Warning: Permanently added '10.128.1.67' (ED25519) to the list of known hosts.
2025/08/28 00:51:52 parsed 1 programs
[   63.329115][ T5788] cgroup: Unknown subsys name 'net'
[   63.462563][ T5788] cgroup: Unknown subsys name 'rlimit'
[   64.875036][ T5788] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   66.485799][ T2893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.497162][ T2893] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.538848][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.547828][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.929735][ T5812] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.939003][ T5812] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.947321][ T5812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.955341][ T5812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.963237][ T5812] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   66.970581][ T5812] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.827028][ T5866] chnl_net:caif_netlink_parms(): no params data found
[   69.891348][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.900249][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.908432][ T5866] bridge_slave_0: entered allmulticast mode
[   69.915213][ T5866] bridge_slave_0: entered promiscuous mode
[   69.924636][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.932270][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.939525][ T5866] bridge_slave_1: entered allmulticast mode
[   69.947002][ T5866] bridge_slave_1: entered promiscuous mode
[   69.978335][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.990709][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.028013][ T5866] team0: Port device team_slave_0 added
[   70.037110][ T5866] team0: Port device team_slave_1 added
[   70.074978][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.082920][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.110025][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.123525][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.131747][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.158196][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.201040][ T5866] hsr_slave_0: entered promiscuous mode
[   70.208115][ T5866] hsr_slave_1: entered promiscuous mode
[   70.360635][ T5866] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   70.372309][ T5866] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   70.382315][ T5866] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   70.392213][ T5866] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   70.419699][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.426990][ T5866] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.434893][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.442074][ T5866] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.516479][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.533269][ T2893] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.543831][ T2893] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.570322][ T5866] 8021q: adding VLAN 0 to HW filter on device team0
[   70.582804][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.589975][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.611392][ T3460] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.618567][ T3460] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.658958][ T5866] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   70.818293][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.863572][ T5866] veth0_vlan: entered promiscuous mode
[   70.874141][ T5866] veth1_vlan: entered promiscuous mode
[   70.918080][ T5866] veth0_macvtap: entered promiscuous mode
[   70.927332][ T5866] veth1_macvtap: entered promiscuous mode
[   70.944622][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.960191][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.978710][ T5866] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.989239][ T5866] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.998770][ T5866] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.007633][ T5866] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.171229][ T5866] syz-executor (5866) used greatest stack depth: 20552 bytes left
[   71.193820][   T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/08/28 00:52:01 executed programs: 0
