Warning: Permanently added '10.128.0.18' (ED25519) to the list of known hosts.
executing program
syzkaller login: [ 51.564824][ T3564] FAULT_INJECTION: forcing a failure.
[ 51.564824][ T3564] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 51.578346][ T3564] CPU: 0 PID: 3564 Comm: syz-executor783 Not tainted 5.15.164-syzkaller #0
[ 51.586938][ T3564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 51.596997][ T3564] Call Trace:
[ 51.600271][ T3564]
[ 51.603191][ T3564] dump_stack_lvl+0x1e3/0x2d0
[ 51.607881][ T3564] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 51.613508][ T3564] ? panic+0x860/0x860
[ 51.617575][ T3564] ? sk_psock_verdict_data_ready+0x147/0x1a0
[ 51.623550][ T3564] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 51.629449][ T3564] should_fail+0x38a/0x4c0
[ 51.633871][ T3564] prepare_alloc_pages+0x1db/0x5b0
[ 51.639010][ T3564] __alloc_pages+0x14f/0x700
[ 51.643600][ T3564] ? __rmqueue_pcplist+0x2030/0x2030
[ 51.648879][ T3564] ? mark_lock+0x98/0x340
[ 51.653204][ T3564] ? __lock_acquire+0x1295/0x1ff0
[ 51.658222][ T3564] alloc_pages_vma+0x39a/0x800
[ 51.662986][ T3564] wp_page_copy+0x24e/0x2070
[ 51.667574][ T3564] ? __lock_acquire+0x1ff0/0x1ff0
[ 51.672593][ T3564] ? insert_page_into_pte_locked+0x540/0x540
[ 51.678566][ T3564] ? do_raw_spin_unlock+0x137/0x8b0
[ 51.683759][ T3564] ? _raw_spin_unlock+0x24/0x40
[ 51.688601][ T3564] ? do_wp_page+0x6d0/0xaf0
[ 51.693105][ T3564] handle_mm_fault+0x2a3d/0x5950
[ 51.698055][ T3564] ? numa_migrate_prep+0x1a0/0x1a0
[ 51.703176][ T3564] ? vmacache_find+0x545/0x590
[ 51.707925][ T3564] ? vmacache_update+0x9f/0xf0
[ 51.712689][ T3564] exc_page_fault+0x271/0x700
[ 51.717361][ T3564] asm_exc_page_fault+0x22/0x30
[ 51.722218][ T3564] RIP: 0033:0x7f6b57159360
[ 51.726622][ T3564] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 8d 0c 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 0f b1 15 60 3a 0a 00 0f 85 0f 02 00 00 4c 8d 25 53 3a 0a 00 4c
[ 51.746392][ T3564] RSP: 002b:00007ffc3336d850 EFLAGS: 00010246
[ 51.752461][ T3564] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
executing program
[ 51.760423][ T3564] RDX: 0000000000000001 RSI: 00007f6b571fa138 RDI: 0000000000000000
[ 51.768387][ T3564] RBP: 00007f6b571fa138 R08: 00007ffc3336d647 R09: 00000000000000a0
[ 51.776355][ T3564] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 51.784404][ T3564] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 51.792416][ T3564]
[ 51.796157][ T3564] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 51.818596][ T3565] FAULT_INJECTION: forcing a failure.
