Warning: Permanently added '[localhost]:62851' (ED25519) to the list of known hosts.
2026/03/09 05:41:12 parsed 1 programs
[  143.364439][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  143.367813][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
Setting up swapspace version 1, size = 127995904 bytes
[  146.016289][ T5556] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  153.155212][ T5600] chnl_net:caif_netlink_parms(): no params data found
[  153.382525][ T5600] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.385790][ T5600] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.389773][ T5600] bridge_slave_0: entered allmulticast mode
[  153.414362][ T5600] bridge_slave_0: entered promiscuous mode
[  153.419352][ T5600] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.430826][ T5600] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.434165][ T5600] bridge_slave_1: entered allmulticast mode
[  153.442240][ T5600] bridge_slave_1: entered promiscuous mode
[  153.493653][ T5600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.511617][ T5600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.553253][ T5600] team0: Port device team_slave_0 added
[  153.572344][ T5600] team0: Port device team_slave_1 added
[  153.616338][ T5600] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.619864][ T5600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  153.650497][ T5600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.668412][ T5600] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.672857][ T5600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  153.700399][ T5600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.782198][ T5600] hsr_slave_0: entered promiscuous mode
[  153.786038][ T5600] hsr_slave_1: entered promiscuous mode
[  154.436342][ T5600] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  154.462981][ T5600] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  154.484311][ T5600] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  154.507457][ T5600] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  154.654349][ T5600] 8021q: adding VLAN 0 to HW filter on device bond0
[  154.677744][ T5600] 8021q: adding VLAN 0 to HW filter on device team0
[  154.701049][ T1055] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.704356][ T1055] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.731320][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.734852][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.797986][ T5600] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  154.821000][ T5600] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  155.105879][ T5600] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.208579][ T5600] veth0_vlan: entered promiscuous mode
[  155.232661][ T5600] veth1_vlan: entered promiscuous mode
[  155.293647][ T5600] veth0_macvtap: entered promiscuous mode
[  155.311457][ T5600] veth1_macvtap: entered promiscuous mode
[  155.339499][ T5600] batman_adv: batadv0: Interface activated: batadv_slave_0
[  155.368768][ T5600] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.394417][   T67] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.422564][   T67] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.428766][   T67] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.444452][   T67] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.844834][   T67] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.982894][   T67] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.171600][   T67] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.892067][   T67] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.257949][ T4670] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  158.266783][ T4670] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  158.272537][ T4670] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  158.279251][ T4670] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  158.287872][ T4670] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  158.383152][   T67] bridge_slave_1: left allmulticast mode
