Warning: Permanently added '10.128.1.98' (ED25519) to the list of known hosts.
2025/08/03 06:15:29 ignoring optional flag "sandboxArg"="0"
2025/08/03 06:15:30 parsed 1 programs
[   54.190970][ T4188] cgroup: Unknown subsys name 'net'
[   54.322913][ T4188] cgroup: Unknown subsys name 'rlimit'
[   55.549128][ T4188] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   58.405254][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.417938][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.430093][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   58.442357][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.450486][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.459718][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   58.628285][ T4250] chnl_net:caif_netlink_parms(): no params data found
[   58.674413][ T4250] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.682091][ T4250] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.691028][ T4250] device bridge_slave_0 entered promiscuous mode
[   58.708562][ T4250] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.715702][ T4250] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.724074][ T4250] device bridge_slave_1 entered promiscuous mode
[   58.819670][ T4250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.831645][ T4250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.868177][ T4250] team0: Port device team_slave_0 added
[   58.875604][ T4250] team0: Port device team_slave_1 added
[   58.893154][ T4250] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.900471][ T4250] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.926707][ T4250] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.939680][ T4250] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.946639][ T4250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.973162][ T4250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.999714][ T4250] device hsr_slave_0 entered promiscuous mode
[   59.006356][ T4250] device hsr_slave_1 entered promiscuous mode
[   59.079373][ T4250] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   59.089625][ T4250] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   59.098264][ T4250] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   59.107365][ T4250] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   59.129902][ T4250] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.137174][ T4250] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.145170][ T4250] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.152283][ T4250] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.163526][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.172566][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.209006][ T4250] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.221369][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   59.230090][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.241861][ T4250] 8021q: adding VLAN 0 to HW filter on device team0
[   59.251524][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   59.261208][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.269597][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.276633][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.309801][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   59.318705][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.329122][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.336191][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.344300][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   59.355367][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   59.370111][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   59.379439][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   59.388632][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   59.417001][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   59.425672][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   59.436647][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   59.445925][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.474366][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   59.483357][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.494679][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   59.596520][ T1477] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   59.604320][ T1477] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   59.616572][ T4250] 8021q: adding VLAN 0 to HW filter on device batadv0
[   59.652786][ T1477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   59.662516][ T1477] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.683847][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   59.692237][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   59.702469][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   59.710556][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   59.740214][ T4250] device veth0_vlan entered promiscuous mode
[   59.750793][ T4250] device veth1_vlan entered promiscuous mode
[   59.770425][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   59.779455][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   59.787426][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   59.796453][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.806689][ T4250] device veth0_macvtap entered promiscuous mode
[   59.818053][ T4250] device veth1_macvtap entered promiscuous mode
