Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts.
2024/05/24 01:38:35 ignoring optional flag "sandboxArg"="0"
2024/05/24 01:38:35 parsed 1 programs
2024/05/24 01:38:37 executed programs: 0
[ 95.725155][ T5432] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 95.779904][ T4480] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 95.787852][ T4480] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 95.795860][ T4480] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 95.804716][ T4480] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 95.813404][ T4480] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 95.820853][ T4480] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 95.949348][ T5438] chnl_net:caif_netlink_parms(): no params data found
[ 96.005588][ T5438] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.012847][ T5438] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.020302][ T5438] bridge_slave_0: entered allmulticast mode
[ 96.027114][ T5438] bridge_slave_0: entered promiscuous mode
[ 96.035490][ T5438] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.043066][ T5438] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.050501][ T5438] bridge_slave_1: entered allmulticast mode
[ 96.057924][ T5438] bridge_slave_1: entered promiscuous mode
[ 96.083557][ T5438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 96.095164][ T5438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 96.124748][ T5438] team0: Port device team_slave_0 added
[ 96.133076][ T5438] team0: Port device team_slave_1 added
[ 96.156317][ T5438] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 96.163556][ T5438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.189691][ T5438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 96.203443][ T5438] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 96.210908][ T5438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.237482][ T5438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 96.274481][ T5438] hsr_slave_0: entered promiscuous mode
[ 96.280803][ T5438] hsr_slave_1: entered promiscuous mode
[ 96.915795][ T5438] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 96.927197][ T5438] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 96.947996][ T5438] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 96.964292][ T5438] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 97.066444][ T5438] 8021q: adding VLAN 0 to HW filter on device bond0
[ 97.094592][ T5438] 8021q: adding VLAN 0 to HW filter on device team0
[ 97.111466][ T785] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.118848][ T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 97.138132][ T785] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.146063][ T785] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 97.381536][ T5438] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 97.436173][ T5438] veth0_vlan: entered promiscuous mode
[ 97.453531][ T5438] veth1_vlan: entered promiscuous mode
[ 97.492321][ T5438] veth0_macvtap: entered promiscuous mode
[ 97.503663][ T5438] veth1_macvtap: entered promiscuous mode
[ 97.530549][ T5438] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 97.545864][ T5438] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 97.559536][ T5438] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.568282][ T5438] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.578613][ T5438] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.587343][ T5438] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.680492][ T785] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.700989][ T785] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.740572][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.749438][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.901352][ T5083] Bluetooth: hci0: command tx timeout
[ 98.244460][ T5504] loop0: detected capacity change from 0 to 40427
[ 98.272105][ T5504] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 98.350435][ T5504] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 98.402527][ T5438] syz-executor.0: attempt to access beyond end of device
[ 98.402527][ T5438] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 98.417736][ T5438] syz-executor.0: attempt to access beyond end of device
