Warning: Permanently added '10.128.1.15' (ED25519) to the list of known hosts.
2025/02/18 07:42:48 ignoring optional flag "sandboxArg"="0"
2025/02/18 07:42:49 parsed 1 programs
[   91.842541][ T5839] cgroup: Unknown subsys name 'net'
[   91.983676][ T5839] cgroup: Unknown subsys name 'cpuset'
[   91.992535][ T5839] cgroup: Unknown subsys name 'rlimit'
[   93.959328][ T5839] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.965266][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.382522][   T25] cfg80211: failed to load regulatory.db
[   99.033441][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   99.043849][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   99.052374][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   99.062086][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   99.070283][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   99.078987][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  100.479485][ T5918] chnl_net:caif_netlink_parms(): no params data found
[  100.577109][ T5918] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.587934][ T5918] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.600103][ T5918] bridge_slave_0: entered allmulticast mode
[  100.607666][ T5918] bridge_slave_0: entered promiscuous mode
[  100.619321][ T5918] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.628432][ T5918] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.637315][ T5918] bridge_slave_1: entered allmulticast mode
[  100.645790][ T5918] bridge_slave_1: entered promiscuous mode
[  100.685475][ T5918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.700905][ T5918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.739503][ T5918] team0: Port device team_slave_0 added
[  100.748789][ T5918] team0: Port device team_slave_1 added
[  100.777263][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.786819][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.820525][ T5918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.836582][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.844394][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.874268][ T5918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.922769][ T5918] hsr_slave_0: entered promiscuous mode
[  100.930141][ T5918] hsr_slave_1: entered promiscuous mode
[  101.067716][ T5918] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  101.079740][ T5918] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  101.091991][ T5918] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  101.106087][ T5918] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.188744][ T5918] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.219503][ T5918] 8021q: adding VLAN 0 to HW filter on device team0
[  101.238607][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.246160][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.263351][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.270721][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.442817][ T5918] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.485000][ T5918] veth0_vlan: entered promiscuous mode
[  101.497159][ T5918] veth1_vlan: entered promiscuous mode
[  101.525314][ T5918] veth0_macvtap: entered promiscuous mode
[  101.536133][ T5918] veth1_macvtap: entered promiscuous mode
[  101.559169][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.576487][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.590684][ T5918] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.601228][ T5918] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.610695][ T5918] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.619993][ T5918] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.789470][ T1161] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.885442][ T1161] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.919342][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.934256][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.975352][ T1161] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.995631][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.004799][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.060521][ T1161] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/02/18 07:43:04 executed programs: 0
[  102.736360][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  102.748387][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  102.756712][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  102.766075][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  102.776241][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  102.784182][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  102.924065][ T5946] chnl_net:caif_netlink_parms(): no params data found
[  102.983318][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.990796][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.998062][ T5946] bridge_slave_0: entered allmulticast mode
[  103.005715][ T5946] bridge_slave_0: entered promiscuous mode
[  103.015977][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.023718][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.031017][ T5946] bridge_slave_1: entered allmulticast mode
[  103.037923][ T5946] bridge_slave_1: entered promiscuous mode
[  103.066989][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  103.080472][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.112262][ T5946] team0: Port device team_slave_0 added
[  103.121180][ T5946] team0: Port device team_slave_1 added
[  103.148510][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.155769][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.182339][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.197465][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.205324][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.232243][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.276854][ T5946] hsr_slave_0: entered promiscuous mode
[  103.283290][ T5946] hsr_slave_1: entered promiscuous mode
[  103.289416][ T5946] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  103.297543][ T5946] Cannot create hsr debugfs directory
[  104.715061][ T1161] bridge_slave_1: left allmulticast mode
[  104.724415][ T1161] bridge_slave_1: left promiscuous mode
[  104.732352][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.744516][ T1161] bridge_slave_0: left allmulticast mode
[  104.750791][ T1161] bridge_slave_0: left promiscuous mode
[  104.756521][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.822112][   T54] Bluetooth: hci0: command tx timeout
[  105.047781][ T1161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  105.059045][ T1161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  105.071113][ T1161] bond0 (unregistering): Released all slaves
[  105.195633][ T1161] hsr_slave_0: left promiscuous mode
[  105.201986][ T1161] hsr_slave_1: left promiscuous mode
[  105.208686][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.219468][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.238087][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.246342][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.267112][ T1161] veth1_macvtap: left promiscuous mode
[  105.273411][ T1161] veth0_macvtap: left promiscuous mode
[  105.279211][ T1161] veth1_vlan: left promiscuous mode
[  105.285721][ T1161] veth0_vlan: left promiscuous mode
[  105.962592][ T1161] team0 (unregistering): Port device team_slave_1 removed
[  105.994958][ T1161] team0 (unregistering): Port device team_slave_0 removed
[  106.454142][ T5946] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.485481][ T5946] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.498373][ T5946] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.513906][ T5946] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.716843][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.761754][ T5946] 8021q: adding VLAN 0 to HW filter on device team0
[  106.792760][ T5099] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.800045][ T5099] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.852672][ T5099] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.859854][ T5099] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.899852][   T54] Bluetooth: hci0: command tx timeout
[  107.102140][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.144095][ T5946] veth0_vlan: entered promiscuous mode
[  107.155458][ T5946] veth1_vlan: entered promiscuous mode
[  107.181291][ T5946] veth0_macvtap: entered promiscuous mode
[  107.190789][ T5946] veth1_macvtap: entered promiscuous mode
[  107.207889][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.222113][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.234522][ T5946] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.243467][ T5946] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.252438][ T5946] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.261545][ T5946] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.323711][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.337317][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.361219][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.369222][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/18 07:43:09 executed programs: 11
[  108.981511][   T54] Bluetooth: hci0: command tx timeout
[  111.059765][   T54] Bluetooth: hci0: command tx timeout
2025/02/18 07:43:14 executed programs: 225
2025/02/18 07:43:19 executed programs: 468
[  120.481751][ T5146] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  120.490898][ T5146] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  120.498709][ T5146] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  120.508136][ T5146] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  120.517332][ T5146] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  120.524898][ T5146] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  120.654531][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.681596][ T6594] chnl_net:caif_netlink_parms(): no params data found