[   59.844751][ T4250] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.853587][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   59.862520][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   59.870969][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   59.879656][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.890899][ T4250] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.900316][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   59.909085][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.920922][ T4250] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.930247][ T4250] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.939037][ T4250] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.948478][ T4250] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/08/03 06:15:38 executed programs: 0
[   60.931098][ T4298] chnl_net:caif_netlink_parms(): no params data found
[   60.989671][ T4298] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.996806][ T4298] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.005274][ T4298] device bridge_slave_0 entered promiscuous mode
[   61.016631][ T4298] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.024164][ T4298] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.034573][ T4298] device bridge_slave_1 entered promiscuous mode
[   61.070277][ T4298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.081818][ T4298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.113515][ T4298] team0: Port device team_slave_0 added
[   61.123795][ T4298] team0: Port device team_slave_1 added
[   61.145985][ T4298] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.153025][ T4298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.179484][ T4298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.193596][ T4298] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.200930][ T4298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.227164][ T4298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.266040][ T4298] device hsr_slave_0 entered promiscuous mode
[   61.272984][ T4298] device hsr_slave_1 entered promiscuous mode
[   61.279965][ T4298] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   61.288209][ T4298] Cannot create hsr debugfs directory
[   61.373473][ T4298] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.878224][ T4261] Bluetooth: hci0: command 0x0409 tx timeout
[   64.565497][ T4298] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.958947][ T4214] Bluetooth: hci0: command 0x041b tx timeout
[   64.991671][ T4298] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.084829][ T4298] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.173621][ T4298] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.183972][ T4298] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.196924][ T4298] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.206442][ T4298] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.256637][ T4298] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.270128][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.279274][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.288261][ T4298] 8021q: adding VLAN 0 to HW filter on device team0
[   65.297096][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.306111][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.315264][ T1408] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.322361][ T1408] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.333788][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.354504][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.363843][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.373088][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.380194][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.390963][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.410094][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.421781][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.430672][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.440282][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.451253][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.460519][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.480455][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.488900][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.500857][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.509461][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.518485][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.572885][  T154] device hsr_slave_0 left promiscuous mode
[   65.582457][  T154] device hsr_slave_1 left promiscuous mode
[   65.590302][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.600541][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.609762][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.617145][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.624824][  T154] device bridge_slave_1 left promiscuous mode
[   65.631725][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.644082][  T154] device bridge_slave_0 left promiscuous mode
[   65.650523][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.665182][  T154] device veth1_macvtap left promiscuous mode
[   65.671929][  T154] device veth0_macvtap left promiscuous mode
[   65.678335][  T154] device veth1_vlan left promiscuous mode
[   65.684210][  T154] device veth0_vlan left promiscuous mode
[   65.805028][  T154] team0 (unregistering): Port device team_slave_1 removed
