Warning: Permanently added '10.128.0.135' (ED25519) to the list of known hosts.
2026/04/24 16:17:29 parsed 1 programs
[ 68.565571][ T5845] cgroup: Unknown subsys name 'net'
[ 68.667405][ T5845] cgroup: Unknown subsys name 'cpuset'
[ 68.675604][ T5845] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 69.983765][ T5845] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 71.256744][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.263537][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 72.735820][ T5853] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 73.285534][ T5866] chnl_net:caif_netlink_parms(): no params data found
[ 73.364593][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.374727][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state
[ 73.381917][ T5866] bridge_slave_0: entered allmulticast mode
[ 73.389103][ T5866] bridge_slave_0: entered promiscuous mode
[ 73.404621][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.411768][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state
[ 73.418980][ T5866] bridge_slave_1: entered allmulticast mode
[ 73.425818][ T5866] bridge_slave_1: entered promiscuous mode
[ 73.449826][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 73.460748][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 73.485615][ T5866] team0: Port device team_slave_0 added
[ 73.492846][ T5866] team0: Port device team_slave_1 added
[ 73.514100][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 73.521055][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 73.546993][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 73.561070][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 73.568326][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 73.594355][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 73.634647][ T5866] hsr_slave_0: entered promiscuous mode
[ 73.640929][ T5866] hsr_slave_1: entered promiscuous mode
[ 73.765042][ T5866] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 73.777585][ T5866] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 73.785608][ T5866] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 73.795326][ T5866] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 73.803720][ T5866] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 73.815481][ T5866] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 73.823494][ T5866] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 73.833901][ T5866] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 73.861316][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.868649][ T5866] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 73.876397][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.883484][ T5866] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 73.931283][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0
[ 73.949977][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 73.959384][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 73.972486][ T5866] 8021q: adding VLAN 0 to HW filter on device team0
[ 73.985961][ T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.993072][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.007411][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.014539][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 74.160334][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 74.202749][ T5866] veth0_vlan: entered promiscuous mode
[ 74.215056][ T5866] veth1_vlan: entered promiscuous mode
[ 74.243167][ T5866] veth0_macvtap: entered promiscuous mode
[ 74.252138][ T5866] veth1_macvtap: entered promiscuous mode
