Warning: Permanently added '10.128.0.34' (ED25519) to the list of known hosts.
2025/01/01 23:48:07 ignoring optional flag "sandboxArg"="0"
2025/01/01 23:48:07 parsed 1 programs
[   70.861979][ T5833] cgroup: Unknown subsys name 'net'
[   70.967651][ T5833] cgroup: Unknown subsys name 'cpuset'
[   70.975595][ T5833] cgroup: Unknown subsys name 'rlimit'
[   71.708778][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[   71.715642][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[   72.289496][ T5833] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   74.807073][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   75.186526][ T5855] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   75.195328][ T5855] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   75.203114][ T5855] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   75.212136][ T5855] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   75.220283][ T5855] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   75.227950][ T5855] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   75.455656][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.463615][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.488218][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.497047][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.466591][ T5902] chnl_net:caif_netlink_parms(): no params data found
[   77.537300][ T5902] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.545638][ T5902] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.552762][ T5902] bridge_slave_0: entered allmulticast mode
[   77.560057][ T5902] bridge_slave_0: entered promiscuous mode
[   77.568690][ T5902] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.577088][ T5902] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.584849][ T5902] bridge_slave_1: entered allmulticast mode
[   77.591442][ T5902] bridge_slave_1: entered promiscuous mode
[   77.616018][ T5902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.628118][ T5902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.656033][ T5902] team0: Port device team_slave_0 added
[   77.663858][ T5902] team0: Port device team_slave_1 added
[   77.686748][ T5902] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.696337][ T5902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.722507][ T5902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.735604][ T5902] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.742576][ T5902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.768532][ T5902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.799155][ T5902] hsr_slave_0: entered promiscuous mode
[   77.805474][ T5902] hsr_slave_1: entered promiscuous mode
[   77.891569][ T5902] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   77.902072][ T5902] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   77.911325][ T5902] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   77.920354][ T5902] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   77.941110][ T5902] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.948289][ T5902] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.956258][ T5902] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.963329][ T5902] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.007920][ T5902] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.022986][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.032646][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.052926][ T5902] 8021q: adding VLAN 0 to HW filter on device team0
[   78.065725][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.073353][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.087549][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.094688][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.215261][ T5902] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.246071][ T5902] veth0_vlan: entered promiscuous mode
[   78.256028][ T5902] veth1_vlan: entered promiscuous mode
[   78.279433][ T5902] veth0_macvtap: entered promiscuous mode
[   78.288139][ T5902] veth1_macvtap: entered promiscuous mode
[   78.303085][ T5902] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.316378][ T5902] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.326711][ T5902] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.335928][ T5902] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.345111][ T5902] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.353816][ T5902] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.480802][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.548448][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.624966][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.682687][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/01/01 23:48:18 executed programs: 0
[   79.057337][ T5855] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   79.066876][ T5855] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   79.075145][ T5855] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   79.086296][ T5855] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   79.094622][ T5855] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   79.101935][ T5855] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   79.214390][ T5928] chnl_net:caif_netlink_parms(): no params data found
