ci2 starts bisection 2023-11-11 21:47:50.938166344 +0000 UTC m=+40230.714547033
bisecting cause commit starting from 48c6c901fe0e68e176029738d829e0d01eabb0b2
building syzkaller on d80eec66c939240cfc674221138f637197659116
ensuring issue is reproducible on original commit 48c6c901fe0e68e176029738d829e0d01eabb0b2

testing commit 48c6c901fe0e68e176029738d829e0d01eabb0b2 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 9564b16264000962d42a27f1e65e67022fc1f4f95cb569d928ce578f02c4bd31
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #9: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #10: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #11: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #12: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #13: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #14: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #15: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #16: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #17: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #18: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #19: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
check whether we can drop unnecessary instrumentation
disabling configs for [UBSAN BUG LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed
testing commit 48c6c901fe0e68e176029738d829e0d01eabb0b2 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 419095b477b2b1e4ff68e51e169915a14b4c7a25c969c0a294fc606ba1b41982
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #9: crashed: KASAN: use-after-free Read in __skb_datagram_iter
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
the bug reproduces without the instrumentation
disabling configs for [UBSAN BUG LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed
kconfig minimization: base=5179 full=6485 leaves diff=250
split chunks (needed=false): <250>
split chunk #0 of len 250 into 5 parts
testing without sub-chunk 1/5
disabling configs for [BUG LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit 48c6c901fe0e68e176029738d829e0d01eabb0b2 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: a1a5c03af3943a3cf44c286adfd0b99656174921d6a646d5e764f6829349922e
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG LOCKDEP], they are not needed
testing commit 48c6c901fe0e68e176029738d829e0d01eabb0b2 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 68e3002c1c80278043a0722d2c966f7b2ee37ecdd4ad3307313d8b1a15118365
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in __skb_datagram_iter
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [UBSAN BUG LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed
testing commit 48c6c901fe0e68e176029738d829e0d01eabb0b2 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 06636984485b09a6295037808f27240abbb0548360bd2baf7acf488c9a0118b1
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [BUG LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit 48c6c901fe0e68e176029738d829e0d01eabb0b2 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ceb664977597bbe6d2ee3934d7b40247130cbedc60cdd8b9172c99e75154ef2b
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [HANG LEAK UBSAN BUG LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit 48c6c901fe0e68e176029738d829e0d01eabb0b2 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
failed building 48c6c901fe0e68e176029738d829e0d01eabb0b2: net/socket.c:1225: undefined reference to `wext_handle_ioctl'
net/socket.c:3420: undefined reference to `compat_wext_handle_ioctl'
net/core/net-procfs.c:329: undefined reference to `wext_proc_init'
net/core/net-procfs.c:345: undefined reference to `wext_proc_exit'
