Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts.
1970/01/01 00:01:02 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:02 parsed 1 programs
[   62.584688][ T6447] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SS
1970/01/01 00:01:02 executed programs: 0
[   62.622313][ T5671] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.624402][ T5671] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.626314][ T5671] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.629066][ T5671] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.630974][ T5671] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   62.632998][ T5671] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.700315][ T6455] chnl_net:caif_netlink_parms(): no params data found
[   62.727938][ T6455] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.729627][ T6455] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.731339][ T6455] bridge_slave_0: entered allmulticast mode
[   62.733167][ T6455] bridge_slave_0: entered promiscuous mode
[   62.737259][ T6455] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.738875][ T6455] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.740597][ T6455] bridge_slave_1: entered allmulticast mode
[   62.742564][ T6455] bridge_slave_1: entered promiscuous mode
[   62.754803][ T6455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.758548][ T6455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.771353][ T6455] team0: Port device team_slave_0 added
[   62.773926][ T6455] team0: Port device team_slave_1 added
[   62.784175][ T6455] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.785839][ T6455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.792503][ T6455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.796179][ T6455] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.798049][ T6455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.804039][ T6455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.878165][ T6455] hsr_slave_0: entered promiscuous mode
[   62.916788][ T6455] hsr_slave_1: entered promiscuous mode
[   63.701431][ T6455] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.743636][ T6455] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.780515][ T6455] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.828890][ T6455] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.922918][ T6455] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.931459][ T6455] 8021q: adding VLAN 0 to HW filter on device team0
[   63.939179][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.941060][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.947858][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.949419][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.045647][ T6455] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.070827][ T6455] veth0_vlan: entered promiscuous mode
[   64.074845][ T6455] veth1_vlan: entered promiscuous mode
[   64.092581][ T6455] veth0_macvtap: entered promiscuous mode
[   64.096006][ T6455] veth1_macvtap: entered promiscuous mode
[   64.106008][ T6455] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.112381][ T6455] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.118852][ T6455] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.120746][ T6455] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.122966][ T6455] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.124946][ T6455] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.169631][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.171551][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.184954][  T598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.187496][  T598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.498375][ T2218] ieee802154 phy0 wpan0: encryption failed: -22
[   64.500116][ T2218] ieee802154 phy1 wpan1: encryption failed: -22
[   64.657268][ T5671] Bluetooth: hci0: command 0x0409 tx timeout
[   65.091030][ T6550] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   65.093965][ T6550] ==================================================================
[   65.095998][ T6550] BUG: KASAN: slab-use-after-free in nfc_alloc_send_skb+0x18c/0x190
[   65.097799][ T6550] Read of size 4 at addr ffff0000d985f560 by task syz-executor.0/6550
[   65.099728][ T6550] 
[   65.100278][ T6550] CPU: 1 PID: 6550 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00020-gd46efae31672 #0
[   65.102861][ T6550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   65.105069][ T6550] Call trace:
[   65.105966][ T6550]  dump_backtrace+0x1b8/0x1e4
[   65.107128][ T6550]  show_stack+0x2c/0x44
[   65.108105][ T6550]  dump_stack_lvl+0xd0/0x124
[   65.109129][ T6550]  print_report+0x174/0x514
[   65.110304][ T6550]  kasan_report+0xd8/0x138
[   65.111283][ T6550]  __asan_report_load4_noabort+0x20/0x2c
[   65.112685][ T6550]  nfc_alloc_send_skb+0x18c/0x190
[   65.113972][ T6550]  nfc_llcp_send_ui_frame+0x22c/0x554
[   65.115325][ T6550]  llcp_sock_sendmsg+0x1f8/0x358
[   65.116546][ T6550]  ____sys_sendmsg+0x56c/0x840
[   65.117721][ T6550]  __sys_sendmmsg+0x318/0x7d8
[   65.118978][ T6550]  __arm64_sys_sendmmsg+0xa0/0xbc
[   65.120125][ T6550]  invoke_syscall+0x98/0x2b8
[   65.121282][ T6550]  el0_svc_common+0x130/0x23c
[   65.122383][ T6550]  do_el0_svc+0x48/0x58
