Warning: Permanently added '10.128.1.23' (ED25519) to the list of known hosts.
2025/06/05 01:42:09 ignoring optional flag "sandboxArg"="0"
2025/06/05 01:42:09 ignoring optional flag "type"="gce"
2025/06/05 01:42:09 parsed 1 programs
[ 104.068342][ T4702] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 105.580687][ T4717] chnl_net:caif_netlink_parms(): no params data found
[ 105.628369][ T4717] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.635882][ T4717] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.645307][ T4717] device bridge_slave_0 entered promiscuous mode
[ 105.655775][ T4717] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.662999][ T4717] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.671368][ T4717] device bridge_slave_1 entered promiscuous mode
[ 105.695296][ T4717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 105.706624][ T4717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 105.731927][ T4717] team0: Port device team_slave_0 added
[ 105.739184][ T4717] team0: Port device team_slave_1 added
[ 105.761244][ T4717] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 105.768257][ T4717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 105.794277][ T4717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 105.806171][ T4717] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 105.813186][ T4717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 105.839157][ T4717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 105.872548][ T4717] device hsr_slave_0 entered promiscuous mode
[ 105.879323][ T4717] device hsr_slave_1 entered promiscuous mode
[ 106.514265][ T4717] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 106.534500][ T4717] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 106.564050][ T4717] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 106.586237][ T4717] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 106.721141][ T4717] 8021q: adding VLAN 0 to HW filter on device bond0
[ 106.754692][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 106.764385][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 106.784023][ T4717] 8021q: adding VLAN 0 to HW filter on device team0
[ 106.811281][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 106.830977][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 106.850859][ T1229] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.857968][ T1229] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 106.881960][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 106.904741][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 106.922302][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 106.942062][ T1229] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.949251][ T1229] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 106.975865][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 107.021035][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 107.033006][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 107.062390][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 107.081285][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 107.090214][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 107.112425][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 107.137382][ T4717] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 107.163242][ T4717] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 107.175670][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 107.201433][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 107.210280][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 107.225991][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 107.234993][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 107.446638][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 107.461380][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 107.474932][ T4717] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 107.528275][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 107.543493][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 107.564084][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 107.574417][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 107.584992][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 107.595089][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 107.605891][ T4717] device veth0_vlan entered promiscuous mode
[ 107.632496][ T4717] device veth1_vlan entered promiscuous mode
[ 107.679865][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 107.691081][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 107.702237][ T4717] device veth0_macvtap entered promiscuous mode
[ 107.713801][ T4717] device veth1_macvtap entered promiscuous mode
[ 107.744538][ T4717] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 107.752277][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 107.771705][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 107.779914][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 107.801583][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 107.825182][ T4717] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 107.833192][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 107.842715][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 107.861316][ T4717] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.870063][ T4717] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.888174][ T4717] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.896993][ T4717] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.082317][ T4717] syz-executor (4717) used greatest stack depth: 21088 bytes left
[ 108.139234][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 109.157987][ T1229] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.179337][ T1229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.202788][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 109.215511][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.224782][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.234634][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 110.099675][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 112.056903][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 112.099540][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/06/05 01:42:22 executed programs: 0
[ 112.663842][ T5062] chnl_net:caif_netlink_parms(): no params data found
[ 112.748496][ T5062] bridge0: port 1(bridge_slave_0) entered blocking state
[ 112.756089][ T5062] bridge0: port 1(bridge_slave_0) entered disabled state
[ 112.765387][ T5062] device bridge_slave_0 entered promiscuous mode
[ 112.779777][ T5062] bridge0: port 2(bridge_slave_1) entered blocking state
[ 112.787388][ T5062] bridge0: port 2(bridge_slave_1) entered disabled state
[ 112.795986][ T5062] device bridge_slave_1 entered promiscuous mode
[ 112.817227][ T9] device hsr_slave_0 left promiscuous mode
[ 112.827572][ T9] device hsr_slave_1 left promiscuous mode
[ 112.834858][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 112.842896][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 112.851226][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 112.858944][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 112.867320][ T9] device bridge_slave_1 left promiscuous mode
[ 112.874896][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 112.883760][ T9] device bridge_slave_0 left promiscuous mode
[ 112.889931][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 112.909132][ T9] device veth1_macvtap left promiscuous mode
[ 112.915905][ T9] device veth0_macvtap left promiscuous mode
[ 112.922086][ T9] device veth1_vlan left promiscuous mode
[ 112.927885][ T9] device veth0_vlan left promiscuous mode
[ 113.077127][ T9] team0 (unregistering): Port device team_slave_1 removed
[ 113.094323][ T9] team0 (unregistering): Port device team_slave_0 removed
[ 113.107375][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 113.120988][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 113.177271][ T9] bond0 (unregistering): Released all slaves
[ 113.225177][ T5062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 113.237066][ T5062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 113.309591][ T5062] team0: Port device team_slave_0 added
[ 113.321433][ T5062] team0: Port device team_slave_1 added
[ 113.378763][ T5062] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 113.386267][ T5062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 113.415193][ T5062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 113.428111][ T5062] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 113.437724][ T5062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 113.467369][ T5062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 113.529886][ T5062] device hsr_slave_0 entered promiscuous mode
[ 113.537011][ T5062] device hsr_slave_1 entered promiscuous mode
[ 114.008062][ T5062] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 114.033654][ T5062] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 114.053579][ T5062] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 114.073811][ T5062] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 114.214126][ T5062] 8021q: adding VLAN 0 to HW filter on device bond0
[ 114.230310][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 114.239550][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 114.252290][ T5062] 8021q: adding VLAN 0 to HW filter on device team0
[ 114.284303][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 114.294783][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 114.303949][ T1229] bridge0: port 1(bridge_slave_0) entered blocking state
[ 114.311070][ T1229] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 114.319229][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 114.328907][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 114.337782][ T1229] bridge0: port 2(bridge_slave_1) entered blocking state
[ 114.344891][ T1229] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 114.353212][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 114.362316][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 114.371570][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 114.380873][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 114.389891][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 114.398413][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 114.418570][ T3028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 114.435869][ T3028] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 114.448676][ T3028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 114.457577][ T3028] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 114.468309][ T3028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 114.477181][ T3028] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 114.490094][ T5062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 114.500501][ T4262] Bluetooth: hci0: command 0x0409 tx timeout
[ 114.624276][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 114.632414][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 114.645462][ T5062] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 114.668927][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 114.679624][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 114.703655][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 114.712638][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 114.724592][ T5062] device veth0_vlan entered promiscuous mode
[ 114.732218][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 114.741627][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 114.755314][ T5062] device veth1_vlan entered promiscuous mode
[ 114.781215][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 114.789972][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 114.799036][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 114.808953][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 114.822551][ T5062] device veth0_macvtap entered promiscuous mode
[ 114.833099][ T5062] device veth1_macvtap entered promiscuous mode
[ 114.852270][ T5062] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 114.859596][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 114.868632][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 114.878300][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 114.887414][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 114.900918][ T5062] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 114.910948][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 114.919847][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 114.932638][ T5062] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.941807][ T5062] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.951201][ T5062] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.959907][ T5062] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.026789][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.050509][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.062799][ T1229] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 115.075507][ T1229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.085091][ T1229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.094863][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 115.163358][ T5128] FAULT_INJECTION: forcing a failure.
