Warning: Permanently added '10.128.1.186' (ED25519) to the list of known hosts.
2026/04/15 04:44:56 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[  112.469506][ T6198] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  116.900900][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.913995][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.943029][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.951173][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.373702][ T6261] chnl_net:caif_netlink_parms(): no params data found
[  117.449180][ T6261] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.456557][ T6261] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.463792][ T6261] bridge_slave_0: entered allmulticast mode
[  117.471332][ T6261] bridge_slave_0: entered promiscuous mode
[  117.480697][ T6261] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.489177][ T6261] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.496846][ T6261] bridge_slave_1: entered allmulticast mode
[  117.504110][ T6261] bridge_slave_1: entered promiscuous mode
[  117.529545][ T6261] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.543706][ T6261] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.590455][ T6261] team0: Port device team_slave_0 added
[  117.598259][ T6261] team0: Port device team_slave_1 added
[  117.629603][ T6261] batman_adv: batadv0: Adding interface: batadv_slave_0
[  117.636685][ T6261] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  117.664577][ T6261] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  117.677181][ T6261] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.684583][ T6261] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  117.711661][ T6261] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  117.751827][ T6261] hsr_slave_0: entered promiscuous mode
[  117.760492][ T6261] hsr_slave_1: entered promiscuous mode
[  118.236251][ T6261] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  118.259462][ T6261] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  118.268651][ T6261] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  118.289692][ T6261] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  118.298793][ T6261] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  118.310010][ T6261] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  118.318642][ T6261] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  118.330198][ T6261] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  118.408623][ T6261] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.439095][ T6261] 8021q: adding VLAN 0 to HW filter on device team0
[  118.452500][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.459719][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.479616][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.487145][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.706314][ T6261] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.763353][ T6261] veth0_vlan: entered promiscuous mode
[  118.781163][ T6261] veth1_vlan: entered promiscuous mode
[  118.812209][ T6261] veth0_macvtap: entered promiscuous mode
[  118.825070][ T6261] veth1_macvtap: entered promiscuous mode
[  118.844952][ T6261] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.859061][ T6261] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.873676][   T58] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.898424][   T58] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.919015][   T58] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.928669][   T58] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  119.138427][   T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.218554][   T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.281099][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.397510][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.546847][   T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  119.555566][   T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  119.563772][   T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  119.576435][   T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  119.584679][   T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/04/15 04:45:08 executed programs: 0