[   71.500185][ T5104] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   71.509144][ T5104] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.517701][ T5104] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.528440][ T5104] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.536985][ T5104] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   71.544354][ T5104] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.611547][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[   71.626251][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[   71.692126][ T5897] chnl_net:caif_netlink_parms(): no params data found
[   71.749949][ T5897] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.757343][ T5897] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.764541][ T5897] bridge_slave_0: entered allmulticast mode
[   71.771671][ T5897] bridge_slave_0: entered promiscuous mode
[   71.780695][ T5897] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.788790][ T5897] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.796055][ T5897] bridge_slave_1: entered allmulticast mode
[   71.802791][ T5897] bridge_slave_1: entered promiscuous mode
[   71.831421][ T5897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.843637][ T5897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.885713][ T5897] team0: Port device team_slave_0 added
[   71.894157][ T5897] team0: Port device team_slave_1 added
[   71.920624][ T5897] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.932485][ T5897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.958833][ T5897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.972438][ T5897] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.979595][ T5897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.006114][ T5897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.053729][ T5897] hsr_slave_0: entered promiscuous mode
[   72.060241][ T5897] hsr_slave_1: entered promiscuous mode
[   72.066775][ T5897] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.074628][ T5897] Cannot create hsr debugfs directory
[   73.607070][ T5104] Bluetooth: hci0: command tx timeout
[   73.767631][   T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.686073][ T5104] Bluetooth: hci0: command tx timeout
[   75.935560][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.012415][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.787636][   T58] hsr_slave_0: left promiscuous mode
[   76.806364][   T58] hsr_slave_1: left promiscuous mode
[   76.826770][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.834250][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.867835][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.875277][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.897459][   T58] bridge_slave_1: left allmulticast mode
[   76.903159][   T58] bridge_slave_1: left promiscuous mode
[   76.911155][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.935491][   T58] bridge_slave_0: left allmulticast mode
[   76.943476][   T58] bridge_slave_0: left promiscuous mode
[   76.949436][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.981892][   T58] veth1_macvtap: left promiscuous mode
[   76.987997][   T58] veth0_macvtap: left promiscuous mode
[   76.993651][   T58] veth1_vlan: left promiscuous mode
[   77.001440][   T58] veth0_vlan: left promiscuous mode
[   77.448652][   T58] team0 (unregistering): Port device team_slave_1 removed
[   77.478380][   T58] team0 (unregistering): Port device team_slave_0 removed
[   77.510271][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   77.541178][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   77.776002][ T5104] Bluetooth: hci0: command tx timeout
[   77.801439][   T58] bond0 (unregistering): Released all slaves
[   77.897091][ T5897] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   77.907485][ T5897] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   77.918191][ T5897] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   77.931924][ T5897] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   78.029259][ T5897] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.045653][ T5897] 8021q: adding VLAN 0 to HW filter on device team0
[   78.060002][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.067155][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.088567][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.095694][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.140106][ T5897] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.303600][ T5897] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.342067][ T5897] veth0_vlan: entered promiscuous mode
[   78.357737][ T5897] veth1_vlan: entered promiscuous mode
[   78.384756][ T5897] veth0_macvtap: entered promiscuous mode
[   78.393671][ T5897] veth1_macvtap: entered promiscuous mode