[ 74.270463][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 74.284981][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 74.299539][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.309354][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.319206][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.328656][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.471659][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 74.493025][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 74.501965][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 74.510756][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 74.519746][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 74.528156][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 74.553177][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 74.624357][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 74.710055][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 76.237832][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.246115][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.272985][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.281087][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/24 16:17:40 executed programs: 0
[ 77.122755][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 77.132272][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 77.139774][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 77.148380][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 77.155976][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 77.327430][ T13] bridge_slave_1: left allmulticast mode
[ 77.333153][ T13] bridge_slave_1: left promiscuous mode
[ 77.339956][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.350267][ T13] bridge_slave_0: left allmulticast mode
[ 77.357362][ T13] bridge_slave_0: left promiscuous mode
[ 77.363036][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.511418][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 77.521855][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 77.531549][ T13] bond0 (unregistering): Released all slaves
[ 77.622787][ T5955] chnl_net:caif_netlink_parms(): no params data found
[ 77.657914][ T13] hsr_slave_0: left promiscuous mode
[ 77.666961][ T13] hsr_slave_1: left promiscuous mode
[ 77.673722][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 77.682956][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 77.691877][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 77.699676][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 77.718614][ T13] veth1_macvtap: left promiscuous mode
[ 77.724512][ T13] veth0_macvtap: left promiscuous mode
[ 77.730101][ T13] veth1_vlan: left promiscuous mode
[ 77.735726][ T13] veth0_vlan: left promiscuous mode
[ 78.041096][ T13] team0 (unregistering): Port device team_slave_1 removed
[ 78.061555][ T13] team0 (unregistering): Port device team_slave_0 removed
[ 78.164393][ T5509] 8021q: adding VLAN 0 to HW filter on device eth1
[ 78.241947][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.249140][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.256417][ T5955] bridge_slave_0: entered allmulticast mode
[ 78.263360][ T5955] bridge_slave_0: entered promiscuous mode
[ 78.276187][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.283379][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.290739][ T5955] bridge_slave_1: entered allmulticast mode
[ 78.298663][ T5955] bridge_slave_1: entered promiscuous mode
[ 78.333025][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 78.345457][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 78.410040][ T5955] team0: Port device team_slave_0 added
[ 78.430809][ T5955] team0: Port device team_slave_1 added
[ 78.477485][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 78.487425][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 78.513842][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 78.527820][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 78.545183][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 78.571405][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 78.636776][ T5955] hsr_slave_0: entered promiscuous mode
