Warning: Permanently added '10.128.0.232' (ED25519) to the list of known hosts.
[  457.450883][T19316] chnl_net:caif_netlink_parms(): no params data found
[  457.492038][T19316] bridge0: port 1(bridge_slave_0) entered blocking state
[  457.499418][T19316] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.506652][T19316] bridge_slave_0: entered allmulticast mode
[  457.513593][T19316] bridge_slave_0: entered promiscuous mode
[  457.522535][T19316] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.529959][T19316] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.539787][T19316] bridge_slave_1: entered allmulticast mode
[  457.546944][T19316] bridge_slave_1: entered promiscuous mode
[  457.566478][T19316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  457.579579][T19316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  457.602396][T19316] team0: Port device team_slave_0 added
[  457.610120][T19316] team0: Port device team_slave_1 added
[  457.629081][T19316] batman_adv: batadv0: Adding interface: batadv_slave_0
[  457.636485][T19316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  457.663994][T19316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  457.677210][T19316] batman_adv: batadv0: Adding interface: batadv_slave_1
[  457.684560][T19316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  457.712247][T19316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  457.743454][T19316] hsr_slave_0: entered promiscuous mode
[  457.749788][T19316] hsr_slave_1: entered promiscuous mode
[  458.362499][T19316] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  458.375559][T19316] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  458.386429][T19316] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  458.399032][T19316] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  458.429635][T19316] bridge0: port 2(bridge_slave_1) entered blocking state
[  458.437054][T19316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  458.444752][T19316] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.451961][T19316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  458.515812][T19316] 8021q: adding VLAN 0 to HW filter on device bond0
[  458.535745][T12203] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.544060][T12203] bridge0: port 2(bridge_slave_1) entered disabled state
[  458.566376][T19316] 8021q: adding VLAN 0 to HW filter on device team0
[  458.580434][T18721] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.587863][T18721] bridge0: port 1(bridge_slave_0) entered forwarding state
[  458.613515][T18724] bridge0: port 2(bridge_slave_1) entered blocking state
[  458.621772][T18724] bridge0: port 2(bridge_slave_1) entered forwarding state
[  458.648706][T19316] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  458.661165][T19316] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  458.701617][T19316] 8021q: adding VLAN 0 to HW filter on device batadv0
[  458.748336][T19316] veth0_vlan: entered promiscuous mode
[  458.761665][T19316] veth1_vlan: entered promiscuous mode
[  458.794171][T19316] veth0_macvtap: entered promiscuous mode
[  458.804414][T19316] veth1_macvtap: entered promiscuous mode
[  458.826904][T19316] batman_adv: batadv0: Interface activated: batadv_slave_0
[  458.842328][T19316] batman_adv: batadv0: Interface activated: batadv_slave_1
[  458.856198][T19316] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  458.865490][T19316] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  458.875244][T19316] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  458.886146][T19316] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  458.940829][T19358] validate_nla: 4 callbacks suppressed
[  458.940848][T19358] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  458.958867][T19358] team0: Device tunl0 is of different type
[  458.973770][T19361] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  458.983927][T19361] team0: Device gre0 is of different type
[  458.999432][T19362] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.015356][T19362] team0: Device gretap0 is up. Set it down before adding it as a team port
[  459.031940][T19366] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.047055][T19366] team0: Device erspan0 is up. Set it down before adding it as a team port
[  459.061735][T19367] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.072629][T19367] team0: Device ip_vti0 is of different type
[  459.086347][T19369] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.096995][T19369] team0: Device ip6_vti0 is of different type
[  459.110005][T19371] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.119875][T19371] team0: Device sit0 is of different type
[  459.133155][T19372] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.143439][T19372] team0: Device ip6tnl0 is of different type
[  459.156927][T19374] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.166571][T19374] team0: Device ip6gre0 is of different type
[  459.181635][T19375] netlink: 'syz-executor213': attribute type 1 has an invalid length.