minimized to 50 configs; suspects: [HID_ZEROPLUS USB_NET_CDC_MBIM USB_NET_CDC_SUBSET USB_NET_CDC_SUBSET_ENABLE USB_NET_DM9601 USB_NET_GL620A USB_NET_MCS7830 USB_NET_NET1080 USB_NET_PLUSB USB_NET_RNDIS_HOST USB_NET_SMSC75XX USB_NET_SMSC95XX USB_NET_SR9700 USB_NET_SR9800 USB_NET_ZAURUS USB_OHCI_HCD USB_OHCI_HCD_PCI USB_OHCI_HCD_PLATFORM USB_OTG USB_OTG_FSM USB_PRINTER USB_SERIAL_GENERIC USB_SERIAL_PL2303 USB_STORAGE_ALAUDA USB_STORAGE_CYPRESS_ATACB USB_STORAGE_DATAFAB USB_STORAGE_FREECOM USB_STORAGE_ISD200 USB_STORAGE_JUMPSHOT USB_STORAGE_KARMA USB_STORAGE_ONETOUCH USB_STORAGE_SDDR09 USB_STORAGE_SDDR55 USB_STORAGE_USBAT USB_TRANCEVIBRATOR USB_U_AUDIO USB_U_ETHER USB_U_SERIAL USB_WDM WLAN WLAN_VENDOR_ATH WLAN_VENDOR_ATMEL WLAN_VENDOR_BROADCOM WLAN_VENDOR_INTERSIL WLAN_VENDOR_MARVELL WLAN_VENDOR_MEDIATEK WLAN_VENDOR_MICROCHIP WLAN_VENDOR_PURELIFI WLAN_VENDOR_RALINK WLAN_VENDOR_REALTEK WLAN_VENDOR_RSI WLAN_VENDOR_SILABS WLAN_VENDOR_ZYDAS X86_X32_ABI ZEROPLUS_FF]
disabling configs for [BUG LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
picked [v6.1.43 v6.1.42 v6.1.22 v6.1 v6.0 v5.19 v5.17 v5.15 v5.13 v5.11 v5.9 v5.6 v5.3 v5.0 v4.19] out of 67 release tags
testing release v6.1.43
testing commit 52a953d0934b17a88f403b4135eb3cdf83d19f91 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: c5c5f2aaff4dd957e97839f914766593cdf39a8045556158395c4f34087c9815
all runs: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
testing release v6.1.42
testing commit d2a6dc4eaf6d50ba32a9b39b4c6ec713a92072ab gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: f8298518219f572936f2853f580673bc5c9d6093915d6dd20527410e91edf6db
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
testing release v6.1.22
testing commit 3b29299e5f604550faf3eff811d6cd60b4c6cae6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 7f85af7bb697ba8491d0cfadf1dd0fc177e07fb50e7635b25b6d7ba9b86a23ed
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
testing release v6.1
testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3271da91f9d6795816d2536771b16c82544bdd0afae79faafdfd066a071be82c
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in __skb_datagram_iter
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
testing release v6.0
testing commit 4fe89d07dcc2804c8b562f6c7896a45643d34b2f gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 941e4942c656de04c4fa9b852902a1679746583e9077ecacc5ed021b2052fb97
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
testing release v5.19
testing commit 3d7cb6b04c3f3115719235cc6866b10326de34cd gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 7bb6defdef1f0068d547b8c3db99d1fb16c52f7b2732b7d94c454efe2c0b9527
run #0: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in __skb_datagram_iter, types: [KASAN]
testing release v5.17
testing commit f443e374ae131c168a065ea1748feac6b2e76613 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 0b361835d039617e9bb79cf7cb5d86d21975a5a822fb0f51a80495fed6b6396c
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #9: crashed: KASAN: use-after-free Read in __skb_datagram_iter
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
testing release v5.15
testing commit 8bb7eca972ad531c9b149c0a51ab43a417385813 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 09ac1e7e174a746150916795b64a1b9d56f7392e1e2b6de0ae4ea63d46f15673
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
testing release v5.13
testing commit 62fb9874f5da54fdb243003b386128037319b219 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ed0bee9e313f7fb3fbf10594355e590253b852d9daa94147de9a53e65b207a60
all runs: OK
false negative chance: 0.000
# git bisect start 8bb7eca972ad531c9b149c0a51ab43a417385813 62fb9874f5da54fdb243003b386128037319b219
Bisecting: 14658 revisions left to test after this (roughly 14 steps)
[d20e5880fe9df149a9159673d9fec57aab43ac61] Merge tag 'linux-can-next-for-5.15-20210725' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next