[ 78.643375][ T5955] hsr_slave_1: entered promiscuous mode
[ 79.167634][ T5509] 8021q: adding VLAN 0 to HW filter on device eth2
[ 79.174720][ T50] Bluetooth: hci0: command tx timeout
[ 79.828816][ T5955] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 79.840627][ T5955] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 79.849603][ T5955] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 79.859356][ T5955] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 79.867239][ T5955] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 79.880581][ T5955] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 79.888577][ T5955] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 79.897194][ T5955] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 80.023132][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[ 80.058043][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[ 80.071656][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.078844][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 80.098499][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.105682][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 80.349954][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 80.411872][ T5955] veth0_vlan: entered promiscuous mode
[ 80.426399][ T5955] veth1_vlan: entered promiscuous mode
[ 80.527894][ T5955] veth0_macvtap: entered promiscuous mode
[ 80.552326][ T5955] veth1_macvtap: entered promiscuous mode
[ 80.588637][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.605679][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.630798][ T48] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.640073][ T48] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.657073][ T48] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.681199][ T48] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.761539][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.777913][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.815942][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.824884][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 81.263313][ T50] Bluetooth: hci0: command tx timeout
[ 81.512499][ T42] cfg80211: failed to load regulatory.db
2026/04/24 16:17:45 executed programs: 5
[ 83.335958][ T50] Bluetooth: hci0: command tx timeout
[ 85.414624][ T50] Bluetooth: hci0: command tx timeout
[ 86.312005][ T6124] ==================================================================
[ 86.320102][ T6124] BUG: KASAN: slab-use-after-free in __sk_msg_recvmsg+0x197/0xfc0
[ 86.327927][ T6124] Read of size 8 at addr ffff88807a4ee2b0 by task syz.0.33/6124
[ 86.335553][ T6124]
[ 86.337909][ T6124] CPU: 1 UID: 0 PID: 6124 Comm: syz.0.33 Not tainted syzkaller #0 PREEMPT(full)
[ 86.337930][ T6124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 86.337948][ T6124] Call Trace:
[ 86.337955][ T6124]
[ 86.337962][ T6124] dump_stack_lvl+0xe8/0x150
[ 86.337991][ T6124] print_address_description+0x55/0x1e0
[ 86.338017][ T6124] ? __sk_msg_recvmsg+0x197/0xfc0
[ 86.338033][ T6124] print_report+0x58/0x70
[ 86.338054][ T6124] kasan_report+0x117/0x150
[ 86.338078][ T6124] ? __sk_msg_recvmsg+0x197/0xfc0
[ 86.338097][ T6124] __sk_msg_recvmsg+0x197/0xfc0
[ 86.338113][ T6124] ? sk_psock_get+0x7a/0x440
[ 86.338134][ T6124] ? sk_psock_get+0x387/0x440
[ 86.338153][ T6124] ? __pfx_sk_psock_get+0x10/0x10
[ 86.338175][ T6124] udp_bpf_recvmsg+0x196/0xac0
[ 86.338198][ T6124] ? aa_sk_perm+0x6d5/0x900
[ 86.338226][ T6124] ? __pfx_udp_bpf_recvmsg+0x10/0x10
[ 86.338246][ T6124] ? __lock_acquire+0x6b5/0x2cf0
[ 86.338271][ T6124] ? sock_rps_record_flow+0x19/0x350
[ 86.338292][ T6124] ? inet_recvmsg+0x101/0x120
