[ 81.862140][ T283] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.878287][ T283] veth1_macvtap: left promiscuous mode [ 81.885028][ T283] veth0_macvtap: left promiscuous mode [ 81.890667][ T283] veth1_vlan: left promiscuous mode [ 81.896008][ T283] veth0_vlan: left promiscuous mode [ 82.129996][ T283] team0 (unregistering): Port device team_slave_1 removed [ 82.152653][ T283] team0 (unregistering): Port device team_slave_0 removed [ 82.171164][ T283] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 82.188762][ T283] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 82.305476][ T283] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.1.248' (ED25519) to the list of known hosts. 2025/09/22 13:16:51 parsed 1 programs [ 100.978411][ T5716] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 103.171371][ T5755] chnl_net:caif_netlink_parms(): no params data found [ 103.227702][ T5755] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.235076][ T5755] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.242308][ T5755] bridge_slave_0: entered allmulticast mode [ 103.249354][ T5755] bridge_slave_0: entered promiscuous mode [ 103.259746][ T5755] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.267017][ T5755] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.274712][ T5755] bridge_slave_1: entered allmulticast mode [ 103.281349][ T5755] bridge_slave_1: entered promiscuous mode [ 103.305952][ T5755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.320679][ T5755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.346515][ T5755] team0: Port device team_slave_0 added [ 103.353601][ T5755] team0: Port device team_slave_1 added [ 103.374893][ T5755] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.381859][ T5755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.409865][ T5755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.427368][ T5755] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.435012][ T5755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.461387][ T5755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.498638][ T5755] hsr_slave_0: entered promiscuous mode [ 103.504901][ T5755] hsr_slave_1: entered promiscuous mode [ 104.163262][ T5755] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 104.173517][ T5755] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 104.185004][ T5755] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 104.195640][ T5755] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.877203][ T5755] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.900849][ T5755] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.914734][ T283] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.921919][ T283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.947793][ T283] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.955279][ T283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.368187][ T5755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.419980][ T5755] veth0_vlan: entered promiscuous mode [ 105.435461][ T5755] veth1_vlan: entered promiscuous mode [ 105.867780][ T5755] veth0_macvtap: entered promiscuous mode [ 105.878784][ T5755] veth1_macvtap: entered promiscuous mode [ 105.901892][ T5755] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.918475][ T5755] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.932282][ T5755] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.943155][ T5755] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.952509][ T5755] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.963036][ T5755] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.149087][ T1053] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.287115][ T1053] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.435549][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.443521][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.490057][ T283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.499043][ T283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.788711][ T4612] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 107.796897][ T4612] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 107.807347][ T4612] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 107.816341][ T4612] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 107.824221][ T4612] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 107.831642][ T4612] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 108.871218][ T1053] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.135593][ T1053] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.898475][ T1053] hsr_slave_0: left promiscuous mode [ 109.914825][ T1053] hsr_slave_1: left promiscuous mode [ 109.935808][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 109.943263][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.974688][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.991720][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 110.004338][ T1053] bridge_slave_1: left allmulticast mode [ 110.011823][ T1053] bridge_slave_1: left promiscuous mode 2025/09/22 13:17:01 executed programs: 0 [ 110.018430][ T1053] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.029532][ T1053] bridge_slave_0: left allmulticast mode [ 110.035486][ T1053] bridge_slave_0: left promiscuous mode [ 110.050859][ T1053] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.069440][ T1053] veth1_macvtap: left promiscuous mode [ 110.079902][ T1053] veth0_macvtap: left promiscuous mode [ 110.083098][ T5319] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 110.094122][ T1053] veth1_vlan: left promiscuous mode [ 110.095864][ T5319] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 110.099448][ T1053] veth0_vlan: left promiscuous mode [ 110.106661][ T5319] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 110.120356][ T5319] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 110.128564][ T5319] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 110.136691][ T5319] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 110.431261][ T1053] team0 (unregistering): Port device team_slave_1 removed [ 110.457605][ T1053] team0 (unregistering): Port device team_slave_0 removed [ 110.478749][ T1053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.499198][ T1053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 110.620893][ T1053] bond0 (unregistering): Released all slaves [ 110.963817][ T6092] chnl_net:caif_netlink_parms(): no params data found [ 111.065089][ T6092] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.073771][ T6092] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.081063][ T6092] bridge_slave_0: entered allmulticast mode [ 111.092413][ T6092] bridge_slave_0: entered promiscuous mode [ 111.102009][ T6092] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.109568][ T6092] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.117040][ T6092] bridge_slave_1: entered allmulticast mode [ 111.124595][ T6092] bridge_slave_1: entered promiscuous mode [ 111.166728][ T6092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 111.178741][ T6092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 111.216896][ T6092] team0: Port device team_slave_0 added [ 111.226468][ T6092] team0: Port device team_slave_1 added [ 111.272986][ T6092] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 111.284358][ T6092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.335679][ T6092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 111.388625][ T6092] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 111.407175][ T6092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.442611][ T6092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 111.493106][ T6092] hsr_slave_0: entered promiscuous mode [ 111.500555][ T6092] hsr_slave_1: entered promiscuous mode [ 112.081985][ T6092] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 112.093317][ T6092] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 112.109095][ T6092] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 112.150959][ T6092] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 112.203818][ T5319] Bluetooth: hci0: command tx timeout [ 113.050546][ T6092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.076546][ T6092] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.090422][ T1053] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.097746][ T1053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.120999][ T1053] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.128240][ T1053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.517998][ T6092] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.568525][ T6092] veth0_vlan: entered promiscuous mode [ 113.583256][ T6092] veth1_vlan: entered promiscuous mode [ 114.007734][ T6092] veth0_macvtap: entered promiscuous mode [ 114.018174][ T6092] veth1_macvtap: entered promiscuous mode [ 114.036981][ T6092] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.051315][ T6092] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.064754][ T6092] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.073519][ T6092] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.083120][ T6092] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.092167][ T6092] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.163057][ T1053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.185465][ T1053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.211519][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.221991][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.283915][ T5319] Bluetooth: hci0: command tx timeout 2025/09/22 13:17:07 executed programs: 3 [ 116.364016][ T5319] Bluetooth: hci0: command tx timeout [ 118.444194][ T5319] Bluetooth: hci0: command tx timeout 2025/09/22 13:17:12 executed programs: 9 2025/09/22 13:17:17 executed programs: 15 [ 127.892558][ T283] ================================================================== [ 127.900852][ T283] BUG: KASAN: slab-use-after-free in __lock_acquire+0x91/0xba0 [ 127.908480][ T283] Read of size 8 at addr ffff8880207be6b8 by task kworker/u4:5/283 [ 127.916384][ T283] [ 127.918712][ T283] CPU: 1 PID: 283 Comm: kworker/u4:5 Not tainted syzkaller #0 [ 127.926166][ T283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 127.936305][ T283] