Warning: Permanently added '10.128.0.32' (ED25519) to the list of known hosts.
2024/08/28 02:07:49 ignoring optional flag "sandboxArg"="0"
2024/08/28 02:07:50 parsed 1 programs
[  109.091366][ T5679] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  111.669528][ T5688] chnl_net:caif_netlink_parms(): no params data found
[  111.726537][ T5688] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.733889][ T5688] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.741162][ T5688] bridge_slave_0: entered allmulticast mode
[  111.748565][ T5688] bridge_slave_0: entered promiscuous mode
[  111.756684][ T5688] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.764317][ T5688] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.771608][ T5688] bridge_slave_1: entered allmulticast mode
[  111.779789][ T5688] bridge_slave_1: entered promiscuous mode
[  111.805787][ T5688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.817448][ T5688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  111.848640][ T5688] team0: Port device team_slave_0 added
[  111.857991][ T5688] team0: Port device team_slave_1 added
[  111.880410][ T5688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.887956][ T5688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.915669][ T5688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.928201][ T5688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.935253][ T5688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.963223][ T5688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.000637][ T5688] hsr_slave_0: entered promiscuous mode
[  112.007327][ T5688] hsr_slave_1: entered promiscuous mode
[  112.558106][ T5688] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  112.569559][ T5688] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  112.580170][ T5688] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  112.591268][ T5688] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  112.629682][ T5688] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.638011][ T5688] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.645684][ T5688] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.652931][ T5688] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.686276][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.695292][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.761780][ T5688] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.799487][ T5688] 8021q: adding VLAN 0 to HW filter on device team0
[  112.813295][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.820584][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.856608][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.865607][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.080786][ T5688] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.139145][ T5688] veth0_vlan: entered promiscuous mode
[  113.157788][ T5688] veth1_vlan: entered promiscuous mode
[  113.201695][ T5688] veth0_macvtap: entered promiscuous mode
[  113.215474][ T5688] veth1_macvtap: entered promiscuous mode
[  113.240175][ T5688] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.257076][ T5688] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.274935][ T5688] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.285946][ T5688] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.296952][ T5688] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.307494][ T5688] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.540409][   T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.665318][   T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.795102][   T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.879783][   T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.883149][ T4618] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  115.892435][ T4618] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  115.905502][ T4618] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  115.914610][ T4618] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  115.923068][ T4618] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  115.932846][ T4618] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  116.786345][ T2527] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.797423][ T2527] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.827095][ T2527] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.835597][ T2527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/08/28 02:08:02 executed programs: 0
