Warning: Permanently added '10.128.0.54' (ED25519) to the list of known hosts.
2025/02/18 16:12:49 ignoring optional flag "sandboxArg"="0"
2025/02/18 16:12:51 parsed 1 programs
[  266.629747][ T5864] cgroup: Unknown subsys name 'net'
[  266.740238][ T5864] cgroup: Unknown subsys name 'cpuset'
[  266.750223][ T5864] cgroup: Unknown subsys name 'rlimit'
[  268.545447][ T5864] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  271.651299][ T5875] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  272.149330][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  272.158677][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  272.168093][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  272.177389][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  272.185896][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  272.193343][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  274.036564][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.069453][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.116210][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.130436][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.924441][ T5950] chnl_net:caif_netlink_parms(): no params data found
[  277.246167][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.254656][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.265267][ T5950] bridge_slave_0: entered allmulticast mode
[  277.285992][ T5950] bridge_slave_0: entered promiscuous mode
[  277.306786][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.314008][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.324971][ T5950] bridge_slave_1: entered allmulticast mode
[  277.332516][ T5950] bridge_slave_1: entered promiscuous mode
[  277.379644][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  277.392194][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  277.457107][ T5950] team0: Port device team_slave_0 added
[  277.476789][ T5950] team0: Port device team_slave_1 added
[  277.527331][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[  277.534395][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  277.561496][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  277.577945][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[  277.585183][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  277.611228][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  277.650153][ T5950] hsr_slave_0: entered promiscuous mode
[  277.656905][ T5950] hsr_slave_1: entered promiscuous mode
[  277.800020][ T5950] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  277.811065][ T5950] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  277.821497][ T5950] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  277.831073][ T5950] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  277.922811][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[  277.950598][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[  277.968820][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.976409][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  277.994356][ T3567] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.001711][ T3567] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.198971][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[  278.247200][ T5950] veth0_vlan: entered promiscuous mode
[  278.259790][ T5950] veth1_vlan: entered promiscuous mode
[  278.292708][ T5950] veth0_macvtap: entered promiscuous mode
[  278.302390][ T5950] veth1_macvtap: entered promiscuous mode
[  278.320860][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[  278.336748][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[  278.350391][ T5950] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.359522][ T5950] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.368752][ T5950] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.377843][ T5950] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.572856][   T62] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.665635][   T62] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.821766][   T62] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.950535][   T62] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/02/18 16:13:08 executed programs: 0
[  279.335307][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  279.344378][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  279.352781][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  279.366697][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  279.375286][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  279.383078][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  279.529799][ T5972] chnl_net:caif_netlink_parms(): no params data found
[  279.593894][ T5972] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.601357][ T5972] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.609196][ T5972] bridge_slave_0: entered allmulticast mode
[  279.616611][ T5972] bridge_slave_0: entered promiscuous mode
[  279.626281][ T5972] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.633473][ T5972] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.641386][ T5972] bridge_slave_1: entered allmulticast mode