[  120.750512][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.765438][ T6594] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.773316][ T6594] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.781651][ T6594] bridge_slave_0: entered allmulticast mode
[  120.788480][ T6594] bridge_slave_0: entered promiscuous mode
[  120.798311][ T6594] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.805841][ T6594] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.813235][ T6594] bridge_slave_1: entered allmulticast mode
[  120.820446][ T6594] bridge_slave_1: entered promiscuous mode
[  120.838326][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.869942][ T6594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.882924][ T6594] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.914788][ T6594] team0: Port device team_slave_0 added
[  120.935075][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.951756][ T6594] team0: Port device team_slave_1 added
[  120.975899][ T6594] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.982980][ T6594] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.009097][ T6594] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.022428][ T6594] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.029491][ T6594] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.055972][ T6594] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.104162][ T6594] hsr_slave_0: entered promiscuous mode
[  121.110436][ T6594] hsr_slave_1: entered promiscuous mode
[  121.210932][   T11] bridge_slave_1: left allmulticast mode
[  121.216646][   T11] bridge_slave_1: left promiscuous mode
[  121.224374][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.233440][   T11] bridge_slave_0: left allmulticast mode
[  121.239116][   T11] bridge_slave_0: left promiscuous mode
[  121.244997][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.528650][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  121.539763][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  121.549923][   T11] bond0 (unregistering): Released all slaves
[  121.856075][   T11] hsr_slave_0: left promiscuous mode
[  121.863368][   T11] hsr_slave_1: left promiscuous mode
[  121.870616][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.878074][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.889477][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.898055][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.918374][   T11] veth1_macvtap: left promiscuous mode
[  121.927928][   T11] veth0_macvtap: left promiscuous mode
[  121.933773][   T11] veth1_vlan: left promiscuous mode
[  121.939141][   T11] veth0_vlan: left promiscuous mode
[  122.352611][   T11] team0 (unregistering): Port device team_slave_1 removed
[  122.387942][   T11] team0 (unregistering): Port device team_slave_0 removed
[  122.580262][   T54] Bluetooth: hci1: command tx timeout
[  122.862568][ T6594] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  122.881660][ T6594] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  122.897035][ T6594] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  122.919293][ T6594] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.056995][ T6594] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.096980][ T6594] 8021q: adding VLAN 0 to HW filter on device team0
[  123.109183][ T5099] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.116434][ T5099] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.145355][ T5099] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.152577][ T5099] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.324609][ T6594] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.362522][ T6594] veth0_vlan: entered promiscuous mode
[  123.374122][ T6594] veth1_vlan: entered promiscuous mode
[  123.403093][ T6594] veth0_macvtap: entered promiscuous mode
[  123.412613][ T6594] veth1_macvtap: entered promiscuous mode
[  123.428245][ T6594] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.444192][ T6594] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.455756][ T6594] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.464744][ T6594] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.474024][ T6594] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.483216][ T6594] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.542494][ T2936] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.551957][ T2936] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.574844][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.583608][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/18 07:43:25 executed programs: 602
[  123.647804][ T6640] ==================================================================
[  123.655909][ T6640] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330
[  123.663827][ T6640] Read of size 8 at addr ffff88807bd01000 by task syz.0.616/6640
[  123.671601][ T6640] 
[  123.673963][ T6640] CPU: 0 UID: 0 PID: 6640 Comm: syz.0.616 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  123.673991][ T6640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  123.674008][ T6640] Call Trace:
[  123.674015][ T6640]  <TASK>
[  123.674027][ T6640]  dump_stack_lvl+0x116/0x1f0
[  123.674061][ T6640]  print_report+0xc3/0x620
[  123.674101][ T6640]  ? __virt_addr_valid+0x5e/0x590
[  123.674124][ T6640]  ? __phys_addr+0xc6/0x150
[  123.674147][ T6640]  kasan_report+0xd9/0x110
[  123.674166][ T6640]  ? force_devcd_write+0x317/0x330
[  123.674198][ T6640]  ? force_devcd_write+0x317/0x330
[  123.674228][ T6640]  force_devcd_write+0x317/0x330
[  123.674256][ T6640]  ? __pfx_force_devcd_write+0x10/0x10
[  123.674285][ T6640]  ? __debugfs_file_get+0x1ff/0x850
[  123.674313][ T6640]  ? __pfx___debugfs_file_get+0x10/0x10
[  123.674342][ T6640]  ? rcu_is_watching+0x12/0xc0
[  123.674365][ T6640]  ? trace_lock_acquire+0x14e/0x1f0
[  123.674393][ T6640]  full_proxy_write+0x13c/0x200
[  123.674428][ T6640]  ? __pfx_full_proxy_write+0x10/0x10
[  123.674457][ T6640]  vfs_write+0x24c/0x1150
[  123.674489][ T6640]  ? __pfx_vfs_write+0x10/0x10
[  123.674518][ T6640]  ? do_futex+0x123/0x350
[  123.674545][ T6640]  ? __pfx_do_futex+0x10/0x10
[  123.674574][ T6640]  ? __x64_sys_futex+0x1e1/0x4c0
[  123.674600][ T6640]  ? __x64_sys_futex+0x1ea/0x4c0
[  123.674645][ T6640]  ksys_write+0x12b/0x250
[  123.674686][ T6640]  ? __pfx_ksys_write+0x10/0x10
[  123.674733][ T6640]  do_syscall_64+0xcd/0x250
[  123.674775][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.674809][ T6640] RIP: 0033:0x7fbbb238cde9
[  123.674826][ T6640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.674853][ T6640] RSP: 002b:00007ffcf686dae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  123.674874][ T6640] RAX: ffffffffffffffda RBX: 00007fbbb25a5fa0 RCX: 00007fbbb238cde9
[  123.674890][ T6640] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  123.674903][ T6640] RBP: 00007fbbb240e2a0 R08: 0000000000000000 R09: 0000000000000000
[  123.674917][ T6640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.674931][ T6640] R13: 00007fbbb25a5fa0 R14: 00007fbbb25a5fa0 R15: 0000000000000003
[  123.674951][ T6640]  </TASK>
[  123.674959][ T6640] 
[  123.902426][ T6640] Allocated by task 5946:
[  123.906755][ T6640]  kasan_save_stack+0x33/0x60
[  123.911459][ T6640]  kasan_save_track+0x14/0x30
[  123.916165][ T6640]  __kasan_kmalloc+0xaa/0xb0
[  123.920774][ T6640]  vhci_open+0x4c/0x430
[  123.924953][ T6640]  misc_open+0x35a/0x420
[  123.929201][ T6640]  chrdev_open+0x237/0x6a0
[  123.933655][ T6640]  do_dentry_open+0x735/0x1c40
[  123.938455][ T6640]  vfs_open+0x82/0x3f0
[  123.942562][ T6640]  path_openat+0x1e88/0x2d80
[  123.947197][ T6640]  do_filp_open+0x20c/0x470
[  123.951732][ T6640]  do_sys_openat2+0x17a/0x1e0
[  123.956436][ T6640]  __x64_sys_openat+0x175/0x210
[  123.961389][ T6640]  do_syscall_64+0xcd/0x250
[  123.966208][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.972132][ T6640] 
[  123.974460][ T6640] Freed by task 5946:
[  123.978448][ T6640]  kasan_save_stack+0x33/0x60
[  123.983156][ T6640]  kasan_save_track+0x14/0x30
[  123.987859][ T6640]  kasan_save_free_info+0x3b/0x60
[  123.992905][ T6640]  __kasan_slab_free+0x51/0x70
[  123.997693][ T6640]  kfree+0x2c4/0x4d0
[  124.001620][ T6640]  vhci_release+0xbb/0xf0
[  124.005981][ T6640]  __fput+0x3ff/0xb70
[  124.009994][ T6640]  task_work_run+0x14e/0x250
[  124.014601][ T6640]  do_exit+0xad8/0x2d70
[  124.018766][ T6640]  do_group_exit+0xd3/0x2a0
[  124.023281][ T6640]  get_signal+0x24ed/0x26c0
[  124.027805][ T6640]  arch_do_signal_or_restart+0x90/0x7e0
[  124.033395][ T6640]  syscall_exit_to_user_mode+0x150/0x2a0
[  124.039145][ T6640]  do_syscall_64+0xda/0x250
[  124.043667][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.049606][ T6640] 
[  124.051983][ T6640] The buggy address belongs to the object at ffff88807bd01000
[  124.051983][ T6640]  which belongs to the cache kmalloc-1k of size 1024
[  124.066057][ T6640] The buggy address is located 0 bytes inside of
[  124.066057][ T6640]  freed 1024-byte region [ffff88807bd01000, ffff88807bd01400)
[  124.079804][ T6640] 
[  124.082149][ T6640] The buggy address belongs to the physical page:
[  124.088600][ T6640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7bd00
[  124.097403][ T6640] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  124.105936][ T6640] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  124.113512][ T6640] page_type: f5(slab)
[  124.117526][ T6640] raw: 00fff00000000040 ffff88801b041dc0 ffffea0000aaea00 dead000000000002
[  124.126232][ T6640] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  124.134915][ T6640] head: 00fff00000000040 ffff88801b041dc0 ffffea0000aaea00 dead000000000002
[  124.143597][ T6640] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  124.152315][ T6640] head: 00fff00000000003 ffffea0001ef4001 ffffffffffffffff 0000000000000000
[  124.161098][ T6640] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  124.169779][ T6640] page dumped because: kasan: bad access detected