[ 51.818596][ T3565] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 51.831908][ T3565] CPU: 1 PID: 3565 Comm: syz-executor783 Not tainted 5.15.164-syzkaller #0
[ 51.840504][ T3565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 51.850568][ T3565] Call Trace:
[ 51.853848][ T3565]
[ 51.856772][ T3565] dump_stack_lvl+0x1e3/0x2d0
[ 51.861457][ T3565] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 51.867170][ T3565] ? panic+0x860/0x860
[ 51.871422][ T3565] ? sk_psock_verdict_data_ready+0x147/0x1a0
[ 51.877483][ T3565] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 51.883375][ T3565] should_fail+0x38a/0x4c0
[ 51.887791][ T3565] prepare_alloc_pages+0x1db/0x5b0
[ 51.892900][ T3565] __alloc_pages+0x14f/0x700
[ 51.897482][ T3565] ? __rmqueue_pcplist+0x2030/0x2030
[ 51.902762][ T3565] ? mark_lock+0x98/0x340
[ 51.907108][ T3565] ? __lock_acquire+0x1295/0x1ff0
[ 51.912127][ T3565] alloc_pages_vma+0x39a/0x800
[ 51.916890][ T3565] wp_page_copy+0x24e/0x2070
[ 51.921479][ T3565] ? __lock_acquire+0x1ff0/0x1ff0
[ 51.926495][ T3565] ? insert_page_into_pte_locked+0x540/0x540
[ 51.932468][ T3565] ? do_raw_spin_unlock+0x137/0x8b0
[ 51.937663][ T3565] ? _raw_spin_unlock+0x24/0x40
[ 51.942511][ T3565] ? do_wp_page+0x6d0/0xaf0
[ 51.947008][ T3565] handle_mm_fault+0x2a3d/0x5950
[ 51.951959][ T3565] ? numa_migrate_prep+0x1a0/0x1a0
[ 51.957078][ T3565] ? vmacache_find+0x545/0x590
[ 51.961830][ T3565] ? vmacache_update+0x9f/0xf0
[ 51.966594][ T3565] exc_page_fault+0x271/0x700
[ 51.971274][ T3565] asm_exc_page_fault+0x22/0x30
[ 51.976115][ T3565] RIP: 0033:0x7f6b57159360
[ 51.980520][ T3565] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 8d 0c 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 0f b1 15 60 3a 0a 00 0f 85 0f 02 00 00 4c 8d 25 53 3a 0a 00 4c
[ 52.000114][ T3565] RSP: 002b:00007ffc3336d850 EFLAGS: 00010246
[ 52.006179][ T3565] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
executing program
[ 52.014157][ T3565] RDX: 0000000000000001 RSI: 00007f6b571fa138 RDI: 0000000000000000
[ 52.022115][ T3565] RBP: 00007f6b571fa138 R08: 00007ffc3336d647 R09: 00000000000000a0
[ 52.030080][ T3565] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 52.038048][ T3565] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 52.046075][ T3565]
[ 52.049316][ T3565] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 52.069663][ T3566] FAULT_INJECTION: forcing a failure.
[ 52.069663][ T3566] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 52.082953][ T3566] CPU: 1 PID: 3566 Comm: syz-executor783 Not tainted 5.15.164-syzkaller #0
[ 52.091540][ T3566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 52.101596][ T3566] Call Trace:
[ 52.104874][ T3566]
[ 52.107800][ T3566] dump_stack_lvl+0x1e3/0x2d0
[ 52.112478][ T3566] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 52.118105][ T3566] ? panic+0x860/0x860
[ 52.122175][ T3566] ? sk_psock_verdict_data_ready+0x147/0x1a0
[ 52.128149][ T3566] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 52.134042][ T3566] should_fail+0x38a/0x4c0
[ 52.138458][ T3566] prepare_alloc_pages+0x1db/0x5b0
[ 52.143572][ T3566] __alloc_pages+0x14f/0x700
[ 52.148161][ T3566] ? __rmqueue_pcplist+0x2030/0x2030
