Warning: Permanently added '[localhost]:28483' (ED25519) to the list of known hosts.
2025/10/19 22:31:45 parsed 1 programs
[ 126.584641][ T5548] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 132.279298][ T5572] chnl_net:caif_netlink_parms(): no params data found
[ 132.343596][ T5572] bridge0: port 1(bridge_slave_0) entered blocking state
[ 132.346780][ T5572] bridge0: port 1(bridge_slave_0) entered disabled state
[ 132.350012][ T5572] bridge_slave_0: entered allmulticast mode
[ 132.354179][ T5572] bridge_slave_0: entered promiscuous mode
[ 132.358605][ T5572] bridge0: port 2(bridge_slave_1) entered blocking state
[ 132.361862][ T5572] bridge0: port 2(bridge_slave_1) entered disabled state
[ 132.365552][ T5572] bridge_slave_1: entered allmulticast mode
[ 132.369435][ T5572] bridge_slave_1: entered promiscuous mode
[ 132.391757][ T5572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 132.398396][ T5572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 132.424305][ T5572] team0: Port device team_slave_0 added
[ 132.431874][ T5572] team0: Port device team_slave_1 added
[ 132.451338][ T5572] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 132.454928][ T5572] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 132.466677][ T5572] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 132.473156][ T5572] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 132.476028][ T5572] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 132.487546][ T5572] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 132.517913][ T5572] hsr_slave_0: entered promiscuous mode
[ 132.521359][ T5572] hsr_slave_1: entered promiscuous mode
[ 132.994406][ T5572] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 133.016660][ T5572] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 133.025688][ T5572] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 133.043192][ T5572] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 133.089320][ T5572] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.092641][ T5572] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 133.095617][ T5572] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.098662][ T5572] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 133.229514][ T5572] 8021q: adding VLAN 0 to HW filter on device bond0
[ 133.242939][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 133.247693][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 133.281098][ T5572] 8021q: adding VLAN 0 to HW filter on device team0
[ 133.304343][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.307421][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 133.312048][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.315190][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 133.637672][ T5572] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 133.712997][ T5572] veth0_vlan: entered promiscuous mode
[ 133.728032][ T5572] veth1_vlan: entered promiscuous mode
[ 133.777811][ T5572] veth0_macvtap: entered promiscuous mode
[ 133.801339][ T5572] veth1_macvtap: entered promiscuous mode
[ 133.825583][ T5572] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 133.841784][ T5572] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 133.870598][ T1054] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.880705][ T1054] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.893253][ T1054] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.897722][ T1054] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 134.156783][ T1054] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 134.324033][ T1054] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 134.424254][ T1054] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 134.513588][ T1054] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 135.986757][ T1054] bridge_slave_1: left allmulticast mode
[ 135.989277][ T1054] bridge_slave_1: left promiscuous mode
[ 135.992033][ T1054] bridge0: port 2(bridge_slave_1) entered disabled state
[ 136.088362][ T1054] bridge_slave_0: left allmulticast mode
[ 136.090845][ T1054] bridge_slave_0: left promiscuous mode
[ 136.122739][ T1054] bridge0: port 1(bridge_slave_0) entered disabled state
[ 136.703535][ T1054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 136.709104][ T1054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 136.723978][ T1054] bond0 (unregistering): Released all slaves
[ 136.846189][ T1054] hsr_slave_0: left promiscuous mode
[ 136.865193][ T1054] hsr_slave_1: left promiscuous mode
[ 136.873209][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 136.876552][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 136.899502][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 136.907790][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 136.936486][ T1054] veth1_macvtap: left promiscuous mode
[ 136.939007][ T1054] veth0_macvtap: left promiscuous mode
[ 136.941561][ T1054] veth1_vlan: left promiscuous mode
[ 136.962467][ T1054] veth0_vlan: left promiscuous mode
[ 137.763736][ T1054] team0 (unregistering): Port device team_slave_1 removed
[ 137.834740][ T1054] team0 (unregistering): Port device team_slave_0 removed
[ 137.945448][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 137.948420][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 139.515574][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.518941][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.563530][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.569569][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 142.346109][ T4666] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 142.350381][ T4666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 142.354756][ T4666] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 142.359656][ T4666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 142.366722][ T4666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/10/19 22:32:06 executed programs: 0
[ 143.171009][ T5359] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 143.175046][ T5359] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 143.178540][ T5359] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 143.184176][ T5359] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 143.188203][ T5359] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 143.405948][ T5753] chnl_net:caif_netlink_parms(): no params data found
[ 143.463404][ T5753] bridge0: port 1(bridge_slave_0) entered blocking state
[ 143.466823][ T5753] bridge0: port 1(bridge_slave_0) entered disabled state
[ 143.470085][ T5753] bridge_slave_0: entered allmulticast mode
[ 143.474392][ T5753] bridge_slave_0: entered promiscuous mode
[ 143.478928][ T5753] bridge0: port 2(bridge_slave_1) entered blocking state
[ 143.482568][ T5753] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.485734][ T5753] bridge_slave_1: entered allmulticast mode
[ 143.489600][ T5753] bridge_slave_1: entered promiscuous mode
[ 143.511927][ T5753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 143.518359][ T5753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 143.539693][ T5753] team0: Port device team_slave_0 added
[ 143.544575][ T5753] team0: Port device team_slave_1 added
[ 143.565783][ T5753] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 143.568853][ T5753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 143.580127][ T5753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 143.586576][ T5753] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 143.589431][ T5753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 143.600748][ T5753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 143.638170][ T5753] hsr_slave_0: entered promiscuous mode
[ 143.641355][ T5753] hsr_slave_1: entered promiscuous mode
[ 144.097825][ T5753] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 144.115319][ T5753] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 144.133558][ T5753] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 144.139418][ T5753] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 144.189024][ T5753] bridge0: port 2(bridge_slave_1) entered blocking state
[ 144.192305][ T5753] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 144.195626][ T5753] bridge0: port 1(bridge_slave_0) entered blocking state
