Warning: Permanently added '10.128.10.34' (ED25519) to the list of known hosts.
[   68.752536][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   68.769257][ T5832] chnl_net:caif_netlink_parms(): no params data found
[   68.949751][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   68.969763][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.978083][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.985803][ T5832] bridge_slave_0: entered allmulticast mode
[   68.992497][ T5832] bridge_slave_0: entered promiscuous mode
[   69.006693][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.013806][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.021378][ T5828] bridge_slave_0: entered allmulticast mode
[   69.028381][ T5828] bridge_slave_0: entered promiscuous mode
[   69.036709][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.043817][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.051235][ T5828] bridge_slave_1: entered allmulticast mode
[   69.057863][ T5828] bridge_slave_1: entered promiscuous mode
[   69.069105][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.076356][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.083585][ T5832] bridge_slave_1: entered allmulticast mode
[   69.090891][ T5832] bridge_slave_1: entered promiscuous mode
[   69.117106][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   69.164003][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.191253][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.204689][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.235170][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.316534][ T5828] team0: Port device team_slave_0 added
[   69.326231][ T5832] team0: Port device team_slave_0 added
[   69.346245][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.353422][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.361096][ T5831] bridge_slave_0: entered allmulticast mode
[   69.368410][ T5831] bridge_slave_0: entered promiscuous mode
[   69.377281][ T5828] team0: Port device team_slave_1 added
[   69.383178][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.390355][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.397599][ T5831] bridge_slave_1: entered allmulticast mode
[   69.404204][ T5831] bridge_slave_1: entered promiscuous mode
[   69.413442][ T5832] team0: Port device team_slave_1 added
[   69.481825][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.492139][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.499650][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.526460][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.538328][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.545755][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.552940][ T5827] bridge_slave_0: entered allmulticast mode
[   69.559833][ T5827] bridge_slave_0: entered promiscuous mode
[   69.567118][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.574089][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.600247][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.613930][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.624897][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.631860][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.658455][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.670092][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.677582][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.684889][ T5827] bridge_slave_1: entered allmulticast mode
[   69.691459][ T5827] bridge_slave_1: entered promiscuous mode
[   69.698426][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.705569][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.731624][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.795492][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.807220][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.818760][ T5831] team0: Port device team_slave_0 added
[   69.828020][ T5831] team0: Port device team_slave_1 added
[   69.902423][ T5828] hsr_slave_0: entered promiscuous mode
[   69.909362][ T5828] hsr_slave_1: entered promiscuous mode
[   69.917893][ T5827] team0: Port device team_slave_0 added
[   69.927572][ T5832] hsr_slave_0: entered promiscuous mode
[   69.935638][ T5832] hsr_slave_1: entered promiscuous mode
[   69.941681][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.949813][ T5832] Cannot create hsr debugfs directory
[   69.967024][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.973999][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.000292][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.013747][ T5827] team0: Port device team_slave_1 added
[   70.031784][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.038961][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.065570][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.113361][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.120442][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.146690][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.174876][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.181852][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.208024][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.241613][ T5831] hsr_slave_0: entered promiscuous mode
[   70.248094][ T5831] hsr_slave_1: entered promiscuous mode
[   70.254074][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.263072][ T5831] Cannot create hsr debugfs directory
[   70.332150][ T5827] hsr_slave_0: entered promiscuous mode
[   70.338567][ T5827] hsr_slave_1: entered promiscuous mode
[   70.347298][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.355144][ T5827] Cannot create hsr debugfs directory
[   70.546260][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   70.567299][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   70.588160][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   70.607372][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   70.642172][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   70.670757][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   70.680420][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   70.698565][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   70.739800][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   70.761119][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   70.771864][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   70.791445][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   70.877317][ T5827] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   70.901217][ T5827] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   70.911609][ T5827] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   70.931173][ T5827] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   70.983161][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.020987][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.033314][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[   71.050552][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.057865][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.075645][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   71.114403][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.121559][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.140407][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.147586][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.162269][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.169428][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.208290][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.243958][ T5832] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   71.255039][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   71.305924][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   71.325524][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.332635][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.353980][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.372372][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.379527][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.391810][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.405891][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.451449][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   71.494567][ T2919] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.501650][ T2919] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.512485][ T2919] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.519705][ T2919] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.580699][ T5832] veth0_vlan: entered promiscuous mode
[   71.591612][ T5828] veth0_vlan: entered promiscuous mode
[   71.616565][ T5828] veth1_vlan: entered promiscuous mode
[   71.635944][ T5832] veth1_vlan: entered promiscuous mode
[   71.677765][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.691454][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.711394][ T5828] veth0_macvtap: entered promiscuous mode
[   71.721576][ T5828] veth1_macvtap: entered promiscuous mode
[   71.758992][ T5832] veth0_macvtap: entered promiscuous mode
[   71.773127][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.792446][ T5832] veth1_macvtap: entered promiscuous mode
[   71.815619][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.849081][ T5827] veth0_vlan: entered promiscuous mode
[   71.858636][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[   71.870602][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.881647][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.890367][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.900521][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.909867][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.919043][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.940896][ T5827] veth1_vlan: entered promiscuous mode
[   71.957083][ T5832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[   71.969037][ T5832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.980616][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.992620][ T5832] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.001877][ T5832] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.012769][ T5832] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.021583][ T5832] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.045694][ T5831] veth0_vlan: entered promiscuous mode
executing program
[   72.100138][ T5831] veth1_vlan: entered promiscuous mode
[   72.132162][ T5827] veth0_macvtap: entered promiscuous mode
[   72.142398][ T5860] 
executing program
[   72.144758][ T5860] ================================================
[   72.151247][ T5860] WARNING: lock held when returning to user space!