[ 115.163358][ T5128] name failslab, interval 1, probability 0, space 0, times 1
[ 115.177801][ T5128] CPU: 1 PID: 5128 Comm: syz.0.15 Not tainted 5.15.185-syzkaller #0
[ 115.185947][ T5128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 115.196034][ T5128] Call Trace:
[ 115.199412][ T5128]
[ 115.202357][ T5128] dump_stack_lvl+0x168/0x230
[ 115.207061][ T5128] ? verify_lock_unused+0x140/0x140
[ 115.212279][ T5128] ? show_regs_print_info+0x20/0x20
[ 115.217595][ T5128] ? load_image+0x3b0/0x3b0
[ 115.222126][ T5128] should_fail+0x38c/0x4c0
[ 115.226569][ T5128] should_failslab+0x5/0x20
[ 115.231170][ T5128] slab_pre_alloc_hook+0x51/0xc0
[ 115.236128][ T5128] kmem_cache_alloc_trace+0x47/0x2a0
[ 115.241411][ T5128] ? sk_psock_skb_ingress_self+0x5b/0x300
[ 115.247128][ T5128] sk_psock_skb_ingress_self+0x5b/0x300
[ 115.252676][ T5128] ? __cant_sleep+0x210/0x210
[ 115.257373][ T5128] sk_psock_verdict_apply+0x39a/0x440
[ 115.262741][ T5128] ? migrate_enable+0x13e/0x200
[ 115.267771][ T5128] sk_psock_verdict_recv+0x371/0x5a0
[ 115.273109][ T5128] unix_read_sock+0x10c/0x2c0
[ 115.277802][ T5128] ? sk_psock_verdict_apply+0x440/0x440
[ 115.283347][ T5128] ? unix_stream_splice_actor+0x100/0x100
[ 115.289197][ T5128] ? unix_dgram_sendmsg+0x11c9/0x1890
[ 115.294572][ T5128] ? unix_stream_splice_actor+0x100/0x100
[ 115.300299][ T5128] sk_psock_verdict_data_ready+0x115/0x170
[ 115.306223][ T5128] ? sk_psock_start_verdict+0xc0/0xc0
[ 115.311611][ T5128] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 115.317543][ T5128] ? do_raw_spin_unlock+0x11d/0x230
[ 115.322748][ T5128] unix_dgram_sendmsg+0x11ed/0x1890
[ 115.327973][ T5128] ? aa_sk_perm+0x7b4/0x8f0
[ 115.332499][ T5128] ? unix_dgram_poll+0x660/0x660
[ 115.337447][ T5128] ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0
[ 115.343871][ T5128] ? aa_sock_msg_perm+0x94/0x150
[ 115.348816][ T5128] ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 115.354254][ T5128] ? security_socket_sendmsg+0x7c/0xa0
[ 115.359725][ T5128] ? unix_dgram_poll+0x660/0x660
[ 115.364786][ T5128] ____sys_sendmsg+0x5a2/0x8c0
[ 115.369567][ T5128] ? memset+0x1e/0x40
[ 115.373644][ T5128] ? __sys_sendmsg_sock+0x30/0x30
[ 115.378763][ T5128] ? import_iovec+0x6f/0xa0
[ 115.383267][ T5128] ___sys_sendmsg+0x1f0/0x260
[ 115.387962][ T5128] ? __sys_sendmsg+0x250/0x250
[ 115.392732][ T5128] ? vfs_write+0x84d/0xd00
[ 115.397157][ T5128] ? __fdget+0x18b/0x210
[ 115.401391][ T5128] __se_sys_sendmsg+0x190/0x250
[ 115.406238][ T5128] ? __x64_sys_sendmsg+0x80/0x80
[ 115.411168][ T5128] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 115.417168][ T5128] ? lockdep_hardirqs_on+0x94/0x140
[ 115.422367][ T5128] do_syscall_64+0x4c/0xa0
[ 115.426772][ T5128] ? clear_bhb_loop+0x30/0x80
[ 115.431439][ T5128] ? clear_bhb_loop+0x30/0x80
[ 115.436119][ T5128] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 115.442015][ T5128] RIP: 0033:0x7f76819a89f9
[ 115.446441][ T5128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 115.466047][ T5128] RSP: 002b:00007f7680c2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 115.474460][ T5128] RAX: ffffffffffffffda RBX: 00007f7681b36f80 RCX: 00007f76819a89f9
[ 115.482427][ T5128] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000004
[ 115.490391][ T5128] RBP: 00007f7680c2f090 R08: 0000000000000000 R09: 0000000000000000
[ 115.498361][ T5128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 115.506417][ T5128] R13: 0000000000000000 R14: 00007f7681b36f80 R15: 00007ffeba9a7678
[ 115.514480][ T5128]
[ 115.553274][ T5130] FAULT_INJECTION: forcing a failure.