[   79.276160][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.283896][ T5928] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.291391][ T5928] bridge_slave_0: entered allmulticast mode
[   79.298657][ T5928] bridge_slave_0: entered promiscuous mode
[   79.306685][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.313762][ T5928] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.321363][ T5928] bridge_slave_1: entered allmulticast mode
[   79.327925][ T5928] bridge_slave_1: entered promiscuous mode
[   79.352533][ T5928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.365065][ T5928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.396729][ T5928] team0: Port device team_slave_0 added
[   79.404946][ T5928] team0: Port device team_slave_1 added
[   79.427374][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.434830][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.461057][ T5928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.475987][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.482970][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.509170][ T5928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.546414][ T5928] hsr_slave_0: entered promiscuous mode
[   79.552689][ T5928] hsr_slave_1: entered promiscuous mode
[   79.558980][ T5928] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.567138][ T5928] Cannot create hsr debugfs directory
[   81.144982][ T5142] Bluetooth: hci0: command tx timeout
[   81.681548][   T11] bridge_slave_1: left allmulticast mode
[   81.688516][   T11] bridge_slave_1: left promiscuous mode
[   81.697994][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.727423][   T11] bridge_slave_0: left allmulticast mode
[   81.733122][   T11] bridge_slave_0: left promiscuous mode
[   81.739663][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.158185][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   82.170347][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   82.183063][   T11] bond0 (unregistering): Released all slaves
[   82.289249][   T11] hsr_slave_0: left promiscuous mode
[   82.295549][   T11] hsr_slave_1: left promiscuous mode
[   82.301618][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.312407][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.321230][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.331333][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.354365][   T11] veth1_macvtap: left promiscuous mode
[   82.360159][   T11] veth0_macvtap: left promiscuous mode
[   82.368543][   T11] veth1_vlan: left promiscuous mode
[   82.374284][   T11] veth0_vlan: left promiscuous mode
[   82.687935][   T11] team0 (unregistering): Port device team_slave_1 removed
[   82.718237][   T11] team0 (unregistering): Port device team_slave_0 removed
[   83.219814][ T5928] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   83.227284][ T5142] Bluetooth: hci0: command tx timeout
[   83.239196][ T5928] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   83.250478][ T5928] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   83.260849][ T5928] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   83.348510][ T5928] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.368548][ T5928] 8021q: adding VLAN 0 to HW filter on device team0
[   83.434515][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.441612][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.462474][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.469652][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.703688][ T5928] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.751000][ T5928] veth0_vlan: entered promiscuous mode
[   83.764863][ T5928] veth1_vlan: entered promiscuous mode
[   83.790022][ T5928] veth0_macvtap: entered promiscuous mode
[   83.800176][ T5928] veth1_macvtap: entered promiscuous mode
[   83.826194][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.839764][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.856362][ T5928] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.867074][ T5928] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.877105][ T5928] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.885984][ T5928] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.957626][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.974952][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/01/01 23:48:23 executed programs: 2
[   84.006803][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.017436][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.305123][ T5142] Bluetooth: hci0: command tx timeout
[   87.066674][   T47] cfg80211: failed to load regulatory.db
[   87.384190][ T5142] Bluetooth: hci0: command tx timeout
2025/01/01 23:48:28 executed programs: 227
2025/01/01 23:48:33 executed programs: 469