[  279.649078][ T5972] bridge_slave_1: entered promiscuous mode
[  279.685883][ T5972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.698558][ T5972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.730740][ T5972] team0: Port device team_slave_0 added
[  279.740374][ T5972] team0: Port device team_slave_1 added
[  279.766288][ T5972] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.773308][ T5972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.800842][ T5972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.813562][ T5972] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.821640][ T5972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.848270][ T5972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.889351][ T5972] hsr_slave_0: entered promiscuous mode
[  279.895761][ T5972] hsr_slave_1: entered promiscuous mode
[  279.901958][ T5972] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  279.910389][ T5972] Cannot create hsr debugfs directory
[  281.436228][ T5145] Bluetooth: hci0: command tx timeout
[  281.585873][   T62] bridge_slave_1: left allmulticast mode
[  281.591897][   T62] bridge_slave_1: left promiscuous mode
[  281.600969][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.622026][   T62] bridge_slave_0: left allmulticast mode
[  281.632501][   T62] bridge_slave_0: left promiscuous mode
[  281.639983][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.031359][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  282.043918][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  282.058994][   T62] bond0 (unregistering): Released all slaves
[  282.186079][   T62] hsr_slave_0: left promiscuous mode
[  282.192517][   T62] hsr_slave_1: left promiscuous mode
[  282.207826][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  282.218798][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  282.228125][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  282.238936][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  282.267218][   T62] veth1_macvtap: left promiscuous mode
[  282.275131][   T62] veth0_macvtap: left promiscuous mode
[  282.281244][   T62] veth1_vlan: left promiscuous mode
[  282.288922][   T62] veth0_vlan: left promiscuous mode
[  282.809462][   T62] team0 (unregistering): Port device team_slave_1 removed
[  282.846357][   T62] team0 (unregistering): Port device team_slave_0 removed
[  283.391290][ T5972] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  283.414636][ T5972] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  283.428560][ T5972] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  283.466929][ T5972] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  283.515975][ T5145] Bluetooth: hci0: command tx timeout
[  283.653803][ T5972] 8021q: adding VLAN 0 to HW filter on device bond0
[  283.676249][ T5972] 8021q: adding VLAN 0 to HW filter on device team0
[  283.691690][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.698987][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.723094][ T3567] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.730292][ T3567] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.907326][ T5972] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.944617][ T5972] veth0_vlan: entered promiscuous mode
[  283.957288][ T5972] veth1_vlan: entered promiscuous mode
[  283.985544][ T5972] veth0_macvtap: entered promiscuous mode
[  283.994329][ T5972] veth1_macvtap: entered promiscuous mode
[  284.012462][ T5972] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.029207][ T5972] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.040810][ T5972] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  284.049851][ T5972] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  284.058751][ T5972] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  284.067717][ T5972] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  284.128661][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.138310][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.163400][ T3567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.171924][ T3567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/18 16:13:13 executed programs: 3
[  285.597553][ T5145] Bluetooth: hci0: command tx timeout
[  287.676151][ T5145] Bluetooth: hci0: command tx timeout
2025/02/18 16:13:18 executed programs: 68
2025/02/18 16:13:23 executed programs: 146
2025/02/18 16:13:28 executed programs: 222
2025/02/18 16:13:33 executed programs: 300
2025/02/18 16:13:38 executed programs: 379
2025/02/18 16:13:43 executed programs: 458
2025/02/18 16:13:48 executed programs: 538
[  322.557769][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  322.564393][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  323.626164][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  323.636202][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  323.646681][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  323.656463][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  323.664176][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  323.672062][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  323.795238][ T1161] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.839223][ T6619] chnl_net:caif_netlink_parms(): no params data found
