Warning: Permanently added '10.128.0.170' (ED25519) to the list of known hosts.
2024/05/16 12:12:37 ignoring optional flag "sandboxArg"="0"
2024/05/16 12:12:38 parsed 1 programs
2024/05/16 12:12:39 executed programs: 0
[   86.253407][ T5430] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.307468][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.315925][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.323710][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.334067][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.341796][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   86.349115][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.465144][ T5436] chnl_net:caif_netlink_parms(): no params data found
[   86.518085][ T5436] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.525281][ T5436] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.533516][ T5436] bridge_slave_0: entered allmulticast mode
[   86.541143][ T5436] bridge_slave_0: entered promiscuous mode
[   86.549397][ T5436] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.556505][ T5436] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.563872][ T5436] bridge_slave_1: entered allmulticast mode
[   86.570730][ T5436] bridge_slave_1: entered promiscuous mode
[   86.598737][ T5436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.610670][ T5436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.639631][ T5436] team0: Port device team_slave_0 added
[   86.648864][ T5436] team0: Port device team_slave_1 added
[   86.671207][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.678847][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.705265][ T5436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.718950][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.725918][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.752433][ T5436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.788075][ T5436] hsr_slave_0: entered promiscuous mode
[   86.794438][ T5436] hsr_slave_1: entered promiscuous mode
[   87.445112][ T5436] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   87.455942][ T5436] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   87.468040][ T5436] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   87.479561][ T5436] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   87.584128][ T5436] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.612823][ T5436] 8021q: adding VLAN 0 to HW filter on device team0
[   87.629348][  T929] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.636516][  T929] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.662326][  T929] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.669577][  T929] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.874440][ T5436] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.929598][ T5436] veth0_vlan: entered promiscuous mode
[   87.944981][ T5436] veth1_vlan: entered promiscuous mode
[   87.990659][ T5436] veth0_macvtap: entered promiscuous mode
[   88.002040][ T5436] veth1_macvtap: entered promiscuous mode
[   88.029569][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.046217][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.061357][ T5436] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.071186][ T5436] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.080995][ T5436] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.091345][ T5436] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.174682][  T142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.190072][  T142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.227841][ T2477] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.235941][ T2477] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.369883][ T4481] Bluetooth: hci0: command tx timeout
[   88.689776][ T5504] loop0: detected capacity change from 0 to 40427
[   88.726469][ T5504] F2FS-fs (loop0): Found nat_bits in checkpoint
