Warning: Permanently added '10.128.0.229' (ED25519) to the list of known hosts.
2025/08/25 22:19:13 parsed 1 programs
[  115.870301][ T6348] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  119.806644][ T6385] chnl_net:caif_netlink_parms(): no params data found
[  119.899863][ T6385] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.907024][ T6385] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.914312][ T6385] bridge_slave_0: entered allmulticast mode
[  119.922235][ T6385] bridge_slave_0: entered promiscuous mode
[  119.934335][ T6385] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.941576][ T6385] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.949387][ T6385] bridge_slave_1: entered allmulticast mode
[  119.956346][ T6385] bridge_slave_1: entered promiscuous mode
[  119.988291][ T6385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.002154][ T6385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.038222][ T6385] team0: Port device team_slave_0 added
[  120.047307][ T6385] team0: Port device team_slave_1 added
[  120.081286][ T6385] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.088297][ T6385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.115438][ T6385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.128338][ T6385] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.135568][ T6385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.162597][ T6385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.203009][ T6385] hsr_slave_0: entered promiscuous mode
[  120.209542][ T6385] hsr_slave_1: entered promiscuous mode
[  120.927988][ T6385] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  120.941993][ T6385] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  120.953118][ T6385] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  120.964841][ T6385] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  121.076762][ T6385] 8021q: adding VLAN 0 to HW filter on device bond0
[  121.103587][ T6385] 8021q: adding VLAN 0 to HW filter on device team0
[  121.122623][   T73] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.129884][   T73] bridge0: port 1(bridge_slave_0) entered forwarding state
[  121.161458][   T73] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.169197][   T73] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.435851][ T6385] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.495746][ T6385] veth0_vlan: entered promiscuous mode
[  121.514661][ T6385] veth1_vlan: entered promiscuous mode
[  121.555719][ T6385] veth0_macvtap: entered promiscuous mode
[  121.568423][ T6385] veth1_macvtap: entered promiscuous mode
[  121.595342][ T6385] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.613248][ T6385] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.634591][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.653358][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.675406][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.698646][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.835731][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  121.849451][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  121.862002][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  121.874306][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  121.875424][   T73] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.894897][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  121.963233][   T73] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.030181][   T73] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.101156][   T73] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.364122][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.376753][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.410901][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.419704][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.365828][   T73] bridge_slave_1: left allmulticast mode
[  124.373834][   T73] bridge_slave_1: left promiscuous mode