[ 86.338326][ T6124] ? __pfx_inet_recvmsg+0x10/0x10
[ 86.338345][ T6124] sock_recvmsg+0x155/0x1b0
[ 86.338370][ T6124] ____sys_recvmsg+0x1e6/0x4a0
[ 86.338388][ T6124] ? __folio_batch_add_and_move+0x11a/0xc50
[ 86.338413][ T6124] ? __pfx_____sys_recvmsg+0x10/0x10
[ 86.338438][ T6124] ? import_iovec+0x73/0xa0
[ 86.338459][ T6124] ___sys_recvmsg+0x215/0x590
[ 86.338476][ T6124] ? page_table_check_set+0x126/0x510
[ 86.338499][ T6124] ? __pfx____sys_recvmsg+0x10/0x10
[ 86.338517][ T6124] ? css_rstat_updated+0x23a/0x530
[ 86.338542][ T6124] ? __fget_files+0x2a/0x420
[ 86.338568][ T6124] ? __fget_files+0x3a0/0x420
[ 86.338589][ T6124] do_recvmmsg+0x334/0x800
[ 86.338611][ T6124] ? do_raw_spin_lock+0x12b/0x2f0
[ 86.338632][ T6124] ? __pfx_do_recvmmsg+0x10/0x10
[ 86.338651][ T6124] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 86.338670][ T6124] ? __might_fault+0xaf/0x130
[ 86.338702][ T6124] ? lockdep_hardirqs_on+0x7a/0x110
[ 86.338729][ T6124] __x64_sys_recvmmsg+0x198/0x250
[ 86.338750][ T6124] ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 86.338773][ T6124] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.338791][ T6124] do_syscall_64+0x15f/0xf80
[ 86.338819][ T6124] ? trace_irq_disable+0x3b/0x140
[ 86.338841][ T6124] ? clear_bhb_loop+0x40/0x90
[ 86.338860][ T6124] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.338877][ T6124] RIP: 0033:0x7f001db9cdd9
[ 86.338898][ T6124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 86.338912][ T6124] RSP: 002b:00007f001ea09028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 86.338935][ T6124] RAX: ffffffffffffffda RBX: 00007f001de16180 RCX: 00007f001db9cdd9
[ 86.338948][ T6124] RDX: 0000000000000012 RSI: 0000200000000400 RDI: 0000000000000003
[ 86.338959][ T6124] RBP: 00007f001dc32d69 R08: 0000000000000000 R09: 0000000000000000
[ 86.338970][ T6124] R10: 0000000040000021 R11: 0000000000000246 R12: 0000000000000000
[ 86.338981][ T6124] R13: 00007f001de16218 R14: 00007f001de16180 R15: 00007ffc4668cb68
[ 86.339002][ T6124]
[ 86.339008][ T6124]
[ 86.644470][ T6124] Allocated by task 6122:
[ 86.648780][ T6124] kasan_save_track+0x3e/0x80
[ 86.653449][ T6124] __kasan_kmalloc+0x93/0xb0
[ 86.658026][ T6124] __kmalloc_cache_noprof+0x31c/0x660
[ 86.663398][ T6124] sk_psock_skb_ingress_self+0x5e/0x370
[ 86.668936][ T6124] sk_psock_verdict_recv+0x7d9/0x8d0
[ 86.674210][ T6124] udp_read_skb+0x5d9/0x6b0
[ 86.678703][ T6124] sk_psock_verdict_data_ready+0x25f/0x690
[ 86.684499][ T6124] __udp_enqueue_schedule_skb+0xc4b/0x12e0
[ 86.690294][ T6124] udp_queue_rcv_one_skb+0x755/0x10f0
[ 86.695649][ T6124] __udp4_lib_mcast_deliver+0xad7/0xb70
[ 86.701182][ T6124] udp_rcv+0xcd0/0x1db0
[ 86.705323][ T6124] ip_protocol_deliver_rcu+0x282/0x440
[ 86.710769][ T6124] ip_local_deliver_finish+0x3bb/0x6f0
[ 86.716213][ T6124] NF_HOOK+0x336/0x3c0
[ 86.720270][ T6124] ip_sublist_rcv_finish+0x1f0/0x240
[ 86.725536][ T6124] ip_sublist_rcv+0x5c6/0xa70
[ 86.730201][ T6124] ip_list_rcv+0x3f1/0x450
[ 86.734611][ T6124] __netif_receive_skb_list_core+0x7e5/0x810
[ 86.740580][ T6124] netif_receive_skb_list_internal+0x995/0xcf0
[ 86.746723][ T6124] netif_receive_skb_list+0x55/0x450
[ 86.751994][ T6124] bpf_test_run_xdp_live+0x1946/0x1cf0
[ 86.757444][ T6124] bpf_prog_test_run_xdp+0x81c/0x1160
[ 86.762811][ T6124] bpf_prog_test_run+0x2c7/0x340
[ 86.767742][ T6124] __sys_bpf+0x643/0x950
[ 86.771976][ T6124] __x64_sys_bpf+0x7c/0x90
[ 86.776384][ T6124] do_syscall_64+0x15f/0xf80
[ 86.780966][ T6124] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.786852][ T6124]
[ 86.789166][ T6124] Freed by task 6123:
[ 86.793134][ T6124] kasan_save_track+0x3e/0x80
[ 86.797802][ T6124] kasan_save_free_info+0x46/0x50
[ 86.802811][ T6124] __kasan_slab_free+0x5c/0x80
[ 86.807561][ T6124] kfree+0x1c5/0x640
[ 86.811443][ T6124] __sk_msg_recvmsg+0xdb7/0xfc0
[ 86.816280][ T6124] udp_bpf_recvmsg+0x196/0xac0
[ 86.821038][ T6124] sock_recvmsg+0x155/0x1b0
[ 86.825532][ T6124] ____sys_recvmsg+0x1e6/0x4a0
[ 86.830281][ T6124] ___sys_recvmsg+0x215/0x590
[ 86.834946][ T6124] do_recvmmsg+0x334/0x800
[ 86.839353][ T6124] __x64_sys_recvmmsg+0x198/0x250
[ 86.844368][ T6124] do_syscall_64+0x15f/0xf80
[ 86.848955][ T6124] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.854831][ T6124]
[ 86.857138][ T6124] The buggy address belongs to the object at ffff88807a4ee000
[ 86.857138][ T6124] which belongs to the cache kmalloc-1k of size 1024
[ 86.871174][ T6124] The buggy address is located 688 bytes inside of
[ 86.871174][ T6124] freed 1024-byte region [ffff88807a4ee000, ffff88807a4ee400)
[ 86.885038][ T6124]
[ 86.887348][ T6124] The buggy address belongs to the physical page:
[ 86.893754][ T6124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a4e8
[ 86.902496][ T6124] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 86.910977][ T6124] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 86.918513][ T6124] page_type: f5(slab)
[ 86.922484][ T6124] raw: 00fff00000000040 ffff88813fe2edc0 dead000000000100 dead000000000122
[ 86.931051][ T6124] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 86.939618][ T6124] head: 00fff00000000040 ffff88813fe2edc0 dead000000000100 dead000000000122
[ 86.948270][ T6124] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 86.956925][ T6124] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[ 86.965578][ T6124] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 86.974231][ T6124] page dumped because: kasan: bad access detected
[ 86.980632][ T6124] page_owner tracks the page as allocated
[ 86.986325][ T6124] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5873, tgid 5873 (kworker/1:4), ts 74024369884, free_ts 73958339825
[ 87.007061][ T6124] post_alloc_hook+0x231/0x280
[ 87.011813][ T6124] get_page_from_freelist+0x24ba/0x2540
[ 87.017348][ T6124] __alloc_frozen_pages_noprof+0x18d/0x380
[ 87.023147][ T6124] allocate_slab+0x77/0x660
[ 87.027640][ T6124] refill_objects+0x339/0x3d0
[ 87.032309][ T6124] __pcs_replace_empty_main+0x321/0x720
[ 87.037838][ T6124] __kmalloc_noprof+0x474/0x760
[ 87.042675][ T6124] ___neigh_create+0x6d5/0x2250
[ 87.047518][ T6124] ip6_finish_output2+0x729/0x13e0
[ 87.052614][ T6124] ip6_output+0x340/0x550
[ 87.056933][ T6124] NF_HOOK+0x177/0x4f0
[ 87.060989][ T6124] mld_sendpack+0x8b4/0xe40
[ 87.065483][ T6124] mld_ifc_work+0x835/0xe70
[ 87.069975][ T6124] process_scheduled_works+0xb5d/0x1860
[ 87.075512][ T6124] worker_thread+0xa53/0xfc0
[ 87.080093][ T6124] kthread+0x388/0x470
[ 87.084146][ T6124] page last free pid 24 tgid 24 stack trace:
[ 87.090114][ T6124] __free_frozen_pages+0xbc7/0xd30
[ 87.095226][ T6124] __slab_free+0x274/0x2c0
[ 87.099638][ T6124] qlist_free_all+0x99/0x100
[ 87.104219][ T6124] kasan_quarantine_reduce+0x148/0x160
[ 87.109671][ T6124] __kasan_slab_alloc+0x22/0x80
[ 87.114518][ T6124] kmem_cache_alloc_node_noprof+0x384/0x690
[ 87.120406][ T6124] __alloc_skb+0x1d0/0x7d0
[ 87.124817][ T6124] mld_newpack+0x14c/0xc90
[ 87.129222][ T6124] add_grhead+0x5a/0x2a0
[ 87.133454][ T6124] add_grec+0x1452/0x1740
[ 87.137770][ T6124] mld_ifc_work+0x6e6/0xe70
[ 87.142259][ T6124] process_scheduled_works+0xb5d/0x1860
[ 87.147795][ T6124] worker_thread+0xa53/0xfc0
[ 87.152372][ T6124] kthread+0x388/0x470
[ 87.156424][ T6124] ret_from_fork+0x514/0xb70
[ 87.161003][ T6124] ret_from_fork_asm+0x1a/0x30
[ 87.165750][ T6124]
[ 87.168061][ T6124] Memory state around the buggy address:
[ 87.173671][ T6124] ffff88807a4ee180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.181714][ T6124] ffff88807a4ee200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.189757][ T6124] >ffff88807a4ee280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.197795][ T6124] ^