[ 144.198677][ T5753] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 144.317489][ T5753] 8021q: adding VLAN 0 to HW filter on device bond0
[ 144.345118][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state
[ 144.353053][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state
[ 144.363429][ T5753] 8021q: adding VLAN 0 to HW filter on device team0
[ 144.384993][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[ 144.388052][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 144.405612][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 144.408968][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 144.726349][ T5753] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 144.803996][ T5753] veth0_vlan: entered promiscuous mode
[ 144.822877][ T5753] veth1_vlan: entered promiscuous mode
[ 144.867627][ T5753] veth0_macvtap: entered promiscuous mode
[ 144.888572][ T5753] veth1_macvtap: entered promiscuous mode
[ 144.926327][ T5753] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 144.944275][ T5753] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 144.968464][ T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 144.976315][ T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 144.980257][ T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 144.999777][ T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 145.090583][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 145.106937][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 145.150806][ T176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 145.164081][ T176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 145.224517][ T5359] Bluetooth: hci0: command tx timeout
[ 145.378058][ T176] ==================================================================
[ 145.381593][ T176] BUG: KASAN: slab-use-after-free in drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 145.385841][ T176] Read of size 1 at addr ffff888011cd0c09 by task kworker/u4:5/176
[ 145.390177][ T176]
[ 145.391244][ T176] CPU: 0 UID: 0 PID: 176 Comm: kworker/u4:5 Not tainted syzkaller #0 PREEMPT(full)
[ 145.391260][ T176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 145.391268][ T176] Workqueue: events_unbound commit_work
[ 145.391286][ T176] Call Trace:
[ 145.391294][ T176]
[ 145.391301][ T176] dump_stack_lvl+0x189/0x250
[ 145.391314][ T176] ? __kasan_check_byte+0x12/0x40
[ 145.391329][ T176] ? __pfx_dump_stack_lvl+0x10/0x10
[ 145.391339][ T176] ? lock_release+0x4b/0x3e0
[ 145.391357][ T176] ? __virt_addr_valid+0x4a5/0x5c0
[ 145.391375][ T176] print_report+0xca/0x240
[ 145.391389][ T176] ? drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 145.391403][ T176] kasan_report+0x118/0x150
[ 145.391413][ T176] ? preempt_schedule+0xae/0xc0
[ 145.391468][ T176] ? drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 145.391484][ T176] drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 145.391499][ T176] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 145.391517][ T176] ? __pfx_drm_atomic_helper_wait_for_vblanks+0x10/0x10
[ 145.391528][ T176] ? complete_all+0x11c/0x330
[ 145.391538][ T176] ? drm_atomic_helper_commit_hw_done+0x3da/0x410
[ 145.391554][ T176] drm_atomic_helper_commit_tail+0x302/0x520
[ 145.391569][ T176] commit_tail+0x29a/0x3a0
[ 145.391582][ T176] ? process_scheduled_works+0x9ef/0x17b0
[ 145.391599][ T176] process_scheduled_works+0xae1/0x17b0
[ 145.391619][ T176] ? __pfx_process_scheduled_works+0x10/0x10
[ 145.391639][ T176] worker_thread+0x8a0/0xda0
[ 145.391656][ T176] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 145.391674][ T176] ? __kthread_parkme+0x7b/0x200
[ 145.391693][ T176] kthread+0x711/0x8a0
[ 145.391705][ T176] ? __pfx_worker_thread+0x10/0x10
[ 145.391721][ T176] ? __pfx_kthread+0x10/0x10
[ 145.391731][ T176] ? _raw_spin_unlock_irq+0x23/0x50
[ 145.391747][ T176] ? lockdep_hardirqs_on+0x9c/0x150
[ 145.391757][ T176] ? __pfx_kthread+0x10/0x10
[ 145.391766][ T176] ret_from_fork+0x4bc/0x870
[ 145.391783][ T176] ? __pfx_ret_from_fork+0x10/0x10
[ 145.391797][ T176] ? __pfx_kthread+0x10/0x10
[ 145.391809][ T176] ret_from_fork_asm+0x1a/0x30
[ 145.391825][ T176]
[ 145.391828][ T176]
[ 145.484241][ T176] Allocated by task 5799:
[ 145.486209][ T176] kasan_save_track+0x3e/0x80
[ 145.488338][ T176] __kasan_kmalloc+0x93/0xb0
[ 145.490420][ T176] __kmalloc_cache_noprof+0x3d5/0x6f0
[ 145.492834][ T176] drm_atomic_helper_crtc_duplicate_state+0x72/0xb0
[ 145.495685][ T176] drm_atomic_get_crtc_state+0x19a/0x460
[ 145.498244][ T176] page_flip_common+0x56/0x2a0
[ 145.500323][ T176] drm_atomic_helper_page_flip+0xa5/0x160
[ 145.502797][ T176] drm_mode_page_flip_ioctl+0xc6d/0x11d0
[ 145.505286][ T176] drm_ioctl_kernel+0x2cf/0x390
[ 145.507409][ T176] drm_ioctl+0x67f/0xb10
[ 145.509334][ T176] __se_sys_ioctl+0xfc/0x170
[ 145.511399][ T176] do_syscall_64+0xfa/0xfa0
[ 145.513432][ T176] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 145.516058][ T176]
[ 145.517177][ T176] Freed by task 5797:
[ 145.518981][ T176] kasan_save_track+0x3e/0x80
[ 145.521068][ T176] __kasan_save_free_info+0x46/0x50
[ 145.523344][ T176] __kasan_slab_free+0x5c/0x80
[ 145.525495][ T176] kfree+0x19a/0x6d0
[ 145.527235][ T176] drm_atomic_state_default_clear+0x422/0xbe0
[ 145.529954][ T176] __drm_atomic_state_free+0xaf/0x210
[ 145.532341][ T176] drm_client_modeset_commit_atomic+0x6ac/0x760
[ 145.535125][ T176] drm_client_modeset_commit_locked+0xcb/0x4d0
[ 145.537858][ T176] drm_client_modeset_commit+0x4a/0x70
[ 145.540184][ T176] drm_fb_helper_lastclose+0xa4/0x1c0
[ 145.542593][ T176] drm_fbdev_client_restore+0x34/0x40
[ 145.544983][ T176] drm_client_dev_restore+0x13c/0x270
[ 145.547370][ T176] drm_release+0x318/0x3f0
[ 145.549445][ T176] __fput+0x44c/0xa70
[ 145.551248][ T176] task_work_run+0x1d4/0x260
[ 145.553353][ T176] exit_to_user_mode_loop+0xe9/0x130
[ 145.555705][ T176] do_syscall_64+0x2bd/0xfa0
[ 145.557794][ T176] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 145.560321][ T176]
[ 145.561479][ T176] The buggy address belongs to the object at ffff888011cd0c00
[ 145.561479][ T176] which belongs to the cache kmalloc-512 of size 512
[ 145.567610][ T176] The buggy address is located 9 bytes inside of
[ 145.567610][ T176] freed 512-byte region [ffff888011cd0c00, ffff888011cd0e00)
[ 145.573508][ T176]
[ 145.574612][ T176] The buggy address belongs to the physical page:
[ 145.577414][ T176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cd0
[ 145.581237][ T176] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 145.584930][ T176] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 145.588110][ T176] page_type: f5(slab)
[ 145.589817][ T176] raw: 00fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122
[ 145.593803][ T176] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 145.597551][ T176] head: 00fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122
[ 145.601365][ T176] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 145.605192][ T176] head: 00fff00000000001 ffffea0000473401 00000000ffffffff 00000000ffffffff
[ 145.609022][ T176] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 145.612844][ T176] page dumped because: kasan: bad access detected
[ 145.615631][ T176] page_owner tracks the page as allocated
[ 145.618282][ T176] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5642, tgid 5642 (syz-executor), ts 135803789246, free_ts 131909731496
[ 145.627438][ T176] post_alloc_hook+0x240/0x2a0
[ 145.629573][ T176] get_page_from_freelist+0x2365/0x2440
[ 145.632013][ T176] __alloc_frozen_pages_noprof+0x181/0x370
[ 145.634557][ T176] alloc_pages_mpol+0x232/0x4a0
[ 145.636756][ T176] allocate_slab+0x96/0x3a0
[ 145.638786][ T176] ___slab_alloc+0xe94/0x18a0
[ 145.640853][ T176] __slab_alloc+0x65/0x100
[ 145.642777][ T176] __kmalloc_cache_noprof+0x411/0x6f0
[ 145.644978][ T176] binderfs_binder_device_create+0x1df/0xb00
[ 145.647600][ T176] binderfs_fill_super+0x9fd/0xec0
[ 145.649849][ T176] get_tree_nodev+0xbb/0x150
[ 145.651892][ T176] vfs_get_tree+0x92/0x2b0
[ 145.653875][ T176] do_new_mount+0x302/0xa10
[ 145.655719][ T176] __se_sys_mount+0x313/0x410
[ 145.657743][ T176] do_syscall_64+0xfa/0xfa0
[ 145.659747][ T176] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 145.662332][ T176] page last free pid 5567 tgid 5567 stack trace:
[ 145.665113][ T176] free_unref_folios+0xdb3/0x14f0
[ 145.667356][ T176] folios_put_refs+0x584/0x670
[ 145.669539][ T176] free_pages_and_swap_cache+0x277/0x520
[ 145.672002][ T176] tlb_flush_mmu+0x3a0/0x680
[ 145.674044][ T176] tlb_finish_mmu+0xc3/0x1d0
[ 145.676036][ T176] exit_mmap+0x444/0xb40
[ 145.677930][ T176] __mmput+0x118/0x430
[ 145.679748][ T176] exit_mm+0x1da/0x2c0
[ 145.681560][ T176] do_exit+0x648/0x2300
[ 145.683367][ T176] do_group_exit+0x21c/0x2d0
[ 145.685412][ T176] get_signal+0x1285/0x1340
[ 145.687422][ T176] arch_do_signal_or_restart+0xa0/0x790
[ 145.689872][ T176] exit_to_user_mode_loop+0x72/0x130
[ 145.692196][ T176] do_syscall_64+0x2bd/0xfa0
[ 145.694228][ T176] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 145.696860][ T176]
[ 145.697915][ T176] Memory state around the buggy address:
[ 145.700380][ T176] ffff888011cd0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 145.703837][ T176] ffff888011cd0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 145.707356][ T176] >ffff888011cd0c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 145.710793][ T176] ^
[ 145.712771][ T176] ffff888011cd0c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 145.716198][ T176] ffff888011cd0d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 145.719707][ T176] ==================================================================
[ 146.012984][ T176] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 146.016257][ T176] CPU: 0 UID: 0 PID: 176 Comm: kworker/u4:5 Not tainted syzkaller #0 PREEMPT(full)
[ 146.020219][ T176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 146.024932][ T176] Workqueue: events_unbound commit_work
[ 146.027410][ T176] Call Trace:
[ 146.028962][ T176]
[ 146.030277][ T176] dump_stack_lvl+0x99/0x250
[ 146.032326][ T176] ? __asan_memcpy+0x40/0x70
[ 146.034340][ T176] ? __pfx_dump_stack_lvl+0x10/0x10
[ 146.036623][ T176] ? __pfx__printk+0x10/0x10
[ 146.038726][ T176] vpanic+0x237/0x6d0
[ 146.040495][ T176] ? __pfx_vpanic+0x10/0x10
[ 146.042448][ T176] ? preempt_schedule+0xae/0xc0
[ 146.044675][ T176] ? __pfx_preempt_schedule+0x10/0x10
[ 146.047033][ T176] panic+0xb9/0xc0
[ 146.048772][ T176] ? __pfx_panic+0x10/0x10
[ 146.050734][ T176] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 146.053394][ T176] ? drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 146.056328][ T176] check_panic_on_warn+0x89/0xb0
[ 146.058585][ T176] ? drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 146.061453][ T176] end_report+0x78/0x160
[ 146.063359][ T176] kasan_report+0x129/0x150
[ 146.065377][ T176] ? preempt_schedule+0xae/0xc0
[ 146.067411][ T176] ? drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 146.070301][ T176] drm_atomic_helper_wait_for_vblanks+0x367/0x980
[ 146.073154][ T176] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 146.075922][ T176] ? __pfx_drm_atomic_helper_wait_for_vblanks+0x10/0x10
[ 146.079021][ T176] ? complete_all+0x11c/0x330
[ 146.081385][ T176] ? drm_atomic_helper_commit_hw_done+0x3da/0x410
[ 146.084143][ T176] drm_atomic_helper_commit_tail+0x302/0x520
[ 146.086784][ T176] commit_tail+0x29a/0x3a0
[ 146.088837][ T176] ? process_scheduled_works+0x9ef/0x17b0
[ 146.091298][ T176] process_scheduled_works+0xae1/0x17b0
[ 146.093729][ T176] ? __pfx_process_scheduled_works+0x10/0x10
[ 146.096386][ T176] worker_thread+0x8a0/0xda0
[ 146.098477][ T176] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 146.101222][ T176] ? __kthread_parkme+0x7b/0x200
[ 146.103412][ T176] kthread+0x711/0x8a0
[ 146.105228][ T176] ? __pfx_worker_thread+0x10/0x10
[ 146.107433][ T176] ? __pfx_kthread+0x10/0x10
[ 146.109464][ T176] ? _raw_spin_unlock_irq+0x23/0x50
[ 146.111754][ T176] ? lockdep_hardirqs_on+0x9c/0x150
[ 146.114072][ T176] ? __pfx_kthread+0x10/0x10
[ 146.116078][ T176] ret_from_fork+0x4bc/0x870
[ 146.118235][ T176] ? __pfx_ret_from_fork+0x10/0x10
[ 146.120524][ T176] ? __pfx_kthread+0x10/0x10
[ 146.122541][ T176] ret_from_fork_asm+0x1a/0x30
[ 146.124638][ T176]
[ 146.126331][ T176] Kernel Offset: disabled
[ 146.128471][ T176] Rebooting in 86400 seconds..