Warning: Permanently added '10.128.0.173' (ED25519) to the list of known hosts.
2025/11/30 10:08:46 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 122.107823][ T6148] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 125.185294][ T6167] chnl_net:caif_netlink_parms(): no params data found
[ 125.292752][ T6167] bridge0: port 1(bridge_slave_0) entered blocking state
[ 125.300600][ T6167] bridge0: port 1(bridge_slave_0) entered disabled state
[ 125.308358][ T6167] bridge_slave_0: entered allmulticast mode
[ 125.315356][ T6167] bridge_slave_0: entered promiscuous mode
[ 125.323500][ T6167] bridge0: port 2(bridge_slave_1) entered blocking state
[ 125.330846][ T6167] bridge0: port 2(bridge_slave_1) entered disabled state
[ 125.338065][ T6167] bridge_slave_1: entered allmulticast mode
[ 125.345000][ T6167] bridge_slave_1: entered promiscuous mode
[ 125.381736][ T6167] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 125.397017][ T6167] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 125.432722][ T6167] team0: Port device team_slave_0 added
[ 125.441265][ T6167] team0: Port device team_slave_1 added
[ 125.465209][ T6167] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 125.472297][ T6167] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 125.499134][ T6167] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 125.511251][ T6167] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 125.518288][ T6167] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 125.544494][ T6167] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 125.583659][ T6167] hsr_slave_0: entered promiscuous mode
[ 125.590210][ T6167] hsr_slave_1: entered promiscuous mode
[ 126.107793][ T6167] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 126.127660][ T6167] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 126.141305][ T6167] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 126.160746][ T6167] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 126.277867][ T6167] 8021q: adding VLAN 0 to HW filter on device bond0
[ 126.302730][ T6167] 8021q: adding VLAN 0 to HW filter on device team0
[ 126.316743][ T134] bridge0: port 1(bridge_slave_0) entered blocking state
[ 126.323970][ T134] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 126.342526][ T134] bridge0: port 2(bridge_slave_1) entered blocking state
[ 126.349734][ T134] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 126.409664][ T6167] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 126.615182][ T6167] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 126.672960][ T6167] veth0_vlan: entered promiscuous mode
[ 126.696484][ T6167] veth1_vlan: entered promiscuous mode
[ 126.736919][ T6167] veth0_macvtap: entered promiscuous mode
[ 126.749423][ T6167] veth1_macvtap: entered promiscuous mode
[ 126.774478][ T6167] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 126.794471][ T6167] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 126.810981][ T134] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.830076][ T134] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.840861][ T134] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.852443][ T134] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 127.026242][ T3483] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 127.111478][ T3483] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 127.194504][ T3483] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 127.263397][ T3483] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 127.496015][ T134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.510810][ T134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.546333][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.555900][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.866261][ T5149] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 127.874969][ T5149] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 127.885903][ T5149] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 127.895623][ T5149] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 127.903416][ T5149] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 129.422004][ T3483] bridge_slave_1: left allmulticast mode