testing commit d20e5880fe9df149a9159673d9fec57aab43ac61 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ce7ae2e09e78d0dc12afad13154377587acd91f9d4d8bf1d76342d7970196fd1
all runs: OK
false negative chance: 0.000
# git bisect good d20e5880fe9df149a9159673d9fec57aab43ac61
Bisecting: 6693 revisions left to test after this (roughly 13 steps)
[477f70cd2a67904e04c2c2b9bd0fa2e95222f2f6] Merge tag 'drm-next-2021-08-31-1' of git://anongit.freedesktop.org/drm/drm

testing commit 477f70cd2a67904e04c2c2b9bd0fa2e95222f2f6 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3bb42dcf1c9b602236af104667532513addde67393211b3e092363f7f1c916ac
run #0: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in __skb_datagram_iter, types: [KASAN]
# git bisect bad 477f70cd2a67904e04c2c2b9bd0fa2e95222f2f6
Bisecting: 4611 revisions left to test after this (roughly 12 steps)
[86ac54e79fe09b34c52691a780a6e31d12fa57f4] Merge branch 'for-5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq

testing commit 86ac54e79fe09b34c52691a780a6e31d12fa57f4 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
failed building 86ac54e79fe09b34c52691a780a6e31d12fa57f4: scripts/extract-cert.c:46:9: warning: 'ERR_get_error_line' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
scripts/extract-cert.c:59:9: warning: 'ERR_get_error_line' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
scripts/sign-file.c:89:9: warning: 'ERR_get_error_line' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
scripts/sign-file.c:102:9: warning: 'ERR_get_error_line' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
arch/x86/kernel/setup.c:916:6: error: implicit declaration of function 'acpi_mps_check' [-Werror=implicit-function-declaration]
arch/x86/kernel/setup.c:1110:2: error: implicit declaration of function 'acpi_table_upgrade' [-Werror=implicit-function-declaration]
arch/x86/kernel/setup.c:1112:2: error: implicit declaration of function 'acpi_boot_table_init' [-Werror=implicit-function-declaration]
arch/x86/kernel/setup.c:1120:2: error: implicit declaration of function 'early_acpi_boot_init'; did you mean 'early_cpu_init'? [-Werror=implicit-function-declaration]
arch/x86/kernel/setup.c:1162:2: error: implicit declaration of function 'acpi_boot_init' [-Werror=implicit-function-declaration]
# git bisect skip 86ac54e79fe09b34c52691a780a6e31d12fa57f4
Bisecting: 4611 revisions left to test after this (roughly 12 steps)
[424f2b2e263e851cc4a470faaaeb46b70d703876] drm/amdgpu: correct MMSCH 1.0 version

testing commit 424f2b2e263e851cc4a470faaaeb46b70d703876 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 1de1b0fd8bd1239dfc0452281cce887c36c2a478993bbac20ddff2b36cf7d2fc
all runs: OK
false negative chance: 0.000
# git bisect good 424f2b2e263e851cc4a470faaaeb46b70d703876
Bisecting: 3856 revisions left to test after this (roughly 12 steps)
[dc2408d86e5ae88ec981e1315f95b7d4d15169fe] drm/i915/gem: Remove duplicated call to ops->pread

testing commit dc2408d86e5ae88ec981e1315f95b7d4d15169fe gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: b6175d18c6563979969d673dd3fb452b6165722e8bef4cc300a60b743a4439b4
all runs: OK
false negative chance: 0.000
# git bisect good dc2408d86e5ae88ec981e1315f95b7d4d15169fe
Bisecting: 3842 revisions left to test after this (roughly 12 steps)
[d6be5d0ad304e81d4719ee47c429493aab033e38] s390/smp: do not use nodat_stack for secondary CPU start

testing commit d6be5d0ad304e81d4719ee47c429493aab033e38 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 01593e8164e1a00bf2f192b673d957633d4f76bba6517659b4ac6f36ea5f9e99
all runs: OK
false negative chance: 0.000
# git bisect good d6be5d0ad304e81d4719ee47c429493aab033e38
Bisecting: 3842 revisions left to test after this (roughly 12 steps)
[7d1e6f16390443595ab8e25139ecc4f27b8802df] selftests: mptcp: add testcase for active-back

testing commit 7d1e6f16390443595ab8e25139ecc4f27b8802df gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 5fa0e9eb1546525a9c335676dd89f6a09de9658044f157bdc65017ad0cf7c737
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
# git bisect bad 7d1e6f16390443595ab8e25139ecc4f27b8802df
Bisecting: 748 revisions left to test after this (roughly 10 steps)
[23809a726c0d004b9d2474333181f8da07360469] netdevsim: Forbid devlink reload when adding or deleting ports

testing commit 23809a726c0d004b9d2474333181f8da07360469 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 05032d14daed455debdb19e33fa3ff9fd5601a113162b10c9e986c080b4bbddd
all runs: OK
false negative chance: 0.000
# git bisect good 23809a726c0d004b9d2474333181f8da07360469
Bisecting: 377 revisions left to test after this (roughly 9 steps)
[1746f4db513563bb22e0ba0c419d0c90912dfae1] Merge tag 'orphans-v5.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

