Warning: Permanently added '10.128.0.89' (ED25519) to the list of known hosts.
2026/02/25 02:28:22 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[  112.000351][ T6138] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  115.042705][ T6159] chnl_net:caif_netlink_parms(): no params data found
[  115.104005][ T6159] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.111322][ T6159] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.118592][ T6159] bridge_slave_0: entered allmulticast mode
[  115.125474][ T6159] bridge_slave_0: entered promiscuous mode
[  115.133780][ T6159] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.141086][ T6159] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.148598][ T6159] bridge_slave_1: entered allmulticast mode
[  115.155654][ T6159] bridge_slave_1: entered promiscuous mode
[  115.181515][ T6159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.192713][ T6159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.217465][ T6159] team0: Port device team_slave_0 added
[  115.224790][ T6159] team0: Port device team_slave_1 added
[  115.244991][ T6159] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.252087][ T6159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  115.278502][ T6159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.291195][ T6159] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.298343][ T6159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  115.324293][ T6159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.359322][ T6159] hsr_slave_0: entered promiscuous mode
[  115.365626][ T6159] hsr_slave_1: entered promiscuous mode
[  115.799239][ T6159] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  115.811465][ T6159] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  115.821099][ T6159] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  115.833575][ T6159] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  115.914537][ T6159] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.937254][ T6159] 8021q: adding VLAN 0 to HW filter on device team0
[  115.950144][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.957304][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.975804][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.982988][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.206180][ T6159] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.244434][ T6159] veth0_vlan: entered promiscuous mode
[  116.260479][ T6159] veth1_vlan: entered promiscuous mode
[  116.294804][ T6159] veth0_macvtap: entered promiscuous mode
[  116.305320][ T6159] veth1_macvtap: entered promiscuous mode
[  116.325187][ T6159] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.339583][ T6159] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.355038][   T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.368757][   T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.390513][   T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.402925][   T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.575499][  T175] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.636917][  T175] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.685335][  T175] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.779220][  T175] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.546345][ T5145] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  118.554930][ T5145] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  118.563268][ T5145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  118.594525][ T5145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  118.602898][ T5145] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  119.029644][  T175] bridge_slave_1: left allmulticast mode
[  119.035450][  T175] bridge_slave_1: left promiscuous mode
[  119.046445][  T175] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.056434][  T175] bridge_slave_0: left allmulticast mode
[  119.062707][  T175] bridge_slave_0: left promiscuous mode
[  119.069165][  T175] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.268579][  T175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.281670][  T175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  119.292325][  T175] bond0 (unregistering): Released all slaves
[  119.426277][  T175] hsr_slave_0: left promiscuous mode
[  119.448838][  T175] hsr_slave_1: left promiscuous mode