[  117.375371][ T5314] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  117.386811][ T5314] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  117.397019][ T5314] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  117.415613][ T5314] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  117.424548][ T5314] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  117.432707][ T5314] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  117.717515][ T5932] chnl_net:caif_netlink_parms(): no params data found
[  117.814216][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.821611][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.829984][ T5932] bridge_slave_0: entered allmulticast mode
[  117.838988][ T5932] bridge_slave_0: entered promiscuous mode
[  117.849733][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.859184][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.868204][ T5932] bridge_slave_1: entered allmulticast mode
[  117.877623][ T5932] bridge_slave_1: entered promiscuous mode
[  117.925628][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.941345][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.990424][ T5932] team0: Port device team_slave_0 added
[  118.001324][ T5932] team0: Port device team_slave_1 added
[  118.041380][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.050871][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.080650][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.098482][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.106156][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.138862][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.200092][ T5932] hsr_slave_0: entered promiscuous mode
[  118.207197][ T5932] hsr_slave_1: entered promiscuous mode
[  118.217839][ T5932] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.226106][ T5932] Cannot create hsr debugfs directory
[  118.331118][   T52] bridge_slave_1: left allmulticast mode
[  118.337956][   T52] bridge_slave_1: left promiscuous mode
[  118.344642][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.357767][   T52] bridge_slave_0: left allmulticast mode
[  118.366504][   T52] bridge_slave_0: left promiscuous mode
[  118.372297][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.716551][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.730356][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.750601][   T52] bond0 (unregistering): Released all slaves
[  118.896137][   T52] hsr_slave_0: left promiscuous mode
[  118.902412][   T52] hsr_slave_1: left promiscuous mode
[  118.912730][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.921170][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.933189][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.941422][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.968075][   T52] veth1_macvtap: left promiscuous mode
[  118.973994][   T52] veth0_macvtap: left promiscuous mode
[  118.979902][   T52] veth1_vlan: left promiscuous mode
[  118.988356][   T52] veth0_vlan: left promiscuous mode
[  119.321080][   T52] team0 (unregistering): Port device team_slave_1 removed
[  119.350889][   T52] team0 (unregistering): Port device team_slave_0 removed
[  119.483711][ T5314] Bluetooth: hci0: command tx timeout
[  120.065877][ T5932] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  120.087221][ T5932] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  120.099473][ T5932] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  120.111101][ T5932] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  120.751926][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.798505][ T5932] 8021q: adding VLAN 0 to HW filter on device team0
