Warning: Permanently added '10.128.0.129' (ECDSA) to the list of known hosts.
2022/07/07 08:21:11 parsed 1 programs
2022/07/07 08:21:11 executed programs: 0
[   61.760361][ T3952] cgroup: Unknown subsys name 'net'
[   61.771446][ T3952] cgroup: Unknown subsys name 'rlimit'
[   64.985349][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   66.027180][ T1227] ieee802154 phy0 wpan0: encryption failed: -22
[   66.033558][ T1227] ieee802154 phy1 wpan1: encryption failed: -22
[   69.155321][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   71.147642][  T141] cfg80211: failed to load regulatory.db
[   73.305332][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   77.465354][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   81.625416][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   85.785393][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   89.945372][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   94.105386][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   98.265361][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  100.349322][   T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  100.357545][   T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  100.365372][   T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  100.372895][   T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  100.381061][   T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  100.388307][   T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  100.450620][ T4091] chnl_net:caif_netlink_parms(): no params data found
[  100.483174][ T4091] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.490387][ T4091] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.498222][ T4091] device bridge_slave_0 entered promiscuous mode
[  100.506855][ T4091] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.513984][ T4091] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.522018][ T4091] device bridge_slave_1 entered promiscuous mode
[  100.541068][ T4091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.552235][ T4091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.572880][ T4091] team0: Port device team_slave_0 added
[  100.580151][ T4091] team0: Port device team_slave_1 added
[  100.595694][ T4091] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.602654][ T4091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.630081][ T4091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.642694][ T4091] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.649884][ T4091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.676746][ T4091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.700265][ T4091] device hsr_slave_0 entered promiscuous mode
[  100.706981][ T4091] device hsr_slave_1 entered promiscuous mode
[  100.761376][ T4091] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.768786][ T4091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.776287][ T4091] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.783355][ T4091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.816224][ T4091] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.829324][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.838649][  T141] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.847034][  T141] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.854722][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  100.867011][ T4091] 8021q: adding VLAN 0 to HW filter on device team0
[  100.876842][  T920] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.885814][  T920] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.892923][  T920] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.917526][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.926035][ T3613] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.933326][ T3613] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.941959][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  100.951112][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  100.959628][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.968393][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.977793][ T4091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  100.986894][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.003461][ T4091] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.011192][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.019082][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.166159][ T2933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.174841][ T2933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.183465][ T2933] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.191979][ T2933] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.201314][ T4091] device veth0_vlan entered promiscuous mode
[  101.212024][ T4091] device veth1_vlan entered promiscuous mode
[  101.227288][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  101.236412][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  101.244397][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  101.254968][ T4091] device veth0_macvtap entered promiscuous mode