[  120.826821][ T5144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  120.839888][ T5144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  120.848141][ T5144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  120.864675][ T5144] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  120.872848][ T5144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  121.113154][ T6381] chnl_net:caif_netlink_parms(): no params data found
[  121.216962][ T6381] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.224417][ T6381] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.231801][ T6381] bridge_slave_0: entered allmulticast mode
[  121.239961][ T6381] bridge_slave_0: entered promiscuous mode
[  121.249337][ T6381] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.257072][ T6381] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.265170][ T6381] bridge_slave_1: entered allmulticast mode
[  121.272314][ T6381] bridge_slave_1: entered promiscuous mode
[  121.307957][ T6381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.320515][ T6381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.358288][ T6381] team0: Port device team_slave_0 added
[  121.373189][ T6381] team0: Port device team_slave_1 added
[  121.408025][ T6381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.415146][ T6381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.442136][ T6381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.457508][ T6381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.464815][ T6381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.501247][ T6381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.633819][   T58] bridge_slave_1: left allmulticast mode
[  121.639690][   T58] bridge_slave_1: left promiscuous mode
[  121.646710][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.665640][   T58] bridge_slave_0: left allmulticast mode
[  121.671470][   T58] bridge_slave_0: left promiscuous mode
[  121.677356][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.893394][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  121.905380][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  121.919274][   T58] bond0 (unregistering): Released all slaves
[  121.938781][ T6381] hsr_slave_0: entered promiscuous mode
[  121.946566][ T6381] hsr_slave_1: entered promiscuous mode
[  121.955512][ T6381] debugfs: 'hsr0' already exists in 'hsr'
[  121.961373][ T6381] Cannot create hsr debugfs directory
[  122.053533][   T58] hsr_slave_0: left promiscuous mode
[  122.059899][   T58] hsr_slave_1: left promiscuous mode
[  122.066457][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.075123][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.083165][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.094707][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.108272][   T58] veth1_macvtap: left promiscuous mode
[  122.113788][   T58] veth0_macvtap: left promiscuous mode
[  122.120323][   T58] veth1_vlan: left promiscuous mode
[  122.125927][   T58] veth0_vlan: left promiscuous mode
[  122.392069][   T58] team0 (unregistering): Port device team_slave_1 removed
[  122.416695][   T58] team0 (unregistering): Port device team_slave_0 removed
[  122.893982][ T5144] Bluetooth: hci0: command tx timeout
[  123.337620][ T6381] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  123.362798][ T6381] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  123.377789][ T6381] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  123.404932][ T6381] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  123.423820][ T6381] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  123.447673][ T6381] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  123.478129][ T6381] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.497161][ T6381] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  123.690247][ T6381] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.719700][ T6381] 8021q: adding VLAN 0 to HW filter on device team0
[  123.733645][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.741046][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.757515][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.764797][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.023411][ T6381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.065687][ T6381] veth0_vlan: entered promiscuous mode
[  124.076345][ T6381] veth1_vlan: entered promiscuous mode
[  124.101202][ T6381] veth0_macvtap: entered promiscuous mode
[  124.110542][ T6381] veth1_macvtap: entered promiscuous mode
[  124.127558][ T6381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.140740][ T6381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.155134][   T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.164934][   T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.173845][   T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.184482][   T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.233220][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.241443][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.265951][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.274032][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.974598][ T5144] Bluetooth: hci0: command tx timeout
2026/04/15 04:45:13 executed programs: 7
[  127.057834][ T5144] Bluetooth: hci0: command tx timeout
[  127.684312][ T6537] ==================================================================
[  127.692529][ T6537] BUG: KASAN: slab-use-after-free in __sk_msg_recvmsg+0x19b/0xe70
[  127.700354][ T6537] Read of size 8 at addr ffff8880788262b0 by task syz.0.28/6537
[  127.707981][ T6537] 
[  127.710311][ T6537] CPU: 0 UID: 0 PID: 6537 Comm: syz.0.28 Not tainted syzkaller #0 PREEMPT(full) 
[  127.710327][ T6537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  127.710342][ T6537] Call Trace:
[  127.710351][ T6537]  <TASK>
[  127.710359][ T6537]  dump_stack_lvl+0xe8/0x150
[  127.710383][ T6537]  print_report+0xba/0x230
[  127.710399][ T6537]  ? __sk_msg_recvmsg+0x19b/0xe70
[  127.710418][ T6537]  kasan_report+0x117/0x150
[  127.710436][ T6537]  ? __sk_msg_recvmsg+0x19b/0xe70
[  127.710456][ T6537]  __sk_msg_recvmsg+0x19b/0xe70
[  127.710477][ T6537]  ? sk_psock_get+0x387/0x440
[  127.710498][ T6537]  ? __pfx_sk_psock_get+0x10/0x10
[  127.710518][ T6537]  ? __page_table_check_zero+0x6a/0x3e0
[  127.710536][ T6537]  udp_bpf_recvmsg+0x196/0xac0
[  127.710558][ T6537]  ? aa_sk_perm+0x6d5/0x900
[  127.710581][ T6537]  ? __pfx_udp_bpf_recvmsg+0x10/0x10
[  127.710607][ T6537]  ? sock_rps_record_flow+0x19/0x350
[  127.710629][ T6537]  ? inet_recvmsg+0x101/0x120
[  127.710641][ T6537]  ? __pfx_inet_recvmsg+0x10/0x10
[  127.710653][ T6537]  sock_recvmsg+0x155/0x1b0
[  127.710671][ T6537]  ____sys_recvmsg+0x1e6/0x4a0
[  127.710687][ T6537]  ? __pfx_____sys_recvmsg+0x10/0x10
[  127.710705][ T6537]  ? import_iovec+0x73/0xa0
[  127.710722][ T6537]  ___sys_recvmsg+0x215/0x590
[  127.710737][ T6537]  ? __pfx____sys_recvmsg+0x10/0x10
[  127.710758][ T6537]  ? __fget_files+0x3a0/0x420
[  127.710774][ T6537]  do_recvmmsg+0x334/0x800
[  127.710789][ T6537]  ? do_raw_spin_lock+0x12b/0x2f0
[  127.710804][ T6537]  ? __pfx_do_recvmmsg+0x10/0x10
[  127.710816][ T6537]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  127.710837][ T6537]  ? lockdep_hardirqs_on+0x7a/0x110
[  127.710855][ T6537]  __x64_sys_recvmmsg+0x198/0x250
[  127.710870][ T6537]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  127.710887][ T6537]  do_syscall_64+0x14d/0xf80
[  127.710903][ T6537]  ? trace_irq_disable+0x3b/0x150
[  127.710916][ T6537]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.710929][ T6537]  ? clear_bhb_loop+0x40/0x90
[  127.710944][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.710958][ T6537] RIP: 0033:0x7f56aa59c819
[  127.710976][ T6537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  127.710988][ T6537] RSP: 002b:00007f56ab480028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  127.711009][ T6537] RAX: ffffffffffffffda RBX: 00007f56aa816180 RCX: 00007f56aa59c819
[  127.711019][ T6537] RDX: 0000000000000012 RSI: 0000200000000400 RDI: 0000000000000003
[  127.711029][ T6537] RBP: 00007f56aa632c91 R08: 0000000000000000 R09: 0000000000000000
[  127.711038][ T6537] R10: 0000000040000021 R11: 0000000000000246 R12: 0000000000000000
[  127.711047][ T6537] R13: 00007f56aa816218 R14: 00007f56aa816180 R15: 00007ffd4925b868
[  127.711063][ T6537]  </TASK>
[  127.711068][ T6537] 
[  127.986317][ T6537] Allocated by task 6535:
[  127.990888][ T6537]  kasan_save_track+0x3e/0x80
[  127.995572][ T6537]  __kasan_kmalloc+0x93/0xb0
[  128.000249][ T6537]  __kmalloc_cache_noprof+0x31c/0x660
[  128.005703][ T6537]  sk_psock_skb_ingress_self+0x5e/0x370
[  128.011243][ T6537]  sk_psock_verdict_recv+0x7d9/0x8d0
[  128.016604][ T6537]  udp_read_skb+0x5d9/0x6b0
[  128.021183][ T6537]  sk_psock_verdict_data_ready+0x25f/0x6c0
[  128.027061][ T6537]  __udp_enqueue_schedule_skb+0xc4b/0x12e0
[  128.032863][ T6537]  udp_queue_rcv_one_skb+0x755/0x1120
[  128.038312][ T6537]  __udp4_lib_mcast_deliver+0xad7/0xb70
[  128.044022][ T6537]  udp_rcv+0xcd0/0x1db0