[ 98.417736][ T5438] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 98.522206][ T35] kworker/u8:2: attempt to access beyond end of device
[ 98.522206][ T35] loop0: rw=2049, sector=40960, nr_sectors = 144 limit=40427
[ 98.548789][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.556029][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.565690][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.574257][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.583878][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.592559][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.601524][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.611237][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.618370][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.626412][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.634059][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.641123][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.648676][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.656325][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.665744][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.673058][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.680285][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 98.687611][ T35] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 101.604665][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2024/05/24 01:38:43 executed programs: 2
[ 101.769419][ T4480] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 101.779921][ T4480] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 101.787929][ T4480] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 101.798072][ T4480] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 101.806596][ T4480] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 101.814450][ T4480] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 102.016855][ T5719] chnl_net:caif_netlink_parms(): no params data found
[ 102.122704][ T5719] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.131565][ T5719] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.139871][ T5719] bridge_slave_0: entered allmulticast mode
[ 102.147287][ T5719] bridge_slave_0: entered promiscuous mode
[ 102.157043][ T5719] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.164770][ T5719] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.172569][ T5719] bridge_slave_1: entered allmulticast mode
[ 102.180862][ T5719] bridge_slave_1: entered promiscuous mode
[ 102.216683][ T5719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 102.232076][ T5719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 102.279969][ T5719] team0: Port device team_slave_0 added
[ 102.292829][ T5719] team0: Port device team_slave_1 added
[ 102.332861][ T5719] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 102.340981][ T5719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 102.370334][ T5719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.384235][ T5719] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 102.393945][ T5719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 102.422783][ T5719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 102.487285][ T5719] hsr_slave_0: entered promiscuous mode
[ 102.495376][ T5719] hsr_slave_1: entered promiscuous mode
[ 102.507414][ T5719] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 102.516450][ T5719] Cannot create hsr debugfs directory
[ 103.145182][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.226334][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.307567][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.487737][ T11] bridge_slave_1: left allmulticast mode
[ 103.504370][ T11] bridge_slave_1: left promiscuous mode
[ 103.512140][ T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.535934][ T11] bridge_slave_0: left allmulticast mode
[ 103.544151][ T11] bridge_slave_0: left promiscuous mode
[ 103.550617][ T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.842665][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 103.854318][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 103.864744][ T11] bond0 (unregistering): Released all slaves
[ 103.898686][ T4480] Bluetooth: hci0: command tx timeout