[   72.157756][ T5860] 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 Not tainted
[   72.164869][ T5860] ------------------------------------------------
[   72.171362][ T5860] syz-executor197/5860 is leaving the kernel with locks still held!
[   72.179323][ T5860] 1 lock held by syz-executor197/5860:
[   72.184794][ T5860]  #0: ffffffff8fabfb08 (rtnl_mutex){+.+.}-{4:4}, at: nsim_pp_hold_write+0x105/0x4d0
[   72.884832][   T11] ==================================================================
[   72.892936][   T11] BUG: KASAN: slab-use-after-free in mutex_can_spin_on_owner+0x1d9/0x210
[   72.901345][   T11] Read of size 4 at addr ffff88807963bc34 by task kworker/u8:0/11
[   72.909143][   T11] 
[   72.911468][   T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[   72.922163][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   72.932216][   T11] Workqueue: events_unbound linkwatch_event
[   72.938139][   T11] Call Trace:
[   72.941414][   T11]  <TASK>
[   72.944347][   T11]  dump_stack_lvl+0x116/0x1f0
[   72.949041][   T11]  print_report+0xc3/0x620
[   72.953460][   T11]  ? __virt_addr_valid+0x5e/0x590
[   72.958485][   T11]  ? __phys_addr+0xc6/0x150
[   72.962990][   T11]  kasan_report+0xd9/0x110
[   72.967410][   T11]  ? mutex_can_spin_on_owner+0x1d9/0x210
[   72.973042][   T11]  ? mutex_can_spin_on_owner+0x1d9/0x210
[   72.978677][   T11]  mutex_can_spin_on_owner+0x1d9/0x210
[   72.984133][   T11]  __mutex_lock+0x23d/0xa60
[   72.988638][   T11]  ? linkwatch_event+0x51/0xc0
[   72.993408][   T11]  ? __pfx___schedule+0x10/0x10
[   72.998254][   T11]  ? __pfx___mutex_lock+0x10/0x10
[   73.003280][   T11]  ? lock_release+0x4e2/0x6f0
[   73.007955][   T11]  ? rcu_is_watching+0x12/0xc0
[   73.012722][   T11]  ? linkwatch_event+0x51/0xc0
[   73.017490][   T11]  linkwatch_event+0x51/0xc0
[   73.022084][   T11]  ? __pfx_linkwatch_event+0x10/0x10
[   73.027377][   T11]  ? rcu_is_watching+0x12/0xc0
[   73.032143][   T11]  process_one_work+0x958/0x1b30
[   73.037079][   T11]  ? __pfx_process_one_work+0x10/0x10
[   73.042443][   T11]  ? rcu_is_watching+0x12/0xc0
[   73.047210][   T11]  ? assign_work+0x1a0/0x250
[   73.051818][   T11]  worker_thread+0x6c8/0xf00
[   73.056407][   T11]  ? __pfx_worker_thread+0x10/0x10
[   73.061513][   T11]  kthread+0x2c1/0x3a0
[   73.065583][   T11]  ? _raw_spin_unlock_irq+0x23/0x50
[   73.070781][   T11]  ? __pfx_kthread+0x10/0x10
[   73.075369][   T11]  ret_from_fork+0x45/0x80
[   73.079780][   T11]  ? __pfx_kthread+0x10/0x10
[   73.084370][   T11]  ret_from_fork_asm+0x1a/0x30
[   73.089142][   T11]  </TASK>
[   73.092153][   T11] 
[   73.094464][   T11] Allocated by task 5832:
[   73.098782][   T11]  kasan_save_stack+0x33/0x60
[   73.103458][   T11]  kasan_save_track+0x14/0x30
[   73.108134][   T11]  __kasan_slab_alloc+0x89/0x90
[   73.112985][   T11]  kmem_cache_alloc_node_noprof+0x1ca/0x3b0
[   73.118878][   T11]  copy_process+0x49c/0x6f20
[   73.123467][   T11]  kernel_clone+0xfd/0x960
[   73.127883][   T11]  __do_sys_clone+0xba/0x100
[   73.132472][   T11]  do_syscall_64+0xcd/0x250
[   73.136976][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.142871][   T11] 
[   73.145187][   T11] Freed by task 0:
[   73.148896][   T11]  kasan_save_stack+0x33/0x60
[   73.153572][   T11]  kasan_save_track+0x14/0x30
[   73.158250][   T11]  kasan_save_free_info+0x3b/0x60
[   73.163269][   T11]  __kasan_slab_free+0x51/0x70
[   73.168035][   T11]  kmem_cache_free+0x152/0x4c0
[   73.172799][   T11]  delayed_put_task_struct+0x119/0x2f0
[   73.178262][   T11]  rcu_core+0x79d/0x14d0
[   73.182507][   T11]  handle_softirqs+0x213/0x8f0
[   73.187267][   T11]  __irq_exit_rcu+0x109/0x170
[   73.191942][   T11]  irq_exit_rcu+0x9/0x30
[   73.196183][   T11]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   73.201824][   T11]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   73.207806][   T11] 
[   73.210123][   T11] Last potentially related work creation:
[   73.215824][   T11]  kasan_save_stack+0x33/0x60
[   73.220502][   T11]  __kasan_record_aux_stack+0xba/0xd0
[   73.225868][   T11]  __call_rcu_common.constprop.0+0x99/0x7a0
[   73.231758][   T11]  put_task_struct_rcu_user+0x75/0xc0
[   73.237133][   T11]  release_task+0xe75/0x1b00
[   73.241724][   T11]  wait_consider_task+0x1812/0x4100
[   73.246932][   T11]  __do_wait+0x1e2/0x890
[   73.251175][   T11]  do_wait+0x217/0x570
[   73.255250][   T11]  kernel_wait4+0x16c/0x280
[   73.259756][   T11]  __do_sys_wait4+0x15f/0x170
[   73.264436][   T11]  do_syscall_64+0xcd/0x250
[   73.268943][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.274837][   T11] 
[   73.277153][   T11] The buggy address belongs to the object at ffff88807963bc00
[   73.277153][   T11]  which belongs to the cache task_struct of size 7424
[   73.291285][   T11] The buggy address is located 52 bytes inside of
[   73.291285][   T11]  freed 7424-byte region [ffff88807963bc00, ffff88807963d900)
[   73.305076][   T11] 
[   73.307399][   T11] The buggy address belongs to the physical page:
[   73.313804][   T11] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x79638
[   73.322563][   T11] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   73.331055][   T11] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   73.338591][   T11] page_type: f5(slab)
[   73.342570][   T11] raw: 00fff00000000040 ffff88801bafe500 dead000000000122 0000000000000000
[   73.351149][   T11] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000
[   73.359733][   T11] head: 00fff00000000040 ffff88801bafe500 dead000000000122 0000000000000000
[   73.368399][   T11] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000
[   73.377068][   T11] head: 00fff00000000003 ffffea0001e58e01 ffffffffffffffff 0000000000000000
[   73.385733][   T11] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   73.394400][   T11] page dumped because: kasan: bad access detected
[   73.400809][   T11] page_owner tracks the page as allocated
[   73.406515][   T11] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5205, tgid 5205 (udevd), ts 70633711105, free_ts 70632917679
[   73.427264][   T11]  post_alloc_hook+0x2d1/0x350
[   73.432037][   T11]  get_page_from_freelist+0xfce/0x2f80
[   73.437497][   T11]  __alloc_pages_noprof+0x223/0x25b0
[   73.442805][   T11]  alloc_pages_mpol_noprof+0x2c9/0x610
[   73.448270][   T11]  new_slab+0x2c9/0x410
[   73.452422][   T11]  ___slab_alloc+0xce2/0x1650
[   73.457106][   T11]  __slab_alloc.constprop.0+0x56/0xb0
[   73.462479][   T11]  kmem_cache_alloc_node_noprof+0xf2/0x3b0
[   73.468286][   T11]  copy_process+0x49c/0x6f20
[   73.472876][   T11]  kernel_clone+0xfd/0x960
[   73.477292][   T11]  __do_sys_clone+0xba/0x100
[   73.481889][   T11]  do_syscall_64+0xcd/0x250
[   73.486393][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.492286][   T11] page last free pid 5205 tgid 5205 stack trace:
[   73.498600][   T11]  free_unref_page+0x661/0x1080
[   73.503454][   T11]  qlist_free_all+0x4e/0x120
[   73.508043][   T11]  kasan_quarantine_reduce+0x195/0x1e0