[  158.386855][   T67] bridge_slave_1: left promiscuous mode
[  158.403528][   T67] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.421203][   T67] bridge_slave_0: left allmulticast mode
[  158.423995][   T67] bridge_slave_0: left promiscuous mode
[  158.426843][   T67] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.647765][   T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.654905][   T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.663740][   T67] bond0 (unregistering): Released all slaves
[  158.748401][   T67] hsr_slave_0: left promiscuous mode
[  158.766780][   T67] hsr_slave_1: left promiscuous mode
[  158.777012][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.790441][   T67] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.798349][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.807091][   T67] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.833338][   T67] veth1_macvtap: left promiscuous mode
[  158.836416][   T67] veth0_macvtap: left promiscuous mode
[  158.839218][   T67] veth1_vlan: left promiscuous mode
[  158.850722][   T67] veth0_vlan: left promiscuous mode
[  159.303207][   T67] team0 (unregistering): Port device team_slave_1 removed
[  159.332779][   T67] team0 (unregistering): Port device team_slave_0 removed
[  160.458230][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.467867][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.626799][   T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.639605][   T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/03/09 05:41:32 executed programs: 0
[  161.921234][ T5346] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  161.931394][ T5346] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  161.941623][ T5346] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  161.945549][ T5346] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  161.949467][ T5346] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  162.324885][ T5746] chnl_net:caif_netlink_parms(): no params data found
[  162.493277][ T5746] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.498032][ T5746] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.504723][ T5746] bridge_slave_0: entered allmulticast mode
[  162.509467][ T5746] bridge_slave_0: entered promiscuous mode
[  162.520344][ T5746] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.523981][ T5746] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.527465][ T5746] bridge_slave_1: entered allmulticast mode
[  162.533483][ T5746] bridge_slave_1: entered promiscuous mode
[  162.563926][ T5746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  162.571265][ T5746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  162.609428][ T5746] team0: Port device team_slave_0 added
[  162.616343][ T5746] team0: Port device team_slave_1 added
[  162.641318][ T5746] batman_adv: batadv0: Adding interface: batadv_slave_0
[  162.645410][ T5746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  162.658538][ T5746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  162.665875][ T5746] batman_adv: batadv0: Adding interface: batadv_slave_1
[  162.669764][ T5746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  162.685143][ T5746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  162.724641][ T5746] hsr_slave_0: entered promiscuous mode
[  162.728159][ T5746] hsr_slave_1: entered promiscuous mode
[  163.247941][ T5746] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  163.273028][ T5746] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  163.292009][ T5746] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  163.311274][ T5746] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  163.473737][ T5746] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.519241][ T5746] 8021q: adding VLAN 0 to HW filter on device team0