[  323.862610][ T1161] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.926924][ T6619] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.934162][ T6619] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.941885][ T6619] bridge_slave_0: entered allmulticast mode
[  323.949030][ T6619] bridge_slave_0: entered promiscuous mode
[  323.969063][ T1161] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.984178][ T6619] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.991698][ T6619] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.999162][ T6619] bridge_slave_1: entered allmulticast mode
[  324.007014][ T6619] bridge_slave_1: entered promiscuous mode
[  324.035880][ T1161] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.061960][ T6619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  324.074200][ T6619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  324.102302][ T6619] team0: Port device team_slave_0 added
[  324.112271][ T6619] team0: Port device team_slave_1 added
[  324.140858][ T6619] batman_adv: batadv0: Adding interface: batadv_slave_0
[  324.150157][ T6619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.176690][ T6619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  324.190370][ T6619] batman_adv: batadv0: Adding interface: batadv_slave_1
[  324.198641][ T6619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.224931][ T6619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.317554][ T1161] bridge_slave_1: left allmulticast mode
[  324.323286][ T1161] bridge_slave_1: left promiscuous mode
[  324.330081][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.339784][ T1161] bridge_slave_0: left allmulticast mode
[  324.346778][ T1161] bridge_slave_0: left promiscuous mode
[  324.352519][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.608314][ T1161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  324.619598][ T1161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  324.630169][ T1161] bond0 (unregistering): Released all slaves
[  324.644072][ T6619] hsr_slave_0: entered promiscuous mode
[  324.651941][ T6619] hsr_slave_1: entered promiscuous mode
[  324.927913][ T1161] hsr_slave_0: left promiscuous mode
[  324.934169][ T1161] hsr_slave_1: left promiscuous mode
[  324.940291][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  324.953717][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_0
[  324.963278][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  324.971018][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_1
[  324.993150][ T1161] veth1_macvtap: left promiscuous mode
[  324.999051][ T1161] veth0_macvtap: left promiscuous mode
[  325.007688][ T1161] veth1_vlan: left promiscuous mode
[  325.013079][ T1161] veth0_vlan: left promiscuous mode
[  325.450674][ T1161] team0 (unregistering): Port device team_slave_1 removed
[  325.484329][ T1161] team0 (unregistering): Port device team_slave_0 removed
[  325.757425][   T54] Bluetooth: hci1: command tx timeout
[  326.069612][ T6619] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  326.080689][ T6619] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  326.105774][ T6619] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  326.126020][ T6619] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  326.258589][ T6619] 8021q: adding VLAN 0 to HW filter on device bond0
[  326.281917][ T6619] 8021q: adding VLAN 0 to HW filter on device team0
[  326.295948][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.303129][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.335687][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.342842][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  326.372466][ T6619] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  326.383184][ T6619] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  326.587002][ T6619] 8021q: adding VLAN 0 to HW filter on device batadv0
[  326.637522][ T6619] veth0_vlan: entered promiscuous mode
[  326.657665][ T6619] veth1_vlan: entered promiscuous mode
[  326.696218][ T6619] veth0_macvtap: entered promiscuous mode
[  326.708716][ T6619] veth1_macvtap: entered promiscuous mode
[  326.733007][ T6619] batman_adv: batadv0: Interface activated: batadv_slave_0
[  326.751020][ T6619] batman_adv: batadv0: Interface activated: batadv_slave_1
[  326.769761][ T6619] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.779459][ T6619] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.789181][ T6619] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.798486][ T6619] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.853407][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.869072][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.894491][ T3567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.903770][ T3567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/18 16:13:56 executed programs: 602
[  327.007172][ T6676] ==================================================================
