[ 81.202881][ T8] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.250' (ED25519) to the list of known hosts.
2024/10/04 17:38:16 ignoring optional flag "sandboxArg"="0"
2024/10/04 17:38:16 ignoring optional flag "type"="gce"
2024/10/04 17:38:16 parsed 1 programs
2024/10/04 17:38:18 executed programs: 0
[ 85.683989][ T5395] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 85.748351][ T4494] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 85.758268][ T4494] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 85.766412][ T4494] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 85.775514][ T4494] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 85.783830][ T4494] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 85.791268][ T4494] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 85.916187][ T5402] chnl_net:caif_netlink_parms(): no params data found
[ 85.969109][ T5402] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.976421][ T5402] bridge0: port 1(bridge_slave_0) entered disabled state
[ 85.983831][ T5402] bridge_slave_0: entered allmulticast mode
[ 85.990885][ T5402] bridge_slave_0: entered promiscuous mode
[ 85.999337][ T5402] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.006801][ T5402] bridge0: port 2(bridge_slave_1) entered disabled state
[ 86.014124][ T5402] bridge_slave_1: entered allmulticast mode
[ 86.021029][ T5402] bridge_slave_1: entered promiscuous mode
[ 86.046979][ T5402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 86.058617][ T5402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 86.086652][ T5402] team0: Port device team_slave_0 added
[ 86.094850][ T5402] team0: Port device team_slave_1 added
[ 86.118110][ T5402] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 86.125753][ T5402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 86.152840][ T5402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 86.164996][ T5402] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 86.172139][ T5402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 86.198347][ T5402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 86.233544][ T5402] hsr_slave_0: entered promiscuous mode
[ 86.240173][ T5402] hsr_slave_1: entered promiscuous mode
[ 86.786204][ T5402] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 86.804358][ T5402] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 86.817639][ T5402] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 86.828336][ T5402] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 86.861010][ T5402] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.868381][ T5402] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.876566][ T5402] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.883780][ T5402] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.964534][ T5402] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.974748][ T2781] bridge0: port 1(bridge_slave_0) entered disabled state
[ 86.983250][ T2781] bridge0: port 2(bridge_slave_1) entered disabled state
[ 87.010962][ T5402] 8021q: adding VLAN 0 to HW filter on device team0
[ 87.025810][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 87.033103][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 87.052750][ T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 87.059897][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 87.257962][ T5402] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 87.304337][ T5402] veth0_vlan: entered promiscuous mode
[ 87.316963][ T5402] veth1_vlan: entered promiscuous mode
[ 87.347306][ T5402] veth0_macvtap: entered promiscuous mode
[ 87.357118][ T5402] veth1_macvtap: entered promiscuous mode