[   78.409622][ T5897] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.430057][ T5897] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.441560][ T5897] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.450591][ T5897] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.459818][ T5897] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.468929][ T5897] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.532863][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.542003][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.564775][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.574128][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.464140][ T5950] ==================================================================
[   79.472255][ T5950] BUG: KASAN: slab-use-after-free in __lock_acquire+0xff/0x7c80
[   79.479937][ T5950] Read of size 8 at addr ffff88807b225cb8 by task syz.0.17/5950
[   79.487578][ T5950] 
[   79.489900][ T5950] CPU: 1 PID: 5950 Comm: syz.0.17 Not tainted 6.6.102-syzkaller #0
[   79.497792][ T5950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   79.507855][ T5950] Call Trace:
[   79.511127][ T5950]  <TASK>
[   79.514051][ T5950]  dump_stack_lvl+0x16c/0x230
[   79.518719][ T5950]  ? __lock_acquire+0x7c80/0x7c80
[   79.523730][ T5950]  ? show_regs_print_info+0x20/0x20
[   79.528917][ T5950]  ? load_image+0x3b0/0x3b0
[   79.533440][ T5950]  ? __virt_addr_valid+0x469/0x540
[   79.538542][ T5950]  print_report+0xac/0x220
[   79.542947][ T5950]  ? __lock_acquire+0xff/0x7c80
[   79.547785][ T5950]  kasan_report+0x117/0x150
[   79.552275][ T5950]  ? __lock_acquire+0xff/0x7c80
[   79.557111][ T5950]  __lock_acquire+0xff/0x7c80
[   79.561791][ T5950]  ? verify_lock_unused+0x140/0x140
[   79.566978][ T5950]  ? __schedule+0x14da/0x44d0
[   79.571648][ T5950]  ? verify_lock_unused+0x140/0x140
[   79.577267][ T5950]  ? mark_lock+0x94/0x320
[   79.581580][ T5950]  ? verify_lock_unused+0x140/0x140
[   79.586760][ T5950]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   79.592725][ T5950]  lock_acquire+0x197/0x410
[   79.597220][ T5950]  ? remove_wait_queue+0x24/0x120
[   79.602236][ T5950]  ? read_lock_is_recursive+0x20/0x20
[   79.607593][ T5950]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   79.613614][ T5950]  _raw_spin_lock_irqsave+0xa8/0xf0
[   79.619154][ T5950]  ? remove_wait_queue+0x24/0x120
[   79.624175][ T5950]  ? _raw_spin_lock+0x40/0x40
[   79.628846][ T5950]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[   79.634727][ T5950]  ? _raw_spin_unlock+0x40/0x40
[   79.639598][ T5950]  remove_wait_queue+0x24/0x120
[   79.644437][ T5950]  poll_freewait+0xb1/0x240
[   79.648931][ T5950]  do_select+0x175b/0x1840
[   79.653340][ T5950]  ? do_select+0xef/0x1840
[   79.657745][ T5950]  ? core_sys_select+0x950/0x950
[   79.662671][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.669073][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.675316][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.681543][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.687773][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.694000][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.700227][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.706455][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.712682][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   79.718908][ T5950]  ? __lock_acquire+0x7c80/0x7c80
[   79.724077][ T5950]  ? __lock_acquire+0x7c80/0x7c80
[   79.730045][ T5950]  ? __might_fault+0xaa/0x120
[   79.734701][ T5950]  ? __might_fault+0xc6/0x120
[   79.739355][ T5950]  ? __might_fault+0xaa/0x120
[   79.744013][ T5950]  core_sys_select+0x71c/0x950
[   79.748763][ T5950]  ? futex_wait_setup+0x260/0x260
[   79.753864][ T5950]  ? poll_select_set_timeout+0x160/0x160
[   79.759490][ T5950]  ? sigprocmask+0x190/0x190
[   79.764064][ T5950]  ? bpf_link_show_fdinfo+0x350/0x350
[   79.769439][ T5950]  __se_sys_pselect6+0x285/0x310
[   79.774374][ T5950]  ? __x64_sys_pselect6+0xf0/0xf0
[   79.779568][ T5950]  ? __x64_sys_pselect6+0x21/0xf0
[   79.784581][ T5950]  do_syscall_64+0x55/0xb0
[   79.788980][ T5950]  ? clear_bhb_loop+0x40/0x90
[   79.793637][ T5950]  ? clear_bhb_loop+0x40/0x90
[   79.798298][ T5950]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.804183][ T5950] RIP: 0033:0x7f17c1f8ebe9
[   79.808596][ T5950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.828185][ T5950] RSP: 002b:00007f17c2e85038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[   79.836609][ T5950] RAX: ffffffffffffffda RBX: 00007f17c21b5fa0 RCX: 00007f17c1f8ebe9
[   79.844582][ T5950] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[   79.852548][ T5950] RBP: 00007f17c2011e19 R08: 0000000000000000 R09: 0000000000000000
[   79.860527][ T5950] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000000