[  119.461674][  T175] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  119.491070][  T175] batman_adv: batadv0: Removing interface: batadv_slave_0
[  119.523292][  T175] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  119.537204][  T175] batman_adv: batadv0: Removing interface: batadv_slave_1
[  119.567029][  T175] veth1_macvtap: left promiscuous mode
[  119.580142][  T175] veth0_macvtap: left promiscuous mode
[  119.585745][  T175] veth1_vlan: left promiscuous mode
[  119.607841][  T175] veth0_vlan: left promiscuous mode
[  119.963523][  T175] team0 (unregistering): Port device team_slave_1 removed
[  119.985736][  T175] team0 (unregistering): Port device team_slave_0 removed
[  120.336498][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.359165][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.390931][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.399926][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/25 02:28:35 executed programs: 0
[  121.523966][ T5145] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  121.541222][ T5145] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  121.551548][ T5145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  121.563054][ T5145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  121.570879][ T5145] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  122.076227][ T6396] chnl_net:caif_netlink_parms(): no params data found
[  122.234165][ T6396] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.250914][ T6396] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.269617][ T6396] bridge_slave_0: entered allmulticast mode
[  122.295605][ T6396] bridge_slave_0: entered promiscuous mode
[  122.317423][ T6396] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.325626][ T6396] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.335927][ T6396] bridge_slave_1: entered allmulticast mode
[  122.343780][ T6396] bridge_slave_1: entered promiscuous mode
[  122.411393][ T6396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  122.472225][ T6396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  122.512192][ T6396] team0: Port device team_slave_0 added
[  122.520862][ T6396] team0: Port device team_slave_1 added
[  122.570592][ T6396] batman_adv: batadv0: Adding interface: batadv_slave_0
[  122.577579][ T6396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  122.604514][ T6396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  122.617474][ T6396] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.626220][ T6396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  122.652232][ T6396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.699537][ T6396] hsr_slave_0: entered promiscuous mode
[  122.705956][ T6396] hsr_slave_1: entered promiscuous mode
[  123.178049][ T6396] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  123.189344][ T6396] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  123.201223][ T6396] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  123.212689][ T6396] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.303236][ T6396] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.329378][ T6396] 8021q: adding VLAN 0 to HW filter on device team0
[  123.341149][  T175] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.348309][  T175] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.367470][  T138] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.374609][  T138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.601511][ T6396] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.648711][ T5145] Bluetooth: hci0: command tx timeout
[  123.664622][ T6396] veth0_vlan: entered promiscuous mode
[  123.678775][ T6396] veth1_vlan: entered promiscuous mode
[  123.715591][ T6396] veth0_macvtap: entered promiscuous mode
[  123.726192][ T6396] veth1_macvtap: entered promiscuous mode
[  123.747280][ T6396] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.764244][ T6396] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.781971][  T175] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.798338][  T175] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.807168][  T175] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.816931][  T175] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.886785][  T138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.904181][  T138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.944450][  T175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.953160][  T175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.447871][ T6487] ==================================================================