[   65.123350][ T6550]  el0_svc+0x54/0x158
[   65.124212][ T6550]  el0t_64_sync_handler+0x84/0xfc
[   65.125480][ T6550]  el0t_64_sync+0x190/0x194
[   65.126564][ T6550] 
[   65.127128][ T6550] Allocated by task 6550:
[   65.128073][ T6550]  kasan_set_track+0x4c/0x7c
[   65.129191][ T6550]  kasan_save_alloc_info+0x24/0x30
[   65.130347][ T6550]  __kasan_kmalloc+0xac/0xc4
[   65.131369][ T6550]  kmalloc_trace+0x70/0x88
[   65.132415][ T6550]  nfc_allocate_device+0x124/0x45c
[   65.133702][ T6550]  nci_allocate_device+0x1ac/0x324
[   65.134971][ T6550]  virtual_ncidev_open+0x84/0x1bc
[   65.136239][ T6550]  misc_open+0x2f0/0x368
[   65.137179][ T6550]  chrdev_open+0x3c8/0x4dc
[   65.138136][ T6550]  do_dentry_open+0x778/0x12b4
[   65.139213][ T6550]  vfs_open+0x7c/0x90
[   65.140224][ T6550]  path_openat+0x1f6c/0x2888
[   65.141285][ T6550]  do_filp_open+0x1bc/0x3cc
[   65.142372][ T6550]  do_sys_openat2+0x124/0x1b8
[   65.143419][ T6550]  __arm64_sys_openat+0x1f0/0x240
[   65.144712][ T6550]  invoke_syscall+0x98/0x2b8
[   65.145860][ T6550]  el0_svc_common+0x130/0x23c
[   65.147001][ T6550]  do_el0_svc+0x48/0x58
[   65.148008][ T6550]  el0_svc+0x54/0x158
[   65.148947][ T6550]  el0t_64_sync_handler+0x84/0xfc
[   65.150141][ T6550]  el0t_64_sync+0x190/0x194
[   65.151204][ T6550] 
[   65.151762][ T6550] Freed by task 6548:
[   65.152612][ T6550]  kasan_set_track+0x4c/0x7c
[   65.153697][ T6550]  kasan_save_free_info+0x38/0x5c
[   65.154849][ T6550]  ____kasan_slab_free+0x144/0x1c0
[   65.156033][ T6550]  __kasan_slab_free+0x18/0x28
[   65.157059][ T6550]  __kmem_cache_free+0x2ac/0x480
[   65.158198][ T6550]  kfree+0xb8/0x19c
[   65.159089][ T6550]  nfc_release+0x1d4/0x27c
[   65.160076][ T6550]  device_release+0x8c/0x1ac
[   65.161176][ T6550]  kobject_put+0x1c4/0x3c4
[   65.162148][ T6550]  put_device+0x28/0x40
[   65.163042][ T6550]  nci_free_device+0x40/0x60
[   65.164143][ T6550]  virtual_ncidev_close+0x78/0xa0
[   65.165306][ T6550]  __fput+0x308/0x90c
[   65.166276][ T6550]  __fput_sync+0x60/0x9c
[   65.167379][ T6550]  __arm64_sys_close+0x150/0x1e0
[   65.168516][ T6550]  invoke_syscall+0x98/0x2b8
[   65.169616][ T6550]  el0_svc_common+0x130/0x23c
[   65.170783][ T6550]  do_el0_svc+0x48/0x58
[   65.171663][ T6550]  el0_svc+0x54/0x158
[   65.172607][ T6550]  el0t_64_sync_handler+0x84/0xfc
[   65.173762][ T6550]  el0t_64_sync+0x190/0x194
[   65.174844][ T6550] 
[   65.175346][ T6550] The buggy address belongs to the object at ffff0000d985f000
[   65.175346][ T6550]  which belongs to the cache kmalloc-2k of size 2048
[   65.178467][ T6550] The buggy address is located 1376 bytes inside of
[   65.178467][ T6550]  freed 2048-byte region [ffff0000d985f000, ffff0000d985f800)
[   65.181627][ T6550] 
[   65.182183][ T6550] The buggy address belongs to the physical page:
[   65.183769][ T6550] page:00000000c1ab918c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x119858
[   65.186164][ T6550] head:00000000c1ab918c order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   65.188268][ T6550] flags: 0x5ffc00000000840(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   65.190179][ T6550] page_type: 0xffffffff()
[   65.191195][ T6550] raw: 05ffc00000000840 ffff0000c0002000 dead000000000122 0000000000000000
[   65.193248][ T6550] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
[   65.195246][ T6550] page dumped because: kasan: bad access detected
[   65.196707][ T6550] 
[   65.197290][ T6550] Memory state around the buggy address:
[   65.198567][ T6550]  ffff0000d985f400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.200437][ T6550]  ffff0000d985f480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.202513][ T6550] >ffff0000d985f500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.204414][ T6550]                                                        ^
[   65.206175][ T6550]  ffff0000d985f580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.208133][ T6550]  ffff0000d985f600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.210055][ T6550] ==================================================================
[   65.214077][ T6550] Disabling lock debugging due to kernel taint
[   66.067109][ T6637] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   66.736599][ T5671] Bluetooth: hci0: command 0x041b tx timeout
[   66.914006][ T6759] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   67.760061][ T6823] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
1970/01/01 00:01:07 executed programs: 4
[   68.607320][ T6828] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   68.816764][ T5671] Bluetooth: hci0: command 0x040f tx timeout
[   69.453623][ T6833] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   69.627288][ T1662] cfg80211: failed to load regulatory.db
[   70.300449][ T6838] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   70.896612][ T5671] Bluetooth: hci0: command 0x0419 tx timeout
[   71.147535][ T6843] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   71.995274][ T6848] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   72.841136][ T6853] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
1970/01/01 00:01:12 executed programs: 10
[   73.690584][ T6858] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)
[   74.535313][ T6863] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-6)