[ 129.427692][ T3483] bridge_slave_1: left promiscuous mode
[ 129.434474][ T3483] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.451186][ T3483] bridge_slave_0: left allmulticast mode
[ 129.457047][ T3483] bridge_slave_0: left promiscuous mode
[ 129.471320][ T3483] bridge0: port 1(bridge_slave_0) entered disabled state
[ 130.042192][ T3483] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 130.055638][ T3483] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 130.068922][ T3483] bond0 (unregistering): Released all slaves
[ 130.200473][ T3483] hsr_slave_0: left promiscuous mode
[ 130.206826][ T3483] hsr_slave_1: left promiscuous mode
[ 130.227637][ T3483] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 130.240048][ T3483] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 130.259689][ T3483] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 130.273567][ T3483] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 130.310006][ T3483] veth1_macvtap: left promiscuous mode
[ 130.320097][ T3483] veth0_macvtap: left promiscuous mode
[ 130.326147][ T3483] veth1_vlan: left promiscuous mode
[ 130.334428][ T3483] veth0_vlan: left promiscuous mode
[ 131.050331][ T3483] team0 (unregistering): Port device team_slave_1 removed
[ 131.099539][ T3483] team0 (unregistering): Port device team_slave_0 removed
[ 133.004141][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 133.010697][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
2025/11/30 10:09:01 executed programs: 0
[ 133.651958][ T5149] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 133.660794][ T5149] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 133.669218][ T5149] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 133.677275][ T5149] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 133.685887][ T5149] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 134.016955][ T6423] chnl_net:caif_netlink_parms(): no params data found
[ 134.104552][ T6423] bridge0: port 1(bridge_slave_0) entered blocking state
[ 134.112172][ T6423] bridge0: port 1(bridge_slave_0) entered disabled state
[ 134.119628][ T6423] bridge_slave_0: entered allmulticast mode
[ 134.126770][ T6423] bridge_slave_0: entered promiscuous mode
[ 134.135589][ T6423] bridge0: port 2(bridge_slave_1) entered blocking state
[ 134.142903][ T6423] bridge0: port 2(bridge_slave_1) entered disabled state
[ 134.150141][ T6423] bridge_slave_1: entered allmulticast mode
[ 134.157869][ T6423] bridge_slave_1: entered promiscuous mode
[ 134.194735][ T6423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 134.207453][ T6423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 134.257796][ T6423] team0: Port device team_slave_0 added
[ 134.266775][ T6423] team0: Port device team_slave_1 added
[ 134.306110][ T6423] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 134.313306][ T6423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 134.340289][ T6423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 134.353907][ T6423] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 134.361539][ T6423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 134.389149][ T6423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 134.455664][ T6423] hsr_slave_0: entered promiscuous mode
[ 134.465108][ T6423] hsr_slave_1: entered promiscuous mode
