Warning: Permanently added '10.128.0.161' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [   76.250213][  T146] cfg80211: failed to load regulatory.db
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   97.298308][ T5969] nfsd: failed to allocate reply cache
[   97.349569][ T5975] ==================================================================
[   97.357683][ T5975] BUG: KASAN: use-after-free in __list_add_valid+0xa5/0xb0
[   97.364913][ T5975] Read of size 8 at addr ffff8880262715c8 by task syz-executor161/5975
[   97.373170][ T5975] 
[   97.375500][ T5975] CPU: 0 PID: 5975 Comm: syz-executor161 Not tainted 6.0.0-syzkaller-09039-ga6afa4199d3d #0
[   97.385578][ T5975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   97.395647][ T5975] Call Trace:
[   97.398937][ T5975]  <TASK>
[   97.401888][ T5975]  dump_stack_lvl+0xcd/0x134
[   97.406508][ T5975]  print_report.cold+0x2ba/0x719
[   97.411499][ T5975]  ? __list_add_valid+0xa5/0xb0
[   97.416386][ T5975]  kasan_report+0xb1/0x1e0
[   97.420840][ T5975]  ? __list_add_valid+0xa5/0xb0
[   97.425723][ T5975]  __list_add_valid+0xa5/0xb0
[   97.430424][ T5975]  register_shrinker_prepared+0x37/0x120
[   97.436090][ T5975]  sget_fc+0x5e7/0x7c0
[   97.440195][ T5975]  ? refcount_dec_not_one+0x13b/0x1e0
[   97.445600][ T5975]  ? set_anon_super+0xb0/0xb0
[   97.450310][ T5975]  ? mqueue_get_tree+0x130/0x130
[   97.455279][ T5975]  get_tree_nodev+0x24/0x1d0
[   97.459911][ T5975]  mqueue_get_tree+0xee/0x130
[   97.464652][ T5975]  vfs_get_tree+0x89/0x2f0
[   97.469096][ T5975]  fc_mount+0x13/0xc0
[   97.473109][ T5975]  mq_init_ns+0x43e/0x630
[   97.477458][ T5975]  copy_ipcs+0x35e/0x5e0
[   97.481719][ T5975]  ? copy_utsname+0xa9/0x4a0
[   97.486338][ T5975]  create_new_namespaces+0x210/0xb20
[   97.491657][ T5975]  unshare_nsproxy_namespaces+0xc1/0x1f0
[   97.497318][ T5975]  ksys_unshare+0x445/0x920
[   97.501847][ T5975]  ? unshare_fd+0x1c0/0x1c0
[   97.506387][ T5975]  __x64_sys_unshare+0x2d/0x40
[   97.511262][ T5975]  do_syscall_64+0x35/0xb0
[   97.515709][ T5975]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   97.521629][ T5975] RIP: 0033:0x7f878917a909
[   97.526059][ T5975] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   97.545709][ T5975] RSP: 002b:00007f878912c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   97.554166][ T5975] RAX: ffffffffffffffda RBX: 00007f87892023e8 RCX: 00007f878917a909
[   97.562173][ T5975] RDX: 00007f878912c700 RSI: 8c53bf579e072fbf RDI: 000000006c060000
[   97.570173][ T5975] RBP: 00007f87892023e0 R08: 00007f878912c700 R09: 0000000000000000
[   97.578177][ T5975] R10: 00007f878912c700 R11: 0000000000000246 R12: 00007f87892023ec
[   97.586187][ T5975] R13: 00007ffe4e8905ff R14: 00007f878912c400 R15: 0000000000022000
[   97.594288][ T5975]  </TASK>
[   97.597342][ T5975] 
[   97.599672][ T5975] Allocated by task 5969:
[   97.604013][ T5975]  kasan_save_stack+0x1e/0x40
[   97.608730][ T5975]  __kasan_kmalloc+0xa9/0xd0
[   97.613350][ T5975]  ops_init+0xfb/0x470
[   97.617456][ T5975]  setup_net+0x5d1/0xc50
[   97.621721][ T5975]  copy_net_ns+0x318/0x760
[   97.626162][ T5975]  create_new_namespaces+0x3f6/0xb20
[   97.631471][ T5975]  unshare_nsproxy_namespaces+0xc1/0x1f0
[   97.637131][ T5975]  ksys_unshare+0x445/0x920
[   97.641748][ T5975]  __x64_sys_unshare+0x2d/0x40
[   97.646536][ T5975]  do_syscall_64+0x35/0xb0
[   97.650979][ T5975]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   97.656896][ T5975] 
[   97.659231][ T5975] Freed by task 5969:
[   97.663214][ T5975]  kasan_save_stack+0x1e/0x40
[   97.667917][ T5975]  kasan_set_track+0x21/0x30
[   97.672528][ T5975]  kasan_set_free_info+0x20/0x30
[   97.677488][ T5975]  ____kasan_slab_free+0x166/0x1c0
[   97.682619][ T5975]  slab_free_freelist_hook+0x8b/0x1c0
[   97.688008][ T5975]  kfree+0xe2/0x580
[   97.691832][ T5975]  ops_init+0xcd/0x470
[   97.695931][ T5975]  setup_net+0x5d1/0xc50
[   97.700196][ T5975]  copy_net_ns+0x318/0x760
[   97.704636][ T5975]  create_new_namespaces+0x3f6/0xb20
[   97.709956][ T5975]  unshare_nsproxy_namespaces+0xc1/0x1f0
[   97.715626][ T5975]  ksys_unshare+0x445/0x920
[   97.720157][ T5975]  __x64_sys_unshare+0x2d/0x40
[   97.724943][ T5975]  do_syscall_64+0x35/0xb0
[   97.729407][ T5975]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   97.735456][ T5975] 
[   97.737788][ T5975] Last potentially related work creation:
[   97.743607][ T5975]  kasan_save_stack+0x1e/0x40
[   97.748343][ T5975]  __kasan_record_aux_stack+0xbe/0xd0
[   97.753756][ T5975]  insert_work+0x48/0x350
[   97.758112][ T5975]  __queue_work+0x625/0x1200
[   97.762722][ T5975]  queue_work_on+0xee/0x110
[   97.767243][ T5975]  afs_purge_servers+0xea/0x340
[   97.772125][ T5975]  afs_net_exit+0x16d/0x320
[   97.776668][ T5975]  ops_exit_list+0xb0/0x170
[   97.781194][ T5975]  cleanup_net+0x4ea/0xb00
[   97.785653][ T5975]  process_one_work+0x991/0x1610
[   97.790611][ T5975]  worker_thread+0x665/0x1080
[   97.795311][ T5975]  kthread+0x2e4/0x3a0
[   97.799414][ T5975]  ret_from_fork+0x1f/0x30
[   97.803876][ T5975] 
[   97.806209][ T5975] Second to last potentially related work creation:
[   97.812799][ T5975]  kasan_save_stack+0x1e/0x40
[   97.817511][ T5975]  __kasan_record_aux_stack+0xbe/0xd0
[   97.822912][ T5975]  insert_work+0x48/0x350
[   97.827261][ T5975]  __queue_work+0x625/0x1200
[   97.831871][ T5975]  queue_work_on+0xee/0x110
[   97.836597][ T5975]  afs_queue_cell_manager+0x64/0xe0
[   97.841818][ T5975]  afs_cell_purge+0x105/0x2b0
[   97.846602][ T5975]  afs_net_exit+0x165/0x320
[   97.851195][ T5975]  ops_exit_list+0xb0/0x170
[   97.855699][ T5975]  cleanup_net+0x4ea/0xb00
[   97.860111][ T5975]  process_one_work+0x991/0x1610
[   97.865063][ T5975]  worker_thread+0x665/0x1080
[   97.869737][ T5975]  kthread+0x2e4/0x3a0
[   97.873816][ T5975]  ret_from_fork+0x1f/0x30
[   97.878229][ T5975] 
[   97.880549][ T5975] The buggy address belongs to the object at ffff888026271000
[   97.880549][ T5975]  which belongs to the cache kmalloc-2k of size 2048
[   97.894609][ T5975] The buggy address is located 1480 bytes inside of
[   97.894609][ T5975]  2048-byte region [ffff888026271000, ffff888026271800)
[   97.908058][ T5975] 
[   97.910378][ T5975] The buggy address belongs to the physical page:
[   97.916787][ T5975] page:ffffea0000989c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26270
[   97.926949][ T5975] head:ffffea0000989c00 order:3 compound_mapcount:0 compound_pincount:0
[   97.935261][ T5975] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   97.943253][ T5975] raw: 00fff00000010200 ffffea0001c6ba00 dead000000000002 ffff888011842000
[   97.951844][ T5975] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
[   97.960422][ T5975] page dumped because: kasan: bad access detected
[   97.966830][ T5975] page_owner tracks the page as allocated
[   97.972528][ T5975] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3757, tgid 3755 (syz-executor161), ts 54893932773, free_ts 54834561262
[   97.994142][ T5975]  get_page_from_freelist+0x109b/0x2ce0
[   97.999694][ T5975]  __alloc_pages+0x1c7/0x510
[   98.004300][ T5975]  alloc_pages+0x1a6/0x270
[   98.008718][ T5975]  allocate_slab+0x27e/0x3d0
[   98.013314][ T5975]  ___slab_alloc+0x84f/0xe80
[   98.017898][ T5975]  __slab_alloc.constprop.0+0x4d/0xa0
[   98.023265][ T5975]  __kmalloc+0x32b/0x340
[   98.027509][ T5975]  sk_prot_alloc+0x143/0x290
[   98.032093][ T5975]  sk_alloc+0x36/0x770
[   98.036244][ T5975]  __netlink_create+0x63/0x380
[   98.041018][ T5975]  __netlink_kernel_create+0x110/0x850
[   98.046490][ T5975]  genl_pernet_init+0xa9/0x140
[   98.051266][ T5975]  ops_init+0xaf/0x470
[   98.055338][ T5975]  setup_net+0x5d1/0xc50
[   98.059674][ T5975]  copy_net_ns+0x318/0x760
[   98.064085][ T5975]  create_new_namespaces+0x3f6/0xb20
[   98.069380][ T5975] page last free stack trace:
[   98.074047][ T5975]  free_pcp_prepare+0x5e4/0xd20
[   98.078903][ T5975]  free_unref_page+0x19/0x4d0
[   98.083581][ T5975]  __unfreeze_partials+0x17c/0x1a0
[   98.088688][ T5975]  qlist_free_all+0x6a/0x170
[   98.093285][ T5975]  kasan_quarantine_reduce+0x180/0x200
[   98.100494][ T5975]  __kasan_slab_alloc+0xa2/0xc0
[   98.105344][ T5975]  kmem_cache_alloc_node+0x2b1/0x3f0
[   98.110725][ T5975]  copy_process+0x5c2/0x7090
[   98.115319][ T5975]  kernel_clone+0xe7/0xab0
[   98.119918][ T5975]  __do_sys_clone+0xba/0x100
[   98.124503][ T5975]  do_syscall_64+0x35/0xb0
[   98.128960][ T5975]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   98.134875][ T5975] 
[   98.137191][ T5975] Memory state around the buggy address:
[   98.142811][ T5975]  ffff888026271480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.150984][ T5975]  ffff888026271500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.159041][ T5975] >ffff888026271580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.167178][ T5975]                                               ^
[   98.173575][ T5975]  ffff888026271600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.181743][ T5975]  ffff888026271680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.190064][ T5975] ==================================================================
[   98.206583][ T5975] Kernel panic - not syncing: panic_on_warn set ...
[   98.213219][ T5975] CPU: 0 PID: 5975 Comm: syz-executor161 Not tainted 6.0.0-syzkaller-09039-ga6afa4199d3d #0
[   98.223377][ T5975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   98.233695][ T5975] Call Trace:
[   98.237081][ T5975]  <TASK>
[   98.240040][ T5975]  dump_stack_lvl+0xcd/0x134
[   98.244848][ T5975]  panic+0x2c8/0x622
[   98.248750][ T5975]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   98.254737][ T5975]  ? preempt_schedule_common+0x59/0xc0
[   98.260207][ T5975]  ? preempt_schedule_thunk+0x16/0x18
[   98.265591][ T5975]  ? __list_add_valid+0xa5/0xb0
[   98.270448][ T5975]  end_report.part.0+0x3f/0x7c
[   98.275232][ T5975]  kasan_report.cold+0xa/0xf
[   98.279836][ T5975]  ? __list_add_valid+0xa5/0xb0
[   98.284686][ T5975]  __list_add_valid+0xa5/0xb0
[   98.289364][ T5975]  register_shrinker_prepared+0x37/0x120
[   98.294995][ T5975]  sget_fc+0x5e7/0x7c0
[   98.299058][ T5975]  ? refcount_dec_not_one+0x13b/0x1e0
[   98.304508][ T5975]  ? set_anon_super+0xb0/0xb0
[   98.309180][ T5975]  ? mqueue_get_tree+0x130/0x130
[   98.314130][ T5975]  get_tree_nodev+0x24/0x1d0
[   98.318729][ T5975]  mqueue_get_tree+0xee/0x130
[   98.323409][ T5975]  vfs_get_tree+0x89/0x2f0
[   98.327993][ T5975]  fc_mount+0x13/0xc0
[   98.331971][ T5975]  mq_init_ns+0x43e/0x630
[   98.336292][ T5975]  copy_ipcs+0x35e/0x5e0
[   98.340532][ T5975]  ? copy_utsname+0xa9/0x4a0
[   98.345122][ T5975]  create_new_namespaces+0x210/0xb20
[   98.350406][ T5975]  unshare_nsproxy_namespaces+0xc1/0x1f0
[   98.356051][ T5975]  ksys_unshare+0x445/0x920
[   98.360568][ T5975]  ? unshare_fd+0x1c0/0x1c0
[   98.365076][ T5975]  __x64_sys_unshare+0x2d/0x40
[   98.369831][ T5975]  do_syscall_64+0x35/0xb0
[   98.374248][ T5975]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   98.380141][ T5975] RIP: 0033:0x7f878917a909
[   98.384565][ T5975] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   98.404263][ T5975] RSP: 002b:00007f878912c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   98.412671][ T5975] RAX: ffffffffffffffda RBX: 00007f87892023e8 RCX: 00007f878917a909
[   98.420633][ T5975] RDX: 00007f878912c700 RSI: 8c53bf579e072fbf RDI: 000000006c060000
[   98.428628][ T5975] RBP: 00007f87892023e0 R08: 00007f878912c700 R09: 0000000000000000
[   98.436596][ T5975] R10: 00007f878912c700 R11: 0000000000000246 R12: 00007f87892023ec
[   98.444562][ T5975] R13: 00007ffe4e8905ff R14: 00007f878912c400 R15: 0000000000022000
[   98.452623][ T5975]  </TASK>
[   98.456087][ T5975] Kernel Offset: disabled
[   98.460407][ T5975] Rebooting in 86400 seconds..