[  128.048258][ T6537]  ip_protocol_deliver_rcu+0x282/0x440
[  128.053811][ T6537]  ip_local_deliver_finish+0x3bb/0x6f0
[  128.059258][ T6537]  NF_HOOK+0x336/0x3c0
[  128.063513][ T6537]  ip_sublist_rcv_finish+0x1f0/0x240
[  128.069057][ T6537]  ip_sublist_rcv+0x5c6/0xa70
[  128.073833][ T6537]  ip_list_rcv+0x3f1/0x450
[  128.078254][ T6537]  __netif_receive_skb_list_core+0x7e5/0x810
[  128.084398][ T6537]  netif_receive_skb_list_internal+0x995/0xcf0
[  128.090630][ T6537]  netif_receive_skb_list+0x55/0x4b0
[  128.095908][ T6537]  bpf_test_run_xdp_live+0x1946/0x1cf0
[  128.101383][ T6537]  bpf_prog_test_run_xdp+0x81c/0x1160
[  128.106770][ T6537]  bpf_prog_test_run+0x2c7/0x340
[  128.111735][ T6537]  __sys_bpf+0x643/0x950
[  128.115966][ T6537]  __x64_sys_bpf+0x7c/0x90
[  128.120463][ T6537]  do_syscall_64+0x14d/0xf80
[  128.125130][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.131094][ T6537] 
[  128.133403][ T6537] Freed by task 6536:
[  128.137382][ T6537]  kasan_save_track+0x3e/0x80
[  128.142070][ T6537]  kasan_save_free_info+0x46/0x50
[  128.147172][ T6537]  __kasan_slab_free+0x5c/0x80
[  128.151926][ T6537]  kfree+0x1c1/0x630
[  128.155894][ T6537]  __sk_msg_recvmsg+0xc7e/0xe70
[  128.160849][ T6537]  udp_bpf_recvmsg+0x196/0xac0
[  128.165697][ T6537]  sock_recvmsg+0x155/0x1b0
[  128.170195][ T6537]  ____sys_recvmsg+0x1e6/0x4a0
[  128.175030][ T6537]  ___sys_recvmsg+0x215/0x590
[  128.179690][ T6537]  do_recvmmsg+0x334/0x800
[  128.184297][ T6537]  __x64_sys_recvmmsg+0x198/0x250
[  128.189313][ T6537]  do_syscall_64+0x14d/0xf80
[  128.193924][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.199817][ T6537] 
[  128.202138][ T6537] The buggy address belongs to the object at ffff888078826000
[  128.202138][ T6537]  which belongs to the cache kmalloc-1k of size 1024
[  128.216609][ T6537] The buggy address is located 688 bytes inside of
[  128.216609][ T6537]  freed 1024-byte region [ffff888078826000, ffff888078826400)
[  128.230652][ T6537] 
[  128.233000][ T6537] The buggy address belongs to the physical page:
[  128.239404][ T6537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78820
[  128.248327][ T6537] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  128.257075][ T6537] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  128.264874][ T6537] page_type: f5(slab)
[  128.268842][ T6537] raw: 00fff00000000040 ffff88813feacdc0 dead000000000100 dead000000000122
[  128.277496][ T6537] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  128.286155][ T6537] head: 00fff00000000040 ffff88813feacdc0 dead000000000100 dead000000000122
[  128.295279][ T6537] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  128.304024][ T6537] head: 00fff00000000003 ffffea0001e20801 00000000ffffffff 00000000ffffffff
[  128.312699][ T6537] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  128.321440][ T6537] page dumped because: kasan: bad access detected
[  128.328020][ T6537] page_owner tracks the page as allocated
[  128.333719][ T6537] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12, tgid 12 (kworker/u8:0), ts 127465975822, free_ts 127397851326
[  128.354566][ T6537]  post_alloc_hook+0x231/0x280
[  128.359412][ T6537]  get_page_from_freelist+0x24dc/0x2580
[  128.365031][ T6537]  __alloc_frozen_pages_noprof+0x18d/0x380
[  128.370821][ T6537]  allocate_slab+0x77/0x660
[  128.375308][ T6537]  refill_objects+0x331/0x3c0
[  128.379976][ T6537]  __pcs_replace_empty_main+0x2e6/0x730
[  128.385598][ T6537]  __kmalloc_noprof+0x474/0x760
[  128.390522][ T6537]  ieee802_11_parse_elems_full+0x159/0x2ab0
[  128.396498][ T6537]  ieee80211_inform_bss+0x161/0x1160
[  128.401778][ T6537]  cfg80211_inform_single_bss_data+0xd08/0x1b70
[  128.408095][ T6537]  cfg80211_inform_bss_data+0x266/0x3c40
[  128.413719][ T6537]  cfg80211_inform_bss_frame_data+0x3c7/0x760
[  128.419973][ T6537]  ieee80211_bss_info_update+0x794/0xa40
[  128.425692][ T6537]  ieee80211_ibss_rx_queued_mgmt+0x1901/0x2ce0
[  128.432023][ T6537]  ieee80211_iface_work+0x845/0x1380
[  128.437516][ T6537]  cfg80211_wiphy_work+0x2ab/0x4a0
[  128.442617][ T6537] page last free pid 6532 tgid 6530 stack trace:
[  128.448970][ T6537]  __free_frozen_pages+0xc2b/0xdb0
[  128.454075][ T6537]  __slab_free+0x263/0x2b0
[  128.458584][ T6537]  qlist_free_all+0x97/0x100
[  128.463244][ T6537]  kasan_quarantine_reduce+0x148/0x160
[  128.468950][ T6537]  __kasan_slab_alloc+0x22/0x80
[  128.473878][ T6537]  __kmalloc_noprof+0x316/0x760
