Warning: Permanently added '10.128.1.74' (ED25519) to the list of known hosts. 2025/12/02 20:33:18 parsed 1 programs [ 101.898693][ T5721] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 104.341805][ T1048] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.354972][ T1048] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.378940][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.386892][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.619500][ T5778] chnl_net:caif_netlink_parms(): no params data found [ 104.689307][ T5778] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.697071][ T5778] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.704462][ T5778] bridge_slave_0: entered allmulticast mode [ 104.711491][ T5778] bridge_slave_0: entered promiscuous mode [ 104.719240][ T5778] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.726868][ T5778] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.734382][ T5778] bridge_slave_1: entered allmulticast mode [ 104.741345][ T5778] bridge_slave_1: entered promiscuous mode [ 104.763238][ T5778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.775521][ T5778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.812272][ T5778] team0: Port device team_slave_0 added [ 104.828624][ T5778] team0: Port device team_slave_1 added [ 104.848005][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.856716][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.884496][ T5778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.904842][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.912211][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.938938][ T5778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.970158][ T5778] hsr_slave_0: entered promiscuous mode [ 104.977331][ T5778] hsr_slave_1: entered promiscuous mode [ 105.477411][ T5778] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.490235][ T5778] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.501467][ T5778] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.523875][ T5778] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.164572][ T5778] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.189024][ T5778] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.202566][ T4007] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.210161][ T4007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.226569][ T1054] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.234771][ T1054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.602851][ T5778] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.652818][ T5778] veth0_vlan: entered promiscuous mode [ 106.667343][ T5778] veth1_vlan: entered promiscuous mode [ 107.052018][ T5778] veth0_macvtap: entered promiscuous mode [ 107.062957][ T5778] veth1_macvtap: entered promiscuous mode [ 107.087283][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.104587][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.118812][ T5778] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.129764][ T5778] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.139617][ T5778] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.150454][ T5778] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.315458][ T3203] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.414654][ T3203] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.644888][ T4616] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 108.664223][ T4616] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 108.672087][ T4616] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 108.704109][ T4616] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 108.723104][ T4616] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 108.732382][ T4616] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 2025/12/02 20:33:27 executed programs: 0 [ 109.399388][ T5222] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 109.406952][ T5222] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 109.414414][ T5222] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 109.422307][ T5222] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 109.430149][ T5222] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 109.437663][ T5222] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 109.658030][ T6034] chnl_net:caif_netlink_parms(): no params data found [ 109.737352][ T6034] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.745270][ T6034] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.752501][ T6034] bridge_slave_0: entered allmulticast mode [ 109.760483][ T6034] bridge_slave_0: entered promiscuous mode [ 109.768984][ T6034] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.777565][ T6034] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.785283][ T6034] bridge_slave_1: entered allmulticast mode [ 109.792500][ T6034] bridge_slave_1: entered promiscuous mode [ 109.826041][ T6034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.838708][ T6034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.880157][ T6034] team0: Port device team_slave_0 added [ 109.888585][ T6034] team0: Port device team_slave_1 added [ 109.929673][ T3203] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.946574][ T6034] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.954647][ T6034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.982959][ T6034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.996273][ T6034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.003257][ T6034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.031257][ T6034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.082096][ T6034] hsr_slave_0: entered promiscuous mode [ 110.090133][ T6034] hsr_slave_1: entered promiscuous mode [ 110.098752][ T6034] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 110.106990][ T6034] Cannot create hsr debugfs directory [ 110.464589][ T3203] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.087735][ T6034] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 111.114015][ T6034] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 111.126647][ T6034] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 111.138100][ T6034] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 111.165196][ T3203] hsr_slave_0: left promiscuous mode [ 111.171943][ T3203] hsr_slave_1: left promiscuous mode [ 111.178597][ T3203] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 111.187678][ T3203] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 111.197020][ T3203] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 111.206057][ T3203] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.214261][ T3203] bridge_slave_1: left allmulticast mode [ 111.220280][ T3203] bridge_slave_1: left promiscuous mode [ 111.228350][ T3203] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.237817][ T3203] bridge_slave_0: left allmulticast mode [ 111.245321][ T3203] bridge_slave_0: left promiscuous mode [ 111.251351][ T3203] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.269473][ T3203] veth1_macvtap: left promiscuous mode [ 111.278747][ T3203] veth0_macvtap: left promiscuous mode [ 111.284975][ T3203] veth1_vlan: left promiscuous mode [ 111.290783][ T3203] veth0_vlan: left promiscuous mode [ 111.475364][ T4616] Bluetooth: hci0: command tx timeout [ 111.628960][ T3203] team0 (unregistering): Port device team_slave_1 removed [ 111.655765][ T3203] team0 (unregistering): Port device team_slave_0 removed [ 111.682548][ T3203] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 111.714644][ T3203] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 111.964812][ T3203] bond0 (unregistering): Released all slaves [ 112.795592][ T6034] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.847923][ T6034] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.861076][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.868398][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.934744][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.942199][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.967763][ T6034] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 113.425977][ T6034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.470882][ T6034] veth0_vlan: entered promiscuous mode [ 113.486966][ T6034] veth1_vlan: entered promiscuous mode [ 113.553485][ T4616] Bluetooth: hci0: command tx timeout [ 113.878358][ T6034] veth0_macvtap: entered promiscuous mode [ 113.888940][ T6034] veth1_macvtap: entered promiscuous mode [ 113.916363][ T6034] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.931304][ T6034] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.947614][ T6034] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.959758][ T6034] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.970242][ T6034] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.981983][ T6034] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.054261][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.062389][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.096400][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.105280][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/12/02 20:33:33 executed programs: 3 [ 115.633524][ T4616] Bluetooth: hci0: command tx timeout [ 117.713485][ T4616] Bluetooth: hci0: command tx timeout 2025/12/02 20:33:38 executed programs: 9 [ 124.408144][ T11] ================================================================== [ 124.416538][ T11] BUG: KASAN: slab-use-after-free in __lock_acquire+0x91/0xba0 [ 124.424106][ T11] Read of size 8 at addr ffff88801fcdac38 by task kworker/u4:0/11 [ 124.432047][ T11] [ 124.434375][ T11] CPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted syzkaller #0 [ 124.441933][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 124.452030][ T11] Workqueue: kkcmd kcm_tx_work [ 124.456952][ T11] Call Trace: [ 124.460270][ T11] [ 124.463189][ T11] dump_stack_lvl+0x168/0x230 [ 124.468071][ T11] ? __lock_acquire+0xba0/0xba0 [ 124.473008][ T11] ? show_regs_print_info+0x20/0x20 [ 124.478206][ T11] ? load_image+0x630/0x630 [ 124.482780][ T11] ? _raw_spin_lock_irqsave+0xa6/0xe0 [ 124.488320][ T11] ? __virt_addr_valid+0x16c/0x380 [ 124.493439][ T11] ? __virt_addr_valid+0x2c5/0x380 [ 124.498544][ T11] print_report+0xac/0x220 [ 124.502965][ T11] ? __lock_acquire+0x91/0xba0 [ 124.507836][ T11] kasan_report+0x117/0x150 [ 124.512357][ T11] ? __lock_acquire+0x91/0xba0 [ 124.517419][ T11] __lock_acquire+0x91/0xba0 [ 124.522027][ T11] ? __lock_sock+0x143/0x230 [ 124.526629][ T11] lock_acquire+0x171/0x350 [ 124.531487][ T11] ? __lock_sock+0x150/0x230 [ 124.536172][ T11] ? read_lock_is_recursive+0x20/0x20 [ 124.541735][ T11] ? kthread_data+0x19/0x60 [ 124.546599][ T11] ? wq_worker_sleeping+0x63/0x240 [ 124.551901][ T11] ? __lock_sock+0x150/0x230 [ 124.556575][ T11] _raw_spin_lock_bh+0x33/0x50 [ 124.561420][ T11] ? __lock_sock+0x150/0x230 [ 124.565999][ T11] __lock_sock+0x150/0x230 [ 124.570406][ T11] ? sk_stream_moderate_sndbuf+0x220/0x220 [ 124.576207][ T11] ? do_raw_spin_lock+0x121/0x2c0 [ 124.581227][ T11] ? wake_bit_function+0x200/0x200 [ 124.586504][ T11] ? __rwlock_init+0x150/0x150 [ 124.591261][ T11] ? __lock_acquire+0xba0/0xba0 [ 124.596113][ T11] ? lock_sock_nested+0x59/0xf0 [ 124.601065][ T11] lock_sock_nested+0x8e/0xf0 [ 124.605737][ T11] kcm_tx_work+0x31/0x180 [ 124.610318][ T11] ? process_scheduled_works+0x910/0x1420 [ 124.616219][ T11] process_scheduled_works+0x9cd/0x1420 [ 124.622038][ T11] ? assign_work+0x3e0/0x3e0 [ 124.626703][ T11] ? assign_work+0x38b/0x3e0 [ 124.631363][ T11] worker_thread+0xa0f/0xec0 [ 124.636208][ T11] kthread+0x27c/0x2e0 [ 124.640292][ T11] ? pr_cont_work+0x560/0x560 [ 124.644998][ T11] ? kthread_blkcg+0xd0/0xd0 [ 124.649681][ T11] ret_from_fork+0x48/0x80 [ 124.654350][ T11] ? kthread_blkcg+0xd0/0xd0 [ 124.659019][ T11] ret_from_fork_asm+0x11/0x20 [ 124.663864][ T11] [ 124.666986][ T11] [ 124.669467][ T11] Allocated by task 6332: [ 124.674067][ T11] kasan_set_track+0x4e/0x70 [ 124.678744][ T11] __kasan_slab_alloc+0x6c/0x80 [ 124.683698][ T11] slab_post_alloc_hook+0x66/0x430 [ 124.688821][ T11] kmem_cache_alloc+0x11e/0x2a0 [ 124.693659][ T11] sk_prot_alloc+0x57/0x210 [ 124.698276][ T11] sk_alloc+0x38/0x8c0 [ 124.702603][ T11] kcm_ioctl+0x210/0xfc0 [ 124.706941][ T11] sock_do_ioctl+0xd7/0x2f0 [ 124.711517][ T11] sock_ioctl+0x5fc/0x770 [ 124.715833][ T11] __se_sys_ioctl+0xfd/0x170 [ 124.720759][ T11] do_syscall_64+0x55/0xb0 [ 124.725729][ T11] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.731627][ T11] [ 124.734222][ T11] Freed by task 6333: [ 124.738285][ T11] kasan_set_track+0x4e/0x70 [ 124.743063][ T11] kasan_save_free_info+0x2e/0x50 [ 124.748287][ T11] ____kasan_slab_free+0x126/0x1e0 [ 124.753508][ T11] slab_free_freelist_hook+0x130/0x1b0 [ 124.759076][ T11] kmem_cache_free+0xe7/0x250 [ 124.763953][ T11] __sk_destruct+0x4f3/0x730 [ 124.768556][ T11] kcm_release+0x4c8/0x530 [ 124.773066][ T11] sock_close+0xbd/0x230 [ 124.777384][ T11] __fput+0x21b/0x960 [ 124.781395][ T11] __se_sys_close+0x15f/0x220 [ 124.786150][ T11] do_syscall_64+0x55/0xb0 [ 124.790569][ T11] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.796754][ T11] [ 124.799065][ T11] Last potentially related work creation: [ 124.804850][ T11] kasan_save_stack+0x3e/0x60 [ 124.809744][ T11] __kasan_record_aux_stack+0xaf/0xc0 [ 124.815206][ T11] insert_work+0x3c/0x240 [ 124.819623][ T11] __queue_work+0x9e3/0xd00 [ 124.824293][ T11] queue_work_on+0xe7/0x1b0 [ 124.828810][ T11] kcm_unattach+0x947/0xf40 [ 124.833353][ T11] kcm_ioctl+0x7ce/0xfc0 [ 124.837715][ T11] sock_do_ioctl+0xd7/0x2f0 [ 124.842381][ T11] sock_ioctl+0x5fc/0x770 [ 124.846926][ T11] __se_sys_ioctl+0xfd/0x170 [ 124.851607][ T11] do_syscall_64+0x55/0xb0 [ 124.856029][ T11] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.862016][ T11] [ 124.864338][ T11] Second to last potentially related work creation: [ 124.871011][ T11] kasan_save_stack+0x3e/0x60 [ 124.875776][ T11] __kasan_record_aux_stack+0xaf/0xc0 [ 124.881230][ T11] insert_work+0x3c/0x240 [ 124.885557][ T11] __queue_work+0x9e3/0xd00 [ 124.890397][ T11] queue_work_on+0xe7/0x1b0 [ 124.895181][ T11] kcm_ioctl+0xe2c/0xfc0 [ 124.899437][ T11] sock_do_ioctl+0xd7/0x2f0 [ 124.904188][ T11] sock_ioctl+0x5fc/0x770 [ 124.908688][ T11] __se_sys_ioctl+0xfd/0x170 [ 124.913440][ T11] do_syscall_64+0x55/0xb0 [ 124.917928][ T11] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.923920][ T11] [ 124.926247][ T11] The buggy address belongs to the object at ffff88801fcdab80 [ 124.926247][ T11] which belongs to the cache KCM of size 1720 [ 124.939961][ T11] The buggy address is located 184 bytes inside of [ 124.939961][ T11] freed 1720-byte region [ffff88801fcdab80, ffff88801fcdb238) [ 124.954097][ T11] [ 124.956414][ T11] The buggy address belongs to the physical page: [ 124.963075][ T11] page:ffffea00007f3600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1fcd8 [ 124.973317][ T11] head:ffffea00007f3600 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 124.982873][ T11] memcg:ffff88801fb05701 [ 124.987211][ T11] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 124.995369][ T11] page_type: 0xffffffff() [ 124.999705][ T11] raw: 00fff00000000840 ffff88814bd1e8c0 dead000000000122 0000000000000000 [ 125.008469][ T11] raw: 0000000000000000 0000000080110011 00000001ffffffff ffff88801fb05701 [ 125.017392][ T11] page dumped because: kasan: bad access detected [ 125.024159][ T11] page_owner tracks the page as allocated [ 125.030046][ T11] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6283, tgid 6282 (syz.0.16), ts 114211885768, free_ts 114202603985 [ 125.054060][ T11] post_alloc_hook+0x26b/0x290 [ 125.059091][ T11] get_page_from_freelist+0x2a35/0x2b70 [ 125.064631][ T11] __alloc_pages+0x1e3/0x430 [ 125.069296][ T11] alloc_slab_page+0x5d/0x170 [ 125.074063][ T11] new_slab+0x70/0x260 [ 125.078129][ T11] ___slab_alloc+0xa3e/0xee0 [ 125.082798][ T11] kmem_cache_alloc+0x19c/0x2a0 [ 125.087655][ T11] sk_prot_alloc+0x57/0x210 [ 125.092240][ T11] sk_alloc+0x38/0x8c0 [ 125.096349][ T11] kcm_create+0x185/0x5e0 [ 125.100694][ T11] __sock_create+0x3d9/0x8b0 [ 125.105390][ T11] __sys_socket+0xd7/0x1a0 [ 125.109992][ T11] __x64_sys_socket+0x7a/0x90 [ 125.114952][ T11] do_syscall_64+0x55/0xb0 [ 125.119401][ T11] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 125.125484][ T11] page last free stack trace: [ 125.130371][ T11] free_unref_page_prepare+0x7d5/0x8e0 [ 125.136345][ T11] free_unref_page+0x32/0x290 [ 125.141006][ T11] __unfreeze_partials+0x1a4/0x1e0 [ 125.146113][ T11] put_cpu_partial+0x14c/0x1b0 [ 125.150949][ T11] __slab_free+0x297/0x380 [ 125.155467][ T11] qlist_free_all+0x75/0xe0 [ 125.160349][ T11] kasan_quarantine_reduce+0x143/0x160 [ 125.165915][ T11] __kasan_slab_alloc+0x22/0x80 [ 125.170900][ T11] slab_post_alloc_hook+0x66/0x430 [ 125.176045][ T11] kmem_cache_alloc+0x11e/0x2a0 [ 125.180973][ T11] __pmd_alloc+0x116/0x850 [ 125.185379][ T11] move_page_tables+0x15b1/0x1750 [ 125.190392][ T11] setup_arg_pages+0xb37/0xee0 [ 125.195339][ T11] load_elf_binary+0xb98/0x2700 [ 125.200426][ T11] bprm_execve+0x808/0x1480 [ 125.205208][ T11] do_execveat_common+0x948/0xab0 [ 125.210406][ T11] [ 125.212733][ T11] Memory state around the buggy address: [ 125.218522][ T11] ffff88801fcdab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 125.226654][ T11] ffff88801fcdab80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 125.234803][ T11] >ffff88801fcdac00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 125.243322][ T11] ^ [ 125.249477][ T11] ffff88801fcdac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 125.257957][ T11] ffff88801fcdad00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 125.266266][ T11] ================================================================== [ 125.274936][ T11] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 125.282497][ T11] Kernel Offset: disabled [ 125.286912][ T11] Rebooting in 86400 seconds..