[  163.536667][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.540187][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.566043][ T1041] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.569327][ T1041] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.907277][ T5746] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.991335][ T5746] veth0_vlan: entered promiscuous mode
[  164.002156][ T5346] Bluetooth: hci0: command tx timeout
[  164.008663][ T5746] veth1_vlan: entered promiscuous mode
[  164.062564][ T5746] veth0_macvtap: entered promiscuous mode
[  164.073992][ T5746] veth1_macvtap: entered promiscuous mode
[  164.112733][ T5746] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.135861][ T5746] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.155270][ T1041] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.165969][ T1041] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.185106][ T1041] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.201094][ T1041] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.343725][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.347697][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.411946][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.416009][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.081030][ T5346] Bluetooth: hci0: command tx timeout
[  166.378583][ T5015] ==================================================================
[  166.382364][ T5015] BUG: KASAN: slab-use-after-free in sock_def_readable+0x1cb/0x580
[  166.386566][ T5015] Read of size 8 at addr ffff888011ead1c0 by task dhcpcd/5015
[  166.392269][ T5015] 
[  166.393540][ T5015] CPU: 0 UID: 0 PID: 5015 Comm: dhcpcd Not tainted syzkaller #0 PREEMPT(full) 
[  166.393583][ T5015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  166.393616][ T5015] Call Trace:
[  166.393657][ T5015]  <TASK>
[  166.393692][ T5015]  dump_stack_lvl+0xe8/0x150
[  166.393736][ T5015]  print_report+0xba/0x230
[  166.393749][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.393760][ T5015]  kasan_report+0x117/0x150
[  166.393794][ T5015]  ? lock_acquire+0xf0/0x2e0
[  166.393823][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.393836][ T5015]  sock_def_readable+0x1cb/0x580
[  166.393847][ T5015]  ? sock_def_readable+0xae/0x580
[  166.393858][ T5015]  send_to_lecd+0x353/0x690
[  166.393954][ T5015]  ? make_entry+0x200/0x2f0
[  166.393966][ T5015]  lec_start_xmit+0xec0/0x2660
[  166.393980][ T5015]  dev_hard_start_xmit+0x2d8/0x870
[  166.393999][ T5015]  sch_direct_xmit+0x251/0x4c0
[  166.394048][ T5015]  ? __pfx_sch_direct_xmit+0x10/0x10
[  166.394059][ T5015]  __dev_queue_xmit+0x1550/0x3890
[  166.394069][ T5015]  ? __dev_notify_flags+0x1a9/0x310
[  166.394079][ T5015]  ? __dev_queue_xmit+0x277/0x3890
[  166.394095][ T5015]  ? __pfx___dev_queue_xmit+0x10/0x10
[  166.394112][ T5015]  ? rcu_is_watching+0x15/0xb0
[  166.394140][ T5015]  ? trace_kmem_cache_alloc+0x29/0xf0
[  166.394170][ T5015]  ? eth_header+0x11b/0x200
[  166.394184][ T5015]  ? __asan_memcpy+0x40/0x70
[  166.394199][ T5015]  ? eth_header+0x11b/0x200
[  166.394211][ T5015]  ? __pfx_eth_header+0x10/0x10
[  166.394224][ T5015]  ? lapbeth_data_transmit+0x218/0x2e0
[  166.394286][ T5015]  ? __pfx_lapbeth_data_transmit+0x10/0x10
[  166.394297][ T5015]  lapb_data_transmit+0x90/0xb0
[  166.394312][ T5015]  lapb_transmit_buffer+0x163/0x200
[  166.394324][ T5015]  lapb_establish_data_link+0x89/0xe0
[  166.394335][ T5015]  lapb_device_event+0x4e1/0x670
[  166.394348][ T5015]  notifier_call_chain+0x1be/0x400
[  166.394392][ T5015]  __dev_notify_flags+0x1a9/0x310
[  166.394423][ T5015]  ? __pfx___dev_notify_flags+0x10/0x10
[  166.394433][ T5015]  ? __dev_change_flags+0x4c6/0x690
[  166.394443][ T5015]  ? __pfx___dev_change_flags+0x10/0x10
[  166.394452][ T5015]  ? __pfx___mutex_lock+0x10/0x10
[  166.394513][ T5015]  netif_change_flags+0xe8/0x1a0
[  166.394528][ T5015]  dev_change_flags+0x130/0x260
[  166.394543][ T5015]  devinet_ioctl+0x9f2/0x1b30
[  166.394561][ T5015]  ? __pfx_devinet_ioctl+0x10/0x10
[  166.394574][ T5015]  ? get_user_ifreq+0x12b/0x180
[  166.394589][ T5015]  inet_ioctl+0x42a/0x560
