendto+0x363/0x4c0
[   95.182760][ T6010]  __x64_sys_sendto+0xde/0x100
[   95.187512][ T6010]  do_syscall_64+0xf3/0x230
[   95.192008][ T6010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.197895][ T6010] 
[   95.200205][ T6010] Memory state around the buggy address:
[   95.205819][ T6010]  ffff8880122a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   95.213863][ T6010]  ffff8880122a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   95.221923][ T6010] >ffff8880122a4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   95.229967][ T6010]                                                        ^
[   95.237141][ T6010]  ffff8880122a4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   95.245185][ T6010]  ffff8880122a4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   95.253229][ T6010] ==================================================================
[   95.262332][ T6010] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   95.269553][ T6010] CPU: 0 UID: 0 PID: 6010 Comm: khidpd_7fff0008 Not tainted 6.13.0-rc3-syzkaller-00154-g30b981796b94 #0
[   95.280668][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   95.290736][ T6010] Call Trace:
[   95.294010][ T6010]  <TASK>
[   95.296932][ T6010]  dump_stack_lvl+0x241/0x360
[   95.301611][ T6010]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.306802][ T6010]  ? __pfx__printk+0x10/0x10
[   95.311385][ T6010]  ? vscnprintf+0x5d/0x90
[   95.315715][ T6010]  panic+0x349/0x880
[   95.319605][ T6010]  ? check_panic_on_warn+0x21/0xb0
[   95.324710][ T6010]  ? __pfx_panic+0x10/0x10
[   95.329115][ T6010]  ? mark_lock+0x9a/0x360
[   95.333435][ T6010]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[   95.339321][ T6010]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   95.345204][ T6010]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   95.351521][ T6010]  ? print_report+0x502/0x550
[   95.356451][ T6010]  check_panic_on_warn+0x86/0xb0
[   95.361383][ T6010]  ? __mutex_lock+0x7fb/0xee0
[   95.366144][ T6010]  end_report+0x77/0x160
[   95.370375][ T6010]  kasan_report+0x154/0x180
[   95.374870][ T6010]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   95.380754][ T6010]  ? __mutex_lock+0x7fb/0xee0
[   95.385426][ T6010]  __mutex_lock+0x7fb/0xee0
[   95.389922][ T6010]  ? __mutex_lock+0x5ef/0xee0
[   95.394591][ T6010]  ? l2cap_unregister_user+0x6a/0x1c0
[   95.399974][ T6010]  ? __pfx___mutex_lock+0x10/0x10
[   95.404997][ T6010]  ? __pfx___timer_delete_sync+0x10/0x10
[   95.410708][ T6010]  l2cap_unregister_user+0x6a/0x1c0
[   95.415907][ T6010]  hidp_session_thread+0x450/0x490
[   95.421015][ T6010]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[   95.426905][ T6010]  ? __pfx_hidp_session_thread+0x10/0x10
[   95.432536][ T6010]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   95.438422][ T6010]  ? __pfx_hidp_session_wake_function+0x10/0x10
[   95.444655][ T6010]  ? __pfx_hidp_session_wake_function+0x10/0x10
[   95.450885][ T6010]  ? __kthread_parkme+0x169/0x1d0
[   95.455901][ T6010]  ? __pfx_hidp_session_thread+0x10/0x10
[   95.461520][ T6010]  kthread+0x2f0/0x390
[   95.465606][ T6010]  ? __pfx_hidp_session_thread+0x10/0x10
[   95.471234][ T6010]  ? __pfx_kthread+0x10/0x10
[   95.475816][ T6010]  ret_from_fork+0x4b/0x80
[   95.480220][ T6010]  ? __pfx_kthread+0x10/0x10
[   95.484798][ T6010]  ret_from_fork_asm+0x1a/0x30
[   95.489551][ T6010]  </TASK>
[   95.494150][ T6010] Kernel Offset: disabled
[   95.498465][ T6010] Rebooting in 86400 seconds..