Warning: Permanently added '10.128.1.86' (ED25519) to the list of known hosts.
2025/11/09 16:43:13 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[  103.642680][ T5337] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  106.148201][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.156047][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.198511][  T885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.206546][  T885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.300932][ T5348] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.327179][ T5348] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.334384][ T5348] bridge_slave_0: entered allmulticast mode
[  107.370971][ T5348] bridge_slave_0: entered promiscuous mode
[  107.419513][ T5348] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.426658][ T5348] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.470204][ T5348] bridge_slave_1: entered allmulticast mode
[  107.495413][ T5348] bridge_slave_1: entered promiscuous mode
[  108.130724][ T5348] team0: Port device team_slave_0 added
[  108.236330][ T5348] team0: Port device team_slave_1 added
[  109.249217][ T5348] hsr_slave_0: entered promiscuous mode
[  109.255818][ T5348] hsr_slave_1: entered promiscuous mode
[  110.170652][ T5348] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  110.196751][ T5348] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  110.208065][ T5348] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  110.221881][ T5348] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  111.029953][ T5348] 8021q: adding VLAN 0 to HW filter on device team0
[  111.042825][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.050071][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.063699][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.070906][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.805289][ T5348] veth0_vlan: entered promiscuous mode
[  111.815974][ T5348] veth1_vlan: entered promiscuous mode
[  112.099659][ T5348] veth0_macvtap: entered promiscuous mode
[  112.108661][ T5348] veth1_macvtap: entered promiscuous mode
[  112.136440][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.145430][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.155432][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.164574][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/11/09 16:43:24 executed programs: 0
[  112.801588][   T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.023079][   T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.242556][   T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.394002][   T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.854695][   T13] bridge_slave_1: left allmulticast mode
[  113.867121][   T13] bridge_slave_1: left promiscuous mode
[  113.877117][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.886513][   T13] bridge_slave_0: left allmulticast mode
[  113.896003][   T13] bridge_slave_0: left promiscuous mode
[  113.902275][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.380478][   T13] hsr_slave_0: left promiscuous mode
[  114.386366][   T13] hsr_slave_1: left promiscuous mode
[  114.396384][   T13] veth1_macvtap: left promiscuous mode
[  114.402283][   T13] veth0_macvtap: left promiscuous mode
[  114.407974][   T13] veth1_vlan: left promiscuous mode
[  114.413232][   T13] veth0_vlan: left promiscuous mode
[  114.643184][   T13] team0 (unregistering): Port device team_slave_1 removed
[  114.668160][   T13] team0 (unregistering): Port device team_slave_0 removed
[  114.952847][ T5565] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.960422][ T5565] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.968000][ T5565] bridge_slave_0: entered allmulticast mode
[  114.974848][ T5565] bridge_slave_0: entered promiscuous mode
[  114.982475][ T5565] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.989761][ T5565] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.997662][ T5565] bridge_slave_1: entered allmulticast mode
[  115.008682][ T5565] bridge_slave_1: entered promiscuous mode
[  115.033659][ T5568] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.040944][ T5568] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.048714][ T5568] bridge_slave_0: entered allmulticast mode
[  115.056289][ T5568] bridge_slave_0: entered promiscuous mode
[  115.064068][ T5568] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.071724][ T5568] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.079164][ T5568] bridge_slave_1: entered allmulticast mode