[  124.381281][   T73] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.393425][   T73] bridge_slave_0: left allmulticast mode
[  124.402456][   T73] bridge_slave_0: left promiscuous mode
[  124.408355][   T73] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.752618][   T73] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.769423][   T73] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.780912][   T73] bond0 (unregistering): Released all slaves
[  124.925552][   T73] hsr_slave_0: left promiscuous mode
[  124.940578][   T73] hsr_slave_1: left promiscuous mode
[  124.946676][   T73] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.963949][   T73] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.972854][   T73] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.981557][   T73] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.003302][   T73] veth1_macvtap: left promiscuous mode
[  125.009102][   T73] veth0_macvtap: left promiscuous mode
[  125.014951][   T73] veth1_vlan: left promiscuous mode
[  125.022000][   T73] veth0_vlan: left promiscuous mode
[  125.487301][   T73] team0 (unregistering): Port device team_slave_1 removed
[  125.536387][   T73] team0 (unregistering): Port device team_slave_0 removed
2025/08/25 22:19:28 executed programs: 0
[  127.098633][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  127.113220][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  127.132431][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  127.150204][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  127.163994][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  127.567298][ T6597] chnl_net:caif_netlink_parms(): no params data found
[  127.772593][ T6597] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.780615][ T6597] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.787831][ T6597] bridge_slave_0: entered allmulticast mode
[  127.796509][ T6597] bridge_slave_0: entered promiscuous mode
[  127.806074][ T6597] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.814526][ T6597] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.824051][ T6597] bridge_slave_1: entered allmulticast mode
[  127.832815][ T6597] bridge_slave_1: entered promiscuous mode
[  127.891518][ T6597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.905085][ T6597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.952273][ T6597] team0: Port device team_slave_0 added
[  127.962089][ T6597] team0: Port device team_slave_1 added
[  128.021636][ T6597] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.029436][ T6597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.056660][ T6597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.069783][ T6597] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.076744][ T6597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.103636][ T6597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.170875][ T6597] hsr_slave_0: entered promiscuous mode
[  128.177608][ T6597] hsr_slave_1: entered promiscuous mode
[  128.637213][ T6597] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  128.654599][ T6597] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  128.665726][ T6597] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  128.678177][ T6597] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  128.795752][ T6597] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.820067][ T6597] 8021q: adding VLAN 0 to HW filter on device team0
[  128.835035][   T73] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.842431][   T73] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.871068][   T73] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.878250][   T73] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.911360][ T6597] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  128.922095][ T6597] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  129.149730][ T6597] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.208215][ T6597] veth0_vlan: entered promiscuous mode
[  129.227787][ T6597] veth1_vlan: entered promiscuous mode