[   88.798827][ T5504] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   88.858445][ T5436] syz-executor.0: attempt to access beyond end of device
[   88.858445][ T5436] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   88.875988][ T5436] syz-executor.0: attempt to access beyond end of device
[   88.875988][ T5436] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   88.978724][ T2463] kworker/u8:6: attempt to access beyond end of device
[   88.978724][ T2463] loop0: rw=2049, sector=40960, nr_sectors = 144 limit=40427
[   91.700490][  T142] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2024/05/16 12:12:45 executed programs: 2
[   91.870364][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   91.880916][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   91.889196][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   91.897647][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   91.905473][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   91.913570][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   92.111744][ T5695] chnl_net:caif_netlink_parms(): no params data found
[   92.201750][ T5695] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.209211][ T5695] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.216449][ T5695] bridge_slave_0: entered allmulticast mode
[   92.224968][ T5695] bridge_slave_0: entered promiscuous mode
[   92.235185][ T5695] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.244539][ T5695] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.253217][ T5695] bridge_slave_1: entered allmulticast mode
[   92.262132][ T5695] bridge_slave_1: entered promiscuous mode
[   92.302534][ T5695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.315413][ T5695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.362803][ T5695] team0: Port device team_slave_0 added
[   92.372156][ T5695] team0: Port device team_slave_1 added
[   92.406127][ T5695] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.413228][ T5695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.439972][ T5695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.452833][ T5695] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.461087][ T5695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.487645][ T5695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.536249][ T5695] hsr_slave_0: entered promiscuous mode
[   92.543989][ T5695] hsr_slave_1: entered promiscuous mode
[   92.551935][ T5695] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.560683][ T5695] Cannot create hsr debugfs directory
[   93.966895][   T53] Bluetooth: hci0: command tx timeout
[   93.969251][  T142] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.037555][  T142] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.124888][  T142] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.267684][  T142] bridge_slave_1: left allmulticast mode
[   94.273483][  T142] bridge_slave_1: left promiscuous mode
[   94.294735][  T142] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.306420][  T142] bridge_slave_0: left allmulticast mode
[   94.314885][  T142] bridge_slave_0: left promiscuous mode
[   94.321119][  T142] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.541704][  T142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   94.553353][  T142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   94.564505][  T142] bond0 (unregistering): Released all slaves
[   94.888990][  T142] hsr_slave_0: left promiscuous mode
[   94.896592][  T142] hsr_slave_1: left promiscuous mode
[   94.905517][  T142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   94.926446][  T142] batman_adv: batadv0: Removing interface: batadv_slave_0
[   94.944496][  T142] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.952720][  T142] batman_adv: batadv0: Removing interface: batadv_slave_1
[   94.971119][  T142] veth1_macvtap: left promiscuous mode
[   94.976735][  T142] veth0_macvtap: left promiscuous mode
[   94.982523][  T142] veth1_vlan: left promiscuous mode