[  124.176217][ T6640] page_owner tracks the page as allocated
[  124.181969][ T6640] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5641, tgid 5641 (dhcpcd-run-hook), ts 60671230003, free_ts 60628009772
[  124.203615][ T6640]  post_alloc_hook+0x181/0x1b0
[  124.208404][ T6640]  get_page_from_freelist+0xfce/0x2f80
[  124.213887][ T6640]  __alloc_frozen_pages_noprof+0x221/0x2470
[  124.219815][ T6640]  alloc_pages_mpol+0x1fc/0x540
[  124.224682][ T6640]  new_slab+0x23d/0x330
[  124.228870][ T6640]  ___slab_alloc+0xc5d/0x1720
[  124.233622][ T6640]  __slab_alloc.constprop.0+0x56/0xb0
[  124.239056][ T6640]  __kmalloc_noprof+0x2ec/0x510
[  124.243960][ T6640]  load_elf_phdrs+0x103/0x210
[  124.248659][ T6640]  load_elf_binary+0x1f8/0x4fc0
[  124.253533][ T6640]  bprm_execve+0x8dd/0x16d0
[  124.258056][ T6640]  do_execveat_common.isra.0+0x4a2/0x610
[  124.263759][ T6640]  __x64_sys_execve+0x8c/0xb0
[  124.268492][ T6640]  do_syscall_64+0xcd/0x250
[  124.273032][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.278959][ T6640] page last free pid 5502 tgid 5502 stack trace:
[  124.285312][ T6640]  free_frozen_pages+0x6db/0xfb0
[  124.290289][ T6640]  __put_partials+0x14c/0x170
[  124.294986][ T6640]  qlist_free_all+0x4e/0x120
[  124.299600][ T6640]  kasan_quarantine_reduce+0x195/0x1e0
[  124.305139][ T6640]  __kasan_slab_alloc+0x69/0x90
[  124.310025][ T6640]  __kmalloc_node_noprof+0x1d0/0x510
[  124.315344][ T6640]  __kvmalloc_node_noprof+0xad/0x1a0
[  124.320683][ T6640]  proc_sys_call_handler+0x2a8/0x5a0
[  124.326001][ T6640]  vfs_read+0x886/0xbf0
[  124.330613][ T6640]  ksys_read+0x12b/0x250
[  124.334894][ T6640]  do_syscall_64+0xcd/0x250
[  124.339426][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.345456][ T6640] 
[  124.347786][ T6640] Memory state around the buggy address:
[  124.353433][ T6640]  ffff88807bd00f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  124.361512][ T6640]  ffff88807bd00f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  124.369684][ T6640] >ffff88807bd01000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  124.377758][ T6640]                    ^
[  124.381830][ T6640]  ffff88807bd01080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  124.389903][ T6640]  ffff88807bd01100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  124.397986][ T6640] ==================================================================
[  124.414017][ T6640] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  124.421278][ T6640] CPU: 0 UID: 0 PID: 6640 Comm: syz.0.616 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  124.431914][ T6640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  124.441987][ T6640] Call Trace:
[  124.445279][ T6640]  <TASK>
[  124.448226][ T6640]  dump_stack_lvl+0x3d/0x1f0
[  124.452850][ T6640]  panic+0x71d/0x800
[  124.456774][ T6640]  ? __pfx_panic+0x10/0x10
[  124.461225][ T6640]  ? preempt_schedule_thunk+0x1a/0x30
[  124.466677][ T6640]  ? preempt_schedule_common+0x44/0xc0
[  124.472163][ T6640]  ? check_panic_on_warn+0x1f/0xb0
[  124.477313][ T6640]  check_panic_on_warn+0xab/0xb0
[  124.482287][ T6640]  end_report+0x117/0x180
[  124.486658][ T6640]  kasan_report+0xe9/0x110
[  124.491096][ T6640]  ? force_devcd_write+0x317/0x330
[  124.496243][ T6640]  ? force_devcd_write+0x317/0x330
[  124.501390][ T6640]  force_devcd_write+0x317/0x330
[  124.506483][ T6640]  ? __pfx_force_devcd_write+0x10/0x10
[  124.511975][ T6640]  ? __debugfs_file_get+0x1ff/0x850
[  124.517209][ T6640]  ? __pfx___debugfs_file_get+0x10/0x10
[  124.522788][ T6640]  ? rcu_is_watching+0x12/0xc0
[  124.527579][ T6640]  ? trace_lock_acquire+0x14e/0x1f0
[  124.532808][ T6640]  full_proxy_write+0x13c/0x200
[  124.537691][ T6640]  ? __pfx_full_proxy_write+0x10/0x10
[  124.543094][ T6640]  vfs_write+0x24c/0x1150
[  124.547461][ T6640]  ? __pfx_vfs_write+0x10/0x10
[  124.552256][ T6640]  ? do_futex+0x123/0x350
[  124.556620][ T6640]  ? __pfx_do_futex+0x10/0x10
[  124.561340][ T6640]  ? __x64_sys_futex+0x1e1/0x4c0
[  124.566306][ T6640]  ? __x64_sys_futex+0x1ea/0x4c0
[  124.571278][ T6640]  ksys_write+0x12b/0x250
[  124.575650][ T6640]  ? __pfx_ksys_write+0x10/0x10
[  124.580540][ T6640]  do_syscall_64+0xcd/0x250
[  124.585074][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.591090][ T6640] RIP: 0033:0x7fbbb238cde9
[  124.595536][ T6640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.615187][ T6640] RSP: 002b:00007ffcf686dae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  124.623626][ T6640] RAX: ffffffffffffffda RBX: 00007fbbb25a5fa0 RCX: 00007fbbb238cde9
[  124.631622][ T6640] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  124.639613][ T6640] RBP: 00007fbbb240e2a0 R08: 0000000000000000 R09: 0000000000000000
[  124.647644][ T6640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  124.655642][ T6640] R13: 00007fbbb25a5fa0 R14: 00007fbbb25a5fa0 R15: 0000000000000003
[  124.663642][ T6640]  </TASK>
[  124.666971][ T6640] Kernel Offset: disabled
[  124.671353][ T6640] Rebooting in 86400 seconds..