[  459.196584][T19375] team0: Device syz_tun is up. Set it down before adding it as a team port
[  459.219669][T19377] team0: Device ip6gretap0 is up. Set it down before adding it as a team port
[  459.242959][T19378] team0: Device bridge0 is up. Set it down before adding it as a team port
[  459.261363][T19379] team0: Device vcan0 is of different type
[  459.284428][T19381] team0: Device bond0 is up. Set it down before adding it as a team port
[  459.306039][T19382] team0: Cannot enslave team device to itself
[  459.327076][T19384] team0: Device dummy0 is up. Set it down before adding it as a team port
[  459.342564][T19386] team0: Device nlmon0 is of different type
[  459.355519][T19388] team0: Device caif0 is of different type
[  459.376279][T19389] team0: Device batadv0 is up. Set it down before adding it as a team port
[  459.394661][T19390] team0: Device vxcan0 is of different type
[  459.409982][T19392] team0: Device vxcan1 is of different type
[  459.426765][T19394] team0: Device veth0 is up. Set it down before adding it as a team port
[  459.448239][T19395] team0: Device veth1 is up. Set it down before adding it as a team port
[  459.463993][T19396] team0: Device wg0 is of different type
[  459.481171][T19398] team0: Device wg1 is of different type
[  459.494411][T19401] team0: Device wg2 is of different type
[  459.514734][T19402] team0: Device veth0_to_bridge is up. Set it down before adding it as a team port
[  459.535404][T19403] bridge_slave_0: left allmulticast mode
[  459.544369][T19403] bridge_slave_0: left promiscuous mode
[  459.550849][T19403] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.571994][T19403] team0: Device bridge_slave_0 is up. Set it down before adding it as a team port
[  459.594009][T19406] team0: Device veth1_to_bridge is up. Set it down before adding it as a team port
[  459.610812][T19408] bridge_slave_1: left allmulticast mode
[  459.616518][T19408] bridge_slave_1: left promiscuous mode
[  459.623539][T19408] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.634323][T19408] team0: Device bridge_slave_1 is up. Set it down before adding it as a team port
[  459.660182][T19410] team0: Device veth0_to_bond is up. Set it down before adding it as a team port
[  459.679702][T19411] bond0: (slave bond_slave_0): Releasing backup interface
[  459.699709][T19411] team0: Port device bond_slave_0 added
[  459.718846][T19413] team0: Device veth1_to_bond is up. Set it down before adding it as a team port
[  459.741591][T19414] bond0: (slave bond_slave_1): Releasing backup interface
[  459.757303][T19414] team0: Port device bond_slave_1 added
[  459.779431][T19416] team0: Device veth0_to_team is up. Set it down before adding it as a team port
[  459.815678][T19420] team0: Device veth1_to_team is up. Set it down before adding it as a team port
[  459.845567][T19422] team0: Device veth0_to_batadv is up. Set it down before adding it as a team port
[  459.867160][T19425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  459.879872][T19425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.891390][T19425] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  459.900787][T19425] batman_adv: batadv0: Removing interface: batadv_slave_0
[  459.910437][T19425] team0: Device batadv_slave_0 is up. Set it down before adding it as a team port
[  459.934116][T19428] team0: Device veth1_to_batadv is up. Set it down before adding it as a team port
[  459.954070][T19430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  459.966665][T19430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.979644][T19430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  459.989668][T19430] batman_adv: batadv0: Removing interface: batadv_slave_1
[  459.999170][T19430] team0: Device batadv_slave_1 is up. Set it down before adding it as a team port
[  460.021277][T19432] team0: Device xfrm0 is of different type
[  460.040833][T19434] team0: Device veth0_to_hsr is up. Set it down before adding it as a team port
[  460.061501][T19435] team0: Device hsr_slave_0 is up. Set it down before adding it as a team port
[  460.083047][T19437] team0: Device veth1_to_hsr is up. Set it down before adding it as a team port
[  460.101733][T19438] team0: Device hsr_slave_1 is up. Set it down before adding it as a team port
[  460.124081][T19440] team0: Device hsr0 is up. Set it down before adding it as a team port
[  460.141285][T19441] team0: Device veth1_virt_wifi is up. Set it down before adding it as a team port
[  460.163282][T19442] team0: Device veth0_virt_wifi is up. Set it down before adding it as a team port
[  460.188124][T19444] team0: Device virt_wifi0 failed to register rx_handler
[  460.222846][T19446] team0: Device veth1_vlan is up. Set it down before adding it as a team port
[  460.241382][T19447] team0: Device veth0_vlan is up. Set it down before adding it as a team port
[  460.264690][T19450] team0: Device vlan0 is up. Set it down before adding it as a team port
[  460.290221][T19451] team0: Device vlan1 is up. Set it down before adding it as a team port
[  460.309549][T19453] team0: Device macvlan0 is up. Set it down before adding it as a team port
[  460.333200][T19455] team0: Device macvlan1 is up. Set it down before adding it as a team port
[  460.400361][T19456] team0: Device ipvlan0 failed to register rx_handler
[  460.481633][T19462] team0: Device ipvlan1 failed to register rx_handler
[  460.525290][T19465] team0: Device veth1_macvtap is up. Set it down before adding it as a team port
[  460.541979][T19466] team0: Device veth0_macvtap is up. Set it down before adding it as a team port
[  460.559105][T19467] team0: Device macvtap0 is up. Set it down before adding it as a team port
[  460.584358][T19469] team0: Device macsec0 is up. Set it down before adding it as a team port
[  460.620580][T19470] team0: Device geneve0 is up. Set it down before adding it as a team port
[  460.642884][T19472] team0: Device geneve1 is up. Set it down before adding it as a team port
[  460.663678][T19475] team0: Device netdevsim0 is up. Set it down before adding it as a team port
[  460.686436][T19476] team0: Device netdevsim1 is up. Set it down before adding it as a team port
[  460.710352][T19477] team0: Device netdevsim2 is up. Set it down before adding it as a team port
[  460.733405][T19480] team0: Device netdevsim3 is up. Set it down before adding it as a team port
[  460.836284][T19490] team0: Device macsec7 is already an upper device of the team interface
[  461.183532][T19525] 8021q: adding VLAN 0 to HW filter on device bond1
[  461.191661][T19525] ==================================================================
[  461.199782][T19525] BUG: KASAN: slab-use-after-free in team_device_event+0xa3b/0xad0
[  461.208171][T19525] Read of size 8 at addr ffff888017364548 by task syz-executor213/19525
[  461.216695][T19525] 
[  461.219139][T19525] CPU: 0 PID: 19525 Comm: syz-executor213 Not tainted 6.5.0-syzkaller-04043-gf8fdd54ee6a1-dirty #0
[  461.231141][T19525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[  461.241319][T19525] Call Trace:
[  461.244629][T19525]  <TASK>
[  461.247585][T19525]  dump_stack_lvl+0xd9/0x1b0
[  461.252225][T19525]  print_report+0xc4/0x620
[  461.256696][T19525]  ? __virt_addr_valid+0x5e/0x2d0
[  461.261759][T19525]  ? __phys_addr+0xc6/0x140
[  461.266298][T19525]  kasan_report+0xda/0x110
[  461.270762][T19525]  ? team_device_event+0xa3b/0xad0
[  461.275921][T19525]  ? team_device_event+0xa3b/0xad0
[  461.281083][T19525]  team_device_event+0xa3b/0xad0
[  461.286152][T19525]  notifier_call_chain+0xb6/0x3b0
[  461.291564][T19525]  ? team_netpoll_setup+0x350/0x350
[  461.297530][T19525]  call_netdevice_notifiers_info+0xb9/0x130
[  461.303456][T19525]  dev_disable_lro+0x224/0x3e0
[  461.308261][T19525]  ? netdev_change_features+0xb0/0xb0
[  461.313679][T19525]  ? vlan_vids_add_by_dev+0x20e/0x350
[  461.319184][T19525]  team_add_slave+0x1a8f/0x2360
[  461.324259][T19525]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  461.330293][T19525]  ? team_netpoll_cleanup+0x1d0/0x1d0
[  461.335887][T19525]  ? write_profile+0x450/0x450
[  461.340734][T19525]  ? team_netpoll_cleanup+0x1d0/0x1d0
[  461.346520][T19525]  do_set_master+0x1bc/0x220
[  461.351145][T19525]  do_setlink+0xa07/0x3fa0
[  461.355597][T19525]  ? is_bpf_text_address+0x79/0x1a0
[  461.360890][T19525]  ? rtnl_bridge_getlink+0x8c0/0x8c0
[  461.366309][T19525]  ? unwind_next_frame+0xe41/0x2020
[  461.371730][T19525]  ? __module_address+0x55/0x3b0
[  461.376862][T19525]  ? bpf_ksym_find+0x124/0x1b0
[  461.381634][T19525]  ? write_profile+0x450/0x450
[  461.386433][T19525]  ? is_bpf_text_address+0x9b/0x1a0
[  461.391704][T19525]  ? kernel_text_address+0x85/0xf0
[  461.397089][T19525]  ? __kernel_text_address+0xd/0x30
[  461.402296][T19525]  ? unwind_get_return_address+0x55/0xa0
[  461.407943][T19525]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  461.413846][T19525]  ? __nla_validate_parse+0x64f/0x25d0
[  461.419510][T19525]  ? nla_get_range_signed+0x370/0x370
[  461.425588][T19525]  ? stack_trace_save+0x96/0xd0
[  461.430450][T19525]  ? filter_irq_stacks+0x90/0x90
[  461.435388][T19525]  ? __stack_depot_save+0x39/0x510
[  461.440531][T19525]  ? __nla_parse+0x40/0x50
[  461.445142][T19525]  __rtnl_newlink+0xc1d/0x1940
[  461.450176][T19525]  ? rtnl_link_unregister+0x260/0x260
[  461.455804][T19525]  rtnl_newlink+0x67/0xa0
[  461.460242][T19525]  ? __rtnl_newlink+0x1940/0x1940
[  461.465528][T19525]  rtnetlink_rcv_msg+0x439/0xd30
[  461.470461][T19525]  ? rtnl_getlink+0xb40/0xb40
[  461.475133][T19525]  netlink_rcv_skb+0x16b/0x440
[  461.480098][T19525]  ? rtnl_getlink+0xb40/0xb40
[  461.485123][T19525]  ? netlink_ack+0x1370/0x1370
[  461.490075][T19525]  ? netlink_deliver_tap+0x1b1/0xd10
[  461.495463][T19525]  netlink_unicast+0x536/0x810
[  461.500529][T19525]  ? netlink_attachskb+0x870/0x870
[  461.505646][T19525]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  461.511658][T19525]  ? __phys_addr_symbol+0x30/0x70
[  461.516707][T19525]  ? __check_object_size+0x323/0x740
[  461.522261][T19525]  netlink_sendmsg+0x93c/0xe40
[  461.527028][T19525]  ? netlink_unicast+0x810/0x810
[  461.532078][T19525]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  461.537361][T19525]  ? netlink_unicast+0x810/0x810
[  461.542305][T19525]  sock_sendmsg+0xd9/0x180
[  461.546798][T19525]  ____sys_sendmsg+0x6ac/0x940
[  461.551555][T19525]  ? copy_msghdr_from_user+0x10b/0x160
[  461.557680][T19525]  ? kernel_sendmsg+0x50/0x50
[  461.562814][T19525]  ___sys_sendmsg+0x135/0x1d0
[  461.567496][T19525]  ? do_recvmmsg+0x740/0x740
[  461.572174][T19525]  ? reacquire_held_locks+0x4b0/0x4b0
[  461.577692][T19525]  ? __might_fault+0x156/0x190
[  461.582559][T19525]  ? __fget_light+0x1fc/0x260
[  461.587247][T19525]  __sys_sendmsg+0x117/0x1e0
[  461.592015][T19525]  ? __sys_sendmsg_sock+0x30/0x30
[  461.597058][T19525]  ? syscall_enter_from_user_mode+0x26/0x80