[  115.086148][ T5568] bridge_slave_1: entered promiscuous mode
[  115.115629][ T5570] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.122902][ T5570] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.130358][ T5570] bridge_slave_0: entered allmulticast mode
[  115.138728][ T5570] bridge_slave_0: entered promiscuous mode
[  115.224210][ T5570] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.238410][ T5570] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.245609][ T5570] bridge_slave_1: entered allmulticast mode
[  115.253770][ T5570] bridge_slave_1: entered promiscuous mode
[  115.398414][ T5571] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.405572][ T5571] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.427727][ T5571] bridge_slave_0: entered allmulticast mode
[  115.440601][ T5571] bridge_slave_0: entered promiscuous mode
[  115.454267][ T5571] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.462411][ T5571] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.469977][ T5571] bridge_slave_1: entered allmulticast mode
[  115.490180][ T5571] bridge_slave_1: entered promiscuous mode
[  115.497259][ T5567] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.504394][ T5567] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.538617][ T5567] bridge_slave_0: entered allmulticast mode
[  115.560697][ T5567] bridge_slave_0: entered promiscuous mode
[  115.572694][ T5567] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.583227][ T5567] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.597378][ T5567] bridge_slave_1: entered allmulticast mode
[  115.605033][ T5567] bridge_slave_1: entered promiscuous mode
[  115.848373][ T5565] team0: Port device team_slave_0 added
[  115.945668][ T5565] team0: Port device team_slave_1 added
[  115.953672][ T5568] team0: Port device team_slave_0 added
[  115.962963][ T5568] team0: Port device team_slave_1 added
[  116.133150][ T5570] team0: Port device team_slave_0 added
[  116.160862][ T5570] team0: Port device team_slave_1 added
[  116.292051][ T5571] team0: Port device team_slave_0 added
[  116.310170][ T5571] team0: Port device team_slave_1 added
[  116.318480][ T5567] team0: Port device team_slave_0 added
[  116.337682][ T5567] team0: Port device team_slave_1 added
[  116.607987][ T5568] hsr_slave_0: entered promiscuous mode
[  116.615224][ T5568] hsr_slave_1: entered promiscuous mode
[  116.639610][ T5565] hsr_slave_0: entered promiscuous mode
[  116.646178][ T5565] hsr_slave_1: entered promiscuous mode
[  116.668077][ T5565] debugfs: 'hsr0' already exists in 'hsr'
[  116.673847][ T5565] Cannot create hsr debugfs directory
[  116.855750][ T5570] hsr_slave_0: entered promiscuous mode
[  116.862701][ T5570] hsr_slave_1: entered promiscuous mode
[  116.869569][ T5570] debugfs: 'hsr0' already exists in 'hsr'
[  116.875317][ T5570] Cannot create hsr debugfs directory
[  116.991950][ T5571] hsr_slave_0: entered promiscuous mode
[  116.998875][ T5571] hsr_slave_1: entered promiscuous mode
[  117.005317][ T5571] debugfs: 'hsr0' already exists in 'hsr'
[  117.011620][ T5571] Cannot create hsr debugfs directory
[  117.178838][ T5567] hsr_slave_0: entered promiscuous mode
[  117.199810][ T5567] hsr_slave_1: entered promiscuous mode
[  117.206160][ T5567] debugfs: 'hsr0' already exists in 'hsr'
[  117.213382][ T5567] Cannot create hsr debugfs directory
[  117.557824][ T5568] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  117.580500][ T5568] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  117.672950][ T5568] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  117.734404][ T5568] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  118.369798][ T5570] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  118.433189][ T5570] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  118.451413][ T5570] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  118.482221][ T5570] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  118.931194][ T5567] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  118.989087][ T5567] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  119.011277][ T5567] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  119.049500][ T5567] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  119.173241][ T5571] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  119.208572][ T5571] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  119.236800][ T5571] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  119.326910][ T5571] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  119.498514][ T5565] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  119.511427][ T5565] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  119.613303][ T5565] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  119.662237][ T5565] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  120.431873][ T5568] 8021q: adding VLAN 0 to HW filter on device team0