[   73.513501][   T11]  __kasan_slab_alloc+0x69/0x90
[   73.518352][   T11]  kmem_cache_alloc_lru_noprof+0x1c8/0x3b0
[   73.524160][   T11]  shmem_alloc_inode+0x25/0x50
[   73.528932][   T11]  alloc_inode+0x5d/0x230
[   73.533263][   T11]  new_inode+0x22/0x210
[   73.537421][   T11]  shmem_get_inode+0x194/0xf00
[   73.542195][   T11]  shmem_mknod+0x1a8/0x450
[   73.546614][   T11]  lookup_open.isra.0+0x1174/0x14c0
[   73.551832][   T11]  path_openat+0x904/0x2d60
[   73.556345][   T11]  do_filp_open+0x20c/0x470
[   73.560856][   T11]  do_sys_openat2+0x17a/0x1e0
[   73.565541][   T11]  __x64_sys_openat+0x175/0x210
[   73.570399][   T11]  do_syscall_64+0xcd/0x250
[   73.574907][   T11] 
[   73.577222][   T11] Memory state around the buggy address:
[   73.582845][   T11]  ffff88807963bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.590911][   T11]  ffff88807963bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.598967][   T11] >ffff88807963bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   73.607029][   T11]                                      ^
[   73.612652][   T11]  ffff88807963bc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   73.620706][   T11]  ffff88807963bd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   73.628759][   T11] ==================================================================
[   73.637642][   T11] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   73.644863][   T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[   73.655556][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   73.665609][   T11] Workqueue: events_unbound linkwatch_event
[   73.671515][   T11] Call Trace:
[   73.674785][   T11]  <TASK>
[   73.677711][   T11]  dump_stack_lvl+0x3d/0x1f0
[   73.682302][   T11]  panic+0x71d/0x800
[   73.686204][   T11]  ? __pfx_panic+0x10/0x10
[   73.690622][   T11]  ? trace_irq_enable.constprop.0+0xea/0x140
[   73.696605][   T11]  ? check_panic_on_warn+0x1f/0xb0
[   73.701721][   T11]  check_panic_on_warn+0xab/0xb0
[   73.706676][   T11]  end_report+0x117/0x180
[   73.711010][   T11]  kasan_report+0xe9/0x110
[   73.715435][   T11]  ? mutex_can_spin_on_owner+0x1d9/0x210
[   73.721066][   T11]  ? mutex_can_spin_on_owner+0x1d9/0x210
[   73.726699][   T11]  mutex_can_spin_on_owner+0x1d9/0x210
[   73.732157][   T11]  __mutex_lock+0x23d/0xa60
[   73.736671][   T11]  ? linkwatch_event+0x51/0xc0
[   73.741441][   T11]  ? __pfx___schedule+0x10/0x10
[   73.746289][   T11]  ? __pfx___mutex_lock+0x10/0x10
[   73.751316][   T11]  ? lock_release+0x4e2/0x6f0
[   73.755995][   T11]  ? rcu_is_watching+0x12/0xc0
[   73.760762][   T11]  ? linkwatch_event+0x51/0xc0
[   73.765530][   T11]  linkwatch_event+0x51/0xc0
[   73.770129][   T11]  ? __pfx_linkwatch_event+0x10/0x10
[   73.775431][   T11]  ? rcu_is_watching+0x12/0xc0
[   73.780200][   T11]  process_one_work+0x958/0x1b30
[   73.785142][   T11]  ? __pfx_process_one_work+0x10/0x10
[   73.790512][   T11]  ? rcu_is_watching+0x12/0xc0
[   73.795287][   T11]  ? assign_work+0x1a0/0x250
[   73.799883][   T11]  worker_thread+0x6c8/0xf00
[   73.804475][   T11]  ? __pfx_worker_thread+0x10/0x10
[   73.809580][   T11]  kthread+0x2c1/0x3a0
[   73.813646][   T11]  ? _raw_spin_unlock_irq+0x23/0x50
[   73.819018][   T11]  ? __pfx_kthread+0x10/0x10
[   73.823609][   T11]  ret_from_fork+0x45/0x80
[   73.828047][   T11]  ? __pfx_kthread+0x10/0x10
[   73.832636][   T11]  ret_from_fork_asm+0x1a/0x30
[   73.837410][   T11]  </TASK>
[   73.840726][   T11] Kernel Offset: disabled
[   73.845057][   T11] Rebooting in 86400 seconds..