[   81.152105][  T919] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.33' (ED25519) to the list of known hosts.
2024/10/02 19:34:43 ignoring optional flag "sandboxArg"="0"
2024/10/02 19:34:43 ignoring optional flag "type"="gce"
2024/10/02 19:34:43 parsed 1 programs
2024/10/02 19:34:45 executed programs: 0
[   87.972314][ T5396] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   88.036369][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   88.045767][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   88.053996][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   88.062807][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   88.070651][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   88.078469][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.203933][ T5403] chnl_net:caif_netlink_parms(): no params data found
[   88.260020][ T5403] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.267516][ T5403] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.274890][ T5403] bridge_slave_0: entered allmulticast mode
[   88.282326][ T5403] bridge_slave_0: entered promiscuous mode
[   88.290899][ T5403] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.298125][ T5403] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.305549][ T5403] bridge_slave_1: entered allmulticast mode
[   88.313200][ T5403] bridge_slave_1: entered promiscuous mode
[   88.338138][ T5403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.349816][ T5403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.379086][ T5403] team0: Port device team_slave_0 added
[   88.387527][ T5403] team0: Port device team_slave_1 added
[   88.412039][ T5403] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.419030][ T5403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.445147][ T5403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.457389][ T5403] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.464873][ T5403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.490991][ T5403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.526493][ T5403] hsr_slave_0: entered promiscuous mode
[   88.533256][ T5403] hsr_slave_1: entered promiscuous mode
[   89.056045][ T5403] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.068548][ T5403] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   89.080154][ T5403] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   89.095465][ T5403] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   89.125185][ T5403] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.132421][ T5403] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.139917][ T5403] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.147205][ T5403] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.214344][ T5403] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.233230][  T733] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.243904][  T733] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.267122][ T5403] 8021q: adding VLAN 0 to HW filter on device team0
[   89.283929][ T2912] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.291214][ T2912] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.306400][  T733] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.313718][  T733] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.512784][ T5403] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.563884][ T5403] veth0_vlan: entered promiscuous mode
[   89.584001][ T5403] veth1_vlan: entered promiscuous mode
[   89.619956][ T5403] veth0_macvtap: entered promiscuous mode
[   89.633679][ T5403] veth1_macvtap: entered promiscuous mode