[ 104.236182][ T11] hsr_slave_0: left promiscuous mode
[ 104.244969][ T11] hsr_slave_1: left promiscuous mode
[ 104.252291][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 104.262182][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 104.271677][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 104.280755][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 104.307455][ T11] veth1_macvtap: left promiscuous mode
[ 104.313280][ T11] veth0_macvtap: left promiscuous mode
[ 104.319320][ T11] veth1_vlan: left promiscuous mode
[ 104.324844][ T11] veth0_vlan: left promiscuous mode
[ 104.586277][ T11] team0 (unregistering): Port device team_slave_1 removed
[ 104.613383][ T11] team0 (unregistering): Port device team_slave_0 removed
[ 104.842225][ T5719] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 104.852829][ T5719] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 104.865812][ T5719] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 104.883040][ T5719] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 105.005232][ T5719] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.034586][ T5719] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.047890][ T45] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.055699][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.077163][ T45] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.084483][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.300028][ T5719] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.364192][ T5719] veth0_vlan: entered promiscuous mode
[ 105.384572][ T5719] veth1_vlan: entered promiscuous mode
[ 105.424229][ T5719] veth0_macvtap: entered promiscuous mode
[ 105.433759][ T5719] veth1_macvtap: entered promiscuous mode
[ 105.449961][ T5719] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 105.465646][ T5719] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 105.479088][ T5719] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.487833][ T5719] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.497808][ T5719] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.507634][ T5719] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.562736][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.572278][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.597232][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.605815][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.988652][ T4480] Bluetooth: hci0: command tx timeout
[ 106.195517][ T5846] loop0: detected capacity change from 0 to 40427
[ 106.229502][ T5846] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 106.296357][ T5846] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 106.335686][ T5719] syz-executor.0: attempt to access beyond end of device
[ 106.335686][ T5719] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 106.353522][ T5719] syz-executor.0: attempt to access beyond end of device
[ 106.353522][ T5719] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 106.449762][ T51] kworker/u8:3: attempt to access beyond end of device
[ 106.449762][ T51] loop0: rw=2049, sector=40960, nr_sectors = 144 limit=40427
[ 106.464883][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.474494][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.482180][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.490894][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.500477][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.507970][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.518055][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.527474][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.535758][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.545846][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.554923][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.562401][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.570275][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.577483][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.585737][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.593482][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.601223][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.608393][ T51] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 106.669280][ T5847] ==================================================================