[  120.473582][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.480877][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.562355][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.569598][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.106707][ T5570] 8021q: adding VLAN 0 to HW filter on device team0
[  122.191534][  T966] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.198754][  T966] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.238997][  T966] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.246173][  T966] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.864090][ T5567] 8021q: adding VLAN 0 to HW filter on device team0
[  122.942167][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.949384][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.998343][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.005497][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.094414][ T5571] 8021q: adding VLAN 0 to HW filter on device team0
[  123.179675][ T5567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  123.222710][  T944] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.229907][  T944] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.263516][  T944] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.270729][  T944] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.676108][ T5565] 8021q: adding VLAN 0 to HW filter on device team0
[  123.751619][  T966] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.758812][  T966] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.806518][  T966] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.813813][  T966] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.498455][ T5568] veth0_vlan: entered promiscuous mode
[  124.527328][ T5568] veth1_vlan: entered promiscuous mode
[  126.067690][ T5568] veth0_macvtap: entered promiscuous mode
[  126.110210][ T5568] veth1_macvtap: entered promiscuous mode
[  126.230096][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.263833][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.303454][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.344270][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.524206][ T3021] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.563183][ T3021] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.592724][ T5570] veth0_vlan: entered promiscuous mode
[  126.650545][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.669688][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.670119][ T5570] veth1_vlan: entered promiscuous mode
[  126.770111][ T5567] veth0_vlan: entered promiscuous mode
[  126.834732][ T5567] veth1_vlan: entered promiscuous mode
2025/11/09 16:43:39 executed programs: 10
[  127.671931][ T5565] veth0_vlan: entered promiscuous mode
[  127.714167][ T5565] veth1_vlan: entered promiscuous mode
[  127.891310][ T5571] veth0_vlan: entered promiscuous mode
[  127.932334][ T5571] veth1_vlan: entered promiscuous mode
[  128.019248][ T5570] veth0_macvtap: entered promiscuous mode
[  128.046224][ T5570] veth1_macvtap: entered promiscuous mode
[  128.157257][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.176283][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.232630][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.263638][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.385159][ T5567] veth0_macvtap: entered promiscuous mode
[  128.451926][ T5567] veth1_macvtap: entered promiscuous mode
[  128.505731][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.540345][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.619329][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.645674][  T966] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.657002][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.683096][  T966] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.709935][  T966] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.768543][  T966] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.968731][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.976587][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.090926][ T3021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.111699][ T3021] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.323789][ T5565] veth0_macvtap: entered promiscuous mode
[  129.366664][ T5565] veth1_macvtap: entered promiscuous mode
[  129.505571][ T3021] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.519696][ T3021] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.568428][ T3021] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.640062][  T944] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.671610][ T5571] veth0_macvtap: entered promiscuous mode
[  129.731755][ T5571] veth1_macvtap: entered promiscuous mode
[  129.901856][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.932211][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.053864][   T40] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.065278][  T944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.090144][  T944] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.139594][   T40] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.175890][  T944] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.210914][  T944] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.367050][  T944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.417341][  T944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.505944][  T966] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.552264][  T966] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.336992][    C1] hrtimer: interrupt took 35773 ns
2025/11/09 16:43:44 executed programs: 91
2025/11/09 16:43:49 executed programs: 250
[  138.004435][ T6900] ==================================================================
[  138.012536][ T6900] BUG: KASAN: stack-out-of-bounds in __bpf_get_stack+0x5a3/0xaa0
[  138.020292][ T6900] Write of size 160 at addr ffffc900035a7378 by task syz.2.274/6900
[  138.028277][ T6900] 
[  138.030634][ T6900] CPU: 1 UID: 0 PID: 6900 Comm: syz.2.274 Not tainted syzkaller #0 PREEMPT(full) 
[  138.030655][ T6900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  138.030673][ T6900] Call Trace:
[  138.030681][ T6900]  <TASK>
[  138.030688][ T6900]  dump_stack_lvl+0x189/0x250
[  138.030714][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.030736][ T6900]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.030756][ T6900]  ? __pfx__printk+0x10/0x10
[  138.030778][ T6900]  ? __virt_addr_valid+0xdc/0x5c0
[  138.030800][ T6900]  ? __virt_addr_valid+0xdc/0x5c0
[  138.030823][ T6900]  print_report+0xca/0x240
[  138.030844][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.030862][ T6900]  kasan_report+0x118/0x150
[  138.030885][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.030906][ T6900]  kasan_check_range+0x2b0/0x2c0
[  138.030921][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.030964][ T6900]  __asan_memcpy+0x40/0x70
[  138.030984][ T6900]  __bpf_get_stack+0x5a3/0xaa0
[  138.031005][ T6900]  ? __pfx___bpf_get_stack+0x10/0x10
[  138.031027][ T6900]  bpf_get_stack+0x33/0x50
[  138.031045][ T6900]  ? ___bpf_prog_run+0xf5b/0xb2b0
[  138.031061][ T6900]  bpf_get_stack_raw_tp+0x1a9/0x220
[  138.031084][ T6900]  ___bpf_prog_run+0xf5b/0xb2b0
[  138.031101][ T6900]  __bpf_prog_run32+0xdb/0x130
[  138.031116][ T6900]  ? __pfx___bpf_prog_run32+0x10/0x10
[  138.031131][ T6900]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.031155][ T6900]  ? bpf_trace_run2+0x186/0x4b0
[  138.031179][ T6900]  bpf_trace_run2+0x284/0x4b0
[  138.031200][ T6900]  ? bpf_trace_run2+0x186/0x4b0
[  138.031222][ T6900]  ? __pfx_bpf_trace_run2+0x10/0x10
[  138.031244][ T6900]  ? kasan_quarantine_put+0xdd/0x220
[  138.031264][ T6900]  ? compute_postorder+0x884/0x970
[  138.031286][ T6900]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.031308][ T6900]  ? compute_postorder+0x884/0x970
[  138.031330][ T6900]  ? compute_postorder+0x884/0x970
[  138.031351][ T6900]  kfree+0x62f/0x6d0
[  138.031369][ T6900]  ? bpf_insn_successors+0x1d3/0x3a0
[  138.031391][ T6900]  compute_postorder+0x884/0x970
[  138.031417][ T6900]  bpf_check+0x61b4/0x1dc50
[  138.031438][ T6900]  ? __pfx_perf_tp_event+0x10/0x10
[  138.031461][ T6900]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  138.031491][ T6900]  ? __lock_acquire+0xab9/0xd20
[  138.031511][ T6900]  ? seqcount_lockdep_reader_access+0x122/0x1c0
[  138.031533][ T6900]  ? __pfx_bpf_check+0x10/0x10
[  138.031553][ T6900]  ? ktime_get_with_offset+0x93/0x2a0
[  138.031572][ T6900]  ? seqcount_lockdep_reader_access+0x174/0x1c0
[  138.031592][ T6900]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  138.031614][ T6900]  ? __asan_memset+0x22/0x50
[  138.031632][ T6900]  ? bpf_obj_name_cpy+0x194/0x1e0