[   94.988076][  T142] veth0_vlan: left promiscuous mode
[   95.258285][  T142] team0 (unregistering): Port device team_slave_1 removed
[   95.287599][  T142] team0 (unregistering): Port device team_slave_0 removed
[   95.550490][ T5695] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.564125][ T5695] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.580545][ T5695] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.596328][ T5695] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.735085][ T5695] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.781632][ T5695] 8021q: adding VLAN 0 to HW filter on device team0
[   95.822435][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.829841][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.843084][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.851056][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.905009][ T5695] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   95.923241][ T5695] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   96.036275][ T5695] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.047823][   T53] Bluetooth: hci0: command tx timeout
[   96.077534][ T5695] veth0_vlan: entered promiscuous mode
[   96.089245][ T5695] veth1_vlan: entered promiscuous mode
[   96.112851][ T5695] veth0_macvtap: entered promiscuous mode
[   96.122491][ T5695] veth1_macvtap: entered promiscuous mode
[   96.140825][ T5695] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.154110][ T5695] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.166180][ T5695] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.175020][ T5695] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.184065][ T5695] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.193265][ T5695] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.254670][  T142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.266739][  T142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.290710][ T2477] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.300315][ T2477] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.855181][ T5838] loop0: detected capacity change from 0 to 40427
[   96.891601][ T5838] F2FS-fs (loop0): Found nat_bits in checkpoint
2024/05/16 12:12:50 executed programs: 4
[   96.975104][ T5838] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   97.009490][ T5695] syz-executor.0: attempt to access beyond end of device
[   97.009490][ T5695] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   97.025966][ T5695] syz-executor.0: attempt to access beyond end of device
[   97.025966][ T5695] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   97.112837][ T2463] kworker/u8:6: attempt to access beyond end of device
[   97.112837][ T2463] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[   97.178130][ T5839] ==================================================================
[   97.186416][ T5839] BUG: KASAN: slab-use-after-free in device_for_each_child+0xa7/0x170
[   97.194777][ T5839] Read of size 8 at addr ffff88805202d320 by task kbnepd bnep0/5839
[   97.202772][ T5839] 
[   97.205113][ T5839] CPU: 1 PID: 5839 Comm: kbnepd bnep0 Not tainted 6.9.0-syzkaller-07726-g3c999d1ae3c7 #0
[   97.214933][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   97.225006][ T5839] Call Trace:
[   97.228301][ T5839]  <TASK>
[   97.231241][ T5839]  dump_stack_lvl+0x241/0x360
[   97.235961][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.241195][ T5839]  ? __pfx__printk+0x10/0x10
[   97.245812][ T5839]  ? _printk+0xd5/0x120
[   97.250033][ T5839]  ? __virt_addr_valid+0x183/0x520
[   97.255153][ T5839]  ? __virt_addr_valid+0x183/0x520
[   97.260268][ T5839]  print_report+0x169/0x550
[   97.264774][ T5839]  ? __virt_addr_valid+0x183/0x520
[   97.269878][ T5839]  ? __virt_addr_valid+0x183/0x520
[   97.275019][ T5839]  ? __virt_addr_valid+0x44e/0x520
[   97.280121][ T5839]  ? __phys_addr+0xba/0x170
[   97.284620][ T5839]  ? device_for_each_child+0xa7/0x170
[   97.290005][ T5839]  kasan_report+0x143/0x180