[  129.262716][   T51] Bluetooth: hci0: command tx timeout
[  129.270199][ T6597] veth0_macvtap: entered promiscuous mode
[  129.283315][ T6597] veth1_macvtap: entered promiscuous mode
[  129.306697][ T6597] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.321338][ T6597] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.353062][ T2913] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.362210][ T2913] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.374548][ T2913] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.385137][ T2913] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.456782][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.470517][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.512903][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.521185][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.339053][   T51] Bluetooth: hci0: command tx timeout
2025/08/25 22:19:33 executed programs: 5
[  132.942114][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  132.948919][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.428857][   T51] Bluetooth: hci0: command tx timeout
[  135.498846][   T51] Bluetooth: hci0: command tx timeout
2025/08/25 22:19:38 executed programs: 11
2025/08/25 22:19:43 executed programs: 17
2025/08/25 22:19:48 executed programs: 23
2025/08/25 22:19:53 executed programs: 29
2025/08/25 22:19:58 executed programs: 35
2025/08/25 22:20:03 executed programs: 41
2025/08/25 22:20:09 executed programs: 47
2025/08/25 22:20:14 executed programs: 53
2025/08/25 22:20:19 executed programs: 59
2025/08/25 22:20:24 executed programs: 65
2025/08/25 22:20:29 executed programs: 71
2025/08/25 22:20:34 executed programs: 77
[  194.381814][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.388143][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
2025/08/25 22:20:39 executed programs: 83
2025/08/25 22:20:44 executed programs: 89
2025/08/25 22:20:49 executed programs: 95
2025/08/25 22:20:54 executed programs: 101
2025/08/25 22:20:59 executed programs: 107
2025/08/25 22:21:05 executed programs: 113
2025/08/25 22:21:10 executed programs: 119
2025/08/25 22:21:15 executed programs: 125
2025/08/25 22:21:20 executed programs: 131
2025/08/25 22:21:25 executed programs: 137
2025/08/25 22:21:30 executed programs: 143
[  252.778829][ T5182] Bluetooth: hci0: command 0x0406 tx timeout
2025/08/25 22:21:35 executed programs: 149
[  255.831567][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.837986][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
2025/08/25 22:21:40 executed programs: 155
2025/08/25 22:21:45 executed programs: 161
2025/08/25 22:21:50 executed programs: 167
2025/08/25 22:21:55 executed programs: 173
2025/08/25 22:22:00 executed programs: 179
2025/08/25 22:22:06 executed programs: 185
2025/08/25 22:22:11 executed programs: 191
2025/08/25 22:22:16 executed programs: 197
2025/08/25 22:22:21 executed programs: 203
2025/08/25 22:22:26 executed programs: 209
2025/08/25 22:22:31 executed programs: 215
2025/08/25 22:22:36 executed programs: 221
[  317.261191][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.267584][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
2025/08/25 22:22:41 executed programs: 227
[  320.400139][   T12] ==================================================================
[  320.408248][   T12] BUG: KASAN: slab-use-after-free in _raw_spin_lock_bh+0x36/0x50
[  320.415970][   T12] Read of size 1 at addr ffff88806f692758 by task kworker/u8:0/12
[  320.423758][   T12] 
[  320.426098][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) 
[  320.426111][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  320.426119][   T12] Workqueue: kkcmd kcm_tx_work
[  320.426143][   T12] Call Trace:
[  320.426149][   T12]  <TASK>
[  320.426155][   T12]  dump_stack_lvl+0x189/0x250
[  320.426168][   T12]  ? __virt_addr_valid+0x1c8/0x5c0
[  320.426179][   T12]  ? rcu_is_watching+0x15/0xb0
[  320.426188][   T12]  ? __kasan_check_byte+0x12/0x40