[ 106.677402][ T5847] BUG: KASAN: slab-use-after-free in device_for_each_child+0xa7/0x170
[ 106.685619][ T5847] Read of size 8 at addr ffff88807c2d9320 by task kbnepd bnep0/5847
[ 106.693620][ T5847]
[ 106.695972][ T5847] CPU: 0 PID: 5847 Comm: kbnepd bnep0 Not tainted 6.9.0-syzkaller-12108-gb4d88a60fe0e #0
[ 106.705791][ T5847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 106.715884][ T5847] Call Trace:
[ 106.719265][ T5847]
[ 106.722210][ T5847] dump_stack_lvl+0x241/0x360
[ 106.726916][ T5847] ? __pfx_dump_stack_lvl+0x10/0x10
[ 106.732136][ T5847] ? __pfx__printk+0x10/0x10
[ 106.736746][ T5847] ? _printk+0xd5/0x120
[ 106.740927][ T5847] ? __virt_addr_valid+0x183/0x520
[ 106.746157][ T5847] ? __virt_addr_valid+0x183/0x520
[ 106.751306][ T5847] print_report+0x169/0x550
[ 106.755851][ T5847] ? __virt_addr_valid+0x183/0x520
[ 106.760990][ T5847] ? __virt_addr_valid+0x183/0x520
[ 106.766139][ T5847] ? __virt_addr_valid+0x44e/0x520
[ 106.771273][ T5847] ? __phys_addr+0xba/0x170
[ 106.775820][ T5847] ? device_for_each_child+0xa7/0x170
[ 106.781211][ T5847] kasan_report+0x143/0x180
[ 106.785827][ T5847] ? device_for_each_child+0xa7/0x170
[ 106.791224][ T5847] ? __pfx_dev_memalloc_noio+0x10/0x10
[ 106.796700][ T5847] device_for_each_child+0xa7/0x170
[ 106.801922][ T5847] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 106.808277][ T5847] ? __pfx_device_for_each_child+0x10/0x10
[ 106.814195][ T5847] ? _raw_spin_unlock_irq+0x23/0x50
[ 106.819413][ T5847] ? lockdep_hardirqs_on+0x99/0x150
[ 106.824627][ T5847] pm_runtime_set_memalloc_noio+0x114/0x260
[ 106.830526][ T5847] netdev_unregister_kobject+0x178/0x250
[ 106.836178][ T5847] unregister_netdevice_many_notify+0x11b7/0x16b0
[ 106.842584][ T5847] ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 106.849334][ T5847] ? rcu_is_watching+0x15/0xb0
[ 106.854106][ T5847] ? trace_contention_end+0x3c/0x120
[ 106.859378][ T5847] ? __mutex_lock+0x2ef/0xd70
[ 106.864044][ T5847] ? __pfx_lock_acquire+0x10/0x10
[ 106.869063][ T5847] unregister_netdevice_queue+0x303/0x370
[ 106.874955][ T5847] ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 106.881207][ T5847] ? __pfx___down_write_common+0x10/0x10
[ 106.886854][ T5847] unregister_netdev+0x1c/0x30
[ 106.891732][ T5847] bnep_session+0x2e09/0x3000
[ 106.896416][ T5847] ? __pfx_bnep_session+0x10/0x10
[ 106.901440][ T5847] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 106.907778][ T5847] ? __pfx_woken_wake_function+0x10/0x10
[ 106.913417][ T5847] ? __kthread_parkme+0x169/0x1d0
[ 106.918447][ T5847] ? __pfx_bnep_session+0x10/0x10
[ 106.923497][ T5847] kthread+0x2f0/0x390
[ 106.927557][ T5847] ? __pfx_bnep_session+0x10/0x10
[ 106.932595][ T5847] ? __pfx_kthread+0x10/0x10
[ 106.937176][ T5847] ret_from_fork+0x4b/0x80
[ 106.941587][ T5847] ? __pfx_kthread+0x10/0x10
[ 106.946177][ T5847] ret_from_fork_asm+0x1a/0x30
[ 106.950943][ T5847]
[ 106.953941][ T5847]
[ 106.956257][ T5847] Allocated by task 5719:
[ 106.960583][ T5847] kasan_save_track+0x3f/0x80
[ 106.965259][ T5847] __kasan_kmalloc+0x98/0xb0
[ 106.969935][ T5847] __kmalloc_noprof+0x1f9/0x400
[ 106.974878][ T5847] hci_alloc_dev_priv+0x27/0x2030
[ 106.979979][ T5847] vhci_create_device+0x118/0x6d0
[ 106.984994][ T5847] vhci_write+0x3cb/0x480
[ 106.989305][ T5847] vfs_write+0xa72/0xc90
[ 106.993526][ T5847] ksys_write+0x1a0/0x2c0
[ 106.997860][ T5847] do_syscall_64+0xf3/0x230
[ 107.002372][ T5847] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.008255][ T5847]
[ 107.010561][ T5847] Freed by task 5719:
[ 107.014517][ T5847] kasan_save_track+0x3f/0x80
[ 107.019189][ T5847] kasan_save_free_info+0x40/0x50
[ 107.024213][ T5847] poison_slab_object+0xe0/0x150
[ 107.029143][ T5847] __kasan_slab_free+0x37/0x60
[ 107.033910][ T5847] kfree+0x149/0x360
[ 107.037785][ T5847] hci_release_dev+0x151b/0x16b0
[ 107.042745][ T5847] bt_host_release+0x83/0x90
[ 107.047328][ T5847] device_release+0x99/0x1c0
[ 107.051933][ T5847] kobject_put+0x22f/0x480
[ 107.056360][ T5847] vhci_release+0x8b/0xd0
[ 107.060700][ T5847] __fput+0x406/0x8b0
[ 107.064672][ T5847] task_work_run+0x24f/0x310
[ 107.069272][ T5847] do_exit+0xa27/0x27e0