[  124.455961][ T6487] BUG: KASAN: slab-use-after-free in __sk_msg_recvmsg+0x19b/0xe70
[  124.463882][ T6487] Read of size 8 at addr ffff88807b5faab0 by task syz.0.18/6487
[  124.471521][ T6487] 
[  124.473889][ T6487] CPU: 1 UID: 0 PID: 6487 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full) 
[  124.473912][ T6487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  124.473929][ T6487] Call Trace:
[  124.473937][ T6487]  <TASK>
[  124.473945][ T6487]  dump_stack_lvl+0xe8/0x150
[  124.473974][ T6487]  print_report+0xba/0x230
[  124.473994][ T6487]  ? __sk_msg_recvmsg+0x19b/0xe70
[  124.474013][ T6487]  kasan_report+0x117/0x150
[  124.474034][ T6487]  ? __sk_msg_recvmsg+0x19b/0xe70
[  124.474056][ T6487]  __sk_msg_recvmsg+0x19b/0xe70
[  124.474078][ T6487]  ? sk_psock_get+0x387/0x440
[  124.474102][ T6487]  ? __pfx_sk_psock_get+0x10/0x10
[  124.474154][ T6487]  udp_bpf_recvmsg+0x190/0xad0
[  124.474180][ T6487]  ? __page_table_check_zero+0x6a/0x3e0
[  124.474197][ T6487]  ? __page_table_check_zero+0x6a/0x3e0
[  124.474217][ T6487]  ? __pfx_udp_bpf_recvmsg+0x10/0x10
[  124.474244][ T6487]  ? aa_sk_perm+0x15a/0x960
[  124.474266][ T6487]  ? aa_sk_perm+0x82d/0x960
[  124.474283][ T6487]  ? sock_rps_record_flow+0x19/0x400
[  124.474303][ T6487]  ? __pfx_udp_bpf_recvmsg+0x10/0x10
[  124.474323][ T6487]  inet_recvmsg+0x260/0x270
[  124.474347][ T6487]  ? __pfx_inet_recvmsg+0x10/0x10
[  124.474368][ T6487]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  124.474385][ T6487]  ? security_socket_recvmsg+0x7e/0x2c0
[  124.474408][ T6487]  sock_recvmsg+0x1a8/0x270
[  124.474428][ T6487]  ____sys_recvmsg+0x1e6/0x4a0
[  124.474454][ T6487]  ? __pfx_____sys_recvmsg+0x10/0x10
[  124.474483][ T6487]  ? import_iovec+0x73/0xa0
[  124.474506][ T6487]  ___sys_recvmsg+0x215/0x590
[  124.474531][ T6487]  ? __pfx____sys_recvmsg+0x10/0x10
[  124.474572][ T6487]  ? __fget_files+0x3a0/0x420
[  124.474597][ T6487]  do_recvmmsg+0x334/0x800
[  124.474623][ T6487]  ? do_raw_spin_lock+0x12b/0x2f0
[  124.474639][ T6487]  ? __pfx_do_recvmmsg+0x10/0x10
[  124.474661][ T6487]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  124.474686][ T6487]  ? lockdep_hardirqs_on+0x7a/0x110
[  124.474712][ T6487]  __x64_sys_recvmmsg+0x198/0x250
[  124.474737][ T6487]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  124.474765][ T6487]  do_syscall_64+0x14d/0xf80
[  124.474787][ T6487]  ? trace_irq_disable+0x3b/0x150
[  124.474809][ T6487]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.474826][ T6487]  ? clear_bhb_loop+0x40/0x90
[  124.474845][ T6487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.474861][ T6487] RIP: 0033:0x7fcf5199aeb9
[  124.474885][ T6487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  124.474899][ T6487] RSP: 002b:00007fcf50fbc028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  124.474923][ T6487] RAX: ffffffffffffffda RBX: 00007fcf51c16180 RCX: 00007fcf5199aeb9
[  124.474935][ T6487] RDX: 0000000000000001 RSI: 0000200000000400 RDI: 0000000000000004
[  124.474945][ T6487] RBP: 00007fcf51a08c1f R08: 0000000000000000 R09: 0000000000000000
[  124.474955][ T6487] R10: 0000000040000021 R11: 0000000000000246 R12: 0000000000000000
[  124.474964][ T6487] R13: 00007fcf51c16218 R14: 00007fcf51c16180 R15: 00007fff956eb1e8
[  124.474984][ T6487]  </TASK>
[  124.474990][ T6487] 
[  124.771899][ T6487] Allocated by task 6485:
[  124.776388][ T6487]  kasan_save_track+0x3e/0x80
[  124.781055][ T6487]  __kasan_kmalloc+0x93/0xb0
[  124.785627][ T6487]  __kmalloc_cache_noprof+0x31c/0x660
[  124.791021][ T6487]  sk_psock_skb_ingress_self+0x5e/0x370
[  124.796553][ T6487]  sk_psock_verdict_recv+0x7d9/0x8d0
[  124.801829][ T6487]  udp_read_skb+0x745/0x7f0
[  124.806316][ T6487]  sk_psock_verdict_data_ready+0x12d/0x590
[  124.812121][ T6487]  __udp_enqueue_schedule_skb+0xc7b/0x14e0
[  124.817909][ T6487]  udp_queue_rcv_one_skb+0xa3e/0x1a50
[  124.823262][ T6487]  __udp4_lib_mcast_deliver+0xc0c/0xd00
[  124.828789][ T6487]  __udp4_lib_rcv+0x11b4/0x2630
[  124.833623][ T6487]  ip_protocol_deliver_rcu+0x282/0x440
[  124.839062][ T6487]  ip_local_deliver_finish+0x3bb/0x6f0
[  124.844503][ T6487]  NF_HOOK+0x336/0x3c0
[  124.848558][ T6487]  ip_sublist_rcv_finish+0x221/0x2a0
[  124.853826][ T6487]  ip_sublist_rcv+0x5c6/0xa70