[   79.868532][ T5950] R13: 00007f17c21b6038 R14: 00007f17c21b5fa0 R15: 00007ffe2dd59ce8
[   79.876936][ T5950]  </TASK>
[   79.879940][ T5950] 
[   79.882256][ T5950] Allocated by task 5950:
[   79.886564][ T5950]  kasan_set_track+0x4e/0x70
[   79.891154][ T5950]  __kasan_kmalloc+0x8f/0xa0
[   79.895727][ T5950]  comedi_device_postconfig+0x496/0xc50
[   79.901259][ T5950]  comedi_device_attach+0x533/0x660
[   79.906457][ T5950]  comedi_unlocked_ioctl+0x68d/0xf90
[   79.911729][ T5950]  __se_sys_ioctl+0xfd/0x170
[   79.916926][ T5950]  do_syscall_64+0x55/0xb0
[   79.921328][ T5950]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.927225][ T5950] 
[   79.929530][ T5950] Freed by task 5951:
[   79.933488][ T5950]  kasan_set_track+0x4e/0x70
[   79.938082][ T5950]  kasan_save_free_info+0x2e/0x50
[   79.943090][ T5950]  ____kasan_slab_free+0x126/0x1e0
[   79.948186][ T5950]  slab_free_freelist_hook+0x130/0x1b0
[   79.953809][ T5950]  __kmem_cache_free+0xba/0x1f0
[   79.958649][ T5950]  comedi_device_detach+0x363/0x6f0
[   79.963922][ T5950]  comedi_unlocked_ioctl+0xbd0/0xf90
[   79.969198][ T5950]  __se_sys_ioctl+0xfd/0x170
[   79.973772][ T5950]  do_syscall_64+0x55/0xb0
[   79.978189][ T5950]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.984091][ T5950] 
[   79.986398][ T5950] The buggy address belongs to the object at ffff88807b225c00
[   79.986398][ T5950]  which belongs to the cache kmalloc-256 of size 256
[   80.000444][ T5950] The buggy address is located 184 bytes inside of
[   80.000444][ T5950]  freed 256-byte region [ffff88807b225c00, ffff88807b225d00)
[   80.014223][ T5950] 
[   80.016625][ T5950] The buggy address belongs to the physical page:
[   80.023026][ T5950] page:ffffea0001ec8900 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b224
[   80.033162][ T5950] head:ffffea0001ec8900 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   80.042082][ T5950] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   80.050056][ T5950] page_type: 0xffffffff()
[   80.054371][ T5950] raw: 00fff00000000840 ffff888017841b40 dead000000000122 0000000000000000
[   80.062938][ T5950] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   80.071499][ T5950] page dumped because: kasan: bad access detected
[   80.077991][ T5950] page_owner tracks the page as allocated
[   80.083685][ T5950] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 1094, tgid 1094 (kworker/u4:7), ts 78313279443, free_ts 78228037751
[   80.104443][ T5950]  post_alloc_hook+0x1cd/0x210
[   80.109204][ T5950]  get_page_from_freelist+0x195c/0x19f0
[   80.114737][ T5950]  __alloc_pages+0x1e3/0x460
[   80.119314][ T5950]  alloc_slab_page+0x4f/0x170
[   80.123978][ T5950]  new_slab+0x87/0x2e0
[   80.128038][ T5950]  ___slab_alloc+0xc6d/0x12f0
[   80.132700][ T5950]  __kmem_cache_alloc_node+0x1a2/0x260
[   80.138231][ T5950]  __kmalloc_node+0xa4/0x230
[   80.142808][ T5950]  memcg_alloc_slab_cgroups+0x87/0x130
[   80.148252][ T5950]  new_slab+0xc3/0x2e0
[   80.152314][ T5950]  ___slab_alloc+0xc6d/0x12f0
[   80.156989][ T5950]  kmem_cache_alloc+0x1b7/0x2e0
[   80.162175][ T5950]  fib6_add_1+0xa28/0x1430
[   80.166662][ T5950]  fib6_add+0x1da/0x3d20
[   80.170892][ T5950]  ip6_ins_rt+0xc9/0x120
[   80.175119][ T5950]  __ipv6_ifa_notify+0x62f/0xaa0
[   80.180041][ T5950] page last free stack trace:
[   80.184692][ T5950]  free_unref_page_prepare+0x7ce/0x8e0
[   80.190181][ T5950]  free_unref_page+0x32/0x2e0
[   80.194872][ T5950]  __slab_free+0x35e/0x410
[   80.199292][ T5950]  qlist_free_all+0x75/0xe0
[   80.203789][ T5950]  kasan_quarantine_reduce+0x143/0x160
[   80.209258][ T5950]  __kasan_slab_alloc+0x22/0x80
[   80.214092][ T5950]  slab_post_alloc_hook+0x6e/0x4d0
[   80.219194][ T5950]  kmem_cache_alloc_node+0x150/0x330
[   80.224465][ T5950]  __alloc_skb+0x108/0x2c0
[   80.228968][ T5950]  inet_netconf_notify_devconf+0x173/0x230
[   80.234761][ T5950]  devinet_exit_net+0x111/0x220
[   80.239596][ T5950]  cleanup_net+0x6f4/0xb90
[   80.243995][ T5950]  process_scheduled_works+0xa45/0x15b0
[   80.249528][ T5950]  worker_thread+0xa55/0xfc0
[   80.254103][ T5950]  kthread+0x2fa/0x390
[   80.258161][ T5950]  ret_from_fork+0x48/0x80
[   80.262576][ T5950] 
[   80.264880][ T5950] Memory state around the buggy address:
[   80.270492][ T5950]  ffff88807b225b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.278533][ T5950]  ffff88807b225c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.286679][ T5950] >ffff88807b225c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.294727][ T5950]                                         ^