[ 107.073427][ T5847] do_group_exit+0x207/0x2c0
[ 107.078032][ T5847] __x64_sys_exit_group+0x3f/0x40
[ 107.083056][ T5847] do_syscall_64+0xf3/0x230
[ 107.087580][ T5847] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.093643][ T5847]
[ 107.095956][ T5847] Last potentially related work creation:
[ 107.101651][ T5847] kasan_save_stack+0x3f/0x60
[ 107.106324][ T5847] __kasan_record_aux_stack+0xac/0xc0
[ 107.111703][ T5847] insert_work+0x3e/0x330
[ 107.116230][ T5847] __queue_work+0xc16/0xee0
[ 107.120726][ T5847] queue_work_on+0x1c2/0x380
[ 107.125306][ T5847] l2cap_chan_send+0x3d6/0x2680
[ 107.130163][ T5847] l2cap_sock_sendmsg+0x1b4/0x2c0
[ 107.135200][ T5847] __sock_sendmsg+0x221/0x270
[ 107.139867][ T5847] kernel_sendmsg+0x151/0x220
[ 107.144545][ T5847] bnep_session+0x2877/0x3000
[ 107.149221][ T5847] kthread+0x2f0/0x390
[ 107.153321][ T5847] ret_from_fork+0x4b/0x80
[ 107.157731][ T5847] ret_from_fork_asm+0x1a/0x30
[ 107.162487][ T5847]
[ 107.164790][ T5847] Second to last potentially related work creation:
[ 107.171367][ T5847] kasan_save_stack+0x3f/0x60
[ 107.176055][ T5847] __kasan_record_aux_stack+0xac/0xc0
[ 107.181424][ T5847] insert_work+0x3e/0x330
[ 107.185755][ T5847] __queue_work+0xc16/0xee0
[ 107.190250][ T5847] queue_work_on+0x1c2/0x380
[ 107.194843][ T5847] l2cap_chan_send+0x3d6/0x2680
[ 107.199696][ T5847] l2cap_sock_sendmsg+0x1b4/0x2c0
[ 107.204722][ T5847] __sock_sendmsg+0x221/0x270
[ 107.209390][ T5847] kernel_sendmsg+0x151/0x220
[ 107.214066][ T5847] bnep_session+0x2877/0x3000
[ 107.218738][ T5847] kthread+0x2f0/0x390
[ 107.222791][ T5847] ret_from_fork+0x4b/0x80
[ 107.227199][ T5847] ret_from_fork_asm+0x1a/0x30
[ 107.231964][ T5847]
[ 107.234272][ T5847] The buggy address belongs to the object at ffff88807c2d8000
[ 107.234272][ T5847] which belongs to the cache kmalloc-8k of size 8192
[ 107.248307][ T5847] The buggy address is located 4896 bytes inside of
[ 107.248307][ T5847] freed 8192-byte region [ffff88807c2d8000, ffff88807c2da000)
[ 107.262282][ T5847]
[ 107.264674][ T5847] The buggy address belongs to the physical page:
[ 107.271078][ T5847] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c2d8
[ 107.279861][ T5847] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 107.288355][ T5847] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 107.296315][ T5847] page_type: 0xffffefff(slab)
[ 107.300986][ T5847] raw: 00fff00000000040 ffff888015042280 ffffea0001f17800 dead000000000005
[ 107.309543][ T5847] raw: 0000000000000000 0000000000020002 00000001ffffefff 0000000000000000
[ 107.318100][ T5847] head: 00fff00000000040 ffff888015042280 ffffea0001f17800 dead000000000005
[ 107.326746][ T5847] head: 0000000000000000 0000000000020002 00000001ffffefff 0000000000000000
[ 107.335485][ T5847] head: 00fff00000000003 ffffea0001f0b601 ffffffffffffffff 0000000000000000
[ 107.344143][ T5847] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 107.352787][ T5847] page dumped because: kasan: bad access detected
[ 107.359196][ T5847] page_owner tracks the page as allocated
[ 107.364906][ T5847] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4910, tgid 4910 (dhcpcd-run-hook), ts 46391067485, free_ts 46386722190
[ 107.385823][ T5847] post_alloc_hook+0x1f3/0x230
[ 107.390580][ T5847] get_page_from_freelist+0x2e2d/0x2ee0
[ 107.396126][ T5847] __alloc_pages_noprof+0x256/0x6c0
[ 107.401306][ T5847] alloc_slab_page+0x5f/0x120
[ 107.405965][ T5847] allocate_slab+0x5a/0x2e0
[ 107.410451][ T5847] ___slab_alloc+0xcd1/0x14b0
[ 107.415111][ T5847] __slab_alloc+0x58/0xa0
[ 107.419430][ T5847] kmalloc_trace_noprof+0x1d5/0x2c0
[ 107.424636][ T5847] tomoyo_init_log+0x11ce/0x2050
[ 107.429595][ T5847] tomoyo_supervisor+0x38a/0x11f0
[ 107.434631][ T5847] tomoyo_env_perm+0x178/0x210
[ 107.439400][ T5847] tomoyo_find_next_domain+0x1384/0x1cf0
[ 107.445041][ T5847] tomoyo_bprm_check_security+0x115/0x180
[ 107.450756][ T5847] security_bprm_check+0x65/0x90
[ 107.455707][ T5847] bprm_execve+0xa56/0x17c0
[ 107.460221][ T5847] do_execveat_common+0x553/0x700
[ 107.465421][ T5847] page last free pid 4910 tgid 4910 stack trace:
[ 107.471758][ T5847] free_unref_page+0xd19/0xea0
[ 107.476539][ T5847] __put_partials+0xeb/0x130
[ 107.481128][ T5847] put_cpu_partial+0x17c/0x250