[  138.031652][ T6900]  ? security_bpf_prog_load+0x100/0x300
[  138.031677][ T6900]  bpf_prog_load+0x13ba/0x19d0
[  138.031693][ T6900]  ? __pfx_bpf_prog_load+0x10/0x10
[  138.031710][ T6900]  ? security_bpf+0x5d/0x210
[  138.031730][ T6900]  __sys_bpf+0x507/0x860
[  138.031746][ T6900]  ? __pfx___sys_bpf+0x10/0x10
[  138.031768][ T6900]  __x64_sys_bpf+0x7c/0x90
[  138.031790][ T6900]  do_syscall_64+0xfa/0xfa0
[  138.031813][ T6900]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.031828][ T6900]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  138.031845][ T6900]  ? clear_bhb_loop+0x60/0xb0
[  138.031861][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.031878][ T6900] RIP: 0033:0x7f0938d8f6c9
[  138.031901][ T6900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.031915][ T6900] RSP: 002b:00007f0939c63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  138.031946][ T6900] RAX: ffffffffffffffda RBX: 00007f0938fe5fa0 RCX: 00007f0938d8f6c9
[  138.031958][ T6900] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  138.031969][ T6900] RBP: 00007f0938e11f91 R08: 0000000000000000 R09: 0000000000000000
[  138.031979][ T6900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  138.031988][ T6900] R13: 00007f0938fe6038 R14: 00007f0938fe5fa0 R15: 00007ffed6ed0ca8
[  138.032003][ T6900]  </TASK>
[  138.032009][ T6900] 
[  138.421211][ T6900] The buggy address belongs to stack of task syz.2.274/6900
[  138.428472][ T6900]  and is located at offset 56 in frame:
[  138.434095][ T6900]  __bpf_prog_run32+0x0/0x130
[  138.438760][ T6900] 
[  138.441067][ T6900] This frame has 2 objects:
[  138.445547][ T6900]  [32, 64) 'stack'
[  138.445558][ T6900]  [96, 192) 'regs'
[  138.449342][ T6900] 
[  138.455669][ T6900] The buggy address belongs to a 8-page vmalloc region starting at 0xffffc900035a0000 allocated at copy_process+0x54b/0x3b70
[  138.468605][ T6900] The buggy address belongs to the physical page:
[  138.475014][ T6900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802bce0440 pfn:0x2bce0
[  138.485067][ T6900] memcg:ffff888076ea6802
[  138.489295][ T6900] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  138.496406][ T6900] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  138.504972][ T6900] raw: ffff88802bce0440 0000000000000000 00000001ffffffff ffff888076ea6802
[  138.513538][ T6900] page dumped because: kasan: bad access detected
[  138.519939][ T6900] page_owner tracks the page as allocated
[  138.525634][ T6900] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 6899, tgid 6899 (syz.2.274), ts 137916248021, free_ts 137737865106
[  138.544725][ T6900]  post_alloc_hook+0x240/0x2a0
[  138.549502][ T6900]  get_page_from_freelist+0x2365/0x2440
[  138.555044][ T6900]  __alloc_frozen_pages_noprof+0x181/0x370
[  138.560841][ T6900]  alloc_pages_mpol+0x232/0x4a0
[  138.565726][ T6900]  alloc_pages_noprof+0xa9/0x190
[  138.570683][ T6900]  __vmalloc_node_range_noprof+0x96c/0x12d0
[  138.576610][ T6900]  __vmalloc_node_noprof+0xc2/0x110
[  138.581813][ T6900]  dup_task_struct+0x3d4/0x830
[  138.586590][ T6900]  copy_process+0x54b/0x3b70
[  138.591173][ T6900]  kernel_clone+0x21e/0x840
[  138.595681][ T6900]  __se_sys_clone3+0x256/0x2d0
[  138.600447][ T6900]  do_syscall_64+0xfa/0xfa0
[  138.604949][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.610838][ T6900] page last free pid 23 tgid 23 stack trace:
[  138.616800][ T6900]  __free_frozen_pages+0xbc4/0xd30
[  138.621900][ T6900]  tlb_remove_table_rcu+0x85/0x100
[  138.626995][ T6900]  rcu_core+0xcab/0x1770
[  138.631222][ T6900]  handle_softirqs+0x277/0x860
[  138.635968][ T6900]  run_ksoftirqd+0x9b/0x100
[  138.640458][ T6900]  smpboot_thread_fn+0x542/0xa60
[  138.645380][ T6900]  kthread+0x711/0x8a0
[  138.649423][ T6900]  ret_from_fork+0x4bc/0x870
[  138.653995][ T6900]  ret_from_fork_asm+0x1a/0x30
[  138.658747][ T6900] 
[  138.661052][ T6900] Memory state around the buggy address:
[  138.666661][ T6900]  ffffc900035a7280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  138.674701][ T6900]  ffffc900035a7300: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00
[  138.682745][ T6900] >ffffc900035a7380: f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 00
[  138.690791][ T6900]                    ^
[  138.694929][ T6900]  ffffc900035a7400: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[  138.703408][ T6900]  ffffc900035a7480: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2
[  138.711445][ T6900] ==================================================================