[  461.603238][T19525]  do_syscall_64+0x38/0xb0
[  461.608474][T19525]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  461.614519][T19525] RIP: 0033:0x7fa6368d05d9
[  461.619195][T19525] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  461.639241][T19525] RSP: 002b:00007ffc7b3e0188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  461.647757][T19525] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fa6368d05d9
[  461.655759][T19525] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[  461.663832][T19525] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  461.671969][T19525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  461.681685][T19525] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.689840][T19525]  </TASK>
[  461.693028][T19525] 
[  461.695349][T19525] Allocated by task 15081:
[  461.699752][T19525]  kasan_save_stack+0x33/0x50
[  461.704469][T19525]  kasan_set_track+0x25/0x30
[  461.709183][T19525]  __kasan_kmalloc+0xa2/0xb0
[  461.713768][T19525]  __kmalloc_node_track_caller+0x5e/0x100
[  461.719570][T19525]  kstrdup+0x3c/0x70
[  461.723562][T19525]  kstrdup_const+0x5f/0x70
[  461.728154][T19525]  __kernfs_new_node+0x9c/0x8a0
[  461.733556][T19525]  kernfs_new_node+0x94/0x110
[  461.738236][T19525]  kernfs_create_link+0xcc/0x230
[  461.743335][T19525]  sysfs_do_create_link_sd+0x90/0x140
[  461.748706][T19525]  sysfs_create_link+0x61/0xc0
[  461.753547][T19525]  __netdev_adjacent_dev_insert+0x751/0xb40
[  461.759547][T19525]  __netdev_upper_dev_link+0x410/0x840
[  461.765188][T19525]  netdev_upper_dev_link+0x92/0xc0
[  461.770382][T19525]  macsec_newlink+0x800/0x1a30
[  461.775301][T19525]  __rtnl_newlink+0x1177/0x1940
[  461.780240][T19525]  rtnl_newlink+0x67/0xa0
[  461.784669][T19525]  rtnetlink_rcv_msg+0x439/0xd30
[  461.789784][T19525]  netlink_rcv_skb+0x16b/0x440
[  461.794717][T19525]  netlink_unicast+0x536/0x810
[  461.799575][T19525]  netlink_sendmsg+0x93c/0xe40
[  461.804356][T19525]  sock_sendmsg+0xd9/0x180
[  461.808875][T19525]  ____sys_sendmsg+0x6ac/0x940
[  461.813910][T19525]  ___sys_sendmsg+0x135/0x1d0
[  461.818583][T19525]  __sys_sendmsg+0x117/0x1e0
[  461.823165][T19525]  do_syscall_64+0x38/0xb0
[  461.827575][T19525]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  461.833661][T19525] 
[  461.836081][T19525] The buggy address belongs to the object at ffff888017364540
[  461.836081][T19525]  which belongs to the cache kmalloc-16 of size 16
[  461.850123][T19525] The buggy address is located 8 bytes inside of
[  461.850123][T19525]  freed 16-byte region [ffff888017364540, ffff888017364550)
[  461.863732][T19525] 
[  461.866044][T19525] The buggy address belongs to the physical page:
[  461.872959][T19525] page:ffffea00005cd900 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x17364
[  461.883108][T19525] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  461.891215][T19525] page_type: 0xffffffff()
[  461.895538][T19525] raw: 00fff00000000200 ffff8880128413c0 dead000000000100 dead000000000122
[  461.904213][T19525] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[  461.913262][T19525] page dumped because: kasan: bad access detected
[  461.920201][T19525] page_owner tracks the page as allocated
[  461.926015][T19525] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 5390, tgid 5390 (syz-executor.0), ts 86692200297, free_ts 86666078377
[  461.945213][T19525]  post_alloc_hook+0x2d2/0x350
[  461.950267][T19525]  get_page_from_freelist+0x10a9/0x31e0
[  461.956099][T19525]  __alloc_pages+0x1d0/0x4a0
[  461.960943][T19525]  allocate_slab+0xa1/0x380
[  461.965533][T19525]  ___slab_alloc+0x8bc/0x1570
[  461.970380][T19525]  __slab_alloc.constprop.0+0x56/0xa0