[   65.816875][  T154] team0 (unregistering): Port device team_slave_0 removed
[   65.830055][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   65.844729][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   65.891606][  T154] bond0 (unregistering): Released all slaves
[   65.941150][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   65.948649][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   65.959956][ T4298] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.982721][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   65.997193][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   66.015956][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   66.024334][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   66.033145][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   66.041660][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   66.051746][ T4298] device veth0_vlan entered promiscuous mode
[   66.065018][ T4298] device veth1_vlan entered promiscuous mode
[   66.084152][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   66.092523][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   66.100926][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   66.109698][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   66.121004][ T4298] device veth0_macvtap entered promiscuous mode
[   66.141840][ T4298] device veth1_macvtap entered promiscuous mode
[   66.155952][ T4298] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.165374][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   66.174337][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   66.182770][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   66.192048][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   66.202691][ T4298] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.213711][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.222749][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   66.233888][ T4298] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.243724][ T4298] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.252462][ T4298] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.261345][ T4298] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.316599][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.330438][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.351817][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.362695][ T1408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.373872][ T1408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.384443][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   67.048452][ T1107] Bluetooth: hci0: command 0x040f tx timeout
[   67.267628][ T4319] ==================================================================
[   67.275721][ T4319] BUG: KASAN: use-after-free in __lock_acquire+0xf7/0x7c60
[   67.282911][ T4319] Read of size 8 at addr ffff88802260a6b8 by task syz.0.17/4319
[   67.290654][ T4319] 
[   67.292965][ T4319] CPU: 0 PID: 4319 Comm: syz.0.17 Not tainted 5.15.189-syzkaller #0
[   67.301092][ T4319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.311251][ T4319] Call Trace:
[   67.314518][ T4319]  <TASK>
[   67.317430][ T4319]  dump_stack_lvl+0x168/0x230
[   67.322088][ T4319]  ? show_regs_print_info+0x20/0x20
[   67.327370][ T4319]  ? load_image+0x3b0/0x3b0
[   67.331851][ T4319]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[   67.337210][ T4319]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   67.343192][ T4319]  print_address_description+0x60/0x2d0
[   67.348718][ T4319]  ? __lock_acquire+0xf7/0x7c60
[   67.353547][ T4319]  kasan_report+0xdf/0x130
[   67.357958][ T4319]  ? __lock_acquire+0xf7/0x7c60
[   67.362817][ T4319]  ? mark_lock+0x94/0x320
[   67.367134][ T4319]  __lock_acquire+0xf7/0x7c60
[   67.371990][ T4319]  ? __lock_acquire+0x12d9/0x7c60
[   67.377005][ T4319]  ? __switch_to_asm+0x34/0x60
[   67.381841][ T4319]  ? __schedule+0x11c0/0x43b0
[   67.386508][ T4319]  ? verify_lock_unused+0x140/0x140
[   67.391691][ T4319]  ? verify_lock_unused+0x140/0x140
[   67.397049][ T4319]  ? print_unlock_imbalance_bug+0x160/0x160
[   67.402922][ T4319]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   67.408893][ T4319]  lock_acquire+0x197/0x3f0
[   67.413378][ T4319]  ? remove_wait_queue+0x20/0x120
[   67.418383][ T4319]  ? read_lock_is_recursive+0x10/0x10
[   67.423757][ T4319]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   67.429713][ T4319]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[   67.435070][ T4319]  ? lockdep_hardirqs_off+0x70/0x100
[   67.440333][ T4319]  _raw_spin_lock_irqsave+0xa4/0xf0
[   67.445516][ T4319]  ? remove_wait_queue+0x20/0x120
[   67.450526][ T4319]  ? _raw_spin_lock+0x40/0x40
[   67.455187][ T4319]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[   67.461060][ T4319]  ? _raw_spin_unlock+0x40/0x40
[   67.465888][ T4319]  ? __fget_files+0x40f/0x480
[   67.470547][ T4319]  remove_wait_queue+0x20/0x120
[   67.475375][ T4319]  poll_freewait+0x99/0x210
[   67.479873][ T4319]  do_select+0x1629/0x16f0
[   67.484268][ T4319]  ? do_select+0xbc1/0x16f0
[   67.488775][ T4319]  ? core_sys_select+0x860/0x860