[   89.655792][ T5403] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.673414][ T5403] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.689760][ T5403] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.700088][ T5403] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.711555][ T5403] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.720314][ T5403] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.811812][  T733] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.819688][  T733] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.857778][  T733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.869642][  T733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.111873][ T4493] Bluetooth: hci0: command tx timeout
[   92.192343][ T4493] Bluetooth: hci0: command 0x041b tx timeout
2024/10/02 19:34:50 executed programs: 4
[   94.271799][ T4493] Bluetooth: hci0: command 0x041b tx timeout
[   96.351343][   T54] Bluetooth: hci0: command 0x041b tx timeout
[   98.431587][ T4493] Bluetooth: hci0: command 0x041b tx timeout
2024/10/02 19:34:56 executed programs: 10
[  100.510931][ T4493] Bluetooth: hci0: command 0x041b tx timeout
2024/10/02 19:35:01 executed programs: 16
2024/10/02 19:35:06 executed programs: 22
2024/10/02 19:35:11 executed programs: 28
2024/10/02 19:35:16 executed programs: 34
2024/10/02 19:35:21 executed programs: 40
2024/10/02 19:35:26 executed programs: 46
[  132.353712][ T1242] ieee802154 phy0 wpan0: encryption failed: -22
[  132.360112][ T1242] ieee802154 phy1 wpan1: encryption failed: -22
2024/10/02 19:35:32 executed programs: 52
[  136.192001][   T47] ==================================================================
[  136.200077][   T47] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x8b/0x270
[  136.207812][   T47] Write of size 4 at addr ffff88807e2d5080 by task kworker/1:1/47
[  136.215604][   T47] 
[  136.217919][   T47] CPU: 1 UID: 0 PID: 47 Comm: kworker/1:1 Not tainted 6.12.0-rc1-syzkaller-ge32cde8d2bd7 #0
[  136.227970][   T47] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  136.238034][   T47] Workqueue: events sco_sock_timeout
[  136.243336][   T47] Call Trace:
[  136.246626][   T47]  <TASK>
[  136.249559][   T47]  dump_stack_lvl+0x241/0x360
[  136.254240][   T47]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.259461][   T47]  ? __pfx__printk+0x10/0x10
[  136.264050][   T47]  ? _printk+0xd5/0x120
[  136.268211][   T47]  ? __virt_addr_valid+0x183/0x530
[  136.273340][   T47]  ? srso_alias_return_thunk+0x5/0xfbef5
[  136.278978][   T47]  print_report+0x169/0x550
[  136.283519][   T47]  ? __virt_addr_valid+0x183/0x530
[  136.288644][   T47]  ? srso_alias_return_thunk+0x5/0xfbef5
[  136.294357][   T47]  ? __virt_addr_valid+0x45f/0x530
[  136.299483][   T47]  ? srso_alias_return_thunk+0x5/0xfbef5
[  136.305144][   T47]  ? __phys_addr+0xba/0x170
[  136.309675][   T47]  ? sco_sock_timeout+0x8b/0x270
[  136.314728][   T47]  kasan_report+0x143/0x180
[  136.319246][   T47]  ? __pfx_lock_acquire+0x10/0x10
[  136.324294][   T47]  ? sco_sock_timeout+0x8b/0x270
[  136.329249][   T47]  kasan_check_range+0x282/0x290
[  136.334294][   T47]  sco_sock_timeout+0x8b/0x270
[  136.339069][   T47]  ? process_scheduled_works+0x976/0x1850
[  136.344801][   T47]  process_scheduled_works+0xa65/0x1850
[  136.350372][   T47]  ? __pfx_process_scheduled_works+0x10/0x10
[  136.356367][   T47]  ? assign_work+0x364/0x3d0
[  136.360969][   T47]  worker_thread+0x870/0xd30
[  136.365607][   T47]  ? __kthread_parkme+0x169/0x1d0
[  136.370645][   T47]  ? __pfx_worker_thread+0x10/0x10
[  136.375796][   T47]  kthread+0x2f2/0x390
[  136.379867][   T47]  ? __pfx_worker_thread+0x10/0x10
[  136.384989][   T47]  ? __pfx_kthread+0x10/0x10
[  136.389579][   T47]  ret_from_fork+0x4d/0x80
[  136.394007][   T47]  ? __pfx_kthread+0x10/0x10
[  136.398596][   T47]  ret_from_fork_asm+0x1a/0x30
[  136.403465][   T47]  </TASK>
[  136.406480][   T47] 