[  461.975922][T19525]  __kmem_cache_alloc_node+0x137/0x350
[  461.981585][T19525]  __kmalloc_node+0x4f/0x100
[  461.986176][T19525]  kvmalloc_node+0x99/0x1a0
[  461.990877][T19525]  xt_replace_table+0x1ea/0x940
[  461.995885][T19525]  __do_replace+0x1d5/0x9c0
[  462.000458][T19525]  do_ip6t_set_ctl+0x93a/0xbd0
[  462.005314][T19525]  nf_setsockopt+0x87/0xe0
[  462.009861][T19525]  ipv6_setsockopt+0x12b/0x190
[  462.015136][T19525]  tcp_setsockopt+0x9d/0x100
[  462.020357][T19525]  __sys_setsockopt+0x2cd/0x5b0
[  462.025208][T19525] page last free stack trace:
[  462.029962][T19525]  free_unref_page_prepare+0x508/0xb90
[  462.035508][T19525]  free_unref_page+0x33/0x3b0
[  462.040479][T19525]  __unfreeze_partials+0x21d/0x240
[  462.045770][T19525]  qlist_free_all+0x6a/0x170
[  462.050353][T19525]  kasan_quarantine_reduce+0x18b/0x1d0
[  462.056086][T19525]  __kasan_slab_alloc+0x65/0x90
[  462.061026][T19525]  kmem_cache_alloc+0x172/0x3b0
[  462.065955][T19525]  alloc_buffer_head+0x21/0x140
[  462.070829][T19525]  folio_alloc_buffers+0x2ad/0x800
[  462.076128][T19525]  __getblk_slow+0x2ac/0x720
[  462.080800][T19525]  __getblk_gfp+0x70/0x80
[  462.085442][T19525]  ext4_getblk+0x229/0x810
[  462.089965][T19525]  ext4_bread+0x2c/0x190
[  462.094279][T19525]  ext4_append+0x26d/0x560
[  462.098730][T19525]  ext4_init_new_dir+0x220/0x4c0
[  462.103869][T19525]  ext4_mkdir+0x316/0xb70
[  462.108197][T19525] 
[  462.110514][T19525] Memory state around the buggy address:
[  462.116237][T19525]  ffff888017364400: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[  462.124720][T19525]  ffff888017364480: fb fb fc fc 00 00 fc fc fb fb fc fc fb fb fc fc
[  462.133117][T19525] >ffff888017364500: fb fb fc fc 00 00 fc fc fb fb fc fc fb fb fc fc
[  462.141249][T19525]                                               ^
[  462.147857][T19525]  ffff888017364580: fb fb fc fc fb fb fc fc fb fb fc fc 00 00 fc fc
[  462.155949][T19525]  ffff888017364600: 00 01 fc fc fb fb fc fc 00 01 fc fc fb fb fc fc
[  462.163996][T19525] ==================================================================
[  462.197020][T19525] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  462.204344][T19525] CPU: 1 PID: 19525 Comm: syz-executor213 Not tainted 6.5.0-syzkaller-04043-gf8fdd54ee6a1-dirty #0
[  462.215109][T19525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[  462.225241][T19525] Call Trace:
[  462.228536][T19525]  <TASK>
[  462.231457][T19525]  dump_stack_lvl+0xd9/0x1b0
[  462.236045][T19525]  panic+0x6a4/0x750
[  462.240019][T19525]  ? panic_smp_self_stop+0xa0/0xa0
[  462.245125][T19525]  ? preempt_schedule_thunk+0x1a/0x30
[  462.250609][T19525]  ? preempt_schedule_common+0x45/0xc0
[  462.256094][T19525]  check_panic_on_warn+0xab/0xb0
[  462.261136][T19525]  end_report+0x108/0x150
[  462.265488][T19525]  kasan_report+0xea/0x110
[  462.269912][T19525]  ? team_device_event+0xa3b/0xad0
[  462.275037][T19525]  ? team_device_event+0xa3b/0xad0
[  462.280155][T19525]  team_device_event+0xa3b/0xad0
[  462.285138][T19525]  notifier_call_chain+0xb6/0x3b0
[  462.290250][T19525]  ? team_netpoll_setup+0x350/0x350
[  462.295460][T19525]  call_netdevice_notifiers_info+0xb9/0x130
[  462.301433][T19525]  dev_disable_lro+0x224/0x3e0
[  462.306292][T19525]  ? netdev_change_features+0xb0/0xb0
[  462.311664][T19525]  ? vlan_vids_add_by_dev+0x20e/0x350
[  462.317037][T19525]  team_add_slave+0x1a8f/0x2360
[  462.321890][T19525]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  462.327869][T19525]  ? team_netpoll_cleanup+0x1d0/0x1d0
[  462.333238][T19525]  ? write_profile+0x450/0x450
[  462.337994][T19525]  ? team_netpoll_cleanup+0x1d0/0x1d0
