Warning: Permanently added '10.128.0.130' (ED25519) to the list of known hosts.
2024/07/14 02:36:51 ignoring optional flag "sandboxArg"="0"
2024/07/14 02:36:51 parsed 1 programs
[  180.661139][ T3567] cgroup: Unknown subsys name 'net'
[  180.814593][ T3567] cgroup: Unknown subsys name 'rlimit'
[  183.263818][ T3567] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[  186.336761][ T3581] chnl_net:caif_netlink_parms(): no params data found
[  186.941960][ T3581] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.965605][ T3581] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.979207][ T3617] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  186.979362][ T3581] device bridge_slave_0 entered promiscuous mode
[  187.006901][ T3619] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  187.018294][ T3619] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  187.036275][ T3619] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  187.067383][ T3619] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  187.082728][ T3619] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  187.094673][ T3581] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.155524][ T3581] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.232768][ T3581] device bridge_slave_1 entered promiscuous mode
[  187.341241][ T3581] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.379586][ T3581] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.519088][ T3581] team0: Port device team_slave_0 added
[  187.560993][ T3581] team0: Port device team_slave_1 added
[  187.799007][ T3581] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.831669][ T3581] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.938862][ T3581] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.996307][ T3581] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.018585][ T3581] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.060446][ T3581] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.194006][ T3581] device hsr_slave_0 entered promiscuous mode
[  188.211430][ T3581] device hsr_slave_1 entered promiscuous mode
[  188.311668][ T3633] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.341356][ T3633] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.408590][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  188.460440][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.535133][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.598647][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  188.763603][ T3581] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  188.840157][ T3581] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  188.875362][ T3581] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  188.899358][ T3581] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  189.061755][ T3581] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.091941][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  189.109799][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  189.123543][ T3581] 8021q: adding VLAN 0 to HW filter on device team0
[  189.144617][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  189.158892][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  189.173488][ T3018] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.178447][   T48] Bluetooth: hci0: command tx timeout
[  189.186384][ T3018] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.218887][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  189.235065][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  189.261804][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  189.285502][ T3018] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.310138][ T3018] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.334881][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  189.374165][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  189.407293][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  189.422156][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  189.439226][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  189.462728][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  189.497393][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  189.517832][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  189.538489][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  189.564867][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  189.596893][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  189.614891][ T3581] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  189.960249][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  189.971234][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  189.990861][ T3581] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.019961][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  190.034778][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  190.062989][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  190.073191][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  190.088379][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  190.103512][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  190.119867][ T3581] device veth0_vlan entered promiscuous mode