[  136.408793][   T47] Allocated by task 5759:
[  136.413112][   T47]  kasan_save_track+0x3f/0x80
[  136.417790][   T47]  __kasan_kmalloc+0x98/0xb0
[  136.422381][   T47]  __kmalloc_noprof+0x1fc/0x400
[  136.427246][   T47]  sk_prot_alloc+0xe0/0x210
[  136.432020][   T47]  sk_alloc+0x38/0x370
[  136.436093][   T47]  bt_sock_alloc+0x3c/0x340
[  136.440594][   T47]  sco_sock_create+0xbb/0x390
[  136.445276][   T47]  bt_sock_create+0x163/0x230
[  136.449958][   T47]  __sock_create+0x492/0x920
[  136.454547][   T47]  __sys_socket+0x150/0x3c0
[  136.459051][   T47]  __x64_sys_socket+0x7a/0x90
[  136.463724][   T47]  do_syscall_64+0xf3/0x230
[  136.468232][   T47]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.474154][   T47] 
[  136.476470][   T47] Freed by task 5760:
[  136.480439][   T47]  kasan_save_track+0x3f/0x80
[  136.485119][   T47]  kasan_save_free_info+0x40/0x50
[  136.490153][   T47]  __kasan_slab_free+0x59/0x70
[  136.494915][   T47]  kfree+0x1a0/0x440
[  136.498835][   T47]  __sk_destruct+0x479/0x5f0
[  136.503432][   T47]  sco_sock_release+0x25e/0x320
[  136.508292][   T47]  sock_close+0xbe/0x240
[  136.512563][   T47]  __fput+0x241/0x880
[  136.516551][   T47]  task_work_run+0x251/0x310
[  136.521145][   T47]  get_signal+0x15e8/0x1740
[  136.525651][   T47]  arch_do_signal_or_restart+0x96/0x860
[  136.531203][   T47]  syscall_exit_to_user_mode+0xc9/0x370
[  136.536750][   T47]  do_syscall_64+0x100/0x230
[  136.541347][   T47]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.547251][   T47] 
[  136.549581][   T47] The buggy address belongs to the object at ffff88807e2d5000
[  136.549581][   T47]  which belongs to the cache kmalloc-2k of size 2048
[  136.563647][   T47] The buggy address is located 128 bytes inside of
[  136.563647][   T47]  freed 2048-byte region [ffff88807e2d5000, ffff88807e2d5800)
[  136.577549][   T47] 
[  136.579900][   T47] The buggy address belongs to the physical page:
[  136.586312][   T47] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e2d0
[  136.595095][   T47] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  136.603592][   T47] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  136.611131][   T47] page_type: f5(slab)
[  136.615111][   T47] raw: 00fff00000000040 ffff888015442000 ffffea0000a07800 dead000000000002
[  136.623689][   T47] raw: 0000000000000000 0000000000080008 00000001f5000000 0000000000000000
[  136.632272][   T47] head: 00fff00000000040 ffff888015442000 ffffea0000a07800 dead000000000002
[  136.640940][   T47] head: 0000000000000000 0000000000080008 00000001f5000000 0000000000000000
[  136.649608][   T47] head: 00fff00000000003 ffffea0001f8b401 ffffffffffffffff 0000000000000000
[  136.658274][   T47] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  136.666940][   T47] page dumped because: kasan: bad access detected
[  136.673342][   T47] page_owner tracks the page as allocated
[  136.679045][   T47] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4533, tgid 4533 (acpid), ts 19751533769, free_ts 17515017965
[  136.699982][   T47]  post_alloc_hook+0x1f3/0x230
[  136.704855][   T47]  get_page_from_freelist+0x3045/0x3190
[  136.710408][   T47]  __alloc_pages_noprof+0x256/0x6c0
[  136.715610][   T47]  alloc_pages_mpol_noprof+0x3e8/0x680
[  136.721076][   T47]  alloc_slab_page+0x6a/0x120
[  136.725753][   T47]  allocate_slab+0x5a/0x2f0
[  136.730253][   T47]  ___slab_alloc+0xcd1/0x14b0
[  136.734925][   T47]  __slab_alloc+0x58/0xa0
[  136.739248][   T47]  __kmalloc_noprof+0x25a/0x400
[  136.744105][   T47]  sk_prot_alloc+0xe0/0x210
[  136.748616][   T47]  sk_alloc+0x38/0x370
[  136.752688][   T47]  __netlink_create+0x65/0x260
[  136.757457][   T47]  netlink_create+0x3ab/0x560
[  136.762137][   T47]  __sock_create+0x492/0x920
[  136.766727][   T47]  __sys_socket+0x150/0x3c0