[   97.294547][ T5839]  ? device_for_each_child+0xa7/0x170
[   97.299943][ T5839]  ? __pfx_dev_memalloc_noio+0x10/0x10
[   97.305415][ T5839]  device_for_each_child+0xa7/0x170
[   97.310640][ T5839]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   97.317018][ T5839]  ? __pfx_device_for_each_child+0x10/0x10
[   97.322830][ T5839]  ? _raw_spin_unlock_irq+0x23/0x50
[   97.328028][ T5839]  ? lockdep_hardirqs_on+0x99/0x150
[   97.333245][ T5839]  pm_runtime_set_memalloc_noio+0x114/0x260
[   97.339274][ T5839]  netdev_unregister_kobject+0x178/0x250
[   97.344916][ T5839]  unregister_netdevice_many_notify+0x11dd/0x16e0
[   97.351348][ T5839]  ? __pfx___mutex_trylock_common+0x10/0x10
[   97.357255][ T5839]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[   97.364119][ T5839]  ? rcu_is_watching+0x15/0xb0
[   97.368884][ T5839]  ? trace_contention_end+0x3c/0x120
[   97.374166][ T5839]  ? __mutex_lock+0x2ef/0xd70
[   97.379674][ T5839]  ? __pfx_lock_acquire+0x10/0x10
[   97.384891][ T5839]  unregister_netdevice_queue+0x303/0x370
[   97.390616][ T5839]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   97.396860][ T5839]  ? __pfx___down_write_common+0x10/0x10
[   97.402492][ T5839]  unregister_netdev+0x1c/0x30
[   97.407335][ T5839]  bnep_session+0x2e09/0x3000
[   97.412130][ T5839]  ? __pfx_bnep_session+0x10/0x10
[   97.417247][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   97.423579][ T5839]  ? __pfx_woken_wake_function+0x10/0x10
[   97.429212][ T5839]  ? __kthread_parkme+0x169/0x1d0
[   97.434229][ T5839]  ? __pfx_bnep_session+0x10/0x10
[   97.439336][ T5839]  kthread+0x2f0/0x390
[   97.443405][ T5839]  ? __pfx_bnep_session+0x10/0x10
[   97.448438][ T5839]  ? __pfx_kthread+0x10/0x10
[   97.453019][ T5839]  ret_from_fork+0x4b/0x80
[   97.457518][ T5839]  ? __pfx_kthread+0x10/0x10
[   97.462191][ T5839]  ret_from_fork_asm+0x1a/0x30
[   97.467230][ T5839]  </TASK>
[   97.470603][ T5839] 
[   97.472931][ T5839] Allocated by task 5695:
[   97.477259][ T5839]  kasan_save_track+0x3f/0x80
[   97.481935][ T5839]  __kasan_kmalloc+0x98/0xb0
[   97.486521][ T5839]  __kmalloc+0x233/0x4a0
[   97.490755][ T5839]  hci_alloc_dev_priv+0x27/0x2030
[   97.495773][ T5839]  vhci_create_device+0x118/0x6d0
[   97.500787][ T5839]  vhci_write+0x3cb/0x480
[   97.505106][ T5839]  vfs_write+0xa2d/0xc50
[   97.509425][ T5839]  ksys_write+0x1a0/0x2c0
[   97.513747][ T5839]  do_syscall_64+0xf5/0x240
[   97.518239][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.524168][ T5839] 
[   97.526483][ T5839] Freed by task 5695:
[   97.530463][ T5839]  kasan_save_track+0x3f/0x80
[   97.535233][ T5839]  kasan_save_free_info+0x40/0x50
[   97.540430][ T5839]  poison_slab_object+0xa6/0xe0
[   97.545377][ T5839]  __kasan_slab_free+0x37/0x60
[   97.550226][ T5839]  kfree+0x153/0x3b0
[   97.554114][ T5839]  hci_release_dev+0x151b/0x16b0
[   97.559061][ T5839]  bt_host_release+0x83/0x90
[   97.563662][ T5839]  device_release+0x99/0x1c0
[   97.568255][ T5839]  kobject_put+0x22f/0x480
[   97.572672][ T5839]  vhci_release+0x8b/0xd0
[   97.577166][ T5839]  __fput+0x429/0x8a0
[   97.581145][ T5839]  task_work_run+0x24f/0x310
[   97.585813][ T5839]  do_exit+0xa1b/0x27e0
[   97.589992][ T5839]  do_group_exit+0x207/0x2c0
[   97.594797][ T5839]  __x64_sys_exit_group+0x3f/0x40
[   97.599815][ T5839]  do_syscall_64+0xf5/0x240
[   97.604329][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.610457][ T5839] 
[   97.612862][ T5839] Last potentially related work creation:
[   97.618577][ T5839]  kasan_save_stack+0x3f/0x60
[   97.623357][ T5839]  __kasan_record_aux_stack+0xac/0xc0
[   97.628730][ T5839]  insert_work+0x3e/0x330
[   97.633227][ T5839]  __queue_work+0xc24/0xef0
[   97.638331][ T5839]  queue_work_on+0x1c2/0x380
[   97.643030][ T5839]  l2cap_chan_send+0x3d6/0x2680
[   97.647902][ T5839]  l2cap_sock_sendmsg+0x1b4/0x2c0
[   97.652954][ T5839]  __sock_sendmsg+0x221/0x270
[   97.657641][ T5839]  kernel_sendmsg+0x151/0x220
