Warning: Permanently added '10.128.1.178' (ED25519) to the list of known hosts.
2025/09/09 03:59:34 parsed 1 programs
[   78.390109][ T5874] cgroup: Unknown subsys name 'net'
[   78.557465][ T5874] cgroup: Unknown subsys name 'cpuset'
[   78.566822][ T5874] cgroup: Unknown subsys name 'rlimit'
[   80.021376][ T5874] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   82.964751][ T5888] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   83.234287][ T5893] chnl_net:caif_netlink_parms(): no params data found
[   83.315450][ T5893] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.323558][ T5893] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.331047][ T5893] bridge_slave_0: entered allmulticast mode
[   83.338656][ T5893] bridge_slave_0: entered promiscuous mode
[   83.348102][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.356137][ T5893] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.363348][ T5893] bridge_slave_1: entered allmulticast mode
[   83.370939][ T5893] bridge_slave_1: entered promiscuous mode
[   83.406107][ T5893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.417480][ T5893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.450173][ T5893] team0: Port device team_slave_0 added
[   83.458913][ T5893] team0: Port device team_slave_1 added
[   83.491058][ T5893] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.498383][ T5893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.527662][ T5893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.540553][ T5893] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.547697][ T5893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.573703][ T5893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.613912][ T5893] hsr_slave_0: entered promiscuous mode
[   83.620205][ T5893] hsr_slave_1: entered promiscuous mode
[   83.751285][ T5893] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   83.764765][ T5893] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   83.775164][ T5893] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   83.785930][ T5893] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   83.819006][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.826605][ T5893] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.834808][ T5893] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.842387][ T5893] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.898244][ T5893] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.916820][ T1004] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.926829][ T1004] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.942806][ T5893] 8021q: adding VLAN 0 to HW filter on device team0
[   83.957038][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.964315][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.989686][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.996837][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.147455][ T5893] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.191299][ T5893] veth0_vlan: entered promiscuous mode
[   84.202089][ T5893] veth1_vlan: entered promiscuous mode
[   84.230880][ T5893] veth0_macvtap: entered promiscuous mode
[   84.240623][ T5893] veth1_macvtap: entered promiscuous mode
[   84.258687][ T5893] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.272992][ T5893] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.293009][ T1150] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.302892][ T1150] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.312942][ T1150] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.327098][ T1150] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.437470][ T1004] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.506778][ T1004] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.590881][ T1004] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.675196][ T1004] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.739116][ T1155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.747288][ T1155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.779128][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.788221][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.721649][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   85.734632][ T5944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   85.742930][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   85.753903][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   85.762216][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.928167][  T920] cfg80211: failed to load regulatory.db