[ 134.951455][ T6423] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 134.963109][ T6423] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 134.974532][ T6423] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 134.986486][ T6423] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 135.108249][ T6423] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.132061][ T6423] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.145266][ T3469] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.152696][ T3469] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.177041][ T3469] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.184257][ T3469] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.430301][ T6423] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 135.490878][ T6423] veth0_vlan: entered promiscuous mode
[ 135.507163][ T6423] veth1_vlan: entered promiscuous mode
[ 135.547210][ T6423] veth0_macvtap: entered promiscuous mode
[ 135.560227][ T6423] veth1_macvtap: entered promiscuous mode
[ 135.587402][ T6423] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 135.605290][ T6423] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 135.624565][ T3483] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.644633][ T3483] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.659450][ T3483] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.678620][ T3483] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.719513][ T5149] Bluetooth: hci0: command tx timeout
[ 135.737510][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 135.754266][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 135.789323][ T3483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 135.797252][ T3483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 135.888198][ C0] ==================================================================
[ 135.896299][ C0] BUG: KASAN: double-free in inet_sock_destruct+0x538/0x740
[ 135.903800][ C0] Free of addr ffff888030bd05c0 by task syz.0.18/6499
[ 135.910837][ C0]
[ 135.913223][ C0] CPU: 0 UID: 0 PID: 6499 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full)
[ 135.913245][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 135.913264][ C0] Call Trace:
[ 135.913272][ C0]
[ 135.913279][ C0] dump_stack_lvl+0x189/0x250
[ 135.913307][ C0] ? rcu_is_watching+0x15/0xb0
[ 135.913327][ C0] ? __kasan_check_byte+0x12/0x40
[ 135.913347][ C0] ? __pfx_dump_stack_lvl+0x10/0x10
[ 135.913370][ C0] ? rcu_is_watching+0x15/0xb0
[ 135.913389][ C0] ? lock_release+0x4b/0x3e0
[ 135.913408][ C0] ? __virt_addr_valid+0x1c8/0x5c0
[ 135.913432][ C0] ? __virt_addr_valid+0x4a5/0x5c0
[ 135.913455][ C0] print_report+0xca/0x240
[ 135.913477][ C0] ? inet_sock_destruct+0x538/0x740
[ 135.913506][ C0] kasan_report_invalid_free+0xea/0x110
[ 135.913525][ C0] ? inet_sock_destruct+0x538/0x740
[ 135.913545][ C0] ? inet_sock_destruct+0x538/0x740
[ 135.913566][ C0] check_slab_allocation+0xe1/0x130
[ 135.913590][ C0] ? inet_sock_destruct+0x538/0x740
[ 135.913612][ C0] kfree+0x148/0x6d0
[ 135.913635][ C0] inet_sock_destruct+0x538/0x740
[ 135.913659][ C0] ? inet6_cleanup_sock+0x18b/0x220
[ 135.913684][ C0] ? __pfx_sctp_v6_destruct_sock+0x10/0x10
[ 135.913708][ C0] __sk_destruct+0x89/0x660
[ 135.913731][ C0] ? __pfx_sctp_endpoint_destroy_rcu+0x10/0x10
[ 135.913754][ C0] ? rcu_core+0xc37/0x1770
[ 135.913773][ C0] sctp_endpoint_destroy_rcu+0xa1/0xf0
[ 135.913798][ C0] rcu_core+0xcab/0x1770
[ 135.913823][ C0] ? __pfx_rcu_core+0x10/0x10
[ 135.913843][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10
[ 135.913862][ C0] ? seqcount_lockdep_reader_access+0x15e/0x1c0
[ 135.913893][ C0] handle_softirqs+0x286/0x870
[ 135.913915][ C0] ? __irq_exit_rcu+0xca/0x1f0
[ 135.913937][ C0] ? __pfx_handle_softirqs+0x10/0x10
[ 135.913958][ C0] ? irqtime_account_irq+0xb6/0x1c0
[ 135.913982][ C0] __irq_exit_rcu+0xca/0x1f0
[ 135.914000][ C0] ? __pfx___irq_exit_rcu+0x10/0x10
[ 135.914023][ C0] irq_exit_rcu+0x9/0x30
[ 135.914041][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 135.914062][ C0]
[ 135.914068][ C0]
[ 135.914075][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 135.914112][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110