[  320.426201][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.426211][   T12]  ? rcu_is_watching+0x15/0xb0
[  320.426220][   T12]  ? lock_release+0x4b/0x3e0
[  320.426234][   T12]  ? __virt_addr_valid+0x1c8/0x5c0
[  320.426244][   T12]  ? __virt_addr_valid+0x4a5/0x5c0
[  320.426255][   T12]  print_report+0xca/0x240
[  320.426264][   T12]  ? _raw_spin_lock_bh+0x36/0x50
[  320.426275][   T12]  kasan_report+0x118/0x150
[  320.426288][   T12]  ? _raw_spin_lock_bh+0x36/0x50
[  320.426299][   T12]  ? __lock_sock+0x156/0x2b0
[  320.426309][   T12]  __kasan_check_byte+0x2a/0x40
[  320.426321][   T12]  lock_acquire+0x8d/0x360
[  320.426334][   T12]  ? schedule+0x91/0x360
[  320.426344][   T12]  ? kthread_data+0x4f/0xc0
[  320.426353][   T12]  ? __lock_sock+0x156/0x2b0
[  320.426362][   T12]  _raw_spin_lock_bh+0x36/0x50
[  320.426373][   T12]  ? __lock_sock+0x156/0x2b0
[  320.426382][   T12]  __lock_sock+0x156/0x2b0
[  320.426392][   T12]  ? __pfx___lock_sock+0x10/0x10
[  320.426400][   T12]  ? do_raw_spin_lock+0x121/0x290
[  320.426410][   T12]  ? __pfx_autoremove_wake_function+0x10/0x10
[  320.426422][   T12]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  320.426433][   T12]  ? lock_sock_nested+0x6a/0x100
[  320.426445][   T12]  lock_sock_nested+0x9f/0x100
[  320.426456][   T12]  kcm_tx_work+0x31/0x180
[  320.426466][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  320.426475][   T12]  process_scheduled_works+0xae1/0x17b0
[  320.426490][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  320.426502][   T12]  worker_thread+0x8a0/0xda0
[  320.426516][   T12]  kthread+0x711/0x8a0
[  320.426527][   T12]  ? __pfx_worker_thread+0x10/0x10
[  320.426536][   T12]  ? __pfx_kthread+0x10/0x10
[  320.426547][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  320.426557][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  320.426568][   T12]  ? __pfx_kthread+0x10/0x10
[  320.426578][   T12]  ret_from_fork+0x3f9/0x770
[  320.426588][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  320.426598][   T12]  ? __switch_to_asm+0x39/0x70
[  320.426609][   T12]  ? __switch_to_asm+0x33/0x70
[  320.426620][   T12]  ? __pfx_kthread+0x10/0x10
[  320.426630][   T12]  ret_from_fork_asm+0x1a/0x30
[  320.426644][   T12]  </TASK>
[  320.426648][   T12] 
[  320.680772][   T12] Allocated by task 7723:
[  320.685172][   T12]  kasan_save_track+0x3e/0x80
[  320.690271][   T12]  __kasan_slab_alloc+0x6c/0x80
[  320.695106][   T12]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  320.700558][   T12]  sk_prot_alloc+0x57/0x220
[  320.705045][   T12]  sk_alloc+0x3a/0x370
[  320.709112][   T12]  kcm_ioctl+0x214/0xff0
[  320.713347][   T12]  sock_do_ioctl+0xd9/0x300
[  320.717939][   T12]  sock_ioctl+0x576/0x790
[  320.722248][   T12]  __se_sys_ioctl+0xf9/0x170
[  320.726831][   T12]  do_syscall_64+0xfa/0x3b0
[  320.731326][   T12]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.737325][   T12] 
[  320.739635][   T12] Freed by task 7724:
[  320.743596][   T12]  kasan_save_track+0x3e/0x80
[  320.748277][   T12]  kasan_save_free_info+0x46/0x50
[  320.753370][   T12]  __kasan_slab_free+0x5b/0x80
[  320.758129][   T12]  kmem_cache_free+0x18f/0x400
[  320.762917][   T12]  __sk_destruct+0x4d2/0x660
[  320.767500][   T12]  kcm_release+0x528/0x5c0
[  320.771900][   T12]  sock_close+0xc0/0x240
[  320.776134][   T12]  __fput+0x44c/0xa70
[  320.780095][   T12]  fput_close_sync+0x119/0x200
[  320.784854][   T12]  __x64_sys_close+0x7f/0x110
[  320.789537][   T12]  do_syscall_64+0xfa/0x3b0
[  320.794056][   T12]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.800035][   T12] 
[  320.802354][   T12] Last potentially related work creation:
[  320.808168][   T12]  kasan_save_stack+0x3e/0x60
[  320.812867][   T12]  kasan_record_aux_stack+0xbd/0xd0
[  320.818051][   T12]  insert_work+0x3d/0x330
[  320.822457][   T12]  __queue_work+0xcd2/0xfb0
[  320.826945][   T12]  queue_work_on+0x181/0x270
[  320.831524][   T12]  kcm_unattach+0x863/0xe90
[  320.836236][   T12]  kcm_ioctl+0x794/0xff0
[  320.840463][   T12]  sock_do_ioctl+0xd9/0x300