[  138.725144][ T6900] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  138.732366][ T6900] CPU: 1 UID: 0 PID: 6900 Comm: syz.2.274 Not tainted syzkaller #0 PREEMPT(full) 
[  138.741576][ T6900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  138.751646][ T6900] Call Trace:
[  138.754926][ T6900]  <TASK>
[  138.757851][ T6900]  dump_stack_lvl+0x99/0x250
[  138.762441][ T6900]  ? __asan_memcpy+0x40/0x70
[  138.767118][ T6900]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.772336][ T6900]  ? __pfx__printk+0x10/0x10
[  138.776933][ T6900]  vpanic+0x237/0x6d0
[  138.780917][ T6900]  ? __pfx_vpanic+0x10/0x10
[  138.785428][ T6900]  panic+0xb9/0xc0
[  138.789170][ T6900]  ? __pfx_panic+0x10/0x10
[  138.793583][ T6900]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  138.799490][ T6900]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  138.805474][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.810411][ T6900]  check_panic_on_warn+0x89/0xb0
[  138.815342][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.820277][ T6900]  end_report+0x78/0x160
[  138.824519][ T6900]  kasan_report+0x129/0x150
[  138.829026][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.833974][ T6900]  kasan_check_range+0x2b0/0x2c0
[  138.838909][ T6900]  ? __bpf_get_stack+0x5a3/0xaa0
[  138.843841][ T6900]  __asan_memcpy+0x40/0x70
[  138.848260][ T6900]  __bpf_get_stack+0x5a3/0xaa0
[  138.853133][ T6900]  ? __pfx___bpf_get_stack+0x10/0x10
[  138.858522][ T6900]  bpf_get_stack+0x33/0x50
[  138.862947][ T6900]  ? ___bpf_prog_run+0xf5b/0xb2b0
[  138.868013][ T6900]  bpf_get_stack_raw_tp+0x1a9/0x220
[  138.873217][ T6900]  ___bpf_prog_run+0xf5b/0xb2b0
[  138.878060][ T6900]  __bpf_prog_run32+0xdb/0x130
[  138.882838][ T6900]  ? __pfx___bpf_prog_run32+0x10/0x10
[  138.888392][ T6900]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.893615][ T6900]  ? bpf_trace_run2+0x186/0x4b0
[  138.898484][ T6900]  bpf_trace_run2+0x284/0x4b0
[  138.903178][ T6900]  ? bpf_trace_run2+0x186/0x4b0
[  138.908052][ T6900]  ? __pfx_bpf_trace_run2+0x10/0x10
[  138.913254][ T6900]  ? kasan_quarantine_put+0xdd/0x220
[  138.918544][ T6900]  ? compute_postorder+0x884/0x970
[  138.923659][ T6900]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.928866][ T6900]  ? compute_postorder+0x884/0x970
[  138.933992][ T6900]  ? compute_postorder+0x884/0x970
[  138.939113][ T6900]  kfree+0x62f/0x6d0
[  138.943011][ T6900]  ? bpf_insn_successors+0x1d3/0x3a0
[  138.948294][ T6900]  compute_postorder+0x884/0x970
[  138.953245][ T6900]  bpf_check+0x61b4/0x1dc50
[  138.957834][ T6900]  ? __pfx_perf_tp_event+0x10/0x10
[  138.962951][ T6900]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  138.969549][ T6900]  ? __lock_acquire+0xab9/0xd20
[  138.974403][ T6900]  ? seqcount_lockdep_reader_access+0x122/0x1c0
[  138.980640][ T6900]  ? __pfx_bpf_check+0x10/0x10
[  138.985402][ T6900]  ? ktime_get_with_offset+0x93/0x2a0
[  138.990792][ T6900]  ? seqcount_lockdep_reader_access+0x174/0x1c0
[  138.997040][ T6900]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  139.003634][ T6900]  ? __asan_memset+0x22/0x50
[  139.008222][ T6900]  ? bpf_obj_name_cpy+0x194/0x1e0
[  139.013244][ T6900]  ? security_bpf_prog_load+0x100/0x300
[  139.018796][ T6900]  bpf_prog_load+0x13ba/0x19d0
[  139.023556][ T6900]  ? __pfx_bpf_prog_load+0x10/0x10
[  139.028671][ T6900]  ? security_bpf+0x5d/0x210
[  139.033522][ T6900]  __sys_bpf+0x507/0x860
[  139.037760][ T6900]  ? __pfx___sys_bpf+0x10/0x10
[  139.042521][ T6900]  __x64_sys_bpf+0x7c/0x90
[  139.046935][ T6900]  do_syscall_64+0xfa/0xfa0
[  139.051438][ T6900]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.057496][ T6900]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  139.063816][ T6900]  ? clear_bhb_loop+0x60/0xb0
[  139.068490][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.074371][ T6900] RIP: 0033:0x7f0938d8f6c9
[  139.078785][ T6900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.098478][ T6900] RSP: 002b:00007f0939c63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  139.106896][ T6900] RAX: ffffffffffffffda RBX: 00007f0938fe5fa0 RCX: 00007f0938d8f6c9
[  139.114872][ T6900] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  139.122924][ T6900] RBP: 00007f0938e11f91 R08: 0000000000000000 R09: 0000000000000000
[  139.130890][ T6900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.138853][ T6900] R13: 00007f0938fe6038 R14: 00007f0938fe5fa0 R15: 00007ffed6ed0ca8
[  139.146827][ T6900]  </TASK>
[  139.150149][ T6900] Kernel Offset: disabled
[  139.154467][ T6900] Rebooting in 86400 seconds..