[ 52.153446][ T3566] ? mark_lock+0x98/0x340
[ 52.157774][ T3566] ? __lock_acquire+0x1295/0x1ff0
[ 52.162888][ T3566] alloc_pages_vma+0x39a/0x800
[ 52.167657][ T3566] wp_page_copy+0x24e/0x2070
[ 52.172372][ T3566] ? __lock_acquire+0x1ff0/0x1ff0
[ 52.177396][ T3566] ? insert_page_into_pte_locked+0x540/0x540
[ 52.183467][ T3566] ? do_raw_spin_unlock+0x137/0x8b0
[ 52.188672][ T3566] ? _raw_spin_unlock+0x24/0x40
[ 52.193519][ T3566] ? do_wp_page+0x6d0/0xaf0
[ 52.198028][ T3566] handle_mm_fault+0x2a3d/0x5950
[ 52.202984][ T3566] ? numa_migrate_prep+0x1a0/0x1a0
[ 52.208110][ T3566] ? vmacache_find+0x545/0x590
[ 52.212866][ T3566] ? vmacache_update+0x9f/0xf0
[ 52.217628][ T3566] exc_page_fault+0x271/0x700
[ 52.222314][ T3566] asm_exc_page_fault+0x22/0x30
[ 52.227161][ T3566] RIP: 0033:0x7f6b57159360
[ 52.231573][ T3566] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 8d 0c 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 0f b1 15 60 3a 0a 00 0f 85 0f 02 00 00 4c 8d 25 53 3a 0a 00 4c
[ 52.251171][ T3566] RSP: 002b:00007ffc3336d850 EFLAGS: 00010246
[ 52.257235][ T3566] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
executing program
[ 52.265197][ T3566] RDX: 0000000000000001 RSI: 00007f6b571fa138 RDI: 0000000000000000
[ 52.273161][ T3566] RBP: 00007f6b571fa138 R08: 00007ffc3336d647 R09: 00000000000000a0
[ 52.281276][ T3566] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 52.289357][ T3566] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 52.297359][ T3566]
[ 52.300967][ T3566] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 52.315137][ T3567] FAULT_INJECTION: forcing a failure.
[ 52.315137][ T3567] name failslab, interval 1, probability 0, space 0, times 1
[ 52.328125][ T3567] CPU: 1 PID: 3567 Comm: syz-executor783 Not tainted 5.15.164-syzkaller #0
[ 52.336712][ T3567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 52.346938][ T3567] Call Trace:
[ 52.350208][ T3567]
[ 52.353129][ T3567] dump_stack_lvl+0x1e3/0x2d0
[ 52.357802][ T3567] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 52.363426][ T3567] ? panic+0x860/0x860
[ 52.367495][ T3567] should_fail+0x38a/0x4c0
[ 52.371907][ T3567] should_failslab+0x5/0x20
[ 52.376401][ T3567] slab_pre_alloc_hook+0x53/0xc0
[ 52.381330][ T3567] kmem_cache_alloc_trace+0x49/0x290
[ 52.386601][ T3567] ? sk_psock_skb_ingress_self+0x5c/0x330
[ 52.392316][ T3567] sk_psock_skb_ingress_self+0x5c/0x330
[ 52.397848][ T3567] ? migrate_enable+0x199/0x270
[ 52.402695][ T3567] sk_psock_verdict_apply+0x3af/0x450
[ 52.408059][ T3567] sk_psock_verdict_recv+0x383/0x5b0
[ 52.413341][ T3567] unix_read_sock+0x124/0x360
[ 52.418011][ T3567] ? sk_psock_verdict_apply+0x450/0x450
[ 52.423545][ T3567] ? unix_stream_splice_actor+0x100/0x100
[ 52.429257][ T3567] ? unix_dgram_sendmsg+0x15cb/0x2090
[ 52.434705][ T3567] ? unix_stream_splice_actor+0x100/0x100
[ 52.440427][ T3567] sk_psock_verdict_data_ready+0x147/0x1a0
[ 52.446223][ T3567] ? sk_psock_start_verdict+0xc0/0xc0
[ 52.451602][ T3567] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 52.457488][ T3567] ? do_raw_spin_unlock+0x137/0x8b0
[ 52.462678][ T3567] ? skb_queue_tail+0x32/0x120
[ 52.467444][ T3567] unix_dgram_sendmsg+0x15fc/0x2090