[  190.139605][ T3581] device veth1_vlan entered promiscuous mode
[  190.193503][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  190.203934][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  190.217991][ T3581] device veth0_macvtap entered promiscuous mode
[  190.235035][ T3581] device veth1_macvtap entered promiscuous mode
[  190.258622][ T3581] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.271680][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  190.292351][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  190.303818][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  190.317952][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  190.341321][ T3581] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.360945][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  190.373407][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  190.392007][ T3581] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.403368][ T3581] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.416522][ T3581] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.429142][ T3581] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2024/07/14 02:37:04 executed programs: 0
[  190.649707][ T3581] syz-executor (3581) used greatest stack depth: 20112 bytes left
[  190.768056][ T3617] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  190.813882][ T3664] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  190.846441][ T3670] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  190.862073][ T3670] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  190.876208][ T3670] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  190.886555][ T3670] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  190.903740][ T3670] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  190.916203][ T3670] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  190.932891][ T3670] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  190.955110][ T3670] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  190.963886][ T3670] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  190.974821][ T3670] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  190.975502][ T3671] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  190.997340][ T3670] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  191.003210][ T3671] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  191.018908][ T3671] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  191.031087][ T3671] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  191.039634][ T3670] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  191.056970][ T3670] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  191.058123][ T3671] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  191.067295][ T3670] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  191.075514][ T3671] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  191.089305][ T3670] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  191.095245][ T3671] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  191.113109][ T3670] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  191.131454][ T3671] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  191.144896][ T3670] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  191.167747][ T3657] ==================================================================
[  191.187014][ T3657] BUG: KASAN: use-after-free in skb_release_data+0x6a5/0x7a0
[  191.196099][ T3657] Read of size 1 at addr ffff8880218af6be by task syz-executor/3657
[  191.204724][ T3657] 
[  191.207244][ T3657] CPU: 0 PID: 3657 Comm: syz-executor Not tainted 6.1.98-syzkaller #0
[  191.220487][ T3657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  191.248499][ T3657] Call Trace:
[  191.251902][ T3657]  <TASK>
[  191.256677][ T3657]  dump_stack_lvl+0x1e3/0x2cb
[  191.266258][ T3657]  ? nf_tcp_handle_invalid+0x642/0x642
[  191.273174][ T3657]  ? panic+0x764/0x764
[  191.288966][ T3657]  ? _printk+0xd1/0x111
[  191.293776][ T3657]  ? __virt_addr_valid+0x17f/0x520
[  191.301711][ T3657]  ? __virt_addr_valid+0x17f/0x520
[  191.308353][ T3657]  print_report+0x15f/0x4f0
[  191.313602][ T3657]  ? __virt_addr_valid+0x17f/0x520
[  191.328469][ T3657]  ? __virt_addr_valid+0x17f/0x520
[  191.334496][ T3657]  ? __virt_addr_valid+0x44a/0x520
[  191.346182][ T3657]  ? __phys_addr+0xb6/0x170
[  191.351134][ T3657]  ? skb_release_data+0x6a5/0x7a0
[  191.356907][ T3657]  kasan_report+0x136/0x160
[  191.361925][ T3657]  ? skb_release_data+0x6a5/0x7a0
[  191.367746][ T3657]  skb_release_data+0x6a5/0x7a0
[  191.372930][ T3657]  ? __hci_req_sync+0x626/0x940
[  191.378183][ T3657]  kfree_skb_reason+0x16f/0x390