[   80.300605][ T5950]  ffff88807b225d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.308649][ T5950]  ffff88807b225d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.316707][ T5950] ==================================================================
[   80.324764][ T5950] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   80.331941][ T5950] CPU: 1 PID: 5950 Comm: syz.0.17 Not tainted 6.6.102-syzkaller #0
[   80.339828][ T5950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   80.349868][ T5950] Call Trace:
[   80.353179][ T5950]  <TASK>
[   80.356098][ T5950]  dump_stack_lvl+0x16c/0x230
[   80.360773][ T5950]  ? show_regs_print_info+0x20/0x20
[   80.365960][ T5950]  ? load_image+0x3b0/0x3b0
[   80.370458][ T5950]  panic+0x2c0/0x710
[   80.374384][ T5950]  ? bpf_jit_dump+0xd0/0xd0
[   80.378877][ T5950]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[   80.384761][ T5950]  ? _raw_spin_unlock+0x40/0x40
[   80.389722][ T5950]  ? print_memory_metadata+0x314/0x400
[   80.395167][ T5950]  ? __lock_acquire+0xff/0x7c80
[   80.400004][ T5950]  check_panic_on_warn+0x84/0xa0
[   80.404936][ T5950]  ? __lock_acquire+0xff/0x7c80
[   80.409771][ T5950]  end_report+0x6f/0x140
[   80.414001][ T5950]  kasan_report+0x128/0x150
[   80.418490][ T5950]  ? __lock_acquire+0xff/0x7c80
[   80.423327][ T5950]  __lock_acquire+0xff/0x7c80
[   80.427999][ T5950]  ? verify_lock_unused+0x140/0x140
[   80.433194][ T5950]  ? __schedule+0x14da/0x44d0
[   80.437857][ T5950]  ? verify_lock_unused+0x140/0x140
[   80.443040][ T5950]  ? mark_lock+0x94/0x320
[   80.447355][ T5950]  ? verify_lock_unused+0x140/0x140
[   80.452537][ T5950]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   80.458502][ T5950]  lock_acquire+0x197/0x410
[   80.463340][ T5950]  ? remove_wait_queue+0x24/0x120
[   80.468354][ T5950]  ? read_lock_is_recursive+0x20/0x20
[   80.473714][ T5950]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   80.479719][ T5950]  _raw_spin_lock_irqsave+0xa8/0xf0
[   80.484926][ T5950]  ? remove_wait_queue+0x24/0x120
[   80.490017][ T5950]  ? _raw_spin_lock+0x40/0x40
[   80.495224][ T5950]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[   80.501905][ T5950]  ? _raw_spin_unlock+0x40/0x40
[   80.506764][ T5950]  remove_wait_queue+0x24/0x120
[   80.511631][ T5950]  poll_freewait+0xb1/0x240
[   80.516140][ T5950]  do_select+0x175b/0x1840
[   80.520549][ T5950]  ? do_select+0xef/0x1840
[   80.524955][ T5950]  ? core_sys_select+0x950/0x950
[   80.529909][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.536170][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.542412][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.548647][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.554878][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.561125][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.567531][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.573762][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.579992][ T5950]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[   80.586306][ T5950]  ? __lock_acquire+0x7c80/0x7c80
[   80.591351][ T5950]  ? __lock_acquire+0x7c80/0x7c80
[   80.597050][ T5950]  ? __might_fault+0xaa/0x120
[   80.601711][ T5950]  ? __might_fault+0xc6/0x120
[   80.606369][ T5950]  ? __might_fault+0xaa/0x120
[   80.611201][ T5950]  core_sys_select+0x71c/0x950
[   80.615953][ T5950]  ? futex_wait_setup+0x260/0x260
[   80.620969][ T5950]  ? poll_select_set_timeout+0x160/0x160
[   80.626595][ T5950]  ? sigprocmask+0x190/0x190
[   80.631171][ T5950]  ? bpf_link_show_fdinfo+0x350/0x350
[   80.636528][ T5950]  __se_sys_pselect6+0x285/0x310
[   80.641543][ T5950]  ? __x64_sys_pselect6+0xf0/0xf0
[   80.646558][ T5950]  ? __x64_sys_pselect6+0x21/0xf0
[   80.651568][ T5950]  do_syscall_64+0x55/0xb0
[   80.655974][ T5950]  ? clear_bhb_loop+0x40/0x90
[   80.660635][ T5950]  ? clear_bhb_loop+0x40/0x90
[   80.665296][ T5950]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   80.671182][ T5950] RIP: 0033:0x7f17c1f8ebe9
[   80.675595][ T5950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.695190][ T5950] RSP: 002b:00007f17c2e85038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[   80.703588][ T5950] RAX: ffffffffffffffda RBX: 00007f17c21b5fa0 RCX: 00007f17c1f8ebe9
[   80.711556][ T5950] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[   80.719615][ T5950] RBP: 00007f17c2011e19 R08: 0000000000000000 R09: 0000000000000000
[   80.727572][ T5950] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000000
[   80.735526][ T5950] R13: 00007f17c21b6038 R14: 00007f17c21b5fa0 R15: 00007ffe2dd59ce8
[   80.743659][ T5950]  </TASK>
[   80.746897][ T5950] Kernel Offset: disabled
[   80.751207][ T5950] Rebooting in 86400 seconds..