[ 107.485900][ T5847] __slab_free+0x2ea/0x3d0
[ 107.490403][ T5847] qlist_free_all+0x9e/0x140
[ 107.495079][ T5847] kasan_quarantine_reduce+0x14f/0x170
[ 107.500536][ T5847] __kasan_slab_alloc+0x23/0x80
[ 107.505375][ T5847] __kmalloc_noprof+0x1a3/0x400
[ 107.510204][ T5847] tomoyo_supervisor+0xe0d/0x11f0
[ 107.515210][ T5847] tomoyo_env_perm+0x178/0x210
[ 107.519966][ T5847] tomoyo_find_next_domain+0x1384/0x1cf0
[ 107.525629][ T5847] tomoyo_bprm_check_security+0x115/0x180
[ 107.531362][ T5847] security_bprm_check+0x65/0x90
[ 107.536309][ T5847] bprm_execve+0xa56/0x17c0
[ 107.540915][ T5847] do_execveat_common+0x553/0x700
[ 107.545930][ T5847] __x64_sys_execve+0x92/0xb0
[ 107.550890][ T5847]
[ 107.553254][ T5847] Memory state around the buggy address:
[ 107.558969][ T5847] ffff88807c2d9200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.567301][ T5847] ffff88807c2d9280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.575346][ T5847] >ffff88807c2d9300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.583500][ T5847] ^
[ 107.588608][ T5847] ffff88807c2d9380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.596837][ T5847] ffff88807c2d9400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.604913][ T5847] ==================================================================
[ 107.629161][ T5847] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 107.636399][ T5847] CPU: 0 PID: 5847 Comm: kbnepd bnep0 Not tainted 6.9.0-syzkaller-12108-gb4d88a60fe0e #0
[ 107.646214][ T5847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 107.656284][ T5847] Call Trace:
[ 107.659592][ T5847]
[ 107.662530][ T5847] dump_stack_lvl+0x241/0x360
[ 107.667217][ T5847] ? __pfx_dump_stack_lvl+0x10/0x10
[ 107.672416][ T5847] ? __pfx__printk+0x10/0x10
[ 107.676994][ T5847] ? preempt_schedule+0xe1/0xf0
[ 107.681908][ T5847] ? vscnprintf+0x5d/0x90
[ 107.686243][ T5847] panic+0x349/0x860
[ 107.690313][ T5847] ? check_panic_on_warn+0x21/0xb0
[ 107.695441][ T5847] ? __pfx_panic+0x10/0x10
[ 107.699871][ T5847] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 107.705846][ T5847] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 107.712259][ T5847] ? print_report+0x502/0x550
[ 107.716932][ T5847] check_panic_on_warn+0x86/0xb0
[ 107.721854][ T5847] ? device_for_each_child+0xa7/0x170
[ 107.727274][ T5847] end_report+0x77/0x160
[ 107.731540][ T5847] kasan_report+0x154/0x180
[ 107.736051][ T5847] ? device_for_each_child+0xa7/0x170
[ 107.741419][ T5847] ? __pfx_dev_memalloc_noio+0x10/0x10
[ 107.746879][ T5847] device_for_each_child+0xa7/0x170
[ 107.752097][ T5847] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 107.758419][ T5847] ? __pfx_device_for_each_child+0x10/0x10
[ 107.764222][ T5847] ? _raw_spin_unlock_irq+0x23/0x50
[ 107.769413][ T5847] ? lockdep_hardirqs_on+0x99/0x150
[ 107.774617][ T5847] pm_runtime_set_memalloc_noio+0x114/0x260
[ 107.780504][ T5847] netdev_unregister_kobject+0x178/0x250
[ 107.786127][ T5847] unregister_netdevice_many_notify+0x11b7/0x16b0
[ 107.792572][ T5847] ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 107.799345][ T5847] ? rcu_is_watching+0x15/0xb0
[ 107.804097][ T5847] ? trace_contention_end+0x3c/0x120
[ 107.809393][ T5847] ? __mutex_lock+0x2ef/0xd70
[ 107.814060][ T5847] ? __pfx_lock_acquire+0x10/0x10
[ 107.819072][ T5847] unregister_netdevice_queue+0x303/0x370
[ 107.824808][ T5847] ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 107.831151][ T5847] ? __pfx___down_write_common+0x10/0x10
[ 107.836872][ T5847] unregister_netdev+0x1c/0x30
[ 107.841635][ T5847] bnep_session+0x2e09/0x3000
[ 107.846318][ T5847] ? __pfx_bnep_session+0x10/0x10
[ 107.851336][ T5847] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 107.857656][ T5847] ? __pfx_woken_wake_function+0x10/0x10
[ 107.863295][ T5847] ? __kthread_parkme+0x169/0x1d0
[ 107.868456][ T5847] ? __pfx_bnep_session+0x10/0x10
[ 107.873492][ T5847] kthread+0x2f0/0x390
[ 107.877566][ T5847] ? __pfx_bnep_session+0x10/0x10
[ 107.882610][ T5847] ? __pfx_kthread+0x10/0x10
[ 107.887188][ T5847] ret_from_fork+0x4b/0x80
[ 107.891601][ T5847] ? __pfx_kthread+0x10/0x10
[ 107.896273][ T5847] ret_from_fork_asm+0x1a/0x30
[ 107.901034][ T5847]
[ 107.904284][ T5847] Kernel Offset: disabled
[ 107.908597][ T5847] Rebooting in 86400 seconds..