[ 52.472678][ T3567] ? unix_dgram_poll+0x640/0x640
[ 52.477640][ T3567] ? validate_chain+0x112/0x5930
[ 52.482593][ T3567] ? aa_sock_msg_perm+0x91/0x150
[ 52.487532][ T3567] ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 52.492810][ T3567] ? security_socket_sendmsg+0x7d/0xa0
[ 52.498256][ T3567] ? unix_dgram_poll+0x640/0x640
[ 52.503190][ T3567] ____sys_sendmsg+0x59e/0x8f0
[ 52.507944][ T3567] ? iovec_from_user+0x5d/0x390
[ 52.512792][ T3567] ? __sys_sendmsg_sock+0x30/0x30
[ 52.517815][ T3567] ___sys_sendmsg+0x252/0x2e0
[ 52.522487][ T3567] ? __sys_sendmsg+0x260/0x260
[ 52.527263][ T3567] ? __lock_acquire+0x1295/0x1ff0
[ 52.532300][ T3567] ? read_lock_is_recursive+0x10/0x10
[ 52.537661][ T3567] ? __context_tracking_exit+0x4c/0x80
[ 52.543110][ T3567] ? __fdget+0x158/0x220
[ 52.547345][ T3567] __se_sys_sendmsg+0x19a/0x260
[ 52.552189][ T3567] ? __x64_sys_sendmsg+0x80/0x80
[ 52.557121][ T3567] ? syscall_enter_from_user_mode+0x2e/0x240
[ 52.563089][ T3567] ? lockdep_hardirqs_on+0x94/0x130
[ 52.568275][ T3567] ? syscall_enter_from_user_mode+0x2e/0x240
[ 52.574254][ T3567] do_syscall_64+0x3b/0xb0
[ 52.578764][ T3567] ? clear_bhb_loop+0x15/0x70
[ 52.583434][ T3567] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 52.589319][ T3567] RIP: 0033:0x7f6b5718ab69
[ 52.593744][ T3567] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 52.613518][ T3567] RSP: 002b:00007ffc3336d8a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
executing program
[ 52.621923][ T3567] RAX: ffffffffffffffda RBX: 00007ffc3336d8c0 RCX: 00007f6b5718ab69
[ 52.629885][ T3567] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000004
[ 52.637845][ T3567] RBP: 0000000000000001 R08: 00007ffc3336d647 R09: 00000000000000a0
[ 52.645805][ T3567] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 52.653777][ T3567] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 52.661762][ T3567]
[ 52.674307][ T3569] FAULT_INJECTION: forcing a failure.
[ 52.674307][ T3569] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 52.687572][ T3569] CPU: 1 PID: 3569 Comm: syz-executor783 Not tainted 5.15.164-syzkaller #0
[ 52.696173][ T3569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 52.706217][ T3569] Call Trace:
[ 52.709487][ T3569]
[ 52.712406][ T3569] dump_stack_lvl+0x1e3/0x2d0
[ 52.717078][ T3569] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 52.722700][ T3569] ? panic+0x860/0x860
[ 52.726761][ T3569] ? sk_psock_verdict_data_ready+0x147/0x1a0
[ 52.732817][ T3569] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 52.738704][ T3569] should_fail+0x38a/0x4c0
[ 52.743128][ T3569] prepare_alloc_pages+0x1db/0x5b0
[ 52.748233][ T3569] __alloc_pages+0x14f/0x700
[ 52.752836][ T3569] ? __rmqueue_pcplist+0x2030/0x2030
[ 52.758114][ T3569] ? mark_lock+0x98/0x340
[ 52.762434][ T3569] ? __lock_acquire+0x1295/0x1ff0
[ 52.767448][ T3569] alloc_pages_vma+0x39a/0x800
[ 52.772209][ T3569] wp_page_copy+0x24e/0x2070
[ 52.776793][ T3569] ? __lock_acquire+0x1ff0/0x1ff0
[ 52.781809][ T3569] ? insert_page_into_pte_locked+0x540/0x540
[ 52.787778][ T3569] ? do_raw_spin_unlock+0x137/0x8b0
[ 52.792969][ T3569] ? _raw_spin_unlock+0x24/0x40
[ 52.797811][ T3569] ? do_wp_page+0x6d0/0xaf0
[ 52.802311][ T3569] handle_mm_fault+0x2a3d/0x5950
[ 52.807261][ T3569] ? numa_migrate_prep+0x1a0/0x1a0
[ 52.812379][ T3569] ? vmacache_find+0x545/0x590
[ 52.817127][ T3569] ? vmacache_update+0x9f/0xf0
[ 52.821886][ T3569] exc_page_fault+0x271/0x700
[ 52.826559][ T3569] asm_exc_page_fault+0x22/0x30
[ 52.831402][ T3569] RIP: 0033:0x7f6b57159360
[ 52.835804][ T3569] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 8d 0c 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 0f b1 15 60 3a 0a 00 0f 85 0f 02 00 00 4c 8d 25 53 3a 0a 00 4c
[ 52.855398][ T3569] RSP: 002b:00007ffc3336d850 EFLAGS: 00010246
[ 52.861468][ T3569] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
executing program
[ 52.869424][ T3569] RDX: 0000000000000001 RSI: 00007f6b571fa138 RDI: 0000000000000000
[ 52.877381][ T3569] RBP: 00007f6b571fa138 R08: 00007ffc3336d647 R09: 00000000000000a0
[ 52.885356][ T3569] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 52.893331][ T3569] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 52.901306][ T3569]
[ 52.904430][ T3569] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 52.915874][ T3568] ==================================================================
[ 52.924058][ T3568] BUG: KASAN: use-after-free in consume_skb+0x35/0x140
[ 52.930931][ T3568] Read of size 4 at addr ffff888070ce30dc by task kworker/1:4/3568
[ 52.938947][ T3568]
[ 52.941268][ T3568] CPU: 1 PID: 3568 Comm: kworker/1:4 Not tainted 5.15.164-syzkaller #0
[ 52.949502][ T3568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 52.959563][ T3568] Workqueue: events sk_psock_destroy
[ 52.964853][ T3568] Call Trace:
[ 52.968167][ T3568]
[ 52.971096][ T3568] dump_stack_lvl+0x1e3/0x2d0
[ 52.975774][ T3568] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 52.981401][ T3568] ? _printk+0xd1/0x120
[ 52.985556][ T3568] ? __wake_up_klogd+0xcc/0x100
[ 52.990404][ T3568] ? panic+0x860/0x860
[ 52.994466][ T3568] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 52.999926][ T3568] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 53.005907][ T3568] print_address_description+0x63/0x3b0
[ 53.011454][ T3568] ? consume_skb+0x35/0x140
[ 53.015951][ T3568] kasan_report+0x16b/0x1c0
[ 53.020452][ T3568] ? consume_skb+0x35/0x140
[ 53.025037][ T3568] ? lockdep_hardirqs_on+0x94/0x130
[ 53.030237][ T3568] kasan_check_range+0x27e/0x290
[ 53.035187][ T3568] consume_skb+0x35/0x140
[ 53.039516][ T3568] __sk_msg_free+0x2cd/0x350
[ 53.044106][ T3568] ? skb_dequeue+0x10f/0x140
[ 53.048694][ T3568] sk_psock_destroy+0x3ab/0x870
[ 53.053545][ T3568] process_one_work+0x8a1/0x10c0
[ 53.058495][ T3568] ? worker_detach_from_pool+0x260/0x260
[ 53.064128][ T3568] ? _raw_spin_lock_irqsave+0x120/0x120
[ 53.069670][ T3568] ? kthread_data+0x4e/0xc0
[ 53.074168][ T3568] ? wq_worker_running+0x97/0x170
[ 53.079189][ T3568] worker_thread+0xaca/0x1280
[ 53.083870][ T3568] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 53.089781][ T3568] kthread+0x3f6/0x4f0
[ 53.093846][ T3568] ? rcu_lock_release+0x20/0x20
[ 53.098693][ T3568] ? kthread_blkcg+0xd0/0xd0
[ 53.103286][ T3568] ret_from_fork+0x1f/0x30
[ 53.107710][ T3568]
[ 53.110723][ T3568]
[ 53.113040][ T3568] Allocated by task 3567:
[ 53.117373][ T3568] __kasan_slab_alloc+0x8e/0xc0
[ 53.122225][ T3568] slab_post_alloc_hook+0x53/0x380
[ 53.127330][ T3568] kmem_cache_alloc+0xf3/0x280
[ 53.132089][ T3568] skb_clone+0x1bb/0x350
[ 53.136362][ T3568] sk_psock_verdict_recv+0x51/0x5b0
[ 53.141560][ T3568] unix_read_sock+0x124/0x360
[ 53.146232][ T3568] sk_psock_verdict_data_ready+0x147/0x1a0
[ 53.152034][ T3568] unix_dgram_sendmsg+0x15fc/0x2090
[ 53.157224][ T3568] ____sys_sendmsg+0x59e/0x8f0
[ 53.162184][ T3568] ___sys_sendmsg+0x252/0x2e0
[ 53.166869][ T3568] __se_sys_sendmsg+0x19a/0x260
[ 53.171718][ T3568] do_syscall_64+0x3b/0xb0
[ 53.176168][ T3568] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 53.182091][ T3568]
[ 53.184410][ T3568] Freed by task 3568:
[ 53.188379][ T3568] kasan_set_track+0x4b/0x80
[ 53.192970][ T3568] kasan_set_free_info+0x1f/0x40
[ 53.197902][ T3568] ____kasan_slab_free+0xd8/0x120
[ 53.202918][ T3568] slab_free_freelist_hook+0xdd/0x160
[ 53.208309][ T3568] kmem_cache_free+0x91/0x1f0
[ 53.212982][ T3568] sk_psock_destroy+0x1a8/0x870
[ 53.217824][ T3568] process_one_work+0x8a1/0x10c0
[ 53.222779][ T3568] worker_thread+0xaca/0x1280
[ 53.227463][ T3568] kthread+0x3f6/0x4f0
[ 53.231550][ T3568] ret_from_fork+0x1f/0x30
[ 53.235971][ T3568]
[ 53.238291][ T3568] The buggy address belongs to the object at ffff888070ce3000
[ 53.238291][ T3568] which belongs to the cache skbuff_head_cache of size 232
[ 53.252860][ T3568] The buggy address is located 220 bytes inside of
[ 53.252860][ T3568] 232-byte region [ffff888070ce3000, ffff888070ce30e8)
[ 53.266131][ T3568] The buggy address belongs to the page:
[ 53.271760][ T3568] page:ffffea0001c338c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x70ce3
[ 53.281903][ T3568] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 53.289456][ T3568] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888016be4140
[ 53.298047][ T3568] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
[ 53.306615][ T3568] page dumped because: kasan: bad access detected
[ 53.313025][ T3568] page_owner tracks the page as allocated
[ 53.318728][ T3568] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY), pid 3567, ts 52315128637, free_ts 52314155286
[ 53.334780][ T3568] get_page_from_freelist+0x322a/0x33c0
[ 53.340324][ T3568] __alloc_pages+0x272/0x700
[ 53.344907][ T3568] new_slab+0xbb/0x4b0
[ 53.348975][ T3568] ___slab_alloc+0x6f6/0xe10
[ 53.353558][ T3568] kmem_cache_alloc+0x18e/0x280
[ 53.358404][ T3568] skb_clone+0x1bb/0x350
[ 53.362655][ T3568] sk_psock_verdict_recv+0x51/0x5b0
[ 53.367865][ T3568] unix_read_sock+0x124/0x360
[ 53.372553][ T3568] sk_psock_verdict_data_ready+0x147/0x1a0
[ 53.378369][ T3568] unix_dgram_sendmsg+0x15fc/0x2090
[ 53.383563][ T3568] ____sys_sendmsg+0x59e/0x8f0
[ 53.388373][ T3568] ___sys_sendmsg+0x252/0x2e0
[ 53.393049][ T3568] __se_sys_sendmsg+0x19a/0x260
[ 53.397980][ T3568] do_syscall_64+0x3b/0xb0
[ 53.402391][ T3568] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 53.408282][ T3568] page last free stack trace:
[ 53.412942][ T3568] free_unref_page_prepare+0xc34/0xcf0
[ 53.418395][ T3568] free_unref_page+0x95/0x2d0
[ 53.423066][ T3568] __vunmap+0x8d4/0xa20