[ 135.914136][ C0] Code: 74 05 e8 7b bb 7c f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 83 e9 44 f6 65 8b 05 dc e8 23 07 85 c0 74 40 48 c7 04 24 0e 36
[ 135.914152][ C0] RSP: 0018:ffffc90003547720 EFLAGS: 00000206
[ 135.914171][ C0] RAX: a4d22c7bd6060b00 RBX: 0000000000000a06 RCX: a4d22c7bd6060b00
[ 135.914185][ C0] RDX: 0000000000000006 RSI: ffffffff8d714225 RDI: 0000000000000001
[ 135.914198][ C0] RBP: ffffc900035477a0 R08: ffffffff8f7d1e77 R09: 1ffffffff1efa3ce
[ 135.914213][ C0] R10: dffffc0000000000 R11: fffffbfff1efa3cf R12: dffffc0000000000
[ 135.914228][ C0] R13: 000000000000afcc R14: ffffffff8e024f80 R15: 1ffff920006a8ee4
[ 135.914249][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 135.914275][ C0] pcpu_alloc_noprof+0xc00/0x1720
[ 135.914310][ C0] futex_hash_allocate+0x3e8/0xe60
[ 135.914336][ C0] ? futex_hash_allocate+0x13b/0xe60
[ 135.914363][ C0] ? __pfx_futex_hash_allocate+0x10/0x10
[ 135.914390][ C0] ? futex_hash_allocate_default+0x56/0x480
[ 135.914418][ C0] ? futex_hash_allocate_default+0x379/0x480
[ 135.914443][ C0] ? futex_hash_allocate_default+0x56/0x480
[ 135.914470][ C0] copy_process+0x21aa/0x3c00
[ 135.914533][ C0] ? copy_process+0x97f/0x3c00
[ 135.914557][ C0] ? __pfx_copy_process+0x10/0x10
[ 135.914583][ C0] kernel_clone+0x21e/0x840
[ 135.914608][ C0] ? __pfx_kernel_clone+0x10/0x10
[ 135.914633][ C0] ? __lock_acquire+0xab9/0xd20
[ 135.914655][ C0] __se_sys_clone3+0x256/0x2d0
[ 135.914678][ C0] ? __might_fault+0xb0/0x130
[ 135.914704][ C0] ? __pfx___se_sys_clone3+0x10/0x10
[ 135.914734][ C0] ? _copy_to_user+0x8a/0xb0
[ 135.914763][ C0] ? do_user_addr_fault+0xc85/0x1380
[ 135.914784][ C0] ? do_syscall_64+0xbe/0xfa0
[ 135.914809][ C0] do_syscall_64+0xfa/0xfa0
[ 135.914830][ C0] ? lockdep_hardirqs_on+0x9c/0x150
[ 135.914852][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 135.914870][ C0] ? clear_bhb_loop+0x60/0xb0
[ 135.914890][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 135.914908][ C0] RIP: 0033:0x7feaee1c3e09
[ 135.914936][ C0] Code: cf 08 00 48 8d 3d dc cf 08 00 e8 e2 28 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 135.914952][ C0] RSP: 002b:00007ffcd4d2dac8 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3
[ 135.914971][ C0] RAX: ffffffffffffffda RBX: 00007feaee1461f0 RCX: 00007feaee1c3e09
[ 135.914986][ C0] RDX: 00007feaee1461f0 RSI: 0000000000000058 RDI: 00007ffcd4d2db10
[ 135.914999][ C0] RBP: 00007feaeef826c0 R08: 00007feaeef826c0 R09: 00007ffcd4d2dbf7
[ 135.915013][ C0] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8
[ 135.915026][ C0] R13: 000000000000000b R14: 00007ffcd4d2db10 R15: 00007ffcd4d2dbf8
[ 135.915047][ C0]
[ 135.915054][ C0]
[ 136.411472][ C0] Allocated by task 6498:
[ 136.416045][ C0] kasan_save_track+0x3e/0x80
[ 136.421152][ C0] __kasan_kmalloc+0x93/0xb0
[ 136.425728][ C0] __kmalloc_noprof+0x411/0x7f0
[ 136.430566][ C0] ip_options_get+0x51/0x4c0
[ 136.435232][ C0] do_ip_setsockopt+0x1d9b/0x2d00
[ 136.440258][ C0] ip_setsockopt+0x66/0x110
[ 136.444882][ C0] do_sock_setsockopt+0x17c/0x1b0
[ 136.450006][ C0] __x64_sys_setsockopt+0x13f/0x1b0
[ 136.455214][ C0] do_syscall_64+0xfa/0xfa0
[ 136.459785][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 136.465701][ C0]
[ 136.468017][ C0] Freed by task 6499:
[ 136.472068][ C0] kasan_save_track+0x3e/0x80
[ 136.476915][ C0] __kasan_save_free_info+0x46/0x50
[ 136.482102][ C0] __kasan_slab_free+0x5c/0x80
[ 136.486969][ C0] kfree+0x19a/0x6d0
[ 136.490863][ C0] inet_sock_destruct+0x538/0x740
[ 136.495917][ C0] __sk_destruct+0x89/0x660
[ 136.500514][ C0] sctp_endpoint_destroy_rcu+0xa1/0xf0
[ 136.505970][ C0] rcu_core+0xcab/0x1770
[ 136.510287][ C0] handle_softirqs+0x286/0x870
[ 136.515042][ C0] __irq_exit_rcu+0xca/0x1f0
[ 136.519633][ C0] irq_exit_rcu+0x9/0x30
[ 136.523951][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 136.529831][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 136.535800][ C0]
[ 136.538184][ C0] The buggy address belongs to the object at ffff888030bd05c0