[ 115.553274][ T5130] name failslab, interval 1, probability 0, space 0, times 0
[ 115.566728][ T4412] ==================================================================
[ 115.575037][ T4412] BUG: KASAN: use-after-free in consume_skb+0x35/0x100
[ 115.581925][ T4412] Read of size 4 at addr ffff88801e3fe85c by task kworker/1:16/4412
[ 115.589313][ T5130] CPU: 0 PID: 5130 Comm: syz.0.16 Not tainted 5.15.185-syzkaller #0
[ 115.590271][ T4412]
[ 115.598243][ T5130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 115.610725][ T5130] Call Trace:
[ 115.614100][ T5130]
[ 115.617034][ T5130] dump_stack_lvl+0x168/0x230
[ 115.621749][ T5130] ? show_regs_print_info+0x20/0x20
[ 115.626962][ T5130] ? load_image+0x3b0/0x3b0
[ 115.631465][ T5130] ? unix_read_sock+0xbf/0x2c0
[ 115.636236][ T5130] should_fail+0x38c/0x4c0
[ 115.640658][ T5130] should_failslab+0x5/0x20
[ 115.645159][ T5130] slab_pre_alloc_hook+0x51/0xc0
[ 115.650095][ T5130] ? skb_clone+0x1bd/0x350
[ 115.654515][ T5130] kmem_cache_alloc+0x3d/0x290
[ 115.659284][ T5130] skb_clone+0x1bd/0x350
[ 115.663536][ T5130] sk_psock_verdict_recv+0x50/0x5a0
[ 115.668743][ T5130] unix_read_sock+0x10c/0x2c0
[ 115.673514][ T5130] ? sk_psock_verdict_apply+0x440/0x440
[ 115.679092][ T5130] ? unix_stream_splice_actor+0x100/0x100
[ 115.684818][ T5130] ? unix_dgram_sendmsg+0x11c9/0x1890
[ 115.690217][ T5130] ? unix_stream_splice_actor+0x100/0x100
[ 115.695938][ T5130] sk_psock_verdict_data_ready+0x115/0x170
[ 115.701753][ T5130] ? sk_psock_start_verdict+0xc0/0xc0
[ 115.707128][ T5130] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 115.713033][ T5130] ? do_raw_spin_unlock+0x11d/0x230
[ 115.718236][ T5130] unix_dgram_sendmsg+0x11ed/0x1890
[ 115.723444][ T5130] ? aa_sk_perm+0x7b4/0x8f0
[ 115.728011][ T5130] ? unix_dgram_poll+0x660/0x660
[ 115.733033][ T5130] ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0
[ 115.739449][ T5130] ? aa_sock_msg_perm+0x94/0x150
[ 115.744390][ T5130] ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 115.749687][ T5130] ? security_socket_sendmsg+0x7c/0xa0
[ 115.755143][ T5130] ? unix_dgram_poll+0x660/0x660
[ 115.760081][ T5130] ____sys_sendmsg+0x5a2/0x8c0
[ 115.764851][ T5130] ? memset+0x1e/0x40
[ 115.768829][ T5130] ? __sys_sendmsg_sock+0x30/0x30
[ 115.773860][ T5130] ? import_iovec+0x6f/0xa0
[ 115.778372][ T5130] ___sys_sendmsg+0x1f0/0x260
[ 115.783056][ T5130] ? __sys_sendmsg+0x250/0x250
[ 115.787833][ T5130] ? vfs_write+0x84d/0xd00
[ 115.792271][ T5130] ? __fdget+0x18b/0x210
[ 115.796512][ T5130] __se_sys_sendmsg+0x190/0x250
[ 115.801365][ T5130] ? __x64_sys_sendmsg+0x80/0x80
[ 115.806300][ T5130] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 115.812304][ T5130] ? lockdep_hardirqs_on+0x94/0x140
[ 115.817518][ T5130] do_syscall_64+0x4c/0xa0
[ 115.821933][ T5130] ? clear_bhb_loop+0x30/0x80
[ 115.826606][ T5130] ? clear_bhb_loop+0x30/0x80
[ 115.831283][ T5130] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 115.837191][ T5130] RIP: 0033:0x7f76819a89f9