[   87.196649][ T1004] bridge_slave_1: left allmulticast mode
[   87.202435][ T1004] bridge_slave_1: left promiscuous mode
[   87.215939][ T1004] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.228733][ T1004] bridge_slave_0: left allmulticast mode
[   87.235774][ T1004] bridge_slave_0: left promiscuous mode
[   87.242090][ T1004] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.527593][ T1004] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   87.538907][ T1004] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   87.549645][ T1004] bond0 (unregistering): Released all slaves
[   87.657008][ T1004] hsr_slave_0: left promiscuous mode
[   87.681563][ T1004] hsr_slave_1: left promiscuous mode
[   87.700232][ T1004] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.723903][ T1004] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.743098][ T1004] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.764032][ T1004] batman_adv: batadv0: Removing interface: batadv_slave_1
[   87.787629][ T1004] veth1_macvtap: left promiscuous mode
[   87.801000][ T1004] veth0_macvtap: left promiscuous mode
[   87.812296][ T1004] veth1_vlan: left promiscuous mode
[   87.818928][ T1004] veth0_vlan: left promiscuous mode
2025/09/09 03:59:46 executed programs: 0
[   88.441498][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   88.455331][ T5944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   88.466841][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   88.477449][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   88.486522][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.570851][ T1004] team0 (unregistering): Port device team_slave_1 removed
[   88.598948][ T1004] team0 (unregistering): Port device team_slave_0 removed
[   89.180810][ T5999] chnl_net:caif_netlink_parms(): no params data found
[   89.345600][ T5999] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.352831][ T5999] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.361055][ T5999] bridge_slave_0: entered allmulticast mode
[   89.372326][ T5999] bridge_slave_0: entered promiscuous mode
[   89.381810][ T5999] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.389190][ T5999] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.396667][ T5999] bridge_slave_1: entered allmulticast mode
[   89.403985][ T5999] bridge_slave_1: entered promiscuous mode
[   89.770774][ T5999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.786606][ T5999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.852940][ T5999] team0: Port device team_slave_0 added
[   89.861573][ T5999] team0: Port device team_slave_1 added
[   89.933303][ T5999] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.952340][ T5999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.982776][ T5999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.996796][ T5999] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.007138][ T5999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.037579][ T5999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.270612][ T5999] hsr_slave_0: entered promiscuous mode
[   90.291275][ T5999] hsr_slave_1: entered promiscuous mode
[   90.526698][ T5190] Bluetooth: hci0: command tx timeout
[   91.069628][ T5999] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.084209][ T5999] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.096923][ T5999] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.109359][ T5999] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.233431][ T5999] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.262712][ T5999] 8021q: adding VLAN 0 to HW filter on device team0