[   96.838927][ T5855] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   96.848775][ T5855] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   96.857089][ T5855] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   96.866305][ T5855] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   96.874963][ T5855] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   96.882268][ T5855] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   96.972387][ T6615] chnl_net:caif_netlink_parms(): no params data found
[   97.019310][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.048256][ T6615] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.055425][ T6615] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.063022][ T6615] bridge_slave_0: entered allmulticast mode
[   97.069976][ T6615] bridge_slave_0: entered promiscuous mode
[   97.078104][ T6615] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.085864][ T6615] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.093108][ T6615] bridge_slave_1: entered allmulticast mode
[   97.100470][ T6615] bridge_slave_1: entered promiscuous mode
[   97.115035][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.140363][ T6615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.152379][ T6615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.178197][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.200280][ T6615] team0: Port device team_slave_0 added
[   97.207832][ T6615] team0: Port device team_slave_1 added
[   97.238971][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.251858][ T6615] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.258947][ T6615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.286739][ T6615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.300445][ T6615] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.308646][ T6615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.334630][ T6615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.370824][ T6615] hsr_slave_0: entered promiscuous mode
[   97.377087][ T6615] hsr_slave_1: entered promiscuous mode
[   97.443539][   T11] bridge_slave_1: left allmulticast mode
[   97.449925][   T11] bridge_slave_1: left promiscuous mode
[   97.457347][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.469543][   T11] bridge_slave_0: left allmulticast mode
[   97.476246][   T11] bridge_slave_0: left promiscuous mode
[   97.481945][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.680554][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   97.691403][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   97.701480][   T11] bond0 (unregistering): Released all slaves
[   97.940094][   T11] hsr_slave_0: left promiscuous mode
[   97.949900][   T11] hsr_slave_1: left promiscuous mode
[   97.962936][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.972694][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.981177][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.991234][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.012643][   T11] veth1_macvtap: left promiscuous mode
[   98.019103][   T11] veth0_macvtap: left promiscuous mode
[   98.027325][   T11] veth1_vlan: left promiscuous mode
[   98.032643][   T11] veth0_vlan: left promiscuous mode
[   98.350909][   T11] team0 (unregistering): Port device team_slave_1 removed
[   98.380460][   T11] team0 (unregistering): Port device team_slave_0 removed
[   98.865946][ T6615] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.879169][ T6615] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.888892][ T6615] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.900658][ T6615] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.905720][ T5855] Bluetooth: hci1: command tx timeout
[   99.003432][ T6615] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.021872][ T6615] 8021q: adding VLAN 0 to HW filter on device team0
[   99.033085][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.040282][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.055867][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.062990][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.190245][ T6615] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.217941][ T6615] veth0_vlan: entered promiscuous mode
[   99.228031][ T6615] veth1_vlan: entered promiscuous mode
[   99.250222][ T6615] veth0_macvtap: entered promiscuous mode
[   99.258736][ T6615] veth1_macvtap: entered promiscuous mode
[   99.272281][ T6615] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.285151][ T6615] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.296494][ T6615] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.305535][ T6615] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.314514][ T6615] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.323219][ T6615] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.370291][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.382963][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.409237][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
2025/01/01 23:48:38 executed programs: 602
[   99.417846][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.452888][ T6657] ==================================================================
[   99.460971][ T6657] BUG: KASAN: slab-use-after-free in force_devcd_write+0x31f/0x350
[   99.468859][ T6657] Read of size 8 at addr ffff888028134000 by task syz.0.616/6657
[   99.476575][ T6657] 