[  166.394605][ T5015]  ? __pfx_inet_ioctl+0x10/0x10
[  166.394622][ T5015]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  166.394674][ T5015]  sock_do_ioctl+0x101/0x320
[  166.394686][ T5015]  ? __pfx_sock_do_ioctl+0x10/0x10
[  166.394700][ T5015]  sock_ioctl+0x5c6/0x7f0
[  166.394710][ T5015]  ? __pfx_sock_ioctl+0x10/0x10
[  166.394721][ T5015]  ? fd_install+0x306/0x3d0
[  166.394735][ T5015]  ? bpf_lsm_file_ioctl+0x9/0x20
[  166.394760][ T5015]  ? __pfx_sock_ioctl+0x10/0x10
[  166.394766][ T5015]  __se_sys_ioctl+0xfc/0x170
[  166.394773][ T5015]  do_syscall_64+0x14d/0xf80
[  166.394784][ T5015]  ? trace_irq_disable+0x3b/0x150
[  166.394806][ T5015]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.394813][ T5015]  ? clear_bhb_loop+0x40/0x90
[  166.394822][ T5015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.394829][ T5015] RIP: 0033:0x7f0bc372b378
[  166.394838][ T5015] Code: 00 00 48 8d 44 24 08 48 89 54 24 e0 48 89 44 24 c0 48 8d 44 24 d0 48 89 44 24 c8 b8 10 00 00 00 c7 44 24 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 07 89 d0 c3 0f 1f 40 00 48 8b 15 49 3a 0d
[  166.394846][ T5015] RSP: 002b:00007fff9b806dc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.394875][ T5015] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00007f0bc372b378
[  166.394882][ T5015] RDX: 00007fff9b816fc0 RSI: 0000000000008914 RDI: 0000000000000018
[  166.394889][ T5015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  166.394895][ T5015] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff9b827160
[  166.394902][ T5015] R13: 00007f0bc362b708 R14: 0000000000000028 R15: 0000000000008914
[  166.394913][ T5015]  </TASK>
[  166.394917][ T5015] 
[  166.588937][ T5015] Allocated by task 5796:
[  166.591013][ T5015]  kasan_save_track+0x3e/0x80
[  166.593230][ T5015]  __kasan_slab_alloc+0x6c/0x80
[  166.595453][ T5015]  kmem_cache_alloc_lru_noprof+0x2b8/0x640
[  166.598272][ T5015]  sock_alloc_inode+0x28/0xc0
[  166.600359][ T5015]  alloc_inode+0x6a/0x1b0
[  166.602511][ T5015]  __sock_create+0x12d/0x9d0
[  166.604997][ T5015]  __sys_socket+0xd6/0x1b0
[  166.607066][ T5015]  __x64_sys_socket+0x7a/0x90
[  166.609232][ T5015]  do_syscall_64+0x14d/0xf80
[  166.611643][ T5015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.614687][ T5015] 
[  166.615898][ T5015] Freed by task 15:
[  166.617699][ T5015]  kasan_save_track+0x3e/0x80
[  166.619891][ T5015]  kasan_save_free_info+0x46/0x50
[  166.622338][ T5015]  __kasan_slab_free+0x5c/0x80
[  166.624738][ T5015]  kmem_cache_free+0x187/0x630
[  166.627413][ T5015]  rcu_core+0x7cd/0x1070
[  166.629765][ T5015]  handle_softirqs+0x22a/0x870
[  166.632218][ T5015]  run_ksoftirqd+0x36/0x60
[  166.634326][ T5015]  smpboot_thread_fn+0x541/0xa50
[  166.636567][ T5015]  kthread+0x388/0x470
[  166.638718][ T5015]  ret_from_fork+0x51e/0xb90
[  166.641759][ T5015]  ret_from_fork_asm+0x1a/0x30
[  166.645071][ T5015] 
[  166.646665][ T5015] Last potentially related work creation:
[  166.649818][ T5015]  kasan_save_stack+0x3e/0x60
[  166.652558][ T5015]  kasan_record_aux_stack+0xbd/0xd0
[  166.655568][ T5015]  call_rcu+0xee/0x890
[  166.657886][ T5015]  evict+0x95b/0xb10
[  166.661066][ T5015]  __dentry_kill+0x1a2/0x5e0
[  166.664658][ T5015]  finish_dput+0xc9/0x480
[  166.666870][ T5015]  __fput+0x691/0xa70
[  166.668753][ T5015]  task_work_run+0x1d9/0x270
[  166.670884][ T5015]  exit_to_user_mode_loop+0xed/0x480
[  166.673376][ T5015]  do_syscall_64+0x32d/0xf80
[  166.675562][ T5015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.678058][ T5015] 
[  166.679163][ T5015] The buggy address belongs to the object at ffff888011ead140
[  166.679163][ T5015]  which belongs to the cache sock_inode_cache of size 1344
[  166.687054][ T5015] The buggy address is located 128 bytes inside of
[  166.687054][ T5015]  freed 1344-byte region [ffff888011ead140, ffff888011ead680)
[  166.693714][ T5015] 
[  166.695098][ T5015] The buggy address belongs to the physical page:
[  166.699171][ T5015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11eac