[   91.281184][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.288586][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.306315][ T1004] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.313775][ T1004] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.571849][ T5999] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.646916][ T5999] veth0_vlan: entered promiscuous mode
[   91.662180][ T5999] veth1_vlan: entered promiscuous mode
[   91.702151][ T5999] veth0_macvtap: entered promiscuous mode
[   91.715380][ T5999] veth1_macvtap: entered promiscuous mode
[   91.742254][ T5999] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.761737][ T5999] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.779215][ T1004] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.798040][ T1004] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.808612][ T1004] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.828726][ T1004] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.910526][ T1004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.935589][ T1004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.979885][ T3524] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.990585][ T3524] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.061571][ T6079] syz.0.17 uses obsolete (PF_INET,SOCK_PACKET)
[   92.073009][ T6079] ==================================================================
[   92.081111][ T6079] BUG: KASAN: slab-use-after-free in napi_gro_frags+0x6e/0x1030
[   92.088906][ T6079] Read of size 8 at addr ffff88802ef22c18 by task syz.0.17/6079
[   92.096677][ T6079] 
[   92.099060][ T6079] CPU: 0 UID: 0 PID: 6079 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   92.099088][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   92.099107][ T6079] Call Trace:
[   92.099114][ T6079]  <TASK>
[   92.099123][ T6079]  dump_stack_lvl+0x189/0x250
[   92.099145][ T6079]  ? rcu_is_watching+0x15/0xb0
[   92.099161][ T6079]  ? __kasan_check_byte+0x12/0x40
[   92.099183][ T6079]  ? __pfx_dump_stack_lvl+0x10/0x10
[   92.099200][ T6079]  ? rcu_is_watching+0x15/0xb0
[   92.099216][ T6079]  ? lock_release+0x4b/0x3e0
[   92.099240][ T6079]  ? __virt_addr_valid+0x1c8/0x5c0
[   92.099260][ T6079]  ? __virt_addr_valid+0x4a5/0x5c0
[   92.099280][ T6079]  print_report+0xca/0x240
[   92.099296][ T6079]  ? napi_gro_frags+0x6e/0x1030
[   92.099312][ T6079]  kasan_report+0x118/0x150
[   92.099334][ T6079]  ? napi_gro_frags+0x6e/0x1030
[   92.099352][ T6079]  ? tun_get_user+0x266c/0x3e20
[   92.099370][ T6079]  napi_gro_frags+0x6e/0x1030
[   92.099385][ T6079]  ? __pfx_napi_schedule_prep+0x10/0x10
[   92.099411][ T6079]  ? tun_get_user+0x266c/0x3e20
[   92.099426][ T6079]  tun_get_user+0x28cb/0x3e20
[   92.099448][ T6079]  ? tun_get_user+0x266c/0x3e20
[   92.099466][ T6079]  ? aa_file_perm+0x44d/0x1550
[   92.099484][ T6079]  ? __pfx_tun_get_user+0x10/0x10
[   92.099501][ T6079]  ? __lock_acquire+0xab9/0xd20
[   92.099527][ T6079]  ? ref_tracker_alloc+0x318/0x460
[   92.099547][ T6079]  ? __lock_acquire+0xab9/0xd20
[   92.099569][ T6079]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   92.099592][ T6079]  ? tun_get+0x1c/0x2f0
[   92.099610][ T6079]  ? tun_get+0x1c/0x2f0
[   92.099625][ T6079]  ? tun_get+0x1c/0x2f0
[   92.099642][ T6079]  tun_chr_write_iter+0x113/0x200
[   92.099660][ T6079]  vfs_write+0x5c9/0xb30
[   92.099682][ T6079]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   92.099699][ T6079]  ? __pfx_vfs_write+0x10/0x10
[   92.099719][ T6079]  ? __pfx_do_futex+0x10/0x10
[   92.099745][ T6079]  ksys_write+0x145/0x250
[   92.099766][ T6079]  ? __pfx_ksys_write+0x10/0x10
[   92.099787][ T6079]  ? do_syscall_64+0xbe/0x3b0
[   92.099807][ T6079]  do_syscall_64+0xfa/0x3b0
[   92.099823][ T6079]  ? lockdep_hardirqs_on+0x9c/0x150
[   92.099839][ T6079]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.099855][ T6079]  ? clear_bhb_loop+0x60/0xb0
[   92.099873][ T6079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.099889][ T6079] RIP: 0033:0x7f2f9b98ebe9
[   92.099910][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.099924][ T6079] RSP: 002b:00007fffe90190e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   92.099946][ T6079] RAX: ffffffffffffffda RBX: 00007f2f9bbc5fa0 RCX: 00007f2f9b98ebe9