[  320.844953][   T12]  sock_ioctl+0x576/0x790
[  320.849268][   T12]  __se_sys_ioctl+0xf9/0x170
[  320.854027][   T12]  do_syscall_64+0xfa/0x3b0
[  320.858588][   T12]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.864763][   T12] 
[  320.867090][   T12] Second to last potentially related work creation:
[  320.873758][   T12]  kasan_save_stack+0x3e/0x60
[  320.878520][   T12]  kasan_record_aux_stack+0xbd/0xd0
[  320.883704][   T12]  insert_work+0x3d/0x330
[  320.888051][   T12]  __queue_work+0xcd2/0xfb0
[  320.892640][   T12]  queue_work_on+0x181/0x270
[  320.897300][   T12]  kcm_ioctl+0xe52/0xff0
[  320.901526][   T12]  sock_do_ioctl+0xd9/0x300
[  320.906103][   T12]  sock_ioctl+0x576/0x790
[  320.910528][   T12]  __se_sys_ioctl+0xf9/0x170
[  320.915109][   T12]  do_syscall_64+0xfa/0x3b0
[  320.919598][   T12]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.925474][   T12] 
[  320.927785][   T12] The buggy address belongs to the object at ffff88806f692580
[  320.927785][   T12]  which belongs to the cache KCM of size 1792
[  320.941227][   T12] The buggy address is located 472 bytes inside of
[  320.941227][   T12]  freed 1792-byte region [ffff88806f692580, ffff88806f692c80)
[  320.955198][   T12] 
[  320.957510][   T12] The buggy address belongs to the physical page:
[  320.963988][   T12] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6f690
[  320.972774][   T12] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  320.981313][   T12] memcg:ffff888024cb3e01
[  320.985580][   T12] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  320.993491][   T12] page_type: f5(slab)
[  320.997467][   T12] raw: 00fff00000000040 ffff88814c835640 ffffea0001edf000 dead000000000003
[  321.006381][   T12] raw: 0000000000000000 0000000080110011 00000000f5000000 ffff888024cb3e01
[  321.014950][   T12] head: 00fff00000000040 ffff88814c835640 ffffea0001edf000 dead000000000003
[  321.023628][   T12] head: 0000000000000000 0000000080110011 00000000f5000000 ffff888024cb3e01
[  321.032473][   T12] head: 00fff00000000003 ffffea0001bda401 00000000ffffffff 00000000ffffffff
[  321.041131][   T12] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  321.049784][   T12] page dumped because: kasan: bad access detected
[  321.056289][   T12] page_owner tracks the page as allocated
[  321.061998][   T12] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6679, tgid 6678 (syz.0.16), ts 129590292278, free_ts 129043245985
[  321.083201][   T12]  post_alloc_hook+0x240/0x2a0
[  321.087960][   T12]  get_page_from_freelist+0x21e4/0x22c0
[  321.093485][   T12]  __alloc_frozen_pages_noprof+0x181/0x370
[  321.099275][   T12]  alloc_pages_mpol+0x232/0x4a0
[  321.104109][   T12]  allocate_slab+0x8a/0x370
[  321.108611][   T12]  ___slab_alloc+0xbeb/0x1410
[  321.113303][   T12]  kmem_cache_alloc_noprof+0x283/0x3c0
[  321.118747][   T12]  sk_prot_alloc+0x57/0x220
[  321.123229][   T12]  sk_alloc+0x3a/0x370
[  321.127277][   T12]  kcm_create+0x100/0x580
[  321.131587][   T12]  __sock_create+0x4b3/0x9f0
[  321.136246][   T12]  __sys_socket+0xd7/0x1b0
[  321.140642][   T12]  __x64_sys_socket+0x7a/0x90
[  321.145304][   T12]  do_syscall_64+0xfa/0x3b0
[  321.149791][   T12]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.155668][   T12] page last free pid 6597 tgid 6597 stack trace:
[  321.162072][   T12]  __free_frozen_pages+0xbc4/0xd30
[  321.167187][   T12]  __put_partials+0x156/0x1a0
[  321.171843][   T12]  put_cpu_partial+0x17c/0x250
[  321.176589][   T12]  __slab_free+0x2d5/0x3c0
[  321.180986][   T12]  qlist_free_all+0x97/0x140
[  321.185556][   T12]  kasan_quarantine_reduce+0x148/0x160
[  321.191433][   T12]  __kasan_slab_alloc+0x22/0x80
[  321.196528][   T12]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  321.202520][   T12]  __alloc_skb+0x112/0x2d0
[  321.207011][   T12]  netlink_sendmsg+0x5c6/0xb30
[  321.212028][   T12]  __sock_sendmsg+0x21c/0x270
[  321.216896][   T12]  __sys_sendto+0x3bd/0x520
[  321.221412][   T12]  __x64_sys_sendto+0xde/0x100
[  321.226186][   T12]  do_syscall_64+0xfa/0x3b0