[  191.383939][ T3657]  __hci_req_sync+0x626/0x940
[  191.389252][ T3657]  ? trace_contention_end+0x61/0x170
[  191.395618][ T3657]  ? hci_req_sync_complete+0x280/0x280
[  191.402527][ T3657]  ? mutex_lock_nested+0x10/0x10
[  191.407798][ T3657]  ? hci_encrypt_req+0x170/0x170
[  191.413333][ T3657]  hci_req_sync+0xa5/0xc0
[  191.421188][ T3657]  hci_dev_cmd+0x2fc/0xa30
[  191.427131][ T3657]  ? security_capable+0x86/0xb0
[  191.434039][ T3657]  ? hci_dev_reset_stat+0x1a0/0x1a0
[  191.444960][ T3657]  ? hci_sock_ioctl+0x426/0x850
[  191.451058][ T3657]  sock_do_ioctl+0x152/0x450
[  191.456177][ T3657]  ? sock_show_fdinfo+0xb0/0xb0
[  191.462544][ T3657]  ? __fget_files+0x28/0x4a0
[  191.469281][ T3657]  sock_ioctl+0x47f/0x770
[  191.473913][ T3657]  ? sock_poll+0x410/0x410
[  191.479026][ T3657]  ? __fget_files+0x28/0x4a0
[  191.485316][ T3657]  ? __fget_files+0x435/0x4a0
[  191.490414][ T3657]  ? __fget_files+0x28/0x4a0
[  191.495339][ T3657]  ? bpf_lsm_file_ioctl+0x5/0x10
[  191.510691][ T3657]  ? security_file_ioctl+0x7d/0xa0
[  191.516293][ T3657]  ? sock_poll+0x410/0x410
[  191.529316][ T3657]  __se_sys_ioctl+0xf1/0x160
[  191.534644][ T3657]  do_syscall_64+0x3b/0xb0
[  191.541506][ T3657]  ? clear_bhb_loop+0x45/0xa0
[  191.547832][ T3657]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  191.554396][ T3657] RIP: 0033:0x7fe9ba5757db
[  191.561562][ T3657] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  191.591655][ T3657] RSP: 002b:00007ffe51dc51d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  191.610379][ T3657] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fe9ba5757db
[  191.621531][ T3657] RDX: 00007ffe51dc5248 RSI: 00000000400448dd RDI: 0000000000000003
[  191.632795][ T3657] RBP: 00005555561a14a8 R08: 0000000000000000 R09: 0000000000000000
[  191.641157][ T3657] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  191.651355][ T3657] R13: 0000000000000001 R14: 0000000000000009 R15: 0000000000000009
[  191.660279][ T3657]  </TASK>
[  191.663772][ T3657] 
[  191.666468][ T3657] Allocated by task 3619:
[  191.671865][ T3657]  kasan_set_track+0x4b/0x70
[  191.686410][ T3657]  __kasan_slab_alloc+0x65/0x70
[  191.691886][ T3657]  slab_post_alloc_hook+0x52/0x3a0
[  191.703012][ T3657]  kmem_cache_alloc+0x10c/0x2d0
[  191.708404][ T3657]  skb_clone+0x1e5/0x360
[  191.713137][ T3657]  hci_cmd_work+0x296/0x660
[  191.719687][ T3657]  process_one_work+0x8a9/0x11d0
[  191.727800][ T3657]  worker_thread+0xa47/0x1200
[  191.732685][ T3657]  kthread+0x28d/0x320
[  191.738055][ T3657]  ret_from_fork+0x1f/0x30
[  191.751681][ T3657] 
[  191.754543][ T3657] Freed by task 3671:
[  191.768187][ T3657]  kasan_set_track+0x4b/0x70
[  191.774108][ T3657]  kasan_save_free_info+0x27/0x40
[  191.789016][ T3657]  ____kasan_slab_free+0xd6/0x120
[  191.794352][ T3657]  kmem_cache_free+0x292/0x510
[  191.810834][ T3657]  hci_req_sync_complete+0xee/0x280
[  191.816543][ T3657]  hci_event_packet+0xc49/0x1510
[  191.829967][ T3657]  hci_rx_work+0x3cd/0xce0
[  191.835481][ T3657]  process_one_work+0x8a9/0x11d0
[  191.851881][ T3657]  worker_thread+0xa47/0x1200
[  191.857818][ T3657]  kthread+0x28d/0x320
[  191.866467][ T3657]  ret_from_fork+0x1f/0x30
[  191.872631][ T3657] 
[  191.876108][ T3657] The buggy address belongs to the object at ffff8880218af640
[  191.876108][ T3657]  which belongs to the cache skbuff_head_cache of size 240
[  191.908314][ T3657] The buggy address is located 126 bytes inside of
[  191.908314][ T3657]  240-byte region [ffff8880218af640, ffff8880218af730)
[  191.932080][ T3657] 
[  191.934969][ T3657] The buggy address belongs to the physical page:
[  191.953487][ T3657] page:ffffea0000862bc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x218af
[  191.966164][ T3657] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  191.986326][ T3657] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888141252500
[  191.998233][ T3657] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[  192.015067][ T3657] page dumped because: kasan: bad access detected
[  192.031165][ T3657] page_owner tracks the page as allocated
[  192.048200][ T3657] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 3663, tgid 3660 (syz-executor), ts 191166870741, free_ts 190550759675
[  192.085629][ T3657]  post_alloc_hook+0x18d/0x1b0
[  192.091831][ T3657]  get_page_from_freelist+0x322e/0x33b0
[  192.102546][ T3657]  __alloc_pages+0x28d/0x770
[  192.108651][ T3657]  alloc_slab_page+0x6a/0x150
[  192.115054][ T3657]  new_slab+0x84/0x2d0
[  192.121901][ T3657]  ___slab_alloc+0xc20/0x1270
[  192.127755][ T3657]  kmem_cache_alloc_node+0x1cf/0x310
[  192.133411][ T3657]  __alloc_skb+0xde/0x670
[  192.146140][ T3657]  vhci_write+0xbc/0x440
[  192.150608][ T3657]  do_iter_write+0x6e6/0xc40
[  192.157424][ T3657]  do_writev+0x27b/0x460
[  192.162514][ T3657]  do_syscall_64+0x3b/0xb0
[  192.167836][ T3657]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  192.175537][ T3657] page last free stack trace:
[  192.181275][ T3657]  free_unref_page_prepare+0xf63/0x1120
[  192.187586][ T3657]  free_unref_page_list+0x663/0x900
[  192.193347][ T3657]  release_pages+0x2836/0x2b40
[  192.198771][ T3657]  tlb_flush_mmu+0xfc/0x210
[  192.203763][ T3657]  tlb_finish_mmu+0xce/0x1f0
[  192.209927][ T3657]  exit_mmap+0x3c3/0x9f0
[  192.214932][ T3657]  __mmput+0x115/0x3c0
[  192.224952][ T3657]  exit_mm+0x226/0x300
[  192.229614][ T3657]  do_exit+0x9f6/0x26a0
[  192.234627][ T3657]  do_group_exit+0x202/0x2b0
[  192.244925][ T3657]  __x64_sys_exit_group+0x3b/0x40
[  192.250620][ T3657]  do_syscall_64+0x3b/0xb0
[  192.255419][ T3657]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  192.266495][ T3657] 
[  192.270604][ T3657] Memory state around the buggy address:
[  192.276727][ T3657]  ffff8880218af580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[  192.291003][ T3657]  ffff8880218af600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  192.303918][ T3657] >ffff8880218af680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  192.313422][ T3657]                                         ^
[  192.320244][ T3657]  ffff8880218af700: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  192.330344][ T3657]  ffff8880218af780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  192.349433][ T3657] ==================================================================
[  192.377655][ T3670] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  192.388234][ T3670] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  192.433592][ T3670] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  192.487355][ T3657] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  192.497561][ T3657] CPU: 0 PID: 3657 Comm: syz-executor Not tainted 6.1.98-syzkaller #0
[  192.514915][ T3657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  192.530750][ T3657] Call Trace:
[  192.534408][ T3657]  <TASK>
[  192.538097][ T3657]  dump_stack_lvl+0x1e3/0x2cb
[  192.543800][ T3657]  ? nf_tcp_handle_invalid+0x642/0x642
[  192.549788][ T3657]  ? panic+0x764/0x764
[  192.554984][ T3657]  ? vscnprintf+0x59/0x80
[  192.560800][ T3657]  panic+0x318/0x764
[  192.565872][ T3657]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  192.572607][ T3657]  ? check_panic_on_warn+0x1d/0xa0
[  192.578265][ T3657]  ? memcpy_page_flushcache+0xfc/0xfc
[  192.585368][ T3657]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  192.592594][ T3657]  ? _raw_spin_unlock+0x40/0x40
[  192.598944][ T3657]  check_panic_on_warn+0x7e/0xa0
[  192.605219][ T3657]  ? skb_release_data+0x6a5/0x7a0
[  192.611076][ T3657]  end_report+0x66/0x110
[  192.616090][ T3657]  kasan_report+0x143/0x160
[  192.622562][ T3657]  ? skb_release_data+0x6a5/0x7a0
[  192.630091][ T3657]  skb_release_data+0x6a5/0x7a0
[  192.635524][ T3657]  ? __hci_req_sync+0x626/0x940
[  192.643416][ T3657]  kfree_skb_reason+0x16f/0x390
[  192.649532][ T3657]  __hci_req_sync+0x626/0x940
[  192.654827][ T3657]  ? trace_contention_end+0x61/0x170
[  192.663562][ T3657]  ? hci_req_sync_complete+0x280/0x280
[  192.670042][ T3657]  ? mutex_lock_nested+0x10/0x10
[  192.675637][ T3657]  ? hci_encrypt_req+0x170/0x170
[  192.686305][ T3657]  hci_req_sync+0xa5/0xc0
[  192.691007][ T3657]  hci_dev_cmd+0x2fc/0xa30
[  192.695861][ T3657]  ? security_capable+0x86/0xb0
[  192.709818][ T3657]  ? hci_dev_reset_stat+0x1a0/0x1a0
[  192.715407][ T3657]  ? hci_sock_ioctl+0x426/0x850
[  192.731072][ T3657]  sock_do_ioctl+0x152/0x450
[  192.735986][ T3657]  ? sock_show_fdinfo+0xb0/0xb0
[  192.742125][ T3657]  ? __fget_files+0x28/0x4a0
[  192.747828][ T3657]  sock_ioctl+0x47f/0x770
[  192.752593][ T3657]  ? sock_poll+0x410/0x410
[  192.757486][ T3657]  ? __fget_files+0x28/0x4a0
[  192.762556][ T3657]  ? __fget_files+0x435/0x4a0
[  192.767545][ T3657]  ? __fget_files+0x28/0x4a0
[  192.772713][ T3657]  ? bpf_lsm_file_ioctl+0x5/0x10
[  192.779529][ T3657]  ? security_file_ioctl+0x7d/0xa0
[  192.786241][ T3657]  ? sock_poll+0x410/0x410
[  192.791158][ T3657]  __se_sys_ioctl+0xf1/0x160
[  192.796944][ T3657]  do_syscall_64+0x3b/0xb0
[  192.803549][ T3657]  ? clear_bhb_loop+0x45/0xa0
[  192.810583][ T3657]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  192.827111][ T3657] RIP: 0033:0x7fe9ba5757db
[  192.831641][ T3657] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  192.855866][ T3657] RSP: 002b:00007ffe51dc51d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  192.872347][ T3657] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fe9ba5757db
[  192.886733][ T3657] RDX: 00007ffe51dc5248 RSI: 00000000400448dd RDI: 0000000000000003
[  192.895252][ T3657] RBP: 00005555561a14a8 R08: 0000000000000000 R09: 0000000000000000
[  192.904675][ T3657] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  192.913093][ T3657] R13: 0000000000000001 R14: 0000000000000009 R15: 0000000000000009
[  192.922760][ T3657]  </TASK>
[  192.926502][ T3657] Kernel Offset: disabled
[  192.930896][ T3657] Rebooting in 86400 seconds..