[   67.493690][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.499904][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.506124][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.512339][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.518555][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.524771][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.530982][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.537203][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.543426][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   67.549650][ T4319]  ? __lock_acquire+0x7c60/0x7c60
[   67.554674][ T4319]  ? __lock_acquire+0x7c60/0x7c60
[   67.559680][ T4319]  ? __might_fault+0xb3/0x110
[   67.564336][ T4319]  core_sys_select+0x65c/0x860
[   67.569078][ T4319]  ? poll_select_set_timeout+0x150/0x150
[   67.574688][ T4319]  ? sigprocmask+0x190/0x190
[   67.579256][ T4319]  ? __lock_acquire+0x7c60/0x7c60
[   67.584255][ T4319]  __se_sys_pselect6+0x2ed/0x3a0
[   67.589168][ T4319]  ? __x64_sys_pselect6+0xf0/0xf0
[   67.594172][ T4319]  ? __x64_sys_pselect6+0x1d/0xf0
[   67.599341][ T4319]  do_syscall_64+0x4c/0xa0
[   67.603749][ T4319]  ? clear_bhb_loop+0x30/0x80
[   67.608520][ T4319]  ? clear_bhb_loop+0x30/0x80
[   67.613199][ T4319]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.619084][ T4319] RIP: 0033:0x7ff363b56b69
[   67.623482][ T4319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.643154][ T4319] RSP: 002b:00007ff362dc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[   67.651554][ T4319] RAX: ffffffffffffffda RBX: 00007ff363d7dfa0 RCX: 00007ff363b56b69
[   67.659509][ T4319] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000040
[   67.667552][ T4319] RBP: 00007ff363bd9df1 R08: 0000000000000000 R09: 0000000000000000
[   67.675508][ T4319] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[   67.683476][ T4319] R13: 0000000000000000 R14: 00007ff363d7dfa0 R15: 00007fff446015b8
[   67.691448][ T4319]  </TASK>
[   67.694459][ T4319] 
[   67.696758][ T4319] Allocated by task 4319:
[   67.701058][ T4319]  __kasan_kmalloc+0xb5/0xf0
[   67.705660][ T4319]  comedi_device_postconfig+0x496/0xc50
[   67.711181][ T4319]  comedi_device_attach+0x52f/0x650
[   67.716442][ T4319]  comedi_unlocked_ioctl+0x5ec/0xe90
[   67.721700][ T4319]  __se_sys_ioctl+0xfa/0x170
[   67.726276][ T4319]  do_syscall_64+0x4c/0xa0
[   67.730680][ T4319]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.736554][ T4319] 
[   67.738860][ T4319] Freed by task 4320:
[   67.742824][ T4319]  kasan_set_track+0x4b/0x70
[   67.747392][ T4319]  kasan_set_free_info+0x1f/0x40
[   67.752309][ T4319]  ____kasan_slab_free+0xd5/0x110
[   67.757314][ T4319]  slab_free_freelist_hook+0xea/0x170
[   67.762666][ T4319]  kfree+0xef/0x2a0
[   67.766454][ T4319]  comedi_device_detach+0x35f/0x6e0
[   67.771626][ T4319]  comedi_unlocked_ioctl+0xbd0/0xe90
[   67.776886][ T4319]  __se_sys_ioctl+0xfa/0x170
[   67.781451][ T4319]  do_syscall_64+0x4c/0xa0
[   67.785843][ T4319]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.791707][ T4319] 
[   67.794005][ T4319] The buggy address belongs to the object at ffff88802260a600
[   67.794005][ T4319]  which belongs to the cache kmalloc-256 of size 256
[   67.808032][ T4319] The buggy address is located 184 bytes inside of
[   67.808032][ T4319]  256-byte region [ffff88802260a600, ffff88802260a700)
[   67.821299][ T4319] The buggy address belongs to the page:
[   67.826926][ T4319] page:ffffea0000898280 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2260a
[   67.837059][ T4319] head:ffffea0000898280 order:1 compound_mapcount:0
[   67.843719][ T4319] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   67.851684][ T4319] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888016841b40
[   67.860245][ T4319] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   67.868817][ T4319] page dumped because: kasan: bad access detected
[   67.875219][ T4319] page_owner tracks the page as allocated
[   67.880927][ T4319] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4298, ts 66421425187, free_ts 66218083086
[   67.901686][ T4319]  get_page_from_freelist+0x1b77/0x1c60
[   67.907235][ T4319]  __alloc_pages+0x1e1/0x470
[   67.911815][ T4319]  new_slab+0xc0/0x4b0
[   67.915875][ T4319]  ___slab_alloc+0x81e/0xdf0
[   67.920472][ T4319]  __kmalloc_node+0x200/0x3b0
[   67.925132][ T4319]  kvmalloc_node+0x84/0x130
[   67.929611][ T4319]  nf_hook_entries_grow+0x30e/0x750
[   67.934785][ T4319]  __nf_register_net_hook+0x238/0x850
[   67.940131][ T4319]  nf_register_net_hook+0xae/0x190
[   67.945216][ T4319]  nf_register_net_hooks+0x40/0x1a0
[   67.950408][ T4319]  ip6t_register_table+0x4ec/0x7e0
[   67.955760][ T4319]  ip6table_security_table_init+0x3d/0x60
[   67.961471][ T4319]  xt_find_table_lock+0x220/0x360
[   67.966493][ T4319]  xt_request_find_table_lock+0x22/0x100
[   67.972208][ T4319]  do_ip6t_get_ctl+0x5f8/0x1090
[   67.977181][ T4319]  nf_getsockopt+0x25e/0x280
[   67.981766][ T4319] page last free stack trace:
[   67.986417][ T4319]  free_unref_page_prepare+0x637/0x6c0
[   67.991858][ T4319]  free_unref_page+0x94/0x280
[   67.996511][ T4319]  __unfreeze_partials+0x1a5/0x200
[   68.001602][ T4319]  put_cpu_partial+0x12d/0x190
[   68.006363][ T4319]  qlist_free_all+0x35/0x90
[   68.010843][ T4319]  kasan_quarantine_reduce+0x150/0x160
[   68.016287][ T4319]  __kasan_slab_alloc+0x2f/0xd0
[   68.021121][ T4319]  slab_post_alloc_hook+0x4c/0x380
[   68.026214][ T4319]  kmem_cache_alloc_node+0x12d/0x2d0
[   68.031590][ T4319]  __alloc_skb+0xf4/0x750
[   68.035912][ T4319]  alloc_skb_with_frags+0xa7/0x730
[   68.041002][ T4319]  sock_alloc_send_pskb+0x853/0x980
[   68.046185][ T4319]  unix_dgram_sendmsg+0x5ef/0x1890