[  124.858488][ T6487]  ip_list_rcv+0x3f1/0x450
[  124.862885][ T6487]  __netif_receive_skb_list_core+0x7e5/0x810
[  124.868850][ T6487]  netif_receive_skb_list_internal+0x995/0xcf0
[  124.875077][ T6487]  netif_receive_skb_list+0x55/0x4b0
[  124.880352][ T6487]  bpf_test_run_xdp_live+0x1946/0x1cf0
[  124.885794][ T6487]  bpf_prog_test_run_xdp+0x81c/0x1160
[  124.891232][ T6487]  bpf_prog_test_run+0x2c7/0x340
[  124.896150][ T6487]  __sys_bpf+0x643/0x950
[  124.900375][ T6487]  __x64_sys_bpf+0x7c/0x90
[  124.904778][ T6487]  do_syscall_64+0x14d/0xf80
[  124.909356][ T6487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.915287][ T6487] 
[  124.917593][ T6487] Freed by task 6486:
[  124.921556][ T6487]  kasan_save_track+0x3e/0x80
[  124.926214][ T6487]  kasan_save_free_info+0x46/0x50
[  124.931223][ T6487]  __kasan_slab_free+0x5c/0x80
[  124.935969][ T6487]  kfree+0x1c1/0x630
[  124.939850][ T6487]  __sk_msg_recvmsg+0xc7e/0xe70
[  124.944704][ T6487]  udp_bpf_recvmsg+0x190/0xad0
[  124.949454][ T6487]  inet_recvmsg+0x260/0x270
[  124.953972][ T6487]  sock_recvmsg+0x1a8/0x270
[  124.958542][ T6487]  ____sys_recvmsg+0x1e6/0x4a0
[  124.963297][ T6487]  ___sys_recvmsg+0x215/0x590
[  124.968137][ T6487]  do_recvmmsg+0x334/0x800
[  124.972553][ T6487]  __x64_sys_recvmmsg+0x198/0x250
[  124.977563][ T6487]  do_syscall_64+0x14d/0xf80
[  124.982142][ T6487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.988190][ T6487] 
[  124.990507][ T6487] The buggy address belongs to the object at ffff88807b5fa800
[  124.990507][ T6487]  which belongs to the cache kmalloc-1k of size 1024
[  125.004540][ T6487] The buggy address is located 688 bytes inside of
[  125.004540][ T6487]  freed 1024-byte region [ffff88807b5fa800, ffff88807b5fac00)
[  125.018411][ T6487] 
[  125.020725][ T6487] The buggy address belongs to the physical page:
[  125.027123][ T6487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b5f8
[  125.035871][ T6487] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  125.044353][ T6487] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  125.051886][ T6487] page_type: f5(slab)
[  125.055856][ T6487] raw: 00fff00000000040 ffff88813fea8dc0 dead000000000100 dead000000000122
[  125.064422][ T6487] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  125.072993][ T6487] head: 00fff00000000040 ffff88813fea8dc0 dead000000000100 dead000000000122
[  125.081647][ T6487] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  125.090301][ T6487] head: 00fff00000000003 ffffea0001ed7e01 00000000ffffffff 00000000ffffffff
[  125.098949][ T6487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  125.107684][ T6487] page dumped because: kasan: bad access detected
[  125.114111][ T6487] page_owner tracks the page as allocated
[  125.119804][ T6487] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 35, tgid 35 (kworker/u8:2), ts 124378654074, free_ts 124119923115
[  125.138887][ T6487]  post_alloc_hook+0x231/0x280
[  125.143635][ T6487]  get_page_from_freelist+0x24dc/0x2580
[  125.149259][ T6487]  __alloc_frozen_pages_noprof+0x18d/0x380
[  125.155049][ T6487]  alloc_pages_mpol+0x232/0x4a0
[  125.159882][ T6487]  allocate_slab+0x83/0x660
[  125.164368][ T6487]  ___slab_alloc+0x150/0x6b0
[  125.168940][ T6487]  __kmalloc_noprof+0x18a/0x760
[  125.173772][ T6487]  ___neigh_create+0x6d5/0x2280
[  125.178603][ T6487]  ip6_finish_output2+0x729/0x13e0
[  125.183699][ T6487]  ip6_output+0x340/0x550
[  125.188098][ T6487]  ndisc_send_skb+0xbaa/0x14e0
[  125.192839][ T6487]  ndisc_send_ns+0xd7/0x160
[  125.197321][ T6487]  addrconf_dad_work+0xac4/0x14c0
[  125.202327][ T6487]  process_scheduled_works+0xb02/0x1830
[  125.207856][ T6487]  worker_thread+0xa50/0xfc0
[  125.212429][ T6487]  kthread+0x388/0x470
[  125.216473][ T6487] page last free pid 6483 tgid 6483 stack trace:
[  125.222774][ T6487]  __free_frozen_pages+0xc2b/0xdb0
[  125.227865][ T6487]  __slab_free+0x263/0x2b0
[  125.232262][ T6487]  qlist_free_all+0x97/0x100
[  125.236838][ T6487]  kasan_quarantine_reduce+0x148/0x160
[  125.242291][ T6487]  __kasan_slab_alloc+0x22/0x80
[  125.247125][ T6487]  __kmalloc_noprof+0x316/0x760
[  125.251965][ T6487]  tomoyo_realpath_from_path+0xe3/0x5d0
[  125.257499][ T6487]  tomoyo_path_perm+0x283/0x560
[  125.262345][ T6487]  security_inode_getattr+0x12b/0x310
[  125.267702][ T6487]  __x64_sys_newfstat+0x13b/0x270
[  125.272717][ T6487]  do_syscall_64+0x14d/0xf80