[  128.478804][ T6537]  iovec_from_user+0x87/0x250
[  128.483553][ T6537]  __import_iovec+0x163/0x7e0
[  128.488215][ T6537]  import_iovec+0x73/0xa0
[  128.492533][ T6537]  ___sys_recvmsg+0x4bd/0x590
[  128.497461][ T6537]  do_recvmmsg+0x334/0x800
[  128.501869][ T6537]  __x64_sys_recvmmsg+0x198/0x250
[  128.506882][ T6537]  do_syscall_64+0x14d/0xf80
[  128.511459][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.517424][ T6537] 
[  128.519732][ T6537] Memory state around the buggy address:
[  128.525430][ T6537]  ffff888078826180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  128.533569][ T6537]  ffff888078826200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  128.541788][ T6537] >ffff888078826280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  128.549916][ T6537]                                      ^
[  128.555715][ T6537]  ffff888078826300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  128.563931][ T6537]  ffff888078826380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  128.572060][ T6537] ==================================================================
[  128.650004][ T6537] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  128.657253][ T6537] CPU: 0 UID: 0 PID: 6537 Comm: syz.0.28 Not tainted syzkaller #0 PREEMPT(full) 
[  128.666378][ T6537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  128.676556][ T6537] Call Trace:
[  128.679839][ T6537]  <TASK>
[  128.682857][ T6537]  vpanic+0x56c/0xa60
[  128.686855][ T6537]  ? __pfx_vpanic+0x10/0x10
[  128.691646][ T6537]  panic+0xc5/0xd0
[  128.695541][ T6537]  ? __pfx_panic+0x10/0x10
[  128.700147][ T6537]  ? preempt_schedule_thunk+0x16/0x30
[  128.705710][ T6537]  ? preempt_schedule_thunk+0x16/0x30
[  128.711109][ T6537]  ? __sk_msg_recvmsg+0x19b/0xe70
[  128.716160][ T6537]  check_panic_on_warn+0x89/0xb0
[  128.721198][ T6537]  ? __sk_msg_recvmsg+0x19b/0xe70
[  128.726408][ T6537]  end_report+0x73/0x180
[  128.730745][ T6537]  ? __sk_msg_recvmsg+0x19b/0xe70
[  128.735875][ T6537]  kasan_report+0x128/0x150
[  128.740479][ T6537]  ? __sk_msg_recvmsg+0x19b/0xe70
[  128.745705][ T6537]  __sk_msg_recvmsg+0x19b/0xe70
[  128.750653][ T6537]  ? sk_psock_get+0x387/0x440
[  128.755340][ T6537]  ? __pfx_sk_psock_get+0x10/0x10
[  128.760643][ T6537]  ? __page_table_check_zero+0x6a/0x3e0
[  128.766351][ T6537]  udp_bpf_recvmsg+0x196/0xac0
[  128.771312][ T6537]  ? aa_sk_perm+0x6d5/0x900
[  128.775933][ T6537]  ? __pfx_udp_bpf_recvmsg+0x10/0x10
[  128.781246][ T6537]  ? sock_rps_record_flow+0x19/0x350
[  128.786644][ T6537]  ? inet_recvmsg+0x101/0x120
[  128.791431][ T6537]  ? __pfx_inet_recvmsg+0x10/0x10
[  128.796740][ T6537]  sock_recvmsg+0x155/0x1b0
[  128.801437][ T6537]  ____sys_recvmsg+0x1e6/0x4a0
[  128.806223][ T6537]  ? __pfx_____sys_recvmsg+0x10/0x10
[  128.811527][ T6537]  ? import_iovec+0x73/0xa0
[  128.816117][ T6537]  ___sys_recvmsg+0x215/0x590
[  128.820876][ T6537]  ? __pfx____sys_recvmsg+0x10/0x10
[  128.826064][ T6537]  ? __fget_files+0x3a0/0x420
[  128.830728][ T6537]  do_recvmmsg+0x334/0x800
[  128.835322][ T6537]  ? do_raw_spin_lock+0x12b/0x2f0
[  128.840348][ T6537]  ? __pfx_do_recvmmsg+0x10/0x10
[  128.845279][ T6537]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  128.850832][ T6537]  ? lockdep_hardirqs_on+0x7a/0x110
[  128.856287][ T6537]  __x64_sys_recvmmsg+0x198/0x250
[  128.861401][ T6537]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  128.866937][ T6537]  do_syscall_64+0x14d/0xf80
[  128.871519][ T6537]  ? trace_irq_disable+0x3b/0x150
[  128.876532][ T6537]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.882763][ T6537]  ? clear_bhb_loop+0x40/0x90
[  128.887517][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.893484][ T6537] RIP: 0033:0x7f56aa59c819
[  128.897897][ T6537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  128.917685][ T6537] RSP: 002b:00007f56ab480028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  128.926549][ T6537] RAX: ffffffffffffffda RBX: 00007f56aa816180 RCX: 00007f56aa59c819
[  128.934516][ T6537] RDX: 0000000000000012 RSI: 0000200000000400 RDI: 0000000000000003
[  128.942674][ T6537] RBP: 00007f56aa632c91 R08: 0000000000000000 R09: 0000000000000000
[  128.950637][ T6537] R10: 0000000040000021 R11: 0000000000000246 R12: 0000000000000000
[  128.958688][ T6537] R13: 00007f56aa816218 R14: 00007f56aa816180 R15: 00007ffd4925b868
[  128.966661][ T6537]  </TASK>
[  128.970219][ T6537] Kernel Offset: disabled
[  128.974548][ T6537] Rebooting in 86400 seconds..