[ 115.841605][ T5130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 115.861212][ T5130] RSP: 002b:00007f7680c2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 115.869662][ T5130] RAX: ffffffffffffffda RBX: 00007f7681b36f80 RCX: 00007f76819a89f9
[ 115.877743][ T5130] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000004
[ 115.885719][ T5130] RBP: 00007f7680c2f090 R08: 0000000000000000 R09: 0000000000000000
[ 115.893695][ T5130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 115.901661][ T5130] R13: 0000000000000000 R14: 00007f7681b36f80 R15: 00007ffeba9a7678
[ 115.909830][ T5130]
[ 115.912853][ T4412] CPU: 1 PID: 4412 Comm: kworker/1:16 Not tainted 5.15.185-syzkaller #0
[ 115.921200][ T4412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 115.931277][ T4412] Workqueue: events sk_psock_destroy
[ 115.936596][ T4412] Call Trace:
[ 115.939888][ T4412]
[ 115.942820][ T4412] dump_stack_lvl+0x168/0x230
[ 115.947590][ T4412] ? show_regs_print_info+0x20/0x20
[ 115.952783][ T4412] ? _printk+0xcc/0x110
[ 115.957030][ T4412] ? load_image+0x3b0/0x3b0
[ 115.961541][ T4412] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 115.967089][ T4412] ? _raw_spin_lock_irqsave+0x7f/0xf0
[ 115.972496][ T4412] print_address_description+0x60/0x2d0
[ 115.978041][ T4412] ? consume_skb+0x35/0x100
[ 115.982551][ T4412] kasan_report+0xdf/0x130
[ 115.986973][ T4412] ? consume_skb+0x35/0x100
[ 115.991474][ T4412] ? rcu_is_watching+0x11/0xa0
[ 115.996256][ T4412] kasan_check_range+0x27b/0x290
[ 116.001222][ T4412] consume_skb+0x35/0x100
[ 116.005554][ T4412] sk_psock_destroy+0x661/0xe30
[ 116.010422][ T4412] process_one_work+0x863/0x1000
[ 116.015458][ T4412] ? worker_detach_from_pool+0x240/0x240
[ 116.021116][ T4412] ? lockdep_hardirqs_off+0x70/0x100
[ 116.026413][ T4412] ? _raw_spin_lock_irq+0xab/0xe0
[ 116.031499][ T4412] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 116.036875][ T4412] ? wq_worker_running+0x97/0x170
[ 116.041900][ T4412] worker_thread+0xaa8/0x12a0
[ 116.046577][ T4412] ? _raw_spin_unlock_irqrestore+0x82/0x100
[ 116.052479][ T4412] ? lockdep_hardirqs_on+0x94/0x140
[ 116.057693][ T4412] ? lockdep_hardirqs_on+0x94/0x140
[ 116.062894][ T4412] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 116.068798][ T4412] kthread+0x436/0x520
[ 116.072880][ T4412] ? rcu_lock_release+0x20/0x20
[ 116.077727][ T4412] ? kthread_blkcg+0xd0/0xd0
[ 116.082313][ T4412] ret_from_fork+0x1f/0x30
[ 116.086740][ T4412]
[ 116.089843][ T4412]
[ 116.092183][ T4412] Allocated by task 5128:
[ 116.096502][ T4412] __kasan_slab_alloc+0x9c/0xd0
[ 116.101350][ T4412] slab_post_alloc_hook+0x4c/0x380
[ 116.106543][ T4412] kmem_cache_alloc+0x100/0x290
[ 116.111391][ T4412] skb_clone+0x1bd/0x350
[ 116.115632][ T4412] sk_psock_verdict_recv+0x50/0x5a0
[ 116.120924][ T4412] unix_read_sock+0x10c/0x2c0
[ 116.125659][ T4412] sk_psock_verdict_data_ready+0x115/0x170
[ 116.131460][ T4412] unix_dgram_sendmsg+0x11ed/0x1890
[ 116.136658][ T4412] ____sys_sendmsg+0x5a2/0x8c0
[ 116.141417][ T4412] ___sys_sendmsg+0x1f0/0x260
[ 116.146107][ T4412] __se_sys_sendmsg+0x190/0x250
[ 116.151048][ T4412] do_syscall_64+0x4c/0xa0
[ 116.155461][ T4412] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 116.161352][ T4412]
[ 116.163668][ T4412] Freed by task 4412:
[ 116.167636][ T4412] kasan_set_track+0x4b/0x70
[ 116.172225][ T4412] kasan_set_free_info+0x1f/0x40
[ 116.177155][ T4412] ____kasan_slab_free+0xd5/0x110
[ 116.182203][ T4412] slab_free_freelist_hook+0xea/0x170
[ 116.187570][ T4412] kmem_cache_free+0x8f/0x210
[ 116.192244][ T4412] sk_psock_destroy+0x19c/0xe30
[ 116.197090][ T4412] process_one_work+0x863/0x1000
[ 116.202022][ T4412] worker_thread+0xaa8/0x12a0
[ 116.206703][ T4412] kthread+0x436/0x520
[ 116.211038][ T4412] ret_from_fork+0x1f/0x30
[ 116.215528][ T4412]
[ 116.217844][ T4412] The buggy address belongs to the object at ffff88801e3fe780
[ 116.217844][ T4412] which belongs to the cache skbuff_head_cache of size 232
[ 116.232412][ T4412] The buggy address is located 220 bytes inside of
[ 116.232412][ T4412] 232-byte region [ffff88801e3fe780, ffff88801e3fe868)
[ 116.245678][ T4412] The buggy address belongs to the page:
[ 116.251309][ T4412] page:ffffea000078ff80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e3fe
[ 116.261536][ T4412] memcg:ffff88805d9c7801
[ 116.265763][ T4412] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 116.273314][ T4412] raw: 00fff00000000200 ffffea0000993440 0000000c0000000c ffff88801b5e4140
[ 116.281907][ T4412] raw: 0000000000000000 00000000000c000c 00000001ffffffff ffff88805d9c7801
[ 116.290499][ T4412] page dumped because: kasan: bad access detected
[ 116.296913][ T4412] page_owner tracks the page as allocated
[ 116.302632][ T4412] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 3547, ts 106098261635, free_ts 106087471043
[ 116.318969][ T4412] get_page_from_freelist+0x1b77/0x1c60
[ 116.324560][ T4412] __alloc_pages+0x1e1/0x470
[ 116.329325][ T4412] new_slab+0xc0/0x4b0
[ 116.333489][ T4412] ___slab_alloc+0x81e/0xdf0
[ 116.338247][ T4412] kmem_cache_alloc_node+0x1c3/0x2d0
[ 116.343550][ T4412] __alloc_skb+0xf4/0x750
[ 116.347891][ T4412] netlink_sendmsg+0x645/0xbc0
[ 116.352664][ T4412] ____sys_sendmsg+0x5a2/0x8c0
[ 116.357445][ T4412] ___sys_sendmsg+0x1f0/0x260
[ 116.362143][ T4412] __se_sys_sendmsg+0x190/0x250
[ 116.367005][ T4412] do_syscall_64+0x4c/0xa0
[ 116.371422][ T4412] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 116.377424][ T4412] page last free stack trace:
[ 116.382087][ T4412] free_unref_page_prepare+0x637/0x6c0
[ 116.387549][ T4412] free_unref_page+0x94/0x280
[ 116.392220][ T4412] __mmdrop+0xaa/0x3e0
[ 116.396283][ T4412] finish_task_switch+0x215/0x640
[ 116.401305][ T4412] __schedule+0x11c0/0x43b0
[ 116.405832][ T4412] schedule+0x11b/0x1e0
[ 116.409979][ T4412] rwsem_down_write_slowpath+0xc46/0x11f0
[ 116.415787][ T4412] kernfs_remove_by_name_ns+0x29/0x100
[ 116.421241][ T4412] sysfs_remove_group+0xf8/0x290
[ 116.426183][ T4412] sysfs_remove_groups+0x50/0xa0
[ 116.431116][ T4412] device_remove_attrs+0xc2/0x140
[ 116.436132][ T4412] device_del+0x620/0xa70
[ 116.440459][ T4412] unregister_netdevice_many+0x141e/0x18f0