[   97.662350][ T5839]  bnep_session+0x2877/0x3000
[   97.667045][ T5839]  kthread+0x2f0/0x390
[   97.671224][ T5839]  ret_from_fork+0x4b/0x80
[   97.675639][ T5839]  ret_from_fork_asm+0x1a/0x30
[   97.680481][ T5839] 
[   97.682888][ T5839] Second to last potentially related work creation:
[   97.689457][ T5839]  kasan_save_stack+0x3f/0x60
[   97.694126][ T5839]  __kasan_record_aux_stack+0xac/0xc0
[   97.699485][ T5839]  insert_work+0x3e/0x330
[   97.703804][ T5839]  __queue_work+0xc24/0xef0
[   97.708314][ T5839]  queue_work_on+0x1c2/0x380
[   97.713106][ T5839]  l2cap_chan_send+0x3d6/0x2680
[   97.717960][ T5839]  l2cap_sock_sendmsg+0x1b4/0x2c0
[   97.723155][ T5839]  __sock_sendmsg+0x221/0x270
[   97.727915][ T5839]  kernel_sendmsg+0x151/0x220
[   97.732669][ T5839]  bnep_session+0x2877/0x3000
[   97.737353][ T5839]  kthread+0x2f0/0x390
[   97.741499][ T5839]  ret_from_fork+0x4b/0x80
[   97.745989][ T5839]  ret_from_fork_asm+0x1a/0x30
[   97.750743][ T5839] 
[   97.753068][ T5839] The buggy address belongs to the object at ffff88805202c000
[   97.753068][ T5839]  which belongs to the cache kmalloc-8k of size 8192
[   97.767210][ T5839] The buggy address is located 4896 bytes inside of
[   97.767210][ T5839]  freed 8192-byte region [ffff88805202c000, ffff88805202e000)
[   97.781282][ T5839] 
[   97.783593][ T5839] The buggy address belongs to the physical page:
[   97.790093][ T5839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52028
[   97.798876][ T5839] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   97.806678][ T5839] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   97.814844][ T5839] page_type: 0xffffffff()
[   97.819175][ T5839] raw: 00fff00000000840 ffff888015042280 ffffea0000b5c400 0000000000000004
[   97.827814][ T5839] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[   97.836396][ T5839] head: 00fff00000000840 ffff888015042280 ffffea0000b5c400 0000000000000004
[   97.845231][ T5839] head: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[   97.853886][ T5839] head: 00fff00000000003 ffffea0001480a01 dead000000000122 00000000ffffffff
[   97.862585][ T5839] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000
[   97.871442][ T5839] page dumped because: kasan: bad access detected
[   97.877948][ T5839] page_owner tracks the page as allocated
[   97.884001][ T5839] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4751, tgid 4751 (dhcpcd), ts 65371962383, free_ts 63610460582
[   97.906177][ T5839]  post_alloc_hook+0x1ea/0x210
[   97.911261][ T5839]  get_page_from_freelist+0x3410/0x35b0
[   97.916813][ T5839]  __alloc_pages+0x256/0x6c0
[   97.921403][ T5839]  alloc_slab_page+0x5f/0x160
[   97.926315][ T5839]  new_slab+0x84/0x2f0
[   97.930373][ T5839]  ___slab_alloc+0xb07/0x12e0
[   97.935407][ T5839]  __kmalloc_node_track_caller+0x2d6/0x4f0
[   97.941549][ T5839]  kmalloc_reserve+0x111/0x2a0
[   97.946326][ T5839]  __alloc_skb+0x1f3/0x440
[   97.950740][ T5839]  netlink_dump+0x1e6/0xe50
[   97.955257][ T5839]  __netlink_dump_start+0x59d/0x780
[   97.960481][ T5839]  rtnetlink_rcv_msg+0xcf7/0x10d0
[   97.965954][ T5839]  netlink_rcv_skb+0x1e3/0x430
[   97.970734][ T5839]  netlink_unicast+0x7ea/0x980
[   97.975500][ T5839]  netlink_sendmsg+0x8e1/0xcb0
[   97.980324][ T5839]  __sock_sendmsg+0x221/0x270
[   97.985033][ T5839] page last free pid 142 tgid 142 stack trace:
[   97.991194][ T5839]  free_unref_page_prepare+0x97b/0xaa0
[   97.996688][ T5839]  free_unref_page+0x37/0x3f0
[   98.001380][ T5839]  __slab_free+0x31b/0x3d0
[   98.005891][ T5839]  qlist_free_all+0x5e/0xc0
[   98.010388][ T5839]  kasan_quarantine_reduce+0x14f/0x170
[   98.015845][ T5839]  __kasan_slab_alloc+0x23/0x80
[   98.020687][ T5839]  kmalloc_trace+0x16f/0x370
[   98.025264][ T5839]  netdevice_event+0x37d/0x950
[   98.030015][ T5839]  notifier_call_chain+0x19f/0x3e0
[   98.035118][ T5839]  unregister_netdevice_many_notify+0xd9b/0x16e0
[   98.041612][ T5839]  default_device_exit_batch+0xa0f/0xa90
[   98.047327][ T5839]  cleanup_net+0x89d/0xcc0