[   92.099959][ T6079] RDX: 000000000000004b RSI: 0000200000000340 RDI: 0000000000000003
[   92.099970][ T6079] RBP: 00007f2f9ba11e19 R08: 0000000000000000 R09: 0000000000000000
[   92.099980][ T6079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.099990][ T6079] R13: 00007f2f9bbc5fa0 R14: 00007f2f9bbc5fa0 R15: 0000000000000003
[   92.100009][ T6079]  </TASK>
[   92.100016][ T6079] 
[   92.401643][ T6079] Allocated by task 6079:
[   92.405980][ T6079]  kasan_save_track+0x3e/0x80
[   92.410670][ T6079]  __kasan_mempool_unpoison_object+0xa0/0x170
[   92.416835][ T6079]  napi_skb_cache_get+0x37b/0x6d0
[   92.421869][ T6079]  __alloc_skb+0x11e/0x2d0
[   92.426289][ T6079]  napi_alloc_skb+0x84/0x7d0
[   92.430887][ T6079]  napi_get_frags+0x69/0x140
[   92.435483][ T6079]  tun_get_user+0x77c/0x3e20
[   92.440075][ T6079]  tun_chr_write_iter+0x113/0x200
[   92.445099][ T6079]  vfs_write+0x5c9/0xb30
[   92.449352][ T6079]  ksys_write+0x145/0x250
[   92.453778][ T6079]  do_syscall_64+0xfa/0x3b0
[   92.458296][ T6079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.464189][ T6079] 
[   92.466511][ T6079] Freed by task 6079:
[   92.470490][ T6079]  kasan_save_track+0x3e/0x80
[   92.475192][ T6079]  kasan_save_free_info+0x46/0x50
[   92.480222][ T6079]  __kasan_slab_free+0x5b/0x80
[   92.485080][ T6079]  kmem_cache_free+0x18f/0x400
[   92.489852][ T6079]  skb_pp_cow_data+0xdd8/0x13e0
[   92.494712][ T6079]  do_xdp_generic+0x699/0x11a0
[   92.499493][ T6079]  tun_get_user+0x2523/0x3e20
[   92.504264][ T6079]  tun_chr_write_iter+0x113/0x200
[   92.509292][ T6079]  vfs_write+0x5c9/0xb30
[   92.513541][ T6079]  ksys_write+0x145/0x250
[   92.517880][ T6079]  do_syscall_64+0xfa/0x3b0
[   92.522482][ T6079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.528421][ T6079] 
[   92.530756][ T6079] The buggy address belongs to the object at ffff88802ef22b40
[   92.530756][ T6079]  which belongs to the cache skbuff_head_cache of size 240
[   92.545346][ T6079] The buggy address is located 216 bytes inside of
[   92.545346][ T6079]  freed 240-byte region [ffff88802ef22b40, ffff88802ef22c30)
[   92.559166][ T6079] 
[   92.561490][ T6079] The buggy address belongs to the physical page:
[   92.567922][ T6079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ef22
[   92.576697][ T6079] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   92.583817][ T6079] page_type: f5(slab)
[   92.587795][ T6079] raw: 00fff00000000000 ffff88801e29ca00 ffffea0000a31b80 dead000000000004
[   92.596450][ T6079] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[   92.605021][ T6079] page dumped because: kasan: bad access detected
[   92.611434][ T6079] page_owner tracks the page as allocated
[   92.617133][ T6079] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 19816261324, free_ts 18915708978
[   92.635615][ T6079]  post_alloc_hook+0x240/0x2a0
[   92.640380][ T6079]  get_page_from_freelist+0x21e4/0x22c0
[   92.645911][ T6079]  __alloc_frozen_pages_noprof+0x181/0x370
[   92.651701][ T6079]  alloc_pages_mpol+0x232/0x4a0
[   92.656562][ T6079]  allocate_slab+0x8a/0x370
[   92.661049][ T6079]  ___slab_alloc+0xbeb/0x1420
[   92.665976][ T6079]  kmem_cache_alloc_node_noprof+0x280/0x3c0
[   92.671896][ T6079]  __alloc_skb+0x112/0x2d0
[   92.676297][ T6079]  rtmsg_ifinfo_build_skb+0x84/0x260
[   92.681569][ T6079]  rtmsg_ifinfo+0x8c/0x1a0
[   92.685972][ T6079]  register_netdevice+0x1712/0x1ae0
[   92.691157][ T6079]  register_netdev+0x40/0x60
[   92.695745][ T6079]  nr_proto_init+0x145/0x710
[   92.700432][ T6079]  do_one_initcall+0x233/0x820
[   92.705275][ T6079]  do_initcall_level+0x104/0x190
[   92.710221][ T6079]  do_initcalls+0x59/0xa0
[   92.714563][ T6079] page last free pid 920 tgid 920 stack trace:
[   92.720736][ T6079]  __free_frozen_pages+0xbc4/0xd30
[   92.725946][ T6079]  vfree+0x25a/0x400
[   92.729849][ T6079]  delayed_vfree_work+0x55/0x80
[   92.734696][ T6079]  process_scheduled_works+0xae1/0x17b0
[   92.740228][ T6079]  worker_thread+0x8a0/0xda0
[   92.744822][ T6079]  kthread+0x70e/0x8a0
[   92.748873][ T6079]  ret_from_fork+0x3fc/0x770
[   92.753447][ T6079]  ret_from_fork_asm+0x1a/0x30