[ 87.203402][ T6124] ffff88807a4ee300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.211444][ T6124] ffff88807a4ee380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.219485][ T6124] ==================================================================
[ 87.234180][ T6124] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 87.241394][ T6124] CPU: 0 UID: 0 PID: 6124 Comm: syz.0.33 Not tainted syzkaller #0 PREEMPT(full)
[ 87.250502][ T6124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 87.260564][ T6124] Call Trace:
[ 87.263849][ T6124]
[ 87.266780][ T6124] vpanic+0x56c/0xa60
[ 87.270767][ T6124] ? __pfx_vpanic+0x10/0x10
[ 87.275291][ T6124] ? __pfx___schedule+0x10/0x10
[ 87.280129][ T6124] panic+0xc5/0xd0
[ 87.283834][ T6124] ? __pfx_panic+0x10/0x10
[ 87.288228][ T6124] ? preempt_schedule_common+0x82/0xd0
[ 87.293669][ T6124] ? __sk_msg_recvmsg+0x197/0xfc0
[ 87.298670][ T6124] check_panic_on_warn+0x89/0xb0
[ 87.303587][ T6124] ? __sk_msg_recvmsg+0x197/0xfc0
[ 87.308596][ T6124] end_report+0x73/0x170
[ 87.312824][ T6124] ? __sk_msg_recvmsg+0x197/0xfc0
[ 87.317826][ T6124] kasan_report+0x128/0x150
[ 87.322315][ T6124] ? __sk_msg_recvmsg+0x197/0xfc0
[ 87.327324][ T6124] __sk_msg_recvmsg+0x197/0xfc0
[ 87.332152][ T6124] ? sk_psock_get+0x7a/0x440
[ 87.336725][ T6124] ? sk_psock_get+0x387/0x440
[ 87.341399][ T6124] ? __pfx_sk_psock_get+0x10/0x10
[ 87.346406][ T6124] udp_bpf_recvmsg+0x196/0xac0
[ 87.351152][ T6124] ? aa_sk_perm+0x6d5/0x900
[ 87.355639][ T6124] ? __pfx_udp_bpf_recvmsg+0x10/0x10
[ 87.360906][ T6124] ? __lock_acquire+0x6b5/0x2cf0
[ 87.365824][ T6124] ? sock_rps_record_flow+0x19/0x350
[ 87.371087][ T6124] ? inet_recvmsg+0x101/0x120
[ 87.375741][ T6124] ? __pfx_inet_recvmsg+0x10/0x10
[ 87.380763][ T6124] sock_recvmsg+0x155/0x1b0
[ 87.385250][ T6124] ____sys_recvmsg+0x1e6/0x4a0
[ 87.389991][ T6124] ? __folio_batch_add_and_move+0x11a/0xc50
[ 87.395866][ T6124] ? __pfx_____sys_recvmsg+0x10/0x10
[ 87.401135][ T6124] ? import_iovec+0x73/0xa0
[ 87.405617][ T6124] ___sys_recvmsg+0x215/0x590
[ 87.410273][ T6124] ? page_table_check_set+0x126/0x510
[ 87.415628][ T6124] ? __pfx____sys_recvmsg+0x10/0x10
[ 87.420805][ T6124] ? css_rstat_updated+0x23a/0x530
[ 87.425900][ T6124] ? __fget_files+0x2a/0x420
[ 87.430475][ T6124] ? __fget_files+0x3a0/0x420
[ 87.435131][ T6124] do_recvmmsg+0x334/0x800
[ 87.439549][ T6124] ? do_raw_spin_lock+0x12b/0x2f0
[ 87.444584][ T6124] ? __pfx_do_recvmmsg+0x10/0x10
[ 87.449503][ T6124] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 87.454876][ T6124] ? __might_fault+0xaf/0x130
[ 87.459539][ T6124] ? lockdep_hardirqs_on+0x7a/0x110
[ 87.464736][ T6124] __x64_sys_recvmmsg+0x198/0x250
[ 87.469741][ T6124] ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 87.475265][ T6124] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.481311][ T6124] do_syscall_64+0x15f/0xf80
[ 87.485881][ T6124] ? trace_irq_disable+0x3b/0x140
[ 87.490889][ T6124] ? clear_bhb_loop+0x40/0x90
[ 87.495545][ T6124] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.501418][ T6124] RIP: 0033:0x7f001db9cdd9
[ 87.505813][ T6124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 87.525400][ T6124] RSP: 002b:00007f001ea09028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 87.533829][ T6124] RAX: ffffffffffffffda RBX: 00007f001de16180 RCX: 00007f001db9cdd9
[ 87.541777][ T6124] RDX: 0000000000000012 RSI: 0000200000000400 RDI: 0000000000000003
[ 87.549725][ T6124] RBP: 00007f001dc32d69 R08: 0000000000000000 R09: 0000000000000000
[ 87.557673][ T6124] R10: 0000000040000021 R11: 0000000000000246 R12: 0000000000000000
[ 87.565624][ T6124] R13: 00007f001de16218 R14: 00007f001de16180 R15: 00007ffc4668cb68
[ 87.573582][ T6124]
[ 87.576823][ T6124] Kernel Offset: disabled
[ 87.581128][ T6124] Rebooting in 86400 seconds..