[  166.704034][ T5015] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  166.708473][ T5015] memcg:ffff888043587181
[  166.710443][ T5015] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  166.713953][ T5015] page_type: f5(slab)
[  166.715875][ T5015] raw: 00fff00000000040 ffff88801b7b0140 dead000000000100 dead000000000122
[  166.719822][ T5015] raw: 0000000000000000 00000008000b000b 00000000f5000000 ffff888043587181
[  166.723744][ T5015] head: 00fff00000000040 ffff88801b7b0140 dead000000000100 dead000000000122
[  166.727789][ T5015] head: 0000000000000000 00000008000b000b 00000000f5000000 ffff888043587181
[  166.731677][ T5015] head: 00fff00000000002 ffffea000047ab01 00000000ffffffff 00000000ffffffff
[  166.735629][ T5015] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  166.739424][ T5015] page dumped because: kasan: bad access detected
[  166.742302][ T5015] page_owner tracks the page as allocated
[  166.744757][ T5015] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5302, tgid 5302 (sshd-session), ts 94001934717, free_ts 93590589059
[  166.756645][ T5015]  post_alloc_hook+0x231/0x280
[  166.758805][ T5015]  get_page_from_freelist+0x24dc/0x2580
[  166.761520][ T5015]  __alloc_frozen_pages_noprof+0x18d/0x380
[  166.764436][ T5015]  allocate_slab+0x77/0x660
[  166.767049][ T5015]  refill_objects+0x331/0x3c0
[  166.769781][ T5015]  __pcs_replace_empty_main+0x2f9/0x5e0
[  166.772634][ T5015]  kmem_cache_alloc_lru_noprof+0x37c/0x640
[  166.775352][ T5015]  sock_alloc_inode+0x28/0xc0
[  166.777659][ T5015]  alloc_inode+0x6a/0x1b0
[  166.779742][ T5015]  __sock_create+0x12d/0x9d0
[  166.782930][ T5015]  __sys_socket+0xd6/0x1b0
[  166.786070][ T5015]  __x64_sys_socket+0x7a/0x90
[  166.788786][ T5015]  do_syscall_64+0x14d/0xf80
[  166.790929][ T5015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.793717][ T5015] page last free pid 5297 tgid 5297 stack trace:
[  166.796837][ T5015]  free_unref_folios+0xed5/0x16d0
[  166.799827][ T5015]  folios_put_refs+0x789/0x8d0
[  166.802367][ T5015]  free_pages_and_swap_cache+0x2e7/0x5b0
[  166.805071][ T5015]  tlb_flush_mmu+0x6d3/0xa30
[  166.807079][ T5015]  tlb_finish_mmu+0xf9/0x230
[  166.809132][ T5015]  unmap_region+0x2a5/0x330
[  166.810999][ T5015]  vms_complete_munmap_vmas+0x493/0xc60
[  166.813549][ T5015]  do_vmi_align_munmap+0x3b7/0x4b0
[  166.816251][ T5015]  do_vmi_munmap+0x252/0x2d0
[  166.818738][ T5015]  __vm_munmap+0x22c/0x3d0
[  166.821128][ T5015]  __x64_sys_munmap+0x60/0x70
[  166.823680][ T5015]  do_syscall_64+0x14d/0xf80
[  166.826010][ T5015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.828723][ T5015] 
[  166.829845][ T5015] Memory state around the buggy address:
[  166.832816][ T5015]  ffff888011ead080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  166.837818][ T5015]  ffff888011ead100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  166.841602][ T5015] >ffff888011ead180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.845373][ T5015]                                            ^
[  166.848333][ T5015]  ffff888011ead200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.852350][ T5015]  ffff888011ead280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.856631][ T5015] ==================================================================
[  166.860670][ T5015] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  166.864131][ T5015] CPU: 0 UID: 0 PID: 5015 Comm: dhcpcd Not tainted syzkaller #0 PREEMPT(full) 
[  166.868496][ T5015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  166.873372][ T5015] Call Trace:
[  166.874846][ T5015]  <TASK>
[  166.876093][ T5015]  vpanic+0x56c/0xa60
[  166.877960][ T5015]  ? __pfx_vpanic+0x10/0x10
[  166.880111][ T5015]  panic+0xc5/0xd0
[  166.882305][ T5015]  ? __pfx_panic+0x10/0x10
[  166.884765][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.887830][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.890248][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.892709][ T5015]  check_panic_on_warn+0x89/0xb0