[   99.478902][ T6657] CPU: 1 UID: 0 PID: 6657 Comm: syz.0.616 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0
[   99.489472][ T6657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   99.499532][ T6657] Call Trace:
[   99.502804][ T6657]  <TASK>
[   99.505731][ T6657]  dump_stack_lvl+0x116/0x1f0
[   99.510434][ T6657]  print_report+0xc3/0x620
[   99.514864][ T6657]  ? __virt_addr_valid+0x5e/0x590
[   99.519896][ T6657]  ? __phys_addr+0xc6/0x150
[   99.524442][ T6657]  kasan_report+0xd9/0x110
[   99.528876][ T6657]  ? force_devcd_write+0x31f/0x350
[   99.533996][ T6657]  ? force_devcd_write+0x31f/0x350
[   99.539111][ T6657]  force_devcd_write+0x31f/0x350
[   99.544053][ T6657]  ? __pfx_force_devcd_write+0x10/0x10
[   99.549512][ T6657]  ? debugfs_file_get+0x21c/0x5c0
[   99.554543][ T6657]  ? __pfx_debugfs_file_get+0x10/0x10
[   99.559920][ T6657]  ? rcu_is_watching+0x12/0xc0
[   99.564693][ T6657]  ? trace_lock_acquire+0x14e/0x1f0
[   99.569900][ T6657]  full_proxy_write+0xfb/0x1b0
[   99.574668][ T6657]  ? __pfx_full_proxy_write+0x10/0x10
[   99.580046][ T6657]  vfs_write+0x24c/0x1150
[   99.584380][ T6657]  ? __pfx_vfs_write+0x10/0x10
[   99.589146][ T6657]  ? do_futex+0x123/0x350
[   99.593481][ T6657]  ? __pfx_do_futex+0x10/0x10
[   99.598168][ T6657]  ? __x64_sys_futex+0x1e1/0x4c0
[   99.603113][ T6657]  ? __x64_sys_futex+0x1ea/0x4c0
[   99.608061][ T6657]  ksys_write+0x12b/0x250
[   99.612392][ T6657]  ? __pfx_ksys_write+0x10/0x10
[   99.617254][ T6657]  do_syscall_64+0xcd/0x250
[   99.621765][ T6657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.627664][ T6657] RIP: 0033:0x7fb5e4785d29
[   99.632078][ T6657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.651694][ T6657] RSP: 002b:00007fff1a2021b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   99.660108][ T6657] RAX: ffffffffffffffda RBX: 00007fb5e4975fa0 RCX: 00007fb5e4785d29
[   99.668074][ T6657] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[   99.676040][ T6657] RBP: 00007fb5e4801b08 R08: 0000000000000000 R09: 0000000000000000
[   99.684009][ T6657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.691976][ T6657] R13: 00007fb5e4975fa0 R14: 00007fb5e4975fa0 R15: 00000000000018c7
[   99.699953][ T6657]  </TASK>
[   99.702965][ T6657] 
[   99.705281][ T6657] Allocated by task 5928:
[   99.709599][ T6657]  kasan_save_stack+0x33/0x60
[   99.714279][ T6657]  kasan_save_track+0x14/0x30
[   99.718959][ T6657]  __kasan_kmalloc+0xaa/0xb0
[   99.723548][ T6657]  vhci_open+0x4c/0x430
[   99.727706][ T6657]  misc_open+0x35a/0x420
[   99.731946][ T6657]  chrdev_open+0x237/0x6a0
[   99.736366][ T6657]  do_dentry_open+0xf59/0x1ea0
[   99.741133][ T6657]  vfs_open+0x82/0x3f0
[   99.745205][ T6657]  path_openat+0x1e6a/0x2d60
[   99.749795][ T6657]  do_filp_open+0x20c/0x470
[   99.754302][ T6657]  do_sys_openat2+0x17a/0x1e0
[   99.758982][ T6657]  __x64_sys_openat+0x175/0x210
[   99.763837][ T6657]  do_syscall_64+0xcd/0x250
[   99.768342][ T6657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.774237][ T6657] 
[   99.776553][ T6657] Freed by task 5928:
[   99.780520][ T6657]  kasan_save_stack+0x33/0x60
[   99.785199][ T6657]  kasan_save_track+0x14/0x30
[   99.789891][ T6657]  kasan_save_free_info+0x3b/0x60
[   99.794936][ T6657]  __kasan_slab_free+0x51/0x70
[   99.799716][ T6657]  kfree+0x14f/0x4b0
[   99.803614][ T6657]  vhci_release+0xbb/0xf0
[   99.808091][ T6657]  __fput+0x3f8/0xb60
[   99.812089][ T6657]  task_work_run+0x14e/0x250
[   99.816700][ T6657]  do_exit+0xad8/0x2d70
[   99.820869][ T6657]  do_group_exit+0xd3/0x2a0
[   99.825388][ T6657]  get_signal+0x2576/0x2610
[   99.829898][ T6657]  arch_do_signal_or_restart+0x90/0x7e0
[   99.835452][ T6657]  syscall_exit_to_user_mode+0x150/0x2a0
[   99.841090][ T6657]  do_syscall_64+0xda/0x250
[   99.845599][ T6657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.851511][ T6657] 
[   99.853844][ T6657] The buggy address belongs to the object at ffff888028134000
[   99.853844][ T6657]  which belongs to the cache kmalloc-1k of size 1024
[   99.867907][ T6657] The buggy address is located 0 bytes inside of
[   99.867907][ T6657]  freed 1024-byte region [ffff888028134000, ffff888028134400)
[   99.881631][ T6657] 
[   99.883950][ T6657] The buggy address belongs to the physical page:
[   99.890363][ T6657] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28130
[   99.899122][ T6657] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   99.907622][ T6657] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   99.915597][ T6657] page_type: f5(slab)
[   99.919581][ T6657] raw: 00fff00000000040 ffff88801ac41dc0 0000000000000000 dead000000000001
[   99.928169][ T6657] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[   99.936757][ T6657] head: 00fff00000000040 ffff88801ac41dc0 0000000000000000 dead000000000001
[   99.945428][ T6657] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[   99.954100][ T6657] head: 00fff00000000003 ffffea0000a04c01 ffffffffffffffff 0000000000000000
[   99.962768][ T6657] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   99.971463][ T6657] page dumped because: kasan: bad access detected
[   99.977874][ T6657] page_owner tracks the page as allocated