[  327.015278][ T6676] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330
[  327.023195][ T6676] Read of size 8 at addr ffff88802a180000 by task syz.0.616/6676
[  327.030918][ T6676] 
[  327.033265][ T6676] CPU: 1 UID: 0 PID: 6676 Comm: syz.0.616 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  327.033290][ T6676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  327.033307][ T6676] Call Trace:
[  327.033316][ T6676]  <TASK>
[  327.033327][ T6676]  dump_stack_lvl+0x116/0x1f0
[  327.033360][ T6676]  print_report+0xc3/0x620
[  327.033396][ T6676]  ? __virt_addr_valid+0x5e/0x590
[  327.033420][ T6676]  ? __phys_addr+0xc6/0x150
[  327.033442][ T6676]  kasan_report+0xd9/0x110
[  327.033461][ T6676]  ? force_devcd_write+0x317/0x330
[  327.033490][ T6676]  ? force_devcd_write+0x317/0x330
[  327.033520][ T6676]  force_devcd_write+0x317/0x330
[  327.033548][ T6676]  ? __pfx_force_devcd_write+0x10/0x10
[  327.033576][ T6676]  ? __debugfs_file_get+0x1ff/0x850
[  327.033605][ T6676]  ? __pfx___debugfs_file_get+0x10/0x10
[  327.033633][ T6676]  ? rcu_is_watching+0x12/0xc0
[  327.033656][ T6676]  ? trace_lock_acquire+0x14e/0x1f0
[  327.033683][ T6676]  full_proxy_write+0x13c/0x200
[  327.033712][ T6676]  ? __pfx_full_proxy_write+0x10/0x10
[  327.033740][ T6676]  vfs_write+0x24c/0x1150
[  327.033773][ T6676]  ? __pfx_vfs_write+0x10/0x10
[  327.033802][ T6676]  ? do_futex+0x123/0x350
[  327.033828][ T6676]  ? __pfx_do_futex+0x10/0x10
[  327.033858][ T6676]  ? __x64_sys_futex+0x1e1/0x4c0
[  327.033884][ T6676]  ? __x64_sys_futex+0x1ea/0x4c0
[  327.033912][ T6676]  ksys_write+0x12b/0x250
[  327.033942][ T6676]  ? __pfx_ksys_write+0x10/0x10
[  327.033981][ T6676]  do_syscall_64+0xcd/0x250
[  327.034010][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.034043][ T6676] RIP: 0033:0x7f39e0b8cde9
[  327.034060][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.034085][ T6676] RSP: 002b:00007ffde5cf70a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  327.034105][ T6676] RAX: ffffffffffffffda RBX: 00007f39e0da5fa0 RCX: 00007f39e0b8cde9
[  327.034120][ T6676] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  327.034133][ T6676] RBP: 00007f39e0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  327.034147][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.034160][ T6676] R13: 00007f39e0da5fa0 R14: 00007f39e0da5fa0 R15: 0000000000000003
[  327.034180][ T6676]  </TASK>
[  327.034187][ T6676] 
[  327.260485][ T6676] Allocated by task 5972:
[  327.264829][ T6676]  kasan_save_stack+0x33/0x60
[  327.269566][ T6676]  kasan_save_track+0x14/0x30
[  327.274293][ T6676]  __kasan_kmalloc+0xaa/0xb0
[  327.278932][ T6676]  vhci_open+0x4c/0x430
[  327.283118][ T6676]  misc_open+0x35a/0x420
[  327.287467][ T6676]  chrdev_open+0x237/0x6a0
[  327.291925][ T6676]  do_dentry_open+0x735/0x1c40
[  327.296720][ T6676]  vfs_open+0x82/0x3f0
[  327.300803][ T6676]  path_openat+0x1e88/0x2d80
[  327.305426][ T6676]  do_filp_open+0x20c/0x470
[  327.309962][ T6676]  do_sys_openat2+0x17a/0x1e0
[  327.314660][ T6676]  __x64_sys_openat+0x175/0x210
[  327.319537][ T6676]  do_syscall_64+0xcd/0x250
[  327.324069][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.329993][ T6676] 
[  327.332331][ T6676] Freed by task 5972:
[  327.336347][ T6676]  kasan_save_stack+0x33/0x60
[  327.341056][ T6676]  kasan_save_track+0x14/0x30
[  327.345765][ T6676]  kasan_save_free_info+0x3b/0x60
[  327.350818][ T6676]  __kasan_slab_free+0x51/0x70
[  327.355618][ T6676]  kfree+0x2c4/0x4d0
[  327.359567][ T6676]  vhci_release+0xbb/0xf0
[  327.363923][ T6676]  __fput+0x3ff/0xb70
[  327.367926][ T6676]  task_work_run+0x14e/0x250
[  327.372548][ T6676]  do_exit+0xad8/0x2d70
[  327.376722][ T6676]  do_group_exit+0xd3/0x2a0
[  327.381250][ T6676]  get_signal+0x24ed/0x26c0
[  327.385784][ T6676]  arch_do_signal_or_restart+0x90/0x7e0
[  327.391350][ T6676]  syscall_exit_to_user_mode+0x150/0x2a0
[  327.397012][ T6676]  do_syscall_64+0xda/0x250
[  327.401538][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.407465][ T6676] 
[  327.409795][ T6676] The buggy address belongs to the object at ffff88802a180000
[  327.409795][ T6676]  which belongs to the cache kmalloc-1k of size 1024
[  327.423865][ T6676] The buggy address is located 0 bytes inside of
[  327.423865][ T6676]  freed 1024-byte region [ffff88802a180000, ffff88802a180400)
[  327.437593][ T6676] 
[  327.439927][ T6676] The buggy address belongs to the physical page:
[  327.446359][ T6676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a180
[  327.455142][ T6676] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  327.463654][ T6676] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  327.471658][ T6676] page_type: f5(slab)
[  327.475672][ T6676] raw: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  327.484278][ T6676] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  327.492882][ T6676] head: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  327.501589][ T6676] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  327.510308][ T6676] head: 00fff00000000003 ffffea0000a86001 ffffffffffffffff 0000000000000000