[  101.263459][ T4091] device veth1_macvtap entered promiscuous mode
[  101.278360][ T4091] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.285844][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  101.294896][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  101.306020][ T4091] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.313503][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  101.358079][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.371476][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.381812][ T2441] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.383538][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  101.390232][ T2441] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.406827][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2022/07/07 08:21:51 executed programs: 1
[  102.426041][  T141] Bluetooth: hci0: command 0x0409 tx timeout
[  104.505888][  T141] Bluetooth: hci0: command 0x041b tx timeout
[  106.585275][ T2933] Bluetooth: hci0: command 0x040f tx timeout
2022/07/07 08:21:56 executed programs: 7
[  108.665329][ T2933] Bluetooth: hci0: command 0x0419 tx timeout
2022/07/07 08:22:01 executed programs: 13
2022/07/07 08:22:07 executed programs: 19
[  120.136893][ T4202] ==================================================================
[  120.145938][ T4202] BUG: KASAN: use-after-free in __wake_up_common+0x637/0x650
[  120.153291][ T4202] Read of size 8 at addr ffff8880708d10b0 by task syz-executor.0/4202
[  120.161427][ T4202] 
[  120.163907][ T4202] CPU: 0 PID: 4202 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller #0
[  120.173244][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[  120.183289][ T4202] Call Trace:
[  120.186548][ T4202]  <TASK>
[  120.189457][ T4202]  dump_stack_lvl+0x57/0x7d
[  120.193957][ T4202]  print_address_description.constprop.0.cold+0xeb/0x495
[  120.201051][ T4202]  ? __wake_up_common+0x637/0x650
[  120.206056][ T4202]  kasan_report.cold+0xf4/0x1c6
[  120.210893][ T4202]  ? __wake_up_common+0x637/0x650
[  120.215899][ T4202]  __wake_up_common+0x637/0x650
[  120.220759][ T4202]  __wake_up_common_lock+0xd0/0x130
[  120.226029][ T4202]  ? __wake_up_common+0x650/0x650
[  120.231036][ T4202]  ? lock_downgrade+0x6e0/0x6e0
[  120.236149][ T4202]  pty_close+0xef/0x450
[  120.240299][ T4202]  tty_release+0x3aa/0xf80
[  120.244792][ T4202]  __fput+0x1f5/0x8c0
[  120.248762][ T4202]  task_work_run+0xc0/0x160
[  120.253335][ T4202]  exit_to_user_mode_prepare+0x23c/0x250
[  120.258987][ T4202]  syscall_exit_to_user_mode+0x19/0x50
[  120.264482][ T4202]  do_syscall_64+0x42/0xb0
[  120.268903][ T4202]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[  120.274776][ T4202] RIP: 0033:0x7f5c7d03bd4b
[  120.279186][ T4202] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[  120.299206][ T4202] RSP: 002b:00007fff1f87b130 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  120.307678][ T4202] RAX: 0000000000000000 RBX: 0000000000000009 RCX: 00007f5c7d03bd4b
[  120.315626][ T4202] RDX: 0000001b33620000 RSI: 0000000000000000 RDI: 0000000000000008
[  120.323586][ T4202] RBP: 00007f5c7d19d960 R08: 0000000000000000 R09: 00007fff1f9e2080
[  120.331625][ T4202] R10: 00007fff1f9e2090 R11: 0000000000000293 R12: 000000000001d529
[  120.339568][ T4202] R13: 00007fff1f87b230 R14: 00007f5c7d19c030 R15: 0000000000000032
[  120.347691][ T4202]  </TASK>
[  120.350773][ T4202] 
[  120.353074][ T4202] Allocated by task 4204:
[  120.357373][ T4202]  kasan_save_stack+0x1e/0x40
[  120.362028][ T4202]  __kasan_kmalloc+0xa9/0xd0
[  120.366675][ T4202]  __io_queue_proc+0x296/0x8e0
[  120.371683][ T4202]  n_tty_poll+0x9d/0x790
[  120.375899][ T4202]  tty_poll+0x10e/0x180
[  120.380031][ T4202]  __io_arm_poll_handler+0x461/0x10e0
[  120.385412][ T4202]  io_arm_poll_handler+0x406/0xa00
[  120.390584][ T4202]  io_queue_async+0x6d/0x1c0
[  120.395234][ T4202]  io_submit_sqes+0x10ae/0x1b50
[  120.400070][ T4202]  __do_sys_io_uring_enter+0xca4/0x1870
[  120.405585][ T4202]  do_syscall_64+0x35/0xb0
[  120.409982][ T4202]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[  120.415934][ T4202] 
[  120.418232][ T4202] Freed by task 4206:
[  120.422270][ T4202]  kasan_save_stack+0x1e/0x40
[  120.426950][ T4202]  kasan_set_track+0x21/0x30
[  120.431510][ T4202]  kasan_set_free_info+0x20/0x30
[  120.436419][ T4202]  ____kasan_slab_free+0x166/0x1a0
[  120.441499][ T4202]  slab_free_freelist_hook+0x8b/0x1c0
[  120.446847][ T4202]  kfree+0xd6/0x4d0
[  120.450623][ T4202]  io_clean_op+0x15a/0x8c0
[  120.455008][ T4202]  io_free_req+0xa2/0x235
[  120.459308][ T4202]  io_wq_free_work.cold+0x50/0x57
[  120.464311][ T4202]  io_worker_handle_work+0x760/0x1b00
[  120.469659][ T4202]  io_wqe_worker+0x547/0xcb0
[  120.474216][ T4202]  ret_from_fork+0x1f/0x30
[  120.478599][ T4202] 
[  120.480895][ T4202] The buggy address belongs to the object at ffff8880708d1080
[  120.480895][ T4202]  which belongs to the cache kmalloc-64 of size 64
[  120.494751][ T4202] The buggy address is located 48 bytes inside of
[  120.494751][ T4202]  64-byte region [ffff8880708d1080, ffff8880708d10c0)
[  120.508114][ T4202] 
[  120.510420][ T4202] The buggy address belongs to the physical page:
[  120.516978][ T4202] page:ffffea0001c23440 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x708d1
[  120.527277][ T4202] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  120.535400][ T4202] raw: 00fff00000000200 ffffea0000822200 dead000000000005 ffff888010c41640
[  120.544045][ T4202] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[  120.552686][ T4202] page dumped because: kasan: bad access detected
[  120.559067][ T4202] page_owner tracks the page as allocated
[  120.564754][ T4202] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 3604, tgid 3604 (syz-executor.0), ts 42216497829, free_ts 9351379967
[  120.583216][ T4202]  get_page_from_freelist+0x19d3/0x3b30
[  120.588923][ T4202]  __alloc_pages+0x1c7/0x510
[  120.593482][ T4202]  allocate_slab+0x26c/0x3c0
[  120.598150][ T4202]  ___slab_alloc+0x9bc/0xe10
[  120.602743][ T4202]  __slab_alloc.constprop.0+0x4d/0xa0
[  120.608098][ T4202]  __kmalloc+0x318/0x350
[  120.612456][ T4202]  kobject_get_path+0x9a/0x1f0
[  120.617283][ T4202]  kobject_uevent_env+0x1eb/0x12f0
[  120.622460][ T4202]  net_rx_queue_update_kobjects+0xab/0x410
[  120.628249][ T4202]  netdev_register_kobject+0x241/0x3a0
[  120.633717][ T4202]  register_netdevice+0xada/0x1300
[  120.638918][ T4202]  nsim_create+0x371/0x4b0
[  120.643328][ T4202]  __nsim_dev_port_add+0x24f/0x780
[  120.648423][ T4202]  nsim_dev_port_add_all+0x38/0x70
[  120.653504][ T4202]  nsim_drv_probe+0xbb2/0x1020
[  120.658426][ T4202]  really_probe+0x1c1/0xa40
[  120.662916][ T4202] page last free stack trace:
[  120.667650][ T4202]  free_pcp_prepare+0x549/0xd20
[  120.672910][ T4202]  free_unref_page+0x19/0x6a0
[  120.677645][ T4202]  free_contig_range+0xb1/0x180
[  120.682564][ T4202]  destroy_args+0x7e/0x503
[  120.687042][ T4202]  debug_vm_pgtable+0x1f48/0x1fcc
[  120.692389][ T4202]  do_one_initcall+0xbe/0x440
[  120.697137][ T4202]  kernel_init_freeable+0x5ab/0x605
[  120.702304][ T4202]  kernel_init+0x14/0x130
[  120.706614][ T4202]  ret_from_fork+0x1f/0x30
[  120.711010][ T4202] 
[  120.713309][ T4202] Memory state around the buggy address:
[  120.718919][ T4202]  ffff8880708d0f80: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[  120.726965][ T4202]  ffff8880708d1000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  120.735082][ T4202] >ffff8880708d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  120.743109][ T4202]                                      ^
[  120.748705][ T4202]  ffff8880708d1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  120.756837][ T4202]  ffff8880708d1180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  120.764954][ T4202] ==================================================================
[  120.772989][ T4202] Kernel panic - not syncing: panic_on_warn set ...
[  120.779545][ T4202] CPU: 0 PID: 4202 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller #0
[  120.788188][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[  120.798838][ T4202] Call Trace:
[  120.802103][ T4202]  <TASK>
[  120.805016][ T4202]  dump_stack_lvl+0x57/0x7d
[  120.809502][ T4202]  panic+0x227/0x466
[  120.813370][ T4202]  ? panic_print_sys_info.part.0+0x69/0x69
[  120.819245][ T4202]  ? __wake_up_common+0x637/0x650
[  120.824327][ T4202]  end_report.part.0+0x3f/0x7c
[  120.829067][ T4202]  kasan_report.cold+0x93/0x1c6
[  120.833896][ T4202]  ? __wake_up_common+0x637/0x650
[  120.838919][ T4202]  __wake_up_common+0x637/0x650
[  120.843848][ T4202]  __wake_up_common_lock+0xd0/0x130
[  120.849035][ T4202]  ? __wake_up_common+0x650/0x650
[  120.854130][ T4202]  ? lock_downgrade+0x6e0/0x6e0
[  120.858961][ T4202]  pty_close+0xef/0x450
[  120.863093][ T4202]  tty_release+0x3aa/0xf80
[  120.867499][ T4202]  __fput+0x1f5/0x8c0
[  120.871455][ T4202]  task_work_run+0xc0/0x160
[  120.875935][ T4202]  exit_to_user_mode_prepare+0x23c/0x250
[  120.881543][ T4202]  syscall_exit_to_user_mode+0x19/0x50
[  120.887147][ T4202]  do_syscall_64+0x42/0xb0
[  120.891620][ T4202]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[  120.897505][ T4202] RIP: 0033:0x7f5c7d03bd4b
[  120.901895][ T4202] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[  120.921663][ T4202] RSP: 002b:00007fff1f87b130 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  120.931800][ T4202] RAX: 0000000000000000 RBX: 0000000000000009 RCX: 00007f5c7d03bd4b
[  120.939755][ T4202] RDX: 0000001b33620000 RSI: 0000000000000000 RDI: 0000000000000008
[  120.947785][ T4202] RBP: 00007f5c7d19d960 R08: 0000000000000000 R09: 00007fff1f9e2080
[  120.955729][ T4202] R10: 00007fff1f9e2090 R11: 0000000000000293 R12: 000000000001d529
[  120.963673][ T4202] R13: 00007fff1f87b230 R14: 00007f5c7d19c030 R15: 0000000000000032
[  120.971622][ T4202]  </TASK>
[  120.974925][ T4202] Kernel Offset: disabled
[  120.979333][ T4202] Rebooting in 86400 seconds..