[ 116.446262][ T4412] unregister_netdevice_queue+0x31c/0x360
[ 116.451998][ T4412] lapbeth_device_event+0x63c/0x9e0
[ 116.457194][ T4412] raw_notifier_call_chain+0xcb/0x160
[ 116.462560][ T4412]
[ 116.464874][ T4412] Memory state around the buggy address:
[ 116.470506][ T4412] ffff88801e3fe700: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[ 116.478574][ T4412] ffff88801e3fe780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 116.486629][ T4412] >ffff88801e3fe800: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[ 116.494679][ T4412] ^
[ 116.501609][ T4412] ffff88801e3fe880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 116.509660][ T4412] ffff88801e3fe900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 116.517715][ T4412] ==================================================================
[ 116.525764][ T4412] Disabling lock debugging due to kernel taint
[ 116.537550][ T4412] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 116.544786][ T4412] CPU: 1 PID: 4412 Comm: kworker/1:16 Tainted: G B 5.15.185-syzkaller #0
[ 116.554516][ T4412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 116.564597][ T4412] Workqueue: events sk_psock_destroy
[ 116.570008][ T4412] Call Trace:
[ 116.573299][ T4412]
[ 116.576248][ T4412] dump_stack_lvl+0x168/0x230
[ 116.580971][ T4412] ? show_regs_print_info+0x20/0x20
[ 116.586196][ T4412] ? load_image+0x3b0/0x3b0
[ 116.590711][ T4412] panic+0x2c9/0x7f0
[ 116.594606][ T4412] ? asm_common_interrupt+0x22/0x40
[ 116.599799][ T4412] ? bpf_jit_dump+0xd0/0xd0
[ 116.604344][ T4412] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 116.610318][ T4412] ? _raw_spin_unlock+0x40/0x40
[ 116.615171][ T4412] ? consume_skb+0x35/0x100
[ 116.619669][ T4412] check_panic_on_warn+0x80/0xa0
[ 116.624605][ T4412] ? consume_skb+0x35/0x100
[ 116.629114][ T4412] end_report+0x6d/0xf0
[ 116.633265][ T4412] kasan_report+0x102/0x130
[ 116.637762][ T4412] ? consume_skb+0x35/0x100
[ 116.642264][ T4412] ? rcu_is_watching+0x11/0xa0
[ 116.647021][ T4412] kasan_check_range+0x27b/0x290
[ 116.651968][ T4412] consume_skb+0x35/0x100
[ 116.656301][ T4412] sk_psock_destroy+0x661/0xe30
[ 116.661152][ T4412] process_one_work+0x863/0x1000
[ 116.666103][ T4412] ? worker_detach_from_pool+0x240/0x240
[ 116.671729][ T4412] ? lockdep_hardirqs_off+0x70/0x100
[ 116.677009][ T4412] ? _raw_spin_lock_irq+0xab/0xe0
[ 116.682029][ T4412] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 116.687399][ T4412] ? wq_worker_running+0x97/0x170
[ 116.692432][ T4412] worker_thread+0xaa8/0x12a0
[ 116.697125][ T4412] ? _raw_spin_unlock_irqrestore+0x82/0x100
[ 116.703019][ T4412] ? lockdep_hardirqs_on+0x94/0x140
[ 116.708221][ T4412] ? lockdep_hardirqs_on+0x94/0x140
[ 116.713416][ T4412] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 116.719308][ T4412] kthread+0x436/0x520
[ 116.723370][ T4412] ? rcu_lock_release+0x20/0x20
[ 116.728215][ T4412] ? kthread_blkcg+0xd0/0xd0
[ 116.732795][ T4412] ret_from_fork+0x1f/0x30
[ 116.737233][ T4412]
[ 116.740465][ T4412] Kernel Offset: disabled
[ 116.744796][ T4412] Rebooting in 86400 seconds..