[  125.277314][ T6487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.283193][ T6487] 
[  125.285501][ T6487] Memory state around the buggy address:
[  125.291206][ T6487]  ffff88807b5fa980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.299254][ T6487]  ffff88807b5faa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.307299][ T6487] >ffff88807b5faa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.315336][ T6487]                                      ^
[  125.320944][ T6487]  ffff88807b5fab00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.328983][ T6487]  ffff88807b5fab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.337018][ T6487] ==================================================================
[  125.372568][ T6487] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  125.379837][ T6487] CPU: 1 UID: 0 PID: 6487 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full) 
[  125.389041][ T6487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  125.399111][ T6487] Call Trace:
[  125.402393][ T6487]  <TASK>
[  125.405325][ T6487]  vpanic+0x56c/0xa60
[  125.409305][ T6487]  ? __pfx_vpanic+0x10/0x10
[  125.413802][ T6487]  panic+0xc5/0xd0
[  125.417508][ T6487]  ? __pfx_panic+0x10/0x10
[  125.421919][ T6487]  ? preempt_schedule_thunk+0x16/0x30
[  125.427278][ T6487]  ? preempt_schedule_thunk+0x16/0x30
[  125.432636][ T6487]  ? __sk_msg_recvmsg+0x19b/0xe70
[  125.437648][ T6487]  check_panic_on_warn+0x89/0xb0
[  125.442582][ T6487]  ? __sk_msg_recvmsg+0x19b/0xe70
[  125.447590][ T6487]  end_report+0x73/0x180
[  125.451821][ T6487]  ? __sk_msg_recvmsg+0x19b/0xe70
[  125.456832][ T6487]  kasan_report+0x128/0x150
[  125.461336][ T6487]  ? __sk_msg_recvmsg+0x19b/0xe70
[  125.466348][ T6487]  __sk_msg_recvmsg+0x19b/0xe70
[  125.471187][ T6487]  ? sk_psock_get+0x387/0x440
[  125.475862][ T6487]  ? __pfx_sk_psock_get+0x10/0x10
[  125.480879][ T6487]  udp_bpf_recvmsg+0x190/0xad0
[  125.485677][ T6487]  ? __page_table_check_zero+0x6a/0x3e0
[  125.491210][ T6487]  ? __page_table_check_zero+0x6a/0x3e0
[  125.496774][ T6487]  ? __pfx_udp_bpf_recvmsg+0x10/0x10
[  125.502051][ T6487]  ? aa_sk_perm+0x15a/0x960
[  125.506542][ T6487]  ? aa_sk_perm+0x82d/0x960
[  125.511028][ T6487]  ? sock_rps_record_flow+0x19/0x400
[  125.516313][ T6487]  ? __pfx_udp_bpf_recvmsg+0x10/0x10
[  125.521597][ T6487]  inet_recvmsg+0x260/0x270
[  125.526096][ T6487]  ? __pfx_inet_recvmsg+0x10/0x10
[  125.531108][ T6487]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  125.536404][ T6487]  ? security_socket_recvmsg+0x7e/0x2c0
[  125.541939][ T6487]  sock_recvmsg+0x1a8/0x270
[  125.546433][ T6487]  ____sys_recvmsg+0x1e6/0x4a0
[  125.551197][ T6487]  ? __pfx_____sys_recvmsg+0x10/0x10
[  125.556476][ T6487]  ? import_iovec+0x73/0xa0
[  125.560974][ T6487]  ___sys_recvmsg+0x215/0x590
[  125.565685][ T6487]  ? __pfx____sys_recvmsg+0x10/0x10
[  125.570969][ T6487]  ? __fget_files+0x3a0/0x420
[  125.575642][ T6487]  do_recvmmsg+0x334/0x800
[  125.580052][ T6487]  ? do_raw_spin_lock+0x12b/0x2f0
[  125.585064][ T6487]  ? __pfx_do_recvmmsg+0x10/0x10
[  125.589995][ T6487]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  125.595369][ T6487]  ? lockdep_hardirqs_on+0x7a/0x110
[  125.600591][ T6487]  __x64_sys_recvmmsg+0x198/0x250
[  125.605625][ T6487]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  125.611178][ T6487]  do_syscall_64+0x14d/0xf80
[  125.615766][ T6487]  ? trace_irq_disable+0x3b/0x150
[  125.620780][ T6487]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.626834][ T6487]  ? clear_bhb_loop+0x40/0x90
[  125.631500][ T6487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.637379][ T6487] RIP: 0033:0x7fcf5199aeb9
[  125.641780][ T6487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  125.661373][ T6487] RSP: 002b:00007fcf50fbc028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  125.669781][ T6487] RAX: ffffffffffffffda RBX: 00007fcf51c16180 RCX: 00007fcf5199aeb9
[  125.677737][ T6487] RDX: 0000000000000001 RSI: 0000200000000400 RDI: 0000000000000004
[  125.685746][ T6487] RBP: 00007fcf51a08c1f R08: 0000000000000000 R09: 0000000000000000
[  125.693707][ T6487] R10: 0000000040000021 R11: 0000000000000246 R12: 0000000000000000
[  125.701670][ T6487] R13: 00007fcf51c16218 R14: 00007fcf51c16180 R15: 00007fff956eb1e8
[  125.709634][ T6487]  </TASK>
[  125.713053][ T6487] Kernel Offset: disabled
[  125.717361][ T6487] Rebooting in 86400 seconds..