[  136.771228][   T47]  __x64_sys_socket+0x7a/0x90
[  136.775903][   T47] page last free pid 1 tgid 1 stack trace:
[  136.781869][   T47]  free_unref_page+0xcfb/0xf20
[  136.786631][   T47]  free_contig_range+0x152/0x550
[  136.791572][   T47]  destroy_args+0x8a/0x840
[  136.795991][   T47]  debug_vm_pgtable+0x4be/0x550
[  136.801012][   T47]  do_one_initcall+0x24a/0x880
[  136.805782][   T47]  do_initcall_level+0x157/0x210
[  136.810727][   T47]  do_initcalls+0x3f/0x80
[  136.815060][   T47]  kernel_init_freeable+0x435/0x5d0
[  136.820261][   T47]  kernel_init+0x1d/0x2b0
[  136.824601][   T47]  ret_from_fork+0x4d/0x80
[  136.829028][   T47]  ret_from_fork_asm+0x1a/0x30
[  136.833801][   T47] 
[  136.836115][   T47] Memory state around the buggy address:
[  136.841734][   T47]  ffff88807e2d4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  136.849803][   T47]  ffff88807e2d5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  136.857859][   T47] >ffff88807e2d5080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  136.865912][   T47]                    ^
[  136.869970][   T47]  ffff88807e2d5100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  136.878025][   T47]  ffff88807e2d5180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  136.886095][   T47] ==================================================================
[  136.894662][   T47] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  136.901868][   T47] CPU: 1 UID: 0 PID: 47 Comm: kworker/1:1 Not tainted 6.12.0-rc1-syzkaller-ge32cde8d2bd7 #0
[  136.911950][   T47] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  136.922022][   T47] Workqueue: events sco_sock_timeout
[  136.927355][   T47] Call Trace:
[  136.930642][   T47]  <TASK>
[  136.933582][   T47]  dump_stack_lvl+0x241/0x360
[  136.938285][   T47]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.943495][   T47]  ? __pfx__printk+0x10/0x10
[  136.948090][   T47]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  136.954091][   T47]  ? srso_alias_return_thunk+0x5/0xfbef5
[  136.959737][   T47]  ? vscnprintf+0x5d/0x90
[  136.964081][   T47]  panic+0x349/0x880
[  136.967984][   T47]  ? check_panic_on_warn+0x21/0xb0
[  136.973102][   T47]  ? __pfx_panic+0x10/0x10
[  136.977525][   T47]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  136.983435][   T47]  ? srso_alias_return_thunk+0x5/0xfbef5
[  136.989080][   T47]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  136.994987][   T47]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  137.001448][   T47]  check_panic_on_warn+0x86/0xb0
[  137.006388][   T47]  ? sco_sock_timeout+0x8b/0x270
[  137.011426][   T47]  end_report+0x77/0x160
[  137.015677][   T47]  kasan_report+0x154/0x180
[  137.020187][   T47]  ? __pfx_lock_acquire+0x10/0x10
[  137.025253][   T47]  ? sco_sock_timeout+0x8b/0x270
[  137.030208][   T47]  kasan_check_range+0x282/0x290
[  137.035157][   T47]  sco_sock_timeout+0x8b/0x270
[  137.039938][   T47]  ? process_scheduled_works+0x976/0x1850
[  137.045670][   T47]  process_scheduled_works+0xa65/0x1850
[  137.051240][   T47]  ? __pfx_process_scheduled_works+0x10/0x10
[  137.057233][   T47]  ? assign_work+0x364/0x3d0
[  137.061862][   T47]  worker_thread+0x870/0xd30
[  137.066469][   T47]  ? __kthread_parkme+0x169/0x1d0
[  137.071504][   T47]  ? __pfx_worker_thread+0x10/0x10
[  137.076629][   T47]  kthread+0x2f2/0x390
[  137.080699][   T47]  ? __pfx_worker_thread+0x10/0x10
[  137.085825][   T47]  ? __pfx_kthread+0x10/0x10
[  137.090415][   T47]  ret_from_fork+0x4d/0x80
[  137.094846][   T47]  ? __pfx_kthread+0x10/0x10
[  137.099435][   T47]  ret_from_fork_asm+0x1a/0x30
[  137.104218][   T47]  </TASK>
[  137.107448][   T47] Kernel Offset: disabled
[  137.111762][   T47] Rebooting in 86400 seconds..