[  462.343361][T19525]  do_set_master+0x1bc/0x220
[  462.347941][T19525]  do_setlink+0xa07/0x3fa0
[  462.352349][T19525]  ? is_bpf_text_address+0x79/0x1a0
[  462.357544][T19525]  ? rtnl_bridge_getlink+0x8c0/0x8c0
[  462.362827][T19525]  ? unwind_next_frame+0xe41/0x2020
[  462.368019][T19525]  ? __module_address+0x55/0x3b0
[  462.372958][T19525]  ? bpf_ksym_find+0x124/0x1b0
[  462.377754][T19525]  ? write_profile+0x450/0x450
[  462.382513][T19525]  ? is_bpf_text_address+0x9b/0x1a0
[  462.387719][T19525]  ? kernel_text_address+0x85/0xf0
[  462.392866][T19525]  ? __kernel_text_address+0xd/0x30
[  462.398079][T19525]  ? unwind_get_return_address+0x55/0xa0
[  462.403711][T19525]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  462.409618][T19525]  ? __nla_validate_parse+0x64f/0x25d0
[  462.415109][T19525]  ? nla_get_range_signed+0x370/0x370
[  462.420479][T19525]  ? stack_trace_save+0x96/0xd0
[  462.425330][T19525]  ? filter_irq_stacks+0x90/0x90
[  462.430264][T19525]  ? __stack_depot_save+0x39/0x510
[  462.435373][T19525]  ? __nla_parse+0x40/0x50
[  462.439800][T19525]  __rtnl_newlink+0xc1d/0x1940
[  462.444586][T19525]  ? rtnl_link_unregister+0x260/0x260
[  462.449961][T19525]  rtnl_newlink+0x67/0xa0
[  462.454285][T19525]  ? __rtnl_newlink+0x1940/0x1940
[  462.459336][T19525]  rtnetlink_rcv_msg+0x439/0xd30
[  462.464360][T19525]  ? rtnl_getlink+0xb40/0xb40
[  462.469137][T19525]  netlink_rcv_skb+0x16b/0x440
[  462.474093][T19525]  ? rtnl_getlink+0xb40/0xb40
[  462.478853][T19525]  ? netlink_ack+0x1370/0x1370
[  462.483617][T19525]  ? netlink_deliver_tap+0x1b1/0xd10
[  462.489008][T19525]  netlink_unicast+0x536/0x810
[  462.493979][T19525]  ? netlink_attachskb+0x870/0x870
[  462.499118][T19525]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  462.505027][T19525]  ? __phys_addr_symbol+0x30/0x70
[  462.510151][T19525]  ? __check_object_size+0x323/0x740
[  462.515452][T19525]  netlink_sendmsg+0x93c/0xe40
[  462.520320][T19525]  ? netlink_unicast+0x810/0x810
[  462.525432][T19525]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  462.531351][T19525]  ? netlink_unicast+0x810/0x810
[  462.536294][T19525]  sock_sendmsg+0xd9/0x180
[  462.540719][T19525]  ____sys_sendmsg+0x6ac/0x940
[  462.545745][T19525]  ? copy_msghdr_from_user+0x10b/0x160
[  462.551324][T19525]  ? kernel_sendmsg+0x50/0x50
[  462.556349][T19525]  ___sys_sendmsg+0x135/0x1d0
[  462.561032][T19525]  ? do_recvmmsg+0x740/0x740
[  462.565726][T19525]  ? reacquire_held_locks+0x4b0/0x4b0
[  462.571201][T19525]  ? __might_fault+0x156/0x190
[  462.576061][T19525]  ? __fget_light+0x1fc/0x260
[  462.580921][T19525]  __sys_sendmsg+0x117/0x1e0
[  462.585688][T19525]  ? __sys_sendmsg_sock+0x30/0x30
[  462.590976][T19525]  ? syscall_enter_from_user_mode+0x26/0x80
[  462.596955][T19525]  do_syscall_64+0x38/0xb0
[  462.601377][T19525]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  462.607274][T19525] RIP: 0033:0x7fa6368d05d9
[  462.611686][T19525] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  462.631818][T19525] RSP: 002b:00007ffc7b3e0188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  462.640228][T19525] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fa6368d05d9
[  462.648294][T19525] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[  462.656344][T19525] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  462.664571][T19525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  462.672711][T19525] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  462.680975][T19525]  </TASK>
[  462.684264][T19525] Kernel Offset: disabled
[  462.688757][T19525] Rebooting in 86400 seconds..