[ 136.538184][ C0] which belongs to the cache kmalloc-32 of size 32
[ 136.552136][ C0] The buggy address is located 0 bytes inside of
[ 136.552136][ C0] 32-byte region [ffff888030bd05c0, ffff888030bd05e0)
[ 136.565299][ C0]
[ 136.567715][ C0] The buggy address belongs to the physical page:
[ 136.574678][ C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x30bd0
[ 136.583687][ C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 136.590888][ C0] page_type: f5(slab)
[ 136.594872][ C0] raw: 00fff00000000000 ffff88801a026780 ffffea0000a4dfc0 dead000000000002
[ 136.603672][ C0] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000
[ 136.612518][ C0] page dumped because: kasan: bad access detected
[ 136.619157][ C0] page_owner tracks the page as allocated
[ 136.625137][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 3988, tgid 3988 (kworker/u8:5), ts 21184075719, free_ts 21176226233
[ 136.643989][ C0] post_alloc_hook+0x234/0x290
[ 136.648784][ C0] get_page_from_freelist+0x2365/0x2440
[ 136.654538][ C0] __alloc_frozen_pages_noprof+0x181/0x370
[ 136.660359][ C0] alloc_pages_mpol+0x232/0x4a0
[ 136.665395][ C0] allocate_slab+0x96/0x350
[ 136.669977][ C0] ___slab_alloc+0xf56/0x1990
[ 136.674643][ C0] __slab_alloc+0x65/0x100
[ 136.679223][ C0] __kmalloc_cache_noprof+0x411/0x6f0
[ 136.684609][ C0] kmem_cache_free+0x16f/0x690
[ 136.689397][ C0] __fput_deferred+0x227/0x390
[ 136.694154][ C0] fput_close+0x119/0x200
[ 136.698476][ C0] path_openat+0x313c/0x3830
[ 136.703146][ C0] do_filp_open+0x1fa/0x410
[ 136.707640][ C0] do_open_execat+0x135/0x560
[ 136.712323][ C0] alloc_bprm+0x28/0x5c0
[ 136.716653][ C0] kernel_execve+0x9b/0x9f0
[ 136.721158][ C0] page last free pid 982 tgid 982 stack trace:
[ 136.727293][ C0] __free_frozen_pages+0xbc4/0xd30
[ 136.732410][ C0] vfree+0x25a/0x400
[ 136.736305][ C0] delayed_vfree_work+0x55/0x80
[ 136.741160][ C0] process_scheduled_works+0xae1/0x17b0
[ 136.746709][ C0] worker_thread+0x8a0/0xda0
[ 136.751294][ C0] kthread+0x711/0x8a0
[ 136.755352][ C0] ret_from_fork+0x4bc/0x870
[ 136.760104][ C0] ret_from_fork_asm+0x1a/0x30
[ 136.764947][ C0]
[ 136.767259][ C0] Memory state around the buggy address:
[ 136.772962][ C0] ffff888030bd0480: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[ 136.781024][ C0] ffff888030bd0500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 136.789162][ C0] >ffff888030bd0580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 136.797203][ C0] ^
[ 136.803337][ C0] ffff888030bd0600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 136.811398][ C0] ffff888030bd0680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[ 136.819442][ C0] ==================================================================
[ 136.827837][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 136.835038][ C0] CPU: 0 UID: 0 PID: 6499 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full)
[ 136.844162][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 136.854331][ C0] Call Trace:
[ 136.857628][ C0]
[ 136.860574][ C0] dump_stack_lvl+0x99/0x250
[ 136.865194][ C0] ? __asan_memcpy+0x40/0x70
[ 136.869831][ C0] ? __pfx_dump_stack_lvl+0x10/0x10
[ 136.875105][ C0] ? __pfx__printk+0x10/0x10
[ 136.879713][ C0] vpanic+0x237/0x6d0
[ 136.883696][ C0] ? __pfx_vpanic+0x10/0x10
[ 136.888282][ C0] panic+0xb9/0xc0
[ 136.891998][ C0] ? __pfx_panic+0x10/0x10
[ 136.896409][ C0] ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 136.902324][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 136.908347][ C0] check_panic_on_warn+0x89/0xb0
[ 136.913376][ C0] end_report+0x78/0x160
[ 136.917609][ C0] ? inet_sock_destruct+0x538/0x740
[ 136.922798][ C0] kasan_report_invalid_free+0xfa/0x110
[ 136.928332][ C0] ? inet_sock_destruct+0x538/0x740
[ 136.933534][ C0] ? inet_sock_destruct+0x538/0x740
[ 136.938725][ C0] check_slab_allocation+0xe1/0x130
[ 136.944005][ C0] ? inet_sock_destruct+0x538/0x740
[ 136.949192][ C0] kfree+0x148/0x6d0
[ 136.953082][ C0] inet_sock_destruct+0x538/0x740
[ 136.958103][ C0] ? inet6_cleanup_sock+0x18b/0x220
[ 136.963306][ C0] ? __pfx_sctp_v6_destruct_sock+0x10/0x10
[ 136.969111][ C0] __sk_destruct+0x89/0x660
[ 136.973610][ C0] ? __pfx_sctp_endpoint_destroy_rcu+0x10/0x10
[ 136.979758][ C0] ? rcu_core+0xc37/0x1770
[ 136.984180][ C0] sctp_endpoint_destroy_rcu+0xa1/0xf0
[ 136.989717][ C0] rcu_core+0xcab/0x1770
[ 136.993969][ C0] ? __pfx_rcu_core+0x10/0x10
[ 136.998796][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10
[ 137.004439][ C0] ? seqcount_lockdep_reader_access+0x15e/0x1c0
[ 137.010728][ C0] handle_softirqs+0x286/0x870
[ 137.015579][ C0] ? __irq_exit_rcu+0xca/0x1f0
[ 137.020421][ C0] ? __pfx_handle_softirqs+0x10/0x10
[ 137.025713][ C0] ? irqtime_account_irq+0xb6/0x1c0
[ 137.030912][ C0] __irq_exit_rcu+0xca/0x1f0
[ 137.035668][ C0] ? __pfx___irq_exit_rcu+0x10/0x10
[ 137.040948][ C0] irq_exit_rcu+0x9/0x30
[ 137.045225][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 137.050875][ C0]
[ 137.053808][ C0]
[ 137.056726][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 137.062794][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110
[ 137.069290][ C0] Code: 74 05 e8 7b bb 7c f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 83 e9 44 f6 65 8b 05 dc e8 23 07 85 c0 74 40 48 c7 04 24 0e 36
[ 137.089156][ C0] RSP: 0018:ffffc90003547720 EFLAGS: 00000206
[ 137.095245][ C0] RAX: a4d22c7bd6060b00 RBX: 0000000000000a06 RCX: a4d22c7bd6060b00
[ 137.103224][ C0] RDX: 0000000000000006 RSI: ffffffff8d714225 RDI: 0000000000000001
[ 137.111299][ C0] RBP: ffffc900035477a0 R08: ffffffff8f7d1e77 R09: 1ffffffff1efa3ce
[ 137.119289][ C0] R10: dffffc0000000000 R11: fffffbfff1efa3cf R12: dffffc0000000000
[ 137.127255][ C0] R13: 000000000000afcc R14: ffffffff8e024f80 R15: 1ffff920006a8ee4
[ 137.135224][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 137.141556][ C0] pcpu_alloc_noprof+0xc00/0x1720
[ 137.146605][ C0] futex_hash_allocate+0x3e8/0xe60
[ 137.151708][ C0] ? futex_hash_allocate+0x13b/0xe60
[ 137.156995][ C0] ? __pfx_futex_hash_allocate+0x10/0x10
[ 137.162708][ C0] ? futex_hash_allocate_default+0x56/0x480
[ 137.168611][ C0] ? futex_hash_allocate_default+0x379/0x480
[ 137.174589][ C0] ? futex_hash_allocate_default+0x56/0x480
[ 137.180488][ C0] copy_process+0x21aa/0x3c00
[ 137.185166][ C0] ? copy_process+0x97f/0x3c00
[ 137.189922][ C0] ? __pfx_copy_process+0x10/0x10
[ 137.194946][ C0] kernel_clone+0x21e/0x840
[ 137.199451][ C0] ? __pfx_kernel_clone+0x10/0x10
[ 137.204513][ C0] ? __lock_acquire+0xab9/0xd20
[ 137.209354][ C0] __se_sys_clone3+0x256/0x2d0
[ 137.214280][ C0] ? __might_fault+0xb0/0x130
[ 137.218950][ C0] ? __pfx___se_sys_clone3+0x10/0x10
[ 137.224316][ C0] ? _copy_to_user+0x8a/0xb0
[ 137.228903][ C0] ? do_user_addr_fault+0xc85/0x1380
[ 137.234251][ C0] ? do_syscall_64+0xbe/0xfa0
[ 137.238925][ C0] do_syscall_64+0xfa/0xfa0
[ 137.243424][ C0] ? lockdep_hardirqs_on+0x9c/0x150
[ 137.248621][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 137.254760][ C0] ? clear_bhb_loop+0x60/0xb0
[ 137.259426][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 137.265322][ C0] RIP: 0033:0x7feaee1c3e09
[ 137.269749][ C0] Code: cf 08 00 48 8d 3d dc cf 08 00 e8 e2 28 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[ 137.289364][ C0] RSP: 002b:00007ffcd4d2dac8 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3
[ 137.298140][ C0] RAX: ffffffffffffffda RBX: 00007feaee1461f0 RCX: 00007feaee1c3e09
[ 137.306194][ C0] RDX: 00007feaee1461f0 RSI: 0000000000000058 RDI: 00007ffcd4d2db10
[ 137.314414][ C0] RBP: 00007feaeef826c0 R08: 00007feaeef826c0 R09: 00007ffcd4d2dbf7
[ 137.322375][ C0] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8
[ 137.330344][ C0] R13: 000000000000000b R14: 00007ffcd4d2db10 R15: 00007ffcd4d2dbf8
[ 137.338424][ C0]
[ 137.341800][ C0] Kernel Offset: disabled
[ 137.346127][ C0] Rebooting in 86400 seconds..