[   99.983579][ T6657] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5924, tgid 5924 (syz-executor), ts 78673908402, free_ts 78667830922
[  100.004945][ T6657]  post_alloc_hook+0x2d1/0x350
[  100.009718][ T6657]  get_page_from_freelist+0xfce/0x2f80
[  100.015182][ T6657]  __alloc_pages_noprof+0x223/0x25b0
[  100.020474][ T6657]  alloc_pages_mpol_noprof+0x2c9/0x610
[  100.025952][ T6657]  new_slab+0x2c9/0x410
[  100.030108][ T6657]  ___slab_alloc+0xce2/0x1650
[  100.034794][ T6657]  __slab_alloc.constprop.0+0x56/0xb0
[  100.040171][ T6657]  __kmalloc_cache_noprof+0xf6/0x420
[  100.045461][ T6657]  afs_alloc_call+0x4f/0x4a0
[  100.050061][ T6657]  afs_charge_preallocation+0xff/0x330
[  100.055520][ T6657]  afs_open_socket+0x298/0x350
[  100.060280][ T6657]  afs_net_init+0x95d/0xc60
[  100.064787][ T6657]  ops_init+0x1df/0x5f0
[  100.068957][ T6657]  setup_net+0x21f/0x860
[  100.073206][ T6657]  copy_net_ns+0x2b4/0x6c0
[  100.077625][ T6657]  create_new_namespaces+0x3ea/0xad0
[  100.082913][ T6657] page last free pid 5924 tgid 5924 stack trace:
[  100.089232][ T6657]  free_unref_page+0x661/0x1080
[  100.094087][ T6657]  __put_partials+0x14c/0x170
[  100.098764][ T6657]  qlist_free_all+0x4e/0x120
[  100.103361][ T6657]  kasan_quarantine_reduce+0x195/0x1e0
[  100.108829][ T6657]  __kasan_slab_alloc+0x69/0x90
[  100.113688][ T6657]  __kmalloc_noprof+0x1d1/0x4f0
[  100.118550][ T6657]  ops_init+0x77/0x5f0
[  100.122633][ T6657]  setup_net+0x21f/0x860
[  100.126880][ T6657]  copy_net_ns+0x2b4/0x6c0
[  100.131295][ T6657]  create_new_namespaces+0x3ea/0xad0
[  100.136585][ T6657]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  100.142226][ T6657]  ksys_unshare+0x45d/0xa40
[  100.146731][ T6657]  __x64_sys_unshare+0x31/0x40
[  100.151498][ T6657]  do_syscall_64+0xcd/0x250
[  100.156004][ T6657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.161901][ T6657] 
[  100.164217][ T6657] Memory state around the buggy address:
[  100.169840][ T6657]  ffff888028133f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  100.177903][ T6657]  ffff888028133f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  100.185958][ T6657] >ffff888028134000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  100.194012][ T6657]                    ^
[  100.198073][ T6657]  ffff888028134080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  100.206130][ T6657]  ffff888028134100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  100.214183][ T6657] ==================================================================
[  100.224138][ T6657] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  100.231363][ T6657] CPU: 0 UID: 0 PID: 6657 Comm: syz.0.616 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0
[  100.241971][ T6657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  100.252041][ T6657] Call Trace:
[  100.255330][ T6657]  <TASK>
[  100.258278][ T6657]  dump_stack_lvl+0x3d/0x1f0
[  100.262879][ T6657]  panic+0x71d/0x800
[  100.266797][ T6657]  ? __pfx_panic+0x10/0x10
[  100.271272][ T6657]  ? preempt_schedule_thunk+0x1a/0x30
[  100.276652][ T6657]  ? preempt_schedule_common+0x44/0xc0
[  100.282130][ T6657]  ? check_panic_on_warn+0x1f/0xb0
[  100.287261][ T6657]  check_panic_on_warn+0xab/0xb0
[  100.292215][ T6657]  end_report+0x117/0x180
[  100.296554][ T6657]  kasan_report+0xe9/0x110
[  100.300974][ T6657]  ? force_devcd_write+0x31f/0x350
[  100.306085][ T6657]  ? force_devcd_write+0x31f/0x350
[  100.311196][ T6657]  force_devcd_write+0x31f/0x350
[  100.316138][ T6657]  ? __pfx_force_devcd_write+0x10/0x10
[  100.321593][ T6657]  ? debugfs_file_get+0x21c/0x5c0
[  100.326618][ T6657]  ? __pfx_debugfs_file_get+0x10/0x10
[  100.331990][ T6657]  ? rcu_is_watching+0x12/0xc0
[  100.336846][ T6657]  ? trace_lock_acquire+0x14e/0x1f0
[  100.342055][ T6657]  full_proxy_write+0xfb/0x1b0
[  100.346904][ T6657]  ? __pfx_full_proxy_write+0x10/0x10
[  100.352280][ T6657]  vfs_write+0x24c/0x1150
[  100.356615][ T6657]  ? __pfx_vfs_write+0x10/0x10
[  100.361382][ T6657]  ? do_futex+0x123/0x350
[  100.365716][ T6657]  ? __pfx_do_futex+0x10/0x10
[  100.370398][ T6657]  ? __x64_sys_futex+0x1e1/0x4c0
[  100.375341][ T6657]  ? __x64_sys_futex+0x1ea/0x4c0
[  100.380288][ T6657]  ksys_write+0x12b/0x250
[  100.384619][ T6657]  ? __pfx_ksys_write+0x10/0x10
[  100.389471][ T6657]  do_syscall_64+0xcd/0x250
[  100.393980][ T6657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.399873][ T6657] RIP: 0033:0x7fb5e4785d29
[  100.404284][ T6657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.423886][ T6657] RSP: 002b:00007fff1a2021b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  100.432294][ T6657] RAX: ffffffffffffffda RBX: 00007fb5e4975fa0 RCX: 00007fb5e4785d29
[  100.440260][ T6657] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  100.448222][ T6657] RBP: 00007fb5e4801b08 R08: 0000000000000000 R09: 0000000000000000
[  100.456186][ T6657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.464150][ T6657] R13: 00007fb5e4975fa0 R14: 00007fb5e4975fa0 R15: 00000000000018c7
[  100.472120][ T6657]  </TASK>
[  100.475378][ T6657] Kernel Offset: disabled
[  100.479693][ T6657] Rebooting in 86400 seconds..