[  120.820045][ T2507] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.827399][ T2507] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.878489][ T2507] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.885698][ T2507] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.969860][ T5932] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  120.991276][ T5932] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  121.318944][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.450783][ T5932] veth0_vlan: entered promiscuous mode
[  121.469258][ T5932] veth1_vlan: entered promiscuous mode
[  121.518199][ T5932] veth0_macvtap: entered promiscuous mode
[  121.531418][ T5932] veth1_macvtap: entered promiscuous mode
[  121.558683][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.567027][ T5314] Bluetooth: hci0: command tx timeout
[  121.586575][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.601978][ T5932] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.614211][ T5932] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.623235][ T5932] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.634338][ T5932] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.750800][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.777943][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.833627][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.850368][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.982606][ T6073] 
[  121.985100][ T6073] ================================================
[  121.991609][ T6073] WARNING: lock held when returning to user space!
[  121.998171][ T6073] 6.11.0-rc4-syzkaller-00681-ge5899b60f52a-dirty #0 Not tainted
[  122.005791][ T6073] ------------------------------------------------
[  122.012442][ T6073] syz.0.15/6073 is leaving the kernel with locks still held!
[  122.019801][ T6073] 1 lock held by syz.0.15/6073:
[  122.024635][ T6073]  #0: ffffffff8fc84c08 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_act_cable_test_tdr+0x3d2/0x10c0
[  122.161701][ T4894] ==================================================================
[  122.169799][ T4894] BUG: KASAN: slab-use-after-free in __mutex_lock+0xcf5/0xd70
[  122.177809][ T4894] Read of size 4 at addr ffff88802a7a5a34 by task dhcpcd/4894
[  122.185273][ T4894] 
[  122.187699][ T4894] CPU: 1 UID: 0 PID: 4894 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00681-ge5899b60f52a-dirty #0
[  122.198634][ T4894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  122.208684][ T4894] Call Trace:
[  122.211947][ T4894]  <TASK>
[  122.215086][ T4894]  dump_stack_lvl+0x241/0x360
[  122.219945][ T4894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.225218][ T4894]  ? __pfx__printk+0x10/0x10
[  122.229794][ T4894]  ? _printk+0xd5/0x120
[  122.233930][ T4894]  ? __virt_addr_valid+0x183/0x530
[  122.239122][ T4894]  ? __virt_addr_valid+0x183/0x530
[  122.244234][ T4894]  print_report+0x169/0x550
[  122.248919][ T4894]  ? __virt_addr_valid+0x183/0x530
[  122.254126][ T4894]  ? __virt_addr_valid+0x183/0x530
[  122.259305][ T4894]  ? __virt_addr_valid+0x45f/0x530
[  122.264412][ T4894]  ? __phys_addr+0xba/0x170
[  122.268942][ T4894]  ? __mutex_lock+0xcf5/0xd70
[  122.273712][ T4894]  kasan_report+0x143/0x180
[  122.278424][ T4894]  ? __mutex_lock+0xcf5/0xd70
[  122.283219][ T4894]  __mutex_lock+0xcf5/0xd70
[  122.287748][ T4894]  ? stack_trace_save+0x118/0x1d0
[  122.292871][ T4894]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  122.298076][ T4894]  ? __pfx_lock_release+0x10/0x10
[  122.303103][ T4894]  ? __pfx___mutex_lock+0x10/0x10
[  122.308231][ T4894]  ? security_capable+0x90/0xb0
[  122.313077][ T4894]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  122.318017][ T4894]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  122.323189][ T4894]  ? lock_release+0xbf/0xa30
[  122.327810][ T4894]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  122.333283][ T4894]  ? __pfx_lock_acquire+0x10/0x10
[  122.338302][ T4894]  ? rcu_is_watching+0x15/0xb0
[  122.343061][ T4894]  ? lock_acquire+0xe3/0x550
[  122.347645][ T4894]  netlink_rcv_skb+0x1e3/0x430
[  122.352575][ T4894]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  122.358041][ T4894]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  122.363410][ T4894]  ? net_generic+0x1f/0x240
[  122.367997][ T4894]  ? netlink_deliver_tap+0x2e/0x1b0