[  166.895252][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.897674][ T5015]  end_report+0x73/0x180
[  166.900340][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.903631][ T5015]  kasan_report+0x128/0x150
[  166.905733][ T5015]  ? lock_acquire+0xf0/0x2e0
[  166.907905][ T5015]  ? sock_def_readable+0x1cb/0x580
[  166.910332][ T5015]  sock_def_readable+0x1cb/0x580
[  166.912727][ T5015]  ? sock_def_readable+0xae/0x580
[  166.914958][ T5015]  send_to_lecd+0x353/0x690
[  166.917094][ T5015]  ? make_entry+0x200/0x2f0
[  166.919356][ T5015]  lec_start_xmit+0xec0/0x2660
[  166.922988][ T5015]  dev_hard_start_xmit+0x2d8/0x870
[  166.927234][ T5015]  sch_direct_xmit+0x251/0x4c0
[  166.929473][ T5015]  ? __pfx_sch_direct_xmit+0x10/0x10
[  166.932009][ T5015]  __dev_queue_xmit+0x1550/0x3890
[  166.934463][ T5015]  ? __dev_notify_flags+0x1a9/0x310
[  166.936968][ T5015]  ? __dev_queue_xmit+0x277/0x3890
[  166.939271][ T5015]  ? __pfx___dev_queue_xmit+0x10/0x10
[  166.941823][ T5015]  ? rcu_is_watching+0x15/0xb0
[  166.944267][ T5015]  ? trace_kmem_cache_alloc+0x29/0xf0
[  166.947453][ T5015]  ? eth_header+0x11b/0x200
[  166.949848][ T5015]  ? __asan_memcpy+0x40/0x70
[  166.952090][ T5015]  ? eth_header+0x11b/0x200
[  166.954261][ T5015]  ? __pfx_eth_header+0x10/0x10
[  166.957135][ T5015]  ? lapbeth_data_transmit+0x218/0x2e0
[  166.960186][ T5015]  ? __pfx_lapbeth_data_transmit+0x10/0x10
[  166.963268][ T5015]  lapb_data_transmit+0x90/0xb0
[  166.965762][ T5015]  lapb_transmit_buffer+0x163/0x200
[  166.968077][ T5015]  lapb_establish_data_link+0x89/0xe0
[  166.970534][ T5015]  lapb_device_event+0x4e1/0x670
[  166.972756][ T5015]  notifier_call_chain+0x1be/0x400
[  166.975092][ T5015]  __dev_notify_flags+0x1a9/0x310
[  166.977714][ T5015]  ? __pfx___dev_notify_flags+0x10/0x10
[  166.981410][ T5015]  ? __dev_change_flags+0x4c6/0x690
[  166.984162][ T5015]  ? __pfx___dev_change_flags+0x10/0x10
[  166.986682][ T5015]  ? __pfx___mutex_lock+0x10/0x10
[  166.989016][ T5015]  netif_change_flags+0xe8/0x1a0
[  166.991325][ T5015]  dev_change_flags+0x130/0x260
[  166.993524][ T5015]  devinet_ioctl+0x9f2/0x1b30
[  166.995719][ T5015]  ? __pfx_devinet_ioctl+0x10/0x10
[  166.998083][ T5015]  ? get_user_ifreq+0x12b/0x180
[  167.000859][ T5015]  inet_ioctl+0x42a/0x560
[  167.003533][ T5015]  ? __pfx_inet_ioctl+0x10/0x10
[  167.006413][ T5015]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  167.009064][ T5015]  sock_do_ioctl+0x101/0x320
[  167.011251][ T5015]  ? __pfx_sock_do_ioctl+0x10/0x10
[  167.013721][ T5015]  sock_ioctl+0x5c6/0x7f0
[  167.015744][ T5015]  ? __pfx_sock_ioctl+0x10/0x10
[  167.018149][ T5015]  ? fd_install+0x306/0x3d0
[  167.020482][ T5015]  ? bpf_lsm_file_ioctl+0x9/0x20
[  167.023808][ T5015]  ? __pfx_sock_ioctl+0x10/0x10
[  167.026235][ T5015]  __se_sys_ioctl+0xfc/0x170
[  167.028325][ T5015]  do_syscall_64+0x14d/0xf80
[  167.030498][ T5015]  ? trace_irq_disable+0x3b/0x150
[  167.033087][ T5015]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.036121][ T5015]  ? clear_bhb_loop+0x40/0x90
[  167.038465][ T5015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.041017][ T5015] RIP: 0033:0x7f0bc372b378
[  167.043360][ T5015] Code: 00 00 48 8d 44 24 08 48 89 54 24 e0 48 89 44 24 c0 48 8d 44 24 d0 48 89 44 24 c8 b8 10 00 00 00 c7 44 24 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 07 89 d0 c3 0f 1f 40 00 48 8b 15 49 3a 0d
[  167.054913][ T5015] RSP: 002b:00007fff9b806dc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.058780][ T5015] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00007f0bc372b378
[  167.062370][ T5015] RDX: 00007fff9b816fc0 RSI: 0000000000008914 RDI: 0000000000000018
[  167.065964][ T5015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.069501][ T5015] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff9b827160
[  167.072894][ T5015] R13: 00007f0bc362b708 R14: 0000000000000028 R15: 0000000000008914
[  167.076382][ T5015]  </TASK>
[  167.077996][ T5015] Kernel Offset: disabled
[  167.079954][ T5015] Rebooting in 86400 seconds..