[   98.051759][ T5839]  process_scheduled_works+0xa2c/0x1830
[   98.057295][ T5839]  worker_thread+0x86d/0xd70
[   98.061891][ T5839]  kthread+0x2f0/0x390
[   98.065978][ T5839]  ret_from_fork+0x4b/0x80
[   98.070408][ T5839] 
[   98.072727][ T5839] Memory state around the buggy address:
[   98.078344][ T5839]  ffff88805202d200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.086417][ T5839]  ffff88805202d280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.094482][ T5839] >ffff88805202d300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.102555][ T5839]                                ^
[   98.107727][ T5839]  ffff88805202d380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.115945][ T5839]  ffff88805202d400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.123986][ T5839] ==================================================================
[   98.137404][ T5839] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   98.144742][ T5839] CPU: 1 PID: 5839 Comm: kbnepd bnep0 Not tainted 6.9.0-syzkaller-07726-g3c999d1ae3c7 #0
[   98.154785][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   98.165118][ T5839] Call Trace:
[   98.168398][ T5839]  <TASK>
[   98.171321][ T5839]  dump_stack_lvl+0x241/0x360
[   98.176011][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.181207][ T5839]  ? __pfx__printk+0x10/0x10
[   98.186136][ T5839]  ? preempt_schedule+0xe1/0xf0
[   98.190982][ T5839]  ? vscnprintf+0x5d/0x90
[   98.195306][ T5839]  panic+0x349/0x860
[   98.199368][ T5839]  ? check_panic_on_warn+0x21/0xb0
[   98.204477][ T5839]  ? __pfx_panic+0x10/0x10
[   98.208975][ T5839]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   98.214949][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   98.221266][ T5839]  ? print_report+0x502/0x550
[   98.226113][ T5839]  check_panic_on_warn+0x86/0xb0
[   98.231051][ T5839]  ? device_for_each_child+0xa7/0x170
[   98.236425][ T5839]  end_report+0x77/0x160
[   98.240664][ T5839]  kasan_report+0x154/0x180
[   98.245273][ T5839]  ? device_for_each_child+0xa7/0x170
[   98.250650][ T5839]  ? __pfx_dev_memalloc_noio+0x10/0x10
[   98.256118][ T5839]  device_for_each_child+0xa7/0x170
[   98.261308][ T5839]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.267636][ T5839]  ? __pfx_device_for_each_child+0x10/0x10
[   98.273445][ T5839]  ? _raw_spin_unlock_irq+0x23/0x50
[   98.278635][ T5839]  ? lockdep_hardirqs_on+0x99/0x150
[   98.283913][ T5839]  pm_runtime_set_memalloc_noio+0x114/0x260
[   98.289798][ T5839]  netdev_unregister_kobject+0x178/0x250
[   98.295423][ T5839]  unregister_netdevice_many_notify+0x11dd/0x16e0
[   98.301831][ T5839]  ? __pfx___mutex_trylock_common+0x10/0x10
[   98.307715][ T5839]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[   98.314553][ T5839]  ? rcu_is_watching+0x15/0xb0
[   98.319308][ T5839]  ? trace_contention_end+0x3c/0x120
[   98.324586][ T5839]  ? __mutex_lock+0x2ef/0xd70
[   98.329253][ T5839]  ? __pfx_lock_acquire+0x10/0x10
[   98.334269][ T5839]  unregister_netdevice_queue+0x303/0x370
[   98.339983][ T5839]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   98.346394][ T5839]  ? __pfx___down_write_common+0x10/0x10
[   98.352109][ T5839]  unregister_netdev+0x1c/0x30
[   98.356965][ T5839]  bnep_session+0x2e09/0x3000
[   98.361738][ T5839]  ? __pfx_bnep_session+0x10/0x10
[   98.366757][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   98.373167][ T5839]  ? __pfx_woken_wake_function+0x10/0x10
[   98.378792][ T5839]  ? __kthread_parkme+0x169/0x1d0
[   98.383907][ T5839]  ? __pfx_bnep_session+0x10/0x10
[   98.389020][ T5839]  kthread+0x2f0/0x390
[   98.393866][ T5839]  ? __pfx_bnep_session+0x10/0x10
[   98.398884][ T5839]  ? __pfx_kthread+0x10/0x10
[   98.403466][ T5839]  ret_from_fork+0x4b/0x80
[   98.407877][ T5839]  ? __pfx_kthread+0x10/0x10
[   98.412557][ T5839]  ret_from_fork_asm+0x1a/0x30
[   98.417318][ T5839]  </TASK>
[   98.420867][ T5839] Kernel Offset: disabled
[   98.425613][ T5839] Rebooting in 86400 seconds..