[  321.230696][   T12]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.236574][   T12] 
[  321.238882][   T12] Memory state around the buggy address:
[  321.244514][   T12]  ffff88806f692600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  321.252586][   T12]  ffff88806f692680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  321.260752][   T12] >ffff88806f692700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  321.268848][   T12]                                                     ^
[  321.275852][   T12]  ffff88806f692780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  321.283898][   T12]  ffff88806f692800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  321.291945][   T12] ==================================================================
[  321.300139][   T12] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  321.307335][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) 
[  321.316628][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  321.327110][   T12] Workqueue: kkcmd kcm_tx_work
[  321.331880][   T12] Call Trace:
[  321.335172][   T12]  <TASK>
[  321.338176][   T12]  dump_stack_lvl+0x99/0x250
[  321.342753][   T12]  ? __asan_memcpy+0x40/0x70
[  321.347328][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.352513][   T12]  ? __pfx__printk+0x10/0x10
[  321.357097][   T12]  vpanic+0x281/0x750
[  321.361063][   T12]  ? __pfx_print_hex_dump+0x10/0x10
[  321.366249][   T12]  ? __pfx_vpanic+0x10/0x10
[  321.370748][   T12]  ? irqentry_exit+0x74/0x90
[  321.375321][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  321.380508][   T12]  panic+0xb9/0xc0
[  321.384214][   T12]  ? __pfx_panic+0x10/0x10
[  321.388612][   T12]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  321.394681][   T12]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  321.401084][   T12]  ? _raw_spin_lock_bh+0x36/0x50
[  321.406031][   T12]  check_panic_on_warn+0x89/0xb0
[  321.410990][   T12]  ? _raw_spin_lock_bh+0x36/0x50
[  321.415928][   T12]  end_report+0x78/0x160
[  321.420162][   T12]  kasan_report+0x129/0x150
[  321.424744][   T12]  ? _raw_spin_lock_bh+0x36/0x50
[  321.429846][   T12]  ? __lock_sock+0x156/0x2b0
[  321.434506][   T12]  __kasan_check_byte+0x2a/0x40
[  321.439342][   T12]  lock_acquire+0x8d/0x360
[  321.443844][   T12]  ? schedule+0x91/0x360
[  321.448071][   T12]  ? kthread_data+0x4f/0xc0
[  321.452558][   T12]  ? __lock_sock+0x156/0x2b0
[  321.457135][   T12]  _raw_spin_lock_bh+0x36/0x50
[  321.461892][   T12]  ? __lock_sock+0x156/0x2b0
[  321.466461][   T12]  __lock_sock+0x156/0x2b0
[  321.470863][   T12]  ? __pfx___lock_sock+0x10/0x10
[  321.475791][   T12]  ? do_raw_spin_lock+0x121/0x290
[  321.480802][   T12]  ? __pfx_autoremove_wake_function+0x10/0x10
[  321.486887][   T12]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  321.492539][   T12]  ? lock_sock_nested+0x6a/0x100
[  321.498361][   T12]  lock_sock_nested+0x9f/0x100
[  321.503252][   T12]  kcm_tx_work+0x31/0x180
[  321.507673][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  321.513406][   T12]  process_scheduled_works+0xae1/0x17b0
[  321.519052][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  321.525023][   T12]  worker_thread+0x8a0/0xda0
[  321.529617][   T12]  kthread+0x711/0x8a0
[  321.533686][   T12]  ? __pfx_worker_thread+0x10/0x10
[  321.538870][   T12]  ? __pfx_kthread+0x10/0x10
[  321.543476][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  321.548732][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  321.554103][   T12]  ? __pfx_kthread+0x10/0x10
[  321.558682][   T12]  ret_from_fork+0x3f9/0x770
[  321.563441][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  321.568627][   T12]  ? __switch_to_asm+0x39/0x70
[  321.573391][   T12]  ? __switch_to_asm+0x33/0x70
[  321.578161][   T12]  ? __pfx_kthread+0x10/0x10
[  321.582741][   T12]  ret_from_fork_asm+0x1a/0x30
[  321.587512][   T12]  </TASK>
[  321.590869][   T12] Kernel Offset: disabled
[  321.595201][   T12] Rebooting in 86400 seconds..