[ 53.427218][ T3568] bpf_patch_insn_data+0x828/0xe00
[ 53.432326][ T3568] bpf_check+0x5ffd/0x12d00
[ 53.436824][ T3568] bpf_prog_load+0x12b3/0x1b60
[ 53.441595][ T3568] __sys_bpf+0x343/0x670
[ 53.445832][ T3568] __x64_sys_bpf+0x78/0x90
[ 53.450243][ T3568] do_syscall_64+0x3b/0xb0
[ 53.454653][ T3568] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 53.460553][ T3568]
[ 53.462869][ T3568] Memory state around the buggy address:
[ 53.468487][ T3568] ffff888070ce2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 53.476544][ T3568] ffff888070ce3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 53.484594][ T3568] >ffff888070ce3080: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[ 53.492773][ T3568] ^
[ 53.499714][ T3568] ffff888070ce3100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 53.507779][ T3568] ffff888070ce3180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 53.515834][ T3568] ==================================================================
[ 53.523885][ T3568] Disabling lock debugging due to kernel taint
[ 53.535218][ T3568] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 53.542424][ T3568] CPU: 1 PID: 3568 Comm: kworker/1:4 Tainted: G B 5.15.164-syzkaller #0
[ 53.552046][ T3568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 53.562091][ T3568] Workqueue: events sk_psock_destroy
[ 53.567379][ T3568] Call Trace:
[ 53.570649][ T3568]
[ 53.573569][ T3568] dump_stack_lvl+0x1e3/0x2d0
[ 53.578241][ T3568] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 53.583866][ T3568] ? panic+0x860/0x860
[ 53.587925][ T3568] ? preempt_schedule_common+0xa6/0xd0
[ 53.593374][ T3568] ? preempt_schedule+0xd9/0xe0
[ 53.598215][ T3568] panic+0x318/0x860
[ 53.602104][ T3568] ? check_panic_on_warn+0x1d/0xa0
[ 53.607219][ T3568] ? fb_is_primary_device+0xd0/0xd0
[ 53.612420][ T3568] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 53.618393][ T3568] ? _raw_spin_unlock+0x40/0x40
[ 53.623238][ T3568] ? print_memory_metadata+0xe2/0x140
[ 53.628601][ T3568] check_panic_on_warn+0x7e/0xa0
[ 53.633533][ T3568] ? consume_skb+0x35/0x140
[ 53.638026][ T3568] end_report+0x6d/0xf0
[ 53.642177][ T3568] kasan_report+0x18e/0x1c0
[ 53.646670][ T3568] ? consume_skb+0x35/0x140
[ 53.651167][ T3568] ? lockdep_hardirqs_on+0x94/0x130
[ 53.656357][ T3568] kasan_check_range+0x27e/0x290
[ 53.661287][ T3568] consume_skb+0x35/0x140
[ 53.665610][ T3568] __sk_msg_free+0x2cd/0x350
[ 53.670194][ T3568] ? skb_dequeue+0x10f/0x140
[ 53.674822][ T3568] sk_psock_destroy+0x3ab/0x870
[ 53.679668][ T3568] process_one_work+0x8a1/0x10c0
[ 53.684604][ T3568] ? worker_detach_from_pool+0x260/0x260
[ 53.690234][ T3568] ? _raw_spin_lock_irqsave+0x120/0x120
[ 53.695775][ T3568] ? kthread_data+0x4e/0xc0
[ 53.700270][ T3568] ? wq_worker_running+0x97/0x170
[ 53.705288][ T3568] worker_thread+0xaca/0x1280
[ 53.709961][ T3568] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 53.715854][ T3568] kthread+0x3f6/0x4f0
[ 53.719916][ T3568] ? rcu_lock_release+0x20/0x20
[ 53.724760][ T3568] ? kthread_blkcg+0xd0/0xd0
[ 53.729340][ T3568] ret_from_fork+0x1f/0x30
[ 53.733755][ T3568]
[ 53.736858][ T3568] Kernel Offset: disabled
[ 53.741181][ T3568] Rebooting in 86400 seconds..