[  122.373180][ T4894]  netlink_unicast+0x7f6/0x990
[  122.377940][ T4894]  ? __pfx_netlink_unicast+0x10/0x10
[  122.383391][ T4894]  ? __virt_addr_valid+0x183/0x530
[  122.388585][ T4894]  ? __check_object_size+0x49c/0x900
[  122.393878][ T4894]  ? bpf_lsm_netlink_send+0x9/0x10
[  122.399175][ T4894]  netlink_sendmsg+0x8e4/0xcb0
[  122.404241][ T4894]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.409698][ T4894]  ? rcu_is_watching+0x15/0xb0
[  122.414551][ T4894]  ? __import_iovec+0x536/0x820
[  122.419482][ T4894]  ? aa_sock_msg_perm+0x91/0x160
[  122.424497][ T4894]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  122.429780][ T4894]  ? security_socket_sendmsg+0x87/0xb0
[  122.435230][ T4894]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.440510][ T4894]  __sock_sendmsg+0x221/0x270
[  122.445176][ T4894]  ____sys_sendmsg+0x525/0x7d0
[  122.449935][ T4894]  ? __pfx_____sys_sendmsg+0x10/0x10
[  122.455818][ T4894]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  122.461712][ T4894]  __sys_sendmsg+0x2b0/0x3a0
[  122.466373][ T4894]  ? __pfx___sys_sendmsg+0x10/0x10
[  122.471682][ T4894]  ? netlink_bind+0xaeb/0xc90
[  122.476457][ T4894]  ? __pfx___sys_bind+0x10/0x10
[  122.481396][ T4894]  ? fd_install+0x35c/0x5d0
[  122.485950][ T4894]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  122.492364][ T4894]  ? rcu_is_watching+0x15/0xb0
[  122.497125][ T4894]  ? rcu_is_watching+0x15/0xb0
[  122.501882][ T4894]  do_syscall_64+0xf3/0x230
[  122.506379][ T4894]  ? clear_bhb_loop+0x35/0x90
[  122.511232][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.517129][ T4894] RIP: 0033:0x7fa9cedc7a4b
[  122.521543][ T4894] Code: ff 89 ef 48 89 04 24 e8 22 56 f9 ff 48 8b 04 24 48 83 c4 20 5d c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6d 48 8b 15 ae c3 0c 00 f7 d8 64 89 02 48 83
[  122.541618][ T4894] RSP: 002b:00007fffb5b75a68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.550153][ T4894] RAX: ffffffffffffffda RBX: 00007fa9cecef6c0 RCX: 00007fa9cedc7a4b
[  122.558352][ T4894] RDX: 0000000000000000 RSI: 00007fffb5b89c18 RDI: 0000000000000010
[  122.566596][ T4894] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007fffb5b89c18
[  122.575463][ T4894] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[  122.583529][ T4894] R13: 00007fffb5b89c18 R14: 000000000000002c R15: 0000000000000001
[  122.591671][ T4894]  </TASK>
[  122.594676][ T4894] 
[  122.596984][ T4894] Allocated by task 6072:
[  122.601382][ T4894]  kasan_save_track+0x3f/0x80
[  122.606086][ T4894]  __kasan_slab_alloc+0x66/0x80
[  122.610976][ T4894]  kmem_cache_alloc_node_noprof+0x16b/0x320
[  122.616865][ T4894]  dup_task_struct+0x57/0x8c0
[  122.621537][ T4894]  copy_process+0x5d1/0x3e10
[  122.626119][ T4894]  kernel_clone+0x226/0x8f0
[  122.630705][ T4894]  __se_sys_clone3+0x2cb/0x350
[  122.635664][ T4894]  do_syscall_64+0xf3/0x230
[  122.640291][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.646190][ T4894] 
[  122.648509][ T4894] Freed by task 6080:
[  122.652650][ T4894]  kasan_save_track+0x3f/0x80
[  122.657405][ T4894]  kasan_save_free_info+0x40/0x50
[  122.662424][ T4894]  poison_slab_object+0xe0/0x150
[  122.667359][ T4894]  __kasan_slab_free+0x37/0x60
[  122.672143][ T4894]  kmem_cache_free+0x145/0x350
[  122.676978][ T4894]  delayed_put_task_struct+0x125/0x300
[  122.682522][ T4894]  rcu_core+0xafd/0x1830
[  122.686751][ T4894]  handle_softirqs+0x2c4/0x970
[  122.691689][ T4894]  __irq_exit_rcu+0xf4/0x1c0
[  122.696292][ T4894]  irq_exit_rcu+0x9/0x30
[  122.700524][ T4894]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  122.706227][ T4894]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  122.712302][ T4894] 
[  122.714610][ T4894] Last potentially related work creation:
[  122.720304][ T4894]  kasan_save_stack+0x3f/0x60
[  122.724971][ T4894]  __kasan_record_aux_stack+0xac/0xc0
[  122.730463][ T4894]  call_rcu+0x167/0xa70
[  122.734629][ T4894]  __schedule+0x1808/0x4a60
[  122.739131][ T4894]  preempt_schedule_common+0x84/0xd0
[  122.744441][ T4894]  preempt_schedule+0xe1/0xf0
[  122.749168][ T4894]  preempt_schedule_thunk+0x1a/0x30
[  122.754487][ T4894]  _raw_spin_unlock_irqrestore+0x130/0x140