[  327.519009][ T6676] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  327.527692][ T6676] page dumped because: kasan: bad access detected
[  327.534155][ T6676] page_owner tracks the page as allocated
[  327.539887][ T6676] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5647, tgid 5647 (dhcpcd), ts 60219053226, free_ts 60195996532
[  327.560758][ T6676]  post_alloc_hook+0x181/0x1b0
[  327.565587][ T6676]  get_page_from_freelist+0xfce/0x2f80
[  327.571087][ T6676]  __alloc_frozen_pages_noprof+0x221/0x2470
[  327.577017][ T6676]  alloc_pages_mpol+0x1fc/0x540
[  327.581884][ T6676]  new_slab+0x23d/0x330
[  327.586065][ T6676]  ___slab_alloc+0xc5d/0x1720
[  327.590772][ T6676]  __slab_alloc.constprop.0+0x56/0xb0
[  327.596172][ T6676]  __kmalloc_node_track_caller_noprof+0x2f1/0x510
[  327.602623][ T6676]  kmalloc_reserve+0xef/0x2c0
[  327.607333][ T6676]  __alloc_skb+0x164/0x380
[  327.611774][ T6676]  alloc_skb_with_frags+0xe4/0x850
[  327.616919][ T6676]  sock_alloc_send_pskb+0x7f1/0x980
[  327.622148][ T6676]  packet_sendmsg+0x1fd3/0x56c0
[  327.627026][ T6676]  sock_write_iter+0x4fe/0x5b0
[  327.631812][ T6676]  do_iter_readv_writev+0x655/0x950
[  327.637035][ T6676]  vfs_writev+0x363/0xdd0
[  327.641392][ T6676] page last free pid 5642 tgid 5642 stack trace:
[  327.647731][ T6676]  free_frozen_pages+0x6db/0xfb0
[  327.652702][ T6676]  __put_partials+0x14c/0x170
[  327.657425][ T6676]  qlist_free_all+0x4e/0x120
[  327.662080][ T6676]  kasan_quarantine_reduce+0x195/0x1e0
[  327.667581][ T6676]  __kasan_slab_alloc+0x69/0x90
[  327.672473][ T6676]  kmem_cache_alloc_noprof+0x226/0x3d0
[  327.677975][ T6676]  getname_flags.part.0+0x4c/0x550
[  327.683115][ T6676]  getname+0x8d/0xe0
[  327.687037][ T6676]  do_sys_openat2+0x104/0x1e0
[  327.691735][ T6676]  __x64_sys_openat+0x175/0x210
[  327.696607][ T6676]  do_syscall_64+0xcd/0x250
[  327.701136][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.707073][ T6676] 
[  327.709406][ T6676] Memory state around the buggy address:
[  327.715051][ T6676]  ffff88802a17ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  327.723129][ T6676]  ffff88802a17ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  327.731290][ T6676] >ffff88802a180000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  327.739361][ T6676]                    ^
[  327.743459][ T6676]  ffff88802a180080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  327.751536][ T6676]  ffff88802a180100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  327.759611][ T6676] ==================================================================
[  327.770370][ T6676] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  327.777619][ T6676] CPU: 0 UID: 0 PID: 6676 Comm: syz.0.616 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  327.788249][ T6676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  327.798343][ T6676] Call Trace:
[  327.801733][ T6676]  <TASK>
[  327.804720][ T6676]  dump_stack_lvl+0x3d/0x1f0
[  327.809369][ T6676]  panic+0x71d/0x800
[  327.813327][ T6676]  ? __pfx_panic+0x10/0x10
[  327.817771][ T6676]  ? preempt_schedule_thunk+0x1a/0x30
[  327.823174][ T6676]  ? preempt_schedule_common+0x44/0xc0
[  327.828686][ T6676]  ? check_panic_on_warn+0x1f/0xb0
[  327.833835][ T6676]  check_panic_on_warn+0xab/0xb0
[  327.838802][ T6676]  end_report+0x117/0x180
[  327.843174][ T6676]  kasan_report+0xe9/0x110
[  327.847628][ T6676]  ? force_devcd_write+0x317/0x330
[  327.852789][ T6676]  ? force_devcd_write+0x317/0x330
[  327.857945][ T6676]  force_devcd_write+0x317/0x330
[  327.862922][ T6676]  ? __pfx_force_devcd_write+0x10/0x10
[  327.868420][ T6676]  ? __debugfs_file_get+0x1ff/0x850
[  327.873699][ T6676]  ? __pfx___debugfs_file_get+0x10/0x10
[  327.879275][ T6676]  ? rcu_is_watching+0x12/0xc0
[  327.884064][ T6676]  ? trace_lock_acquire+0x14e/0x1f0
[  327.889293][ T6676]  full_proxy_write+0x13c/0x200
[  327.894182][ T6676]  ? __pfx_full_proxy_write+0x10/0x10
[  327.899584][ T6676]  vfs_write+0x24c/0x1150
[  327.903952][ T6676]  ? __pfx_vfs_write+0x10/0x10
[  327.908754][ T6676]  ? do_futex+0x123/0x350
[  327.913114][ T6676]  ? __pfx_do_futex+0x10/0x10
[  327.917826][ T6676]  ? __x64_sys_futex+0x1e1/0x4c0
[  327.922795][ T6676]  ? __x64_sys_futex+0x1ea/0x4c0
[  327.927764][ T6676]  ksys_write+0x12b/0x250
[  327.932128][ T6676]  ? __pfx_ksys_write+0x10/0x10
[  327.937013][ T6676]  do_syscall_64+0xcd/0x250
[  327.941545][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.947471][ T6676] RIP: 0033:0x7f39e0b8cde9
[  327.951902][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.971535][ T6676] RSP: 002b:00007ffde5cf70a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  327.979978][ T6676] RAX: ffffffffffffffda RBX: 00007f39e0da5fa0 RCX: 00007f39e0b8cde9
[  327.987973][ T6676] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  327.995968][ T6676] RBP: 00007f39e0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  328.003959][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  328.011953][ T6676] R13: 00007f39e0da5fa0 R14: 00007f39e0da5fa0 R15: 0000000000000003
[  328.019965][ T6676]  </TASK>
[  328.023261][ T6676] Kernel Offset: disabled
[  328.027601][ T6676] Rebooting in 86400 seconds..