[ 87.379922][ T5402] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 87.398041][ T5402] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 87.410149][ T5402] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.419849][ T5402] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.430307][ T5402] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.440289][ T5402] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.518333][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 87.539942][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 87.569382][ T2892] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 87.578077][ T2892] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 87.832812][ T4494] Bluetooth: hci0: command tx timeout
[ 89.911711][ T4494] Bluetooth: hci0: command 0x041b tx timeout
2024/10/04 17:38:23 executed programs: 4
[ 91.992711][ T4494] Bluetooth: hci0: command 0x041b tx timeout
[ 94.071630][ T54] Bluetooth: hci0: command 0x041b tx timeout
[ 96.151599][ T4494] Bluetooth: hci0: command 0x041b tx timeout
2024/10/04 17:38:29 executed programs: 11
[ 98.241572][ T54] Bluetooth: hci0: command 0x041b tx timeout
2024/10/04 17:38:34 executed programs: 17
2024/10/04 17:38:39 executed programs: 24
2024/10/04 17:38:44 executed programs: 30
2024/10/04 17:38:49 executed programs: 36
2024/10/04 17:38:54 executed programs: 42
2024/10/04 17:38:59 executed programs: 48
[ 127.913134][ T5509] ==================================================================
[ 127.921257][ T5509] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x8b/0x270
[ 127.929010][ T5509] Write of size 4 at addr ffff88802719a080 by task kworker/1:3/5509
[ 127.936989][ T5509]
[ 127.939311][ T5509] CPU: 1 UID: 0 PID: 5509 Comm: kworker/1:3 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa-dirty #0
[ 127.950622][ T5509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 127.960807][ T5509] Workqueue: events sco_sock_timeout
[ 127.966151][ T5509] Call Trace:
[ 127.969432][ T5509]
[ 127.972371][ T5509] dump_stack_lvl+0x241/0x360
[ 127.977117][ T5509] ? __pfx_dump_stack_lvl+0x10/0x10
[ 127.982354][ T5509] ? __pfx__printk+0x10/0x10
[ 127.986959][ T5509] ? _printk+0xd5/0x120
[ 127.991126][ T5509] ? __virt_addr_valid+0x183/0x530
[ 127.996329][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.002088][ T5509] print_report+0x169/0x550
[ 128.006637][ T5509] ? __virt_addr_valid+0x183/0x530
[ 128.011779][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.017419][ T5509] ? __virt_addr_valid+0x45f/0x530
[ 128.022534][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.028199][ T5509] ? __phys_addr+0xba/0x170
[ 128.032700][ T5509] ? sco_sock_timeout+0x8b/0x270
[ 128.037660][ T5509] kasan_report+0x143/0x180
[ 128.042194][ T5509] ? __pfx_lock_acquire+0x10/0x10
[ 128.047443][ T5509] ? sco_sock_timeout+0x8b/0x270
[ 128.052391][ T5509] kasan_check_range+0x282/0x290
[ 128.057347][ T5509] sco_sock_timeout+0x8b/0x270
[ 128.062133][ T5509] ? process_scheduled_works+0x976/0x1850
[ 128.067971][ T5509] process_scheduled_works+0xa65/0x1850
[ 128.073646][ T5509] ? __pfx_process_scheduled_works+0x10/0x10
[ 128.079745][ T5509] ? assign_work+0x364/0x3d0
[ 128.084357][ T5509] worker_thread+0x870/0xd30
[ 128.088968][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.094618][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.100264][ T5509] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 128.106211][ T5509] ? __kthread_parkme+0x169/0x1d0
[ 128.111264][ T5509] ? __pfx_worker_thread+0x10/0x10
[ 128.116392][ T5509] kthread+0x2f2/0x390
[ 128.120468][ T5509] ? __pfx_worker_thread+0x10/0x10
[ 128.125597][ T5509] ? __pfx_kthread+0x10/0x10
[ 128.130203][ T5509] ret_from_fork+0x4d/0x80
[ 128.134846][ T5509] ? __pfx_kthread+0x10/0x10
[ 128.139460][ T5509] ret_from_fork_asm+0x1a/0x30
[ 128.144255][ T5509]
[ 128.147280][ T5509]
[ 128.149605][ T5509] Allocated by task 5115:
[ 128.153936][ T5509] kasan_save_track+0x3f/0x80
[ 128.158622][ T5509] __kasan_kmalloc+0x98/0xb0
[ 128.163219][ T5509] __kmalloc_node_track_caller_noprof+0x225/0x440
[ 128.169649][ T5509] kmalloc_reserve+0x111/0x2a0
[ 128.174428][ T5509] __alloc_skb+0x1f3/0x440
[ 128.178955][ T5509] nsim_dev_trap_report_work+0x254/0xaa0
[ 128.184620][ T5509] process_scheduled_works+0xa65/0x1850
[ 128.190265][ T5509] worker_thread+0x870/0xd30
[ 128.194870][ T5509] kthread+0x2f2/0x390
[ 128.198945][ T5509] ret_from_fork+0x4d/0x80
[ 128.203393][ T5509] ret_from_fork_asm+0x1a/0x30
[ 128.208171][ T5509]
[ 128.210494][ T5509] Freed by task 5115:
[ 128.214472][ T5509] kasan_save_track+0x3f/0x80
[ 128.219151][ T5509] kasan_save_free_info+0x40/0x50
[ 128.224185][ T5509] __kasan_slab_free+0x59/0x70
[ 128.228953][ T5509] kfree+0x1a0/0x440
[ 128.232873][ T5509] skb_release_data+0x6a0/0x8a0
[ 128.237732][ T5509] consume_skb+0x9f/0xf0
[ 128.241978][ T5509] nsim_dev_trap_report_work+0x765/0xaa0
[ 128.247625][ T5509] process_scheduled_works+0xa65/0x1850
[ 128.253181][ T5509] worker_thread+0x870/0xd30
[ 128.257780][ T5509] kthread+0x2f2/0x390
[ 128.262282][ T5509] ret_from_fork+0x4d/0x80
[ 128.266734][ T5509] ret_from_fork_asm+0x1a/0x30
[ 128.271508][ T5509]
[ 128.273845][ T5509] The buggy address belongs to the object at ffff88802719a000
[ 128.273845][ T5509] which belongs to the cache kmalloc-4k of size 4096
[ 128.287893][ T5509] The buggy address is located 128 bytes inside of
[ 128.287893][ T5509] freed 4096-byte region [ffff88802719a000, ffff88802719b000)
[ 128.301782][ T5509]
[ 128.304101][ T5509] The buggy address belongs to the physical page:
[ 128.310502][ T5509] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27198
[ 128.319524][ T5509] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 128.328022][ T5509] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 128.335764][ T5509] page_type: f5(slab)
[ 128.339767][ T5509] raw: 00fff00000000040 ffff888015442140 dead000000000122 0000000000000000
[ 128.348370][ T5509] raw: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[ 128.357064][ T5509] head: 00fff00000000040 ffff888015442140 dead000000000122 0000000000000000
[ 128.365745][ T5509] head: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[ 128.374432][ T5509] head: 00fff00000000003 ffffea00009c6601 ffffffffffffffff 0000000000000000
[ 128.383117][ T5509] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 128.391789][ T5509] page dumped because: kasan: bad access detected
[ 128.398199][ T5509] page_owner tracks the page as allocated
[ 128.403912][ T5509] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5115, tgid 5115 (kworker/0:4), ts 122322399972, free_ts 122095257880
[ 128.424812][ T5509] post_alloc_hook+0x1f3/0x230
[ 128.429618][ T5509] get_page_from_freelist+0x3045/0x3190
[ 128.435184][ T5509] __alloc_pages_noprof+0x256/0x6c0
[ 128.440393][ T5509] alloc_pages_mpol_noprof+0x3e8/0x680
[ 128.445877][ T5509] alloc_slab_page+0x6a/0x120
[ 128.450558][ T5509] allocate_slab+0x5a/0x2f0
[ 128.455071][ T5509] ___slab_alloc+0xcd1/0x14b0
[ 128.459761][ T5509] __slab_alloc+0x58/0xa0
[ 128.464099][ T5509] __kmalloc_node_track_caller_noprof+0x281/0x440
[ 128.470529][ T5509] kmalloc_reserve+0x111/0x2a0
[ 128.475317][ T5509] __alloc_skb+0x1f3/0x440
[ 128.479749][ T5509] nsim_dev_trap_report_work+0x254/0xaa0
[ 128.485402][ T5509] process_scheduled_works+0xa65/0x1850
[ 128.490968][ T5509] worker_thread+0x870/0xd30
[ 128.495579][ T5509] kthread+0x2f2/0x390
[ 128.499652][ T5509] ret_from_fork+0x4d/0x80
[ 128.504101][ T5509] page last free pid 5425 tgid 5425 stack trace:
[ 128.510429][ T5509] free_unref_page+0xcfb/0xf20
[ 128.515210][ T5509] __slab_free+0x31b/0x3d0
[ 128.519646][ T5509] qlist_free_all+0x9a/0x140
[ 128.524252][ T5509] kasan_quarantine_reduce+0x14f/0x170
[ 128.529760][ T5509] __kasan_slab_alloc+0x23/0x80
[ 128.534623][ T5509] kmem_cache_alloc_noprof+0x135/0x2a0
[ 128.540098][ T5509] getname_flags+0xb7/0x540
[ 128.544795][ T5509] do_sys_openat2+0xd2/0x1d0
[ 128.549404][ T5509] __x64_sys_openat+0x247/0x2a0
[ 128.554532][ T5509] do_syscall_64+0xf3/0x230
[ 128.559045][ T5509] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 128.565124][ T5509]
[ 128.567443][ T5509] Memory state around the buggy address:
[ 128.573070][ T5509] ffff888027199f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 128.581148][ T5509] ffff88802719a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 128.589227][ T5509] >ffff88802719a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 128.597295][ T5509] ^
[ 128.601362][ T5509] ffff88802719a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 128.609433][ T5509] ffff88802719a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 128.617500][ T5509] ==================================================================
[ 128.626264][ T5509] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 128.633489][ T5509] CPU: 1 UID: 0 PID: 5509 Comm: kworker/1:3 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa-dirty #0
[ 128.644785][ T5509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 128.654859][ T5509] Workqueue: events sco_sock_timeout
[ 128.660178][ T5509] Call Trace:
[ 128.663461][ T5509]
[ 128.666394][ T5509] dump_stack_lvl+0x241/0x360
[ 128.671088][ T5509] ? __pfx_dump_stack_lvl+0x10/0x10
[ 128.676306][ T5509] ? __pfx__printk+0x10/0x10
[ 128.680910][ T5509] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 128.686921][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.692597][ T5509] ? vscnprintf+0x5d/0x90
[ 128.696945][ T5509] panic+0x349/0x880
[ 128.700859][ T5509] ? check_panic_on_warn+0x21/0xb0
[ 128.706074][ T5509] ? __pfx_panic+0x10/0x10
[ 128.710508][ T5509] ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 128.716424][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.722087][ T5509] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 128.728189][ T5509] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 128.734545][ T5509] check_panic_on_warn+0x86/0xb0
[ 128.739498][ T5509] ? sco_sock_timeout+0x8b/0x270
[ 128.744456][ T5509] end_report+0x77/0x160
[ 128.748718][ T5509] kasan_report+0x154/0x180
[ 128.753237][ T5509] ? __pfx_lock_acquire+0x10/0x10
[ 128.758286][ T5509] ? sco_sock_timeout+0x8b/0x270
[ 128.763252][ T5509] kasan_check_range+0x282/0x290
[ 128.768211][ T5509] sco_sock_timeout+0x8b/0x270
[ 128.773000][ T5509] ? process_scheduled_works+0x976/0x1850
[ 128.778741][ T5509] process_scheduled_works+0xa65/0x1850
[ 128.784318][ T5509] ? __pfx_process_scheduled_works+0x10/0x10
[ 128.790408][ T5509] ? assign_work+0x364/0x3d0
[ 128.795025][ T5509] worker_thread+0x870/0xd30
[ 128.799639][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.805291][ T5509] ? srso_alias_return_thunk+0x5/0xfbef5
[ 128.810945][ T5509] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 128.816870][ T5509] ? __kthread_parkme+0x169/0x1d0
[ 128.821921][ T5509] ? __pfx_worker_thread+0x10/0x10
[ 128.827052][ T5509] kthread+0x2f2/0x390
[ 128.831131][ T5509] ? __pfx_worker_thread+0x10/0x10
[ 128.836267][ T5509] ? __pfx_kthread+0x10/0x10
[ 128.840869][ T5509] ret_from_fork+0x4d/0x80
[ 128.845304][ T5509] ? __pfx_kthread+0x10/0x10
[ 128.849898][ T5509] ret_from_fork_asm+0x1a/0x30
[ 128.854690][ T5509]
[ 128.857988][ T5509] Kernel Offset: disabled
[ 128.862347][ T5509] Rebooting in 86400 seconds..