[  122.760310][ T4894]  __wake_up_common_lock+0x18c/0x1e0
[  122.765618][ T4894]  pipe_write+0x128d/0x1a40
[  122.770205][ T4894]  vfs_write+0xa72/0xc90
[  122.774443][ T4894]  ksys_write+0x1a0/0x2c0
[  122.778851][ T4894]  do_syscall_64+0xf3/0x230
[  122.783694][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.789932][ T4894] 
[  122.792242][ T4894] The buggy address belongs to the object at ffff88802a7a5a00
[  122.792242][ T4894]  which belongs to the cache task_struct of size 7424
[  122.806742][ T4894] The buggy address is located 52 bytes inside of
[  122.806742][ T4894]  freed 7424-byte region [ffff88802a7a5a00, ffff88802a7a7700)
[  122.820622][ T4894] 
[  122.822945][ T4894] The buggy address belongs to the physical page:
[  122.829350][ T4894] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a7a0
[  122.838110][ T4894] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  122.846594][ T4894] memcg:ffff88802d531141
[  122.850844][ T4894] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  122.858905][ T4894] page_type: 0xfdffffff(slab)
[  122.863572][ T4894] raw: 00fff00000000040 ffff8880166fd500 0000000000000000 dead000000000001
[  122.872144][ T4894] raw: 0000000000000000 0000000000040004 00000001fdffffff ffff88802d531141
[  122.880801][ T4894] head: 00fff00000000040 ffff8880166fd500 0000000000000000 dead000000000001
[  122.889733][ T4894] head: 0000000000000000 0000000000040004 00000001fdffffff ffff88802d531141
[  122.898575][ T4894] head: 00fff00000000003 ffffea0000a9e801 ffffffffffffffff 0000000000000000
[  122.907230][ T4894] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  122.915879][ T4894] page dumped because: kasan: bad access detected
[  122.922412][ T4894] page_owner tracks the page as allocated
[  122.928211][ T4894] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1826, tgid 1826 (kworker/u8:6), ts 13659322347, free_ts 0
[  122.949590][ T4894]  post_alloc_hook+0x1f3/0x230
[  122.954998][ T4894]  get_page_from_freelist+0x2e4c/0x2f10
[  122.960944][ T4894]  __alloc_pages_noprof+0x256/0x6c0
[  122.966323][ T4894]  alloc_slab_page+0x5f/0x120
[  122.971337][ T4894]  allocate_slab+0x5a/0x2f0
[  122.975831][ T4894]  ___slab_alloc+0xcd1/0x14b0
[  122.980774][ T4894]  __slab_alloc+0x58/0xa0
[  122.985094][ T4894]  kmem_cache_alloc_node_noprof+0x1fe/0x320
[  122.991239][ T4894]  dup_task_struct+0x57/0x8c0
[  122.996340][ T4894]  copy_process+0x5d1/0x3e10
[  123.000919][ T4894]  kernel_clone+0x226/0x8f0
[  123.005419][ T4894]  user_mode_thread+0x132/0x1a0
[  123.010441][ T4894]  call_usermodehelper_exec_work+0x5c/0x230
[  123.016333][ T4894]  process_scheduled_works+0xa2c/0x1830
[  123.021866][ T4894]  worker_thread+0x86d/0xd40
[  123.026621][ T4894]  kthread+0x2f0/0x390
[  123.030681][ T4894] page_owner free stack trace missing
[  123.036126][ T4894] 
[  123.038457][ T4894] Memory state around the buggy address:
[  123.044268][ T4894]  ffff88802a7a5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.052314][ T4894]  ffff88802a7a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.060457][ T4894] >ffff88802a7a5a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.068675][ T4894]                                      ^
[  123.074288][ T4894]  ffff88802a7a5a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.082416][ T4894]  ffff88802a7a5b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.090544][ T4894] ==================================================================
[  123.101086][ T4894] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  123.108408][ T4894] CPU: 1 UID: 0 PID: 4894 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00681-ge5899b60f52a-dirty #0
[  123.119363][ T4894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  123.129414][ T4894] Call Trace:
[  123.132690][ T4894]  <TASK>
[  123.135624][ T4894]  dump_stack_lvl+0x241/0x360
[  123.140559][ T4894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.145920][ T4894]  ? __pfx__printk+0x10/0x10
[  123.150590][ T4894]  ? rcu_is_watching+0x15/0xb0
[  123.155357][ T4894]  ? lock_release+0xbf/0xa30
[  123.160115][ T4894]  ? vscnprintf+0x5d/0x90
[  123.164613][ T4894]  panic+0x349/0x860
[  123.168499][ T4894]  ? check_panic_on_warn+0x21/0xb0