[   68.051342][ T4319]  __sys_sendto+0x423/0x580
[   68.055829][ T4319]  __x64_sys_sendto+0xda/0xf0
[   68.060486][ T4319]  do_syscall_64+0x4c/0xa0
[   68.064886][ T4319] 
[   68.067184][ T4319] Memory state around the buggy address:
[   68.072783][ T4319]  ffff88802260a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   68.080997][ T4319]  ffff88802260a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   68.089041][ T4319] >ffff88802260a680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   68.097072][ T4319]                                         ^
[   68.102937][ T4319]  ffff88802260a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   68.110979][ T4319]  ffff88802260a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   68.119013][ T4319] ==================================================================
[   68.127044][ T4319] Disabling lock debugging due to kernel taint
[   68.133176][ T4319] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   68.140520][ T4319] CPU: 0 PID: 4319 Comm: syz.0.17 Tainted: G    B             5.15.189-syzkaller #0
[   68.149863][ T4319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.159984][ T4319] Call Trace:
[   68.163246][ T4319]  <TASK>
[   68.166156][ T4319]  dump_stack_lvl+0x168/0x230
[   68.170825][ T4319]  ? show_regs_print_info+0x20/0x20
[   68.176030][ T4319]  ? load_image+0x3b0/0x3b0
[   68.180513][ T4319]  panic+0x2c9/0x7f0
[   68.184395][ T4319]  ? bpf_jit_dump+0xd0/0xd0
[   68.188876][ T4319]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[   68.194758][ T4319]  ? _raw_spin_unlock+0x40/0x40
[   68.199597][ T4319]  ? __lock_acquire+0xf7/0x7c60
[   68.204431][ T4319]  check_panic_on_warn+0x80/0xa0
[   68.209347][ T4319]  ? __lock_acquire+0xf7/0x7c60
[   68.214176][ T4319]  end_report+0x6d/0xf0
[   68.218400][ T4319]  kasan_report+0x102/0x130
[   68.222902][ T4319]  ? __lock_acquire+0xf7/0x7c60
[   68.227764][ T4319]  ? mark_lock+0x94/0x320
[   68.232112][ T4319]  __lock_acquire+0xf7/0x7c60
[   68.236919][ T4319]  ? __lock_acquire+0x12d9/0x7c60
[   68.241939][ T4319]  ? __switch_to_asm+0x34/0x60
[   68.246692][ T4319]  ? __schedule+0x11c0/0x43b0
[   68.251348][ T4319]  ? verify_lock_unused+0x140/0x140
[   68.256548][ T4319]  ? verify_lock_unused+0x140/0x140
[   68.261727][ T4319]  ? print_unlock_imbalance_bug+0x160/0x160
[   68.267604][ T4319]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   68.273573][ T4319]  lock_acquire+0x197/0x3f0
[   68.278059][ T4319]  ? remove_wait_queue+0x20/0x120
[   68.283157][ T4319]  ? read_lock_is_recursive+0x10/0x10
[   68.288507][ T4319]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   68.294485][ T4319]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[   68.299860][ T4319]  ? lockdep_hardirqs_off+0x70/0x100
[   68.305124][ T4319]  _raw_spin_lock_irqsave+0xa4/0xf0
[   68.310299][ T4319]  ? remove_wait_queue+0x20/0x120
[   68.315298][ T4319]  ? _raw_spin_lock+0x40/0x40
[   68.319952][ T4319]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[   68.325841][ T4319]  ? _raw_spin_unlock+0x40/0x40
[   68.330783][ T4319]  ? __fget_files+0x40f/0x480
[   68.335445][ T4319]  remove_wait_queue+0x20/0x120
[   68.340283][ T4319]  poll_freewait+0x99/0x210
[   68.344770][ T4319]  do_select+0x1629/0x16f0
[   68.349185][ T4319]  ? do_select+0xbc1/0x16f0
[   68.353670][ T4319]  ? core_sys_select+0x860/0x860
[   68.358588][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.364810][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.371069][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.377289][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.383536][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.389845][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.396180][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.402422][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.408679][ T4319]  ? __ia32_compat_sys_ppoll_time64+0x2f0/0x2f0
[   68.414901][ T4319]  ? __lock_acquire+0x7c60/0x7c60
[   68.419925][ T4319]  ? __lock_acquire+0x7c60/0x7c60
[   68.424930][ T4319]  ? __might_fault+0xb3/0x110
[   68.429585][ T4319]  core_sys_select+0x65c/0x860
[   68.434329][ T4319]  ? poll_select_set_timeout+0x150/0x150
[   68.439946][ T4319]  ? sigprocmask+0x190/0x190
[   68.444516][ T4319]  ? __lock_acquire+0x7c60/0x7c60
[   68.449535][ T4319]  __se_sys_pselect6+0x2ed/0x3a0
[   68.454450][ T4319]  ? __x64_sys_pselect6+0xf0/0xf0
[   68.459452][ T4319]  ? __x64_sys_pselect6+0x1d/0xf0
[   68.464449][ T4319]  do_syscall_64+0x4c/0xa0
[   68.468841][ T4319]  ? clear_bhb_loop+0x30/0x80
[   68.473491][ T4319]  ? clear_bhb_loop+0x30/0x80
[   68.478140][ T4319]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   68.484010][ T4319] RIP: 0033:0x7ff363b56b69
[   68.488404][ T4319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.507986][ T4319] RSP: 002b:00007ff362dc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[   68.516388][ T4319] RAX: ffffffffffffffda RBX: 00007ff363d7dfa0 RCX: 00007ff363b56b69
[   68.524357][ T4319] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000040
[   68.532309][ T4319] RBP: 00007ff363bd9df1 R08: 0000000000000000 R09: 0000000000000000
[   68.540263][ T4319] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[   68.548212][ T4319] R13: 0000000000000000 R14: 00007ff363d7dfa0 R15: 00007fff446015b8
[   68.556188][ T4319]  </TASK>
[   68.559384][ T4319] Kernel Offset: disabled
[   68.563719][ T4319] Rebooting in 86400 seconds..