[   92.758986][ T6079] 
[   92.761300][ T6079] Memory state around the buggy address:
[   92.766911][ T6079]  ffff88802ef22b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   92.774953][ T6079]  ffff88802ef22b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   92.782998][ T6079] >ffff88802ef22c00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[   92.791041][ T6079]                             ^
[   92.795868][ T6079]  ffff88802ef22c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   92.803925][ T6079]  ffff88802ef22d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[   92.811961][ T6079] ==================================================================
[   92.820161][ T6079] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   92.827392][ T6079] CPU: 0 UID: 0 PID: 6079 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   92.836506][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   92.846570][ T6079] Call Trace:
[   92.849872][ T6079]  <TASK>
[   92.852816][ T6079]  dump_stack_lvl+0x99/0x250
[   92.857426][ T6079]  ? __asan_memcpy+0x40/0x70
[   92.862039][ T6079]  ? __pfx_dump_stack_lvl+0x10/0x10
[   92.867247][ T6079]  ? __pfx__printk+0x10/0x10
[   92.871909][ T6079]  vpanic+0x281/0x750
[   92.875905][ T6079]  ? __pfx_vpanic+0x10/0x10
[   92.880417][ T6079]  ? irqentry_exit+0x74/0x90
[   92.885035][ T6079]  panic+0xb9/0xc0
[   92.889374][ T6079]  ? __pfx_panic+0x10/0x10
[   92.893902][ T6079]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[   92.899812][ T6079]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   92.905902][ T6079]  ? napi_gro_frags+0x6e/0x1030
[   92.910761][ T6079]  check_panic_on_warn+0x89/0xb0
[   92.915745][ T6079]  ? napi_gro_frags+0x6e/0x1030
[   92.920607][ T6079]  end_report+0x78/0x160
[   92.924866][ T6079]  kasan_report+0x129/0x150
[   92.929380][ T6079]  ? napi_gro_frags+0x6e/0x1030
[   92.934243][ T6079]  ? tun_get_user+0x266c/0x3e20
[   92.939110][ T6079]  napi_gro_frags+0x6e/0x1030
[   92.943971][ T6079]  ? __pfx_napi_schedule_prep+0x10/0x10
[   92.949541][ T6079]  ? tun_get_user+0x266c/0x3e20
[   92.954404][ T6079]  tun_get_user+0x28cb/0x3e20
[   92.959092][ T6079]  ? tun_get_user+0x266c/0x3e20
[   92.963960][ T6079]  ? aa_file_perm+0x44d/0x1550
[   92.968784][ T6079]  ? __pfx_tun_get_user+0x10/0x10
[   92.973922][ T6079]  ? __lock_acquire+0xab9/0xd20
[   92.979231][ T6079]  ? ref_tracker_alloc+0x318/0x460
[   92.984355][ T6079]  ? __lock_acquire+0xab9/0xd20
[   92.989242][ T6079]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   92.994983][ T6079]  ? tun_get+0x1c/0x2f0
[   92.999248][ T6079]  ? tun_get+0x1c/0x2f0
[   93.003425][ T6079]  ? tun_get+0x1c/0x2f0
[   93.007589][ T6079]  tun_chr_write_iter+0x113/0x200
[   93.012725][ T6079]  vfs_write+0x5c9/0xb30
[   93.017432][ T6079]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   93.023084][ T6079]  ? __pfx_vfs_write+0x10/0x10
[   93.027900][ T6079]  ? __pfx_do_futex+0x10/0x10
[   93.032680][ T6079]  ksys_write+0x145/0x250
[   93.037022][ T6079]  ? __pfx_ksys_write+0x10/0x10
[   93.041910][ T6079]  ? do_syscall_64+0xbe/0x3b0
[   93.046595][ T6079]  do_syscall_64+0xfa/0x3b0
[   93.051108][ T6079]  ? lockdep_hardirqs_on+0x9c/0x150
[   93.056401][ T6079]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.062478][ T6079]  ? clear_bhb_loop+0x60/0xb0
[   93.067165][ T6079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.073069][ T6079] RIP: 0033:0x7f2f9b98ebe9
[   93.077497][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.097192][ T6079] RSP: 002b:00007fffe90190e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   93.105618][ T6079] RAX: ffffffffffffffda RBX: 00007f2f9bbc5fa0 RCX: 00007f2f9b98ebe9
[   93.113600][ T6079] RDX: 000000000000004b RSI: 0000200000000340 RDI: 0000000000000003
[   93.121585][ T6079] RBP: 00007f2f9ba11e19 R08: 0000000000000000 R09: 0000000000000000
[   93.129625][ T6079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   93.137609][ T6079] R13: 00007f2f9bbc5fa0 R14: 00007f2f9bbc5fa0 R15: 0000000000000003
[   93.145600][ T6079]  </TASK>
[   93.149006][ T6079] Kernel Offset: disabled
[   93.153322][ T6079] Rebooting in 86400 seconds..