Warning: Permanently added '10.128.1.35' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   43.581693][ T3123] ------------[ cut here ]------------
[   43.583214][ T3123] refcount_t: underflow; use-after-free.
[   43.584920][ T3123] WARNING: CPU: 1 PID: 3123 at lib/refcount.c:28 refcount_warn_saturate+0x1a0/0x1c8
[   43.587396][ T3123] Modules linked in:
[   43.588389][ T3123] CPU: 1 PID: 3123 Comm: syz-executor293 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0
[   43.591145][ T3123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022
[   43.593875][ T3123] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   43.595889][ T3123] pc : refcount_warn_saturate+0x1a0/0x1c8
[   43.597386][ T3123] lr : refcount_warn_saturate+0x1a0/0x1c8
[   43.598872][ T3123] sp : ffff800012e239a0
[   43.599961][ T3123] x29: ffff800012e239a0 x28: 0000000000000040 x27: ffff0000ca7319c0
[   43.602007][ T3123] x26: 0000000000008000 x25: 0000000000000000 x24: ffff0000cb3c1088
[   43.604083][ T3123] x23: 0000000000000000 x22: 0000000000000000 x21: ffff0000cd13800c
[   43.606202][ T3123] x20: 0000000000000003 x19: ffff80000d990000 x18: 00000000000000c0
[   43.608298][ T3123] x17: ffff80000ddda198 x16: ffff80000dc18158 x15: ffff0000c9323480
[   43.610433][ T3123] x14: 0000000000000000 x13: 00000000ffffffff x12: ffff0000c9323480
[   43.612502][ T3123] x11: ff808000081c4d40 x10: 0000000000000000 x9 : e14a204da9a56700
[   43.614620][ T3123] x8 : e14a204da9a56700 x7 : ffff80000c0b1cb4 x6 : 0000000000000000
[   43.616695][ T3123] x5 : 0000000000000080 x4 : 0000000000000001 x3 : 0000000000000000
[   43.618812][ T3123] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000026
[   43.620896][ T3123] Call trace:
[   43.621788][ T3123]  refcount_warn_saturate+0x1a0/0x1c8
[   43.623172][ T3123]  p9_client_walk+0x2a4/0x2e8
[   43.624384][ T3123]  v9fs_vfs_lookup+0xa0/0x37c
[   43.625561][ T3123]  v9fs_vfs_atomic_open+0x78/0x478
[   43.626872][ T3123]  path_openat+0x67c/0x11c4
[   43.628031][ T3123]  do_filp_open+0xdc/0x1b8
[   43.629151][ T3123]  do_sys_openat2+0xb8/0x22c
[   43.630355][ T3123]  __arm64_sys_openat+0xb0/0xe0
[   43.631600][ T3123]  el0_svc_common+0x138/0x220
[   43.632816][ T3123]  do_el0_svc+0x48/0x164
[   43.633947][ T3123]  el0_svc+0x58/0x150
[   43.634960][ T3123]  el0t_64_sync_handler+0x84/0xf0
[   43.636248][ T3123]  el0t_64_sync+0x190/0x194
[   43.637419][ T3123] irq event stamp: 1140
[   43.638551][ T3123] hardirqs last  enabled at (1139): [<ffff8000081c3024>] __up_console_sem+0xb0/0xfc
[   43.640994][ T3123] hardirqs last disabled at (1140): [<ffff80000c0a4074>] el1_dbg+0x24/0x80
[   43.643200][ T3123] softirqs last  enabled at (934): [<ffff80000843d9e8>] bdi_register_va+0x2b4/0x328
[   43.645723][ T3123] softirqs last disabled at (932): [<ffff80000843d898>] bdi_register_va+0x164/0x328
[   43.648133][ T3123] ---[ end trace 0000000000000000 ]---
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   44.071305][ T3075] ------------[ cut here ]------------
[   44.072809][ T3075] refcount_t: addition on 0; use-after-free.
[   44.074569][ T3075] WARNING: CPU: 1 PID: 3075 at lib/refcount.c:25 refcount_warn_saturate+0x180/0x1c8
[   44.077024][ T3075] Modules linked in:
[   44.078019][ T3075] CPU: 1 PID: 3075 Comm: syz-executor293 Tainted: G        W          6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0
[   44.081133][ T3075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022
[   44.083767][ T3075] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   44.085793][ T3075] pc : refcount_warn_saturate+0x180/0x1c8
[   44.087355][ T3075] lr : refcount_warn_saturate+0x180/0x1c8
[   44.088860][ T3075] sp : ffff80000fbcbb50
[   44.089925][ T3075] x29: ffff80000fbcbb50 x28: 0000000000000000 x27: 0000000000000000
[   44.092172][ T3075] x26: ffff80000db54000 x25: 0000000000000000 x24: ffff80000fbcbc28
[   44.094290][ T3075] x23: 0000000000000000 x22: 0000000001200000 x21: ffff80000fbcbd58
[   44.096372][ T3075] x20: 0000000000000002 x19: ffff80000d990000 x18: 00000000000000c0
[   44.098495][ T3075] x17: ffff80000ddda198 x16: ffff80000dc18158 x15: ffff0000c4541a40
[   44.100740][ T3075] x14: 0000000000000000 x13: 00000000ffffffff x12: ffff0000c4541a40
[   44.102871][ T3075] x11: ff808000081c4d40 x10: 0000000000000000 x9 : 30f2488938271100
[   44.104993][ T3075] x8 : 30f2488938271100 x7 : ffff80000c0b1cb4 x6 : 0000000000000000
[   44.107233][ T3075] x5 : 0000000000000080 x4 : 0000000000000001 x3 : 0000000000000000
[   44.109317][ T3075] x2 : 0000000000000000 x1 : 0000000100000001 x0 : 000000000000002a
[   44.111561][ T3075] Call trace:
[   44.112410][ T3075]  refcount_warn_saturate+0x180/0x1c8
[   44.113797][ T3075]  autogroup_task_get+0xfc/0x13c
[   44.115080][ T3075]  sched_autogroup_fork+0x1c/0x30
[   44.116392][ T3075]  copy_signal+0x18c/0x1fc
[   44.117553][ T3075]  copy_process+0xb5c/0x16ec
[   44.118746][ T3075]  kernel_clone+0x12c/0x380
[   44.119889][ T3075]  __arm64_sys_clone+0x68/0x98
[   44.121180][ T3075]  el0_svc_common+0x138/0x220
[   44.122386][ T3075]  do_el0_svc+0x48/0x164
[   44.123513][ T3075]  el0_svc+0x58/0x150
[   44.124553][ T3075]  el0t_64_sync_handler+0x84/0xf0
[   44.125868][ T3075]  el0t_64_sync+0x190/0x194
[   44.126936][ T3075] irq event stamp: 61086
[   44.127930][ T3075] hardirqs last  enabled at (61085): [<ffff80000c0b6d44>] _raw_spin_unlock_irqrestore+0x48/0x8c
[   44.130876][ T3075] hardirqs last disabled at (61086): [<ffff80000c0b6b80>] _raw_spin_lock_irqsave+0xa4/0xb4
[   44.133517][ T3075] softirqs last  enabled at (61064): [<ffff80000801c38c>] local_bh_enable+0x10/0x34
[   44.136133][ T3075] softirqs last disabled at (61062): [<ffff80000801c358>] local_bh_disable+0x10/0x34
[   44.138660][ T3075] ---[ end trace 0000000000000000 ]---
[   44.140657][ T3075] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000120
[   44.143452][ T3075] Mem abort info:
[   44.144400][ T3075]   ESR = 0x0000000096000004
[   44.145589][ T3075]   EC = 0x25: DABT (current EL), IL = 32 bits
[   44.147159][ T3075]   SET = 0, FnV = 0
[   44.148175][ T3075]   EA = 0, S1PTW = 0
[   44.149233][ T3075]   FSC = 0x04: level 0 translation fault
[   44.150807][ T3075] Data abort info:
[   44.151776][ T3075]   ISV = 0, ISS = 0x00000004
[   44.153026][ T3075]   CM = 0, WnR = 0
[   44.153979][ T3075] user pgtable: 4k pages, 48-bit VAs, pgdp=000000010b45f000
[   44.155873][ T3075] [0000000000000120] pgd=0000000000000000, p4d=0000000000000000
[   44.157983][ T3075] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[   44.159864][ T3075] Modules linked in:
[   44.160866][ T3075] CPU: 1 PID: 3075 Comm: syz-executor293 Tainted: G        W          6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0
[   44.163998][ T3075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022
[   44.166515][ T3075] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   44.168324][ T3075] pc : sched_cgroup_fork+0x98/0x13c
[   44.169694][ T3075] lr : sched_cgroup_fork+0x88/0x13c
[   44.171313][ T3075] sp : ffff80000fbcbba0
[   44.172539][ T3075] x29: ffff80000fbcbba0 x28: 0000000000000000 x27: 00000000ffffffff
[   44.174612][ T3075] x26: ffff80000db54000 x25: 0000000000000c8a x24: 0000000000000008
[   44.176696][ T3075] x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000
[   44.178753][ T3075] x20: ffff0000c9324ec0 x19: ffff0000c93257c8 x18: fffffffffffffff5
[   44.181085][ T3075] x17: ffff0000c7c7b100 x16: ffff80000dc18158 x15: ffff0000c4541a40
[   44.183124][ T3075] x14: 0000000000000010 x13: 00000000ffffffff x12: ffff0000c4541a40
[   44.185299][ T3075] x11: ff808000095f47d8 x10: 0000000000000000 x9 : 0000000000000001
[   44.187394][ T3075] x8 : ffff0000c4541a40 x7 : ffff80000815e5bc x6 : 0000000000000000
[   44.189450][ T3075] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff80000cbd7fa6
[   44.191795][ T3075] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000001
[   44.193881][ T3075] Call trace:
[   44.194751][ T3075]  sched_cgroup_fork+0x98/0x13c
[   44.195992][ T3075]  copy_process+0x11c0/0x16ec
[   44.197243][ T3075]  kernel_clone+0x12c/0x380
[   44.198393][ T3075]  __arm64_sys_clone+0x68/0x98
[   44.199616][ T3075]  el0_svc_common+0x138/0x220
[   44.200739][ T3075]  do_el0_svc+0x48/0x164
[   44.202123][ T3075]  el0_svc+0x58/0x150
[   44.203174][ T3075]  el0t_64_sync_handler+0x84/0xf0
[   44.204524][ T3075]  el0t_64_sync+0x190/0x194
[   44.205686][ T3075] Code: f9414e97 2a0003e9 d37df138 f9407e81 (f94092e8) 
[   44.207447][ T3075] ---[ end trace 0000000000000000 ]---
[   44.496394][ T3075] Kernel panic - not syncing: Oops: Fatal exception
[   44.498134][ T3075] SMP: stopping secondary CPUs
[   44.499411][ T3075] Kernel Offset: disabled
[   44.500493][ T3075] CPU features: 0x00000,040e0108,4c017203
[   44.502497][ T3075] Memory Limit: none
[   44.765828][ T3075] Rebooting in 86400 seconds..