[  123.173615][ T4894]  ? __pfx_panic+0x10/0x10
[  123.178196][ T4894]  ? trace_irq_enable+0x2c/0x120
[  123.183242][ T4894]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  123.189744][ T4894]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  123.195725][ T4894]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.202133][ T4894]  ? print_report+0x502/0x550
[  123.206908][ T4894]  check_panic_on_warn+0x86/0xb0
[  123.211974][ T4894]  ? __mutex_lock+0xcf5/0xd70
[  123.216839][ T4894]  end_report+0x77/0x160
[  123.221158][ T4894]  kasan_report+0x154/0x180
[  123.225739][ T4894]  ? __mutex_lock+0xcf5/0xd70
[  123.230579][ T4894]  __mutex_lock+0xcf5/0xd70
[  123.235073][ T4894]  ? stack_trace_save+0x118/0x1d0
[  123.240093][ T4894]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  123.245304][ T4894]  ? __pfx_lock_release+0x10/0x10
[  123.250407][ T4894]  ? __pfx___mutex_lock+0x10/0x10
[  123.255424][ T4894]  ? security_capable+0x90/0xb0
[  123.260282][ T4894]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  123.265310][ T4894]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  123.270413][ T4894]  ? lock_release+0xbf/0xa30
[  123.275286][ T4894]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  123.280756][ T4894]  ? __pfx_lock_acquire+0x10/0x10
[  123.285777][ T4894]  ? rcu_is_watching+0x15/0xb0
[  123.290534][ T4894]  ? lock_acquire+0xe3/0x550
[  123.295203][ T4894]  netlink_rcv_skb+0x1e3/0x430
[  123.300057][ T4894]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  123.305599][ T4894]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  123.310973][ T4894]  ? net_generic+0x1f/0x240
[  123.315645][ T4894]  ? netlink_deliver_tap+0x2e/0x1b0
[  123.320880][ T4894]  netlink_unicast+0x7f6/0x990
[  123.325641][ T4894]  ? __pfx_netlink_unicast+0x10/0x10
[  123.331003][ T4894]  ? __virt_addr_valid+0x183/0x530
[  123.336198][ T4894]  ? __check_object_size+0x49c/0x900
[  123.341475][ T4894]  ? bpf_lsm_netlink_send+0x9/0x10
[  123.346588][ T4894]  netlink_sendmsg+0x8e4/0xcb0
[  123.351353][ T4894]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.356729][ T4894]  ? rcu_is_watching+0x15/0xb0
[  123.361587][ T4894]  ? __import_iovec+0x536/0x820
[  123.366442][ T4894]  ? aa_sock_msg_perm+0x91/0x160
[  123.371380][ T4894]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  123.376666][ T4894]  ? security_socket_sendmsg+0x87/0xb0
[  123.382312][ T4894]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.387690][ T4894]  __sock_sendmsg+0x221/0x270
[  123.392358][ T4894]  ____sys_sendmsg+0x525/0x7d0
[  123.397122][ T4894]  ? __pfx_____sys_sendmsg+0x10/0x10
[  123.402490][ T4894]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  123.408734][ T4894]  __sys_sendmsg+0x2b0/0x3a0
[  123.413458][ T4894]  ? __pfx___sys_sendmsg+0x10/0x10
[  123.418557][ T4894]  ? netlink_bind+0xaeb/0xc90
[  123.423319][ T4894]  ? __pfx___sys_bind+0x10/0x10
[  123.428339][ T4894]  ? fd_install+0x35c/0x5d0
[  123.432866][ T4894]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  123.439215][ T4894]  ? rcu_is_watching+0x15/0xb0
[  123.443992][ T4894]  ? rcu_is_watching+0x15/0xb0
[  123.448848][ T4894]  do_syscall_64+0xf3/0x230
[  123.453353][ T4894]  ? clear_bhb_loop+0x35/0x90
[  123.458029][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.463917][ T4894] RIP: 0033:0x7fa9cedc7a4b
[  123.468495][ T4894] Code: ff 89 ef 48 89 04 24 e8 22 56 f9 ff 48 8b 04 24 48 83 c4 20 5d c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6d 48 8b 15 ae c3 0c 00 f7 d8 64 89 02 48 83
[  123.488303][ T4894] RSP: 002b:00007fffb5b75a68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.496978][ T4894] RAX: ffffffffffffffda RBX: 00007fa9cecef6c0 RCX: 00007fa9cedc7a4b
[  123.504945][ T4894] RDX: 0000000000000000 RSI: 00007fffb5b89c18 RDI: 0000000000000010
[  123.513002][ T4894] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007fffb5b89c18
[  123.520967][ T4894] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[  123.529292][ T4894] R13: 00007fffb5b89c18 R14: 000000000000002c R15: 0000000000000001
[  123.537506][ T4894]  </TASK>
[  123.541076][ T4894] Kernel Offset: disabled
[  123.545498][ T4894] Rebooting in 86400 seconds..