testing commit 1746f4db513563bb22e0ba0c419d0c90912dfae1 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ab423258e70ff3e3dfef243b0827dadb0ceec71f7406eb80cd281c08635c8da0
all runs: OK
false negative chance: 0.000
# git bisect good 1746f4db513563bb22e0ba0c419d0c90912dfae1
Bisecting: 186 revisions left to test after this (roughly 8 steps)
[bed5a942e27e1df67250e27e1f2eb5ea2d4cc362] Merge tag 'mlx5-updates-2021-08-11' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux

testing commit bed5a942e27e1df67250e27e1f2eb5ea2d4cc362 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 44bb40e25e6b24c729f23e49d32a23dbf6e8828e80202a57c316295db661db57
all runs: OK
false negative chance: 0.000
# git bisect good bed5a942e27e1df67250e27e1f2eb5ea2d4cc362
Bisecting: 93 revisions left to test after this (roughly 7 steps)
[700fa08da43edb0af3e6a513f0255443e96088e8] net: dsa: sja1105: unregister the MDIO buses during teardown

testing commit 700fa08da43edb0af3e6a513f0255443e96088e8 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: b352d1edb5e9bb2047ca639e497565a3cfc5759c78d97eda7133971d8c03a67e
all runs: OK
false negative chance: 0.000
# git bisect good 700fa08da43edb0af3e6a513f0255443e96088e8
Bisecting: 57 revisions left to test after this (roughly 6 steps)
[f8fbb47c6e86c0b75f8df864db702c3e3f757361] Merge branch 'for-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

testing commit f8fbb47c6e86c0b75f8df864db702c3e3f757361 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: bd005cfde44cd9da6e7d85c2442f991639e67565d3ad604e2339283aa1834b94
all runs: OK
false negative chance: 0.000
# git bisect good f8fbb47c6e86c0b75f8df864db702c3e3f757361
Bisecting: 31 revisions left to test after this (roughly 5 steps)
[3a03c67de276a6abb412771311f93a73e192b615] Merge tag 'ceph-for-5.14-rc6' of git://github.com/ceph/ceph-client

testing commit 3a03c67de276a6abb412771311f93a73e192b615 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 255ecf7d9c38c1622c069df93d76c9970131f6f679fb6a31dc324e7fe884cc75
all runs: OK
false negative chance: 0.000
# git bisect good 3a03c67de276a6abb412771311f93a73e192b615
Bisecting: 15 revisions left to test after this (roughly 4 steps)
[b7cdc9658ac860f0dff55bf2d6f6fc27ce17a0fa] net: fec: add WoL support for i.MX8MQ

testing commit b7cdc9658ac860f0dff55bf2d6f6fc27ce17a0fa gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: bb5a9655c872756f27875ecfad7b73b238049d00f02362d8e43bfdbf13ad6ef3
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
# git bisect bad b7cdc9658ac860f0dff55bf2d6f6fc27ce17a0fa
Bisecting: 8 revisions left to test after this (roughly 3 steps)
[f8e6dfc64f6135d1b6c5215c14cd30b9b60a0008] Merge tag 'net-5.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit f8e6dfc64f6135d1b6c5215c14cd30b9b60a0008 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 631f1997583c6e80917e6b7c78c28a22343004fd8a44feb9c1a571476f5c2805
all runs: OK
false negative chance: 0.000
# git bisect good f8e6dfc64f6135d1b6c5215c14cd30b9b60a0008
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[39a0876d595bd7c7512782dfcce0ee66f65bf221] net, bonding: Disallow vlan+srcmac with XDP

testing commit 39a0876d595bd7c7512782dfcce0ee66f65bf221 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ec85578edae716a5a5e3c806e4d5025151446427e1e6126bac143003e936f65c
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #2: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
# git bisect bad 39a0876d595bd7c7512782dfcce0ee66f65bf221
Bisecting: 2 revisions left to test after this (roughly 1 step)
[b769cf44ed55f4b277b89cf53df6092f0c9082d0] dt-bindings: net: qcom,ipa: make imem interconnect optional

testing commit b769cf44ed55f4b277b89cf53df6092f0c9082d0 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 559fcadb6e62627cdea693642a0903b0da6d88a03e0806e6909c065373cf40d6
all runs: OK
false negative chance: 0.000
# git bisect good b769cf44ed55f4b277b89cf53df6092f0c9082d0
Bisecting: 0 revisions left to test after this (roughly 1 step)
[876c14ad014d0e39c57cbfde53e13d17cdb6d645] af_unix: fix holding spinlock in oob handling

testing commit 876c14ad014d0e39c57cbfde53e13d17cdb6d645 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 636e64c6443935b0ae0ad1dc2d7036ba9aa9c64a44ae6f4a6be2ba62fef24f85
run #0: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #1: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #2: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #3: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #4: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #5: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #6: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #7: crashed: KASAN: use-after-free Read in __skb_datagram_iter
run #8: crashed: KASAN: use-after-free Read in unix_stream_read_actor
run #9: crashed: KASAN: use-after-free Read in unix_stream_read_actor
representative crash: KASAN: use-after-free Read in unix_stream_read_actor, types: [KASAN]
# git bisect bad 876c14ad014d0e39c57cbfde53e13d17cdb6d645
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[f4083a752a3b7dc2076432129c8469d02c25318e] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit f4083a752a3b7dc2076432129c8469d02c25318e gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 5414a21425bb09b96a48617300a2522669d199a4dc5e90a5be285fb628cf5b75
all runs: OK
false negative chance: 0.000
# git bisect good f4083a752a3b7dc2076432129c8469d02c25318e
876c14ad014d0e39c57cbfde53e13d17cdb6d645 is the first bad commit
commit 876c14ad014d0e39c57cbfde53e13d17cdb6d645
Author: Rao Shoaib <rao.shoaib@oracle.com>
Date:   Wed Aug 11 15:06:52 2021 -0700

    af_unix: fix holding spinlock in oob handling
    
    syzkaller found that OOB code was holding spinlock
    while calling a function in which it could sleep.
    
    Reported-by: syzbot+8760ca6c1ee783ac4abd@syzkaller.appspotmail.com
    Fixes: 314001f0bf92 ("af_unix: Add OOB support")
    Signed-off-by: Rao Shoaib <rao.shoaib@oracle.com>
    Link: https://lore.kernel.org/r/20210811220652.567434-1-Rao.Shoaib@oracle.com
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>

 net/unix/af_unix.c | 36 ++++++++++++++++++++++++------------
 1 file changed, 24 insertions(+), 12 deletions(-)

accumulated error probability: 0.00
culprit signature: 636e64c6443935b0ae0ad1dc2d7036ba9aa9c64a44ae6f4a6be2ba62fef24f85
parent  signature: 5414a21425bb09b96a48617300a2522669d199a4dc5e90a5be285fb628cf5b75
revisions tested: 33, total time: 6h23m36.437488257s (build: 1h36m42.700626591s, test: 4h37m31.084105259s)
first bad commit: 876c14ad014d0e39c57cbfde53e13d17cdb6d645 af_unix: fix holding spinlock in oob handling
recipients (to): ["kuba@kernel.org" "rao.shoaib@oracle.com"]
recipients (cc): []
crash: KASAN: use-after-free Read in unix_stream_read_actor
==================================================================
BUG: KASAN: use-after-free in unix_stream_read_actor+0x87/0xb0 net/unix/af_unix.c:2713
Read of size 4 at addr ffff88812138eb84 by task syz-executor.0/510

CPU: 1 PID: 510 Comm: syz-executor.0 Not tainted 5.14.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x38/0x49 lib/dump_stack.c:105
 print_address_description.constprop.0+0x24/0x150 mm/kasan/report.c:233
 __kasan_report mm/kasan/report.c:419 [inline]
 kasan_report.cold+0x82/0xdb mm/kasan/report.c:436
 __asan_report_load4_noabort+0x14/0x20 mm/kasan/report_generic.c:308
 unix_stream_read_actor+0x87/0xb0 net/unix/af_unix.c:2713
 unix_stream_recv_urg net/unix/af_unix.c:2448 [inline]
 unix_stream_read_generic+0x1410/0x1d80 net/unix/af_unix.c:2519
 unix_stream_recvmsg+0x9d/0xd0 net/unix/af_unix.c:2729
 sock_recvmsg_nosec net/socket.c:944 [inline]
 sock_recvmsg net/socket.c:962 [inline]
 sock_recvmsg net/socket.c:958 [inline]
 ____sys_recvmsg+0x286/0x700 net/socket.c:2622
 ___sys_recvmsg+0x109/0x1d0 net/socket.c:2664
 __sys_recvmsg+0xc0/0x160 net/socket.c:2694
 __do_sys_recvmsg net/socket.c:2704 [inline]
 __se_sys_recvmsg net/socket.c:2701 [inline]
 __x64_sys_recvmsg+0x73/0xb0 net/socket.c:2701
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f40f980bae9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f40f934c0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
RAX: ffffffffffffffda RBX: 00007f40f992b120 RCX: 00007f40f980bae9
RDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004
RBP: 00007f40f985747a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007f40f992b120 R15: 00007ffcdebfc348

Allocated by task 509:
 kasan_save_stack+0x23/0x50 mm/kasan/common.c:38
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 __kasan_slab_alloc+0x8a/0xb0 mm/kasan/common.c:467
 kasan_slab_alloc include/linux/kasan.h:254 [inline]
 slab_post_alloc_hook mm/slab.h:519 [inline]
 slab_alloc_node mm/slub.c:2956 [inline]
 slab_alloc mm/slub.c:2964 [inline]
 kmem_cache_alloc+0x2f0/0x480 mm/slub.c:2969
 kmem_cache_alloc_node include/linux/slab.h:462 [inline]
 __alloc_skb+0x14b/0x250 net/core/skbuff.c:414
 alloc_skb include/linux/skbuff.h:1116 [inline]
 alloc_skb_with_frags+0x76/0x4a0 net/core/skbuff.c:6073
 sock_alloc_send_pskb+0x687/0x840 net/core/sock.c:2475
 sock_alloc_send_skb+0x13/0x20 net/core/sock.c:2492
 queue_oob net/unix/af_unix.c:1905 [inline]
 unix_stream_sendmsg+0x9f9/0xe20 net/unix/af_unix.c:2030
 sock_sendmsg_nosec net/socket.c:704 [inline]
 sock_sendmsg+0xb5/0xf0 net/socket.c:724
 ____sys_sendmsg+0x694/0x990 net/socket.c:2403
 ___sys_sendmsg+0xfc/0x190 net/socket.c:2457
 __sys_sendmsg+0xc3/0x160 net/socket.c:2486
 __do_sys_sendmsg net/socket.c:2495 [inline]
 __se_sys_sendmsg net/socket.c:2493 [inline]
 __x64_sys_sendmsg+0x73/0xb0 net/socket.c:2493
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Freed by task 509:
 kasan_save_stack+0x23/0x50 mm/kasan/common.c:38
 kasan_set_track+0x20/0x30 mm/kasan/common.c:46
 kasan_set_free_info+0x24/0x40 mm/kasan/generic.c:360
 ____kasan_slab_free mm/kasan/common.c:366 [inline]
 ____kasan_slab_free mm/kasan/common.c:328 [inline]
 __kasan_slab_free+0x10d/0x150 mm/kasan/common.c:374
 kasan_slab_free include/linux/kasan.h:230 [inline]
 slab_free_hook mm/slub.c:1625 [inline]
 slab_free_freelist_hook+0x8f/0x190 mm/slub.c:1650
 slab_free mm/slub.c:3210 [inline]
 kmem_cache_free+0xfa/0x3a0 mm/slub.c:3226
 kfree_skbmem+0x95/0x140 net/core/skbuff.c:699
 __kfree_skb net/core/skbuff.c:756 [inline]
 kfree_skb net/core/skbuff.c:773 [inline]
 kfree_skb+0xb1/0x1d0 net/core/skbuff.c:767
 queue_oob net/unix/af_unix.c:1924 [inline]
 unix_stream_sendmsg+0xaf2/0xe20 net/unix/af_unix.c:2030
 sock_sendmsg_nosec net/socket.c:704 [inline]
 sock_sendmsg+0xb5/0xf0 net/socket.c:724
 ____sys_sendmsg+0x694/0x990 net/socket.c:2403
 ___sys_sendmsg+0xfc/0x190 net/socket.c:2457
 __sys_sendmsg+0xc3/0x160 net/socket.c:2486
 __do_sys_sendmsg net/socket.c:2495 [inline]
 __se_sys_sendmsg net/socket.c:2493 [inline]
 __x64_sys_sendmsg+0x73/0xb0 net/socket.c:2493
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

The buggy address belongs to the object at ffff88812138eb40
 which belongs to the cache skbuff_head_cache of size 224
The buggy address is located 68 bytes inside of
 224-byte region [ffff88812138eb40, ffff88812138ec20)
The buggy address belongs to the page:
page:ffffea000484e380 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12138e
flags: 0x4000000000000200(slab|zone=1)
raw: 4000000000000200 0000000000000000 dead000000000122 ffff8881081c38c0
raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 509, ts 42713417511, free_ts 42655745407
 set_page_owner include/linux/page_owner.h:31 [inline]
 post_alloc_hook mm/page_alloc.c:2430 [inline]
 prep_new_page mm/page_alloc.c:2436 [inline]
 get_page_from_freelist+0x236f/0x32a0 mm/page_alloc.c:4169
 __alloc_pages+0x275/0x5b0 mm/page_alloc.c:5391
 __alloc_pages_node include/linux/gfp.h:570 [inline]
 alloc_pages_node include/linux/gfp.h:584 [inline]
 alloc_pages include/linux/gfp.h:597 [inline]
 alloc_slab_page mm/slub.c:1688 [inline]
 allocate_slab+0x330/0x480 mm/slub.c:1828
 new_slab mm/slub.c:1891 [inline]
 new_slab_objects mm/slub.c:2637 [inline]
 ___slab_alloc.constprop.0+0x2f9/0x700 mm/slub.c:2800
 __slab_alloc.constprop.0+0x3d/0x60 mm/slub.c:2840
 slab_alloc_node mm/slub.c:2922 [inline]
 slab_alloc mm/slub.c:2964 [inline]
 kmem_cache_alloc+0x447/0x480 mm/slub.c:2969
 kmem_cache_alloc_node include/linux/slab.h:462 [inline]
 __alloc_skb+0x14b/0x250 net/core/skbuff.c:414
 alloc_skb include/linux/skbuff.h:1116 [inline]
 alloc_skb_with_frags+0x76/0x4a0 net/core/skbuff.c:6073
 sock_alloc_send_pskb+0x687/0x840 net/core/sock.c:2475
 sock_alloc_send_skb+0x13/0x20 net/core/sock.c:2492
 queue_oob net/unix/af_unix.c:1905 [inline]
 unix_stream_sendmsg+0x9f9/0xe20 net/unix/af_unix.c:2030
 sock_sendmsg_nosec net/socket.c:704 [inline]
 sock_sendmsg+0xb5/0xf0 net/socket.c:724
 ____sys_sendmsg+0x694/0x990 net/socket.c:2403
 ___sys_sendmsg+0xfc/0x190 net/socket.c:2457
 __sys_sendmsg+0xc3/0x160 net/socket.c:2486
 __do_sys_sendmsg net/socket.c:2495 [inline]
 __se_sys_sendmsg net/socket.c:2493 [inline]
 __x64_sys_sendmsg+0x73/0xb0 net/socket.c:2493
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1346 [inline]
 free_pcp_prepare+0x19c/0x4a0 mm/page_alloc.c:1419
 free_unref_page_prepare mm/page_alloc.c:3332 [inline]
 free_unref_page+0x1c/0x200 mm/page_alloc.c:3411
 free_the_page mm/page_alloc.c:707 [inline]
 __free_pages+0xdc/0xf0 mm/page_alloc.c:5464
 __vunmap+0x4b2/0x7b0 mm/vmalloc.c:2587
 free_work+0x51/0x70 mm/vmalloc.c:82
 process_one_work+0x61d/0xe70 kernel/workqueue.c:2276
 worker_thread+0x48e/0xdb0 kernel/workqueue.c:2422
 kthread+0x324/0x3e0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295

Memory state around the buggy address:
 ffff88812138ea80: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
 ffff88812138eb00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
>ffff88812138eb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                   ^
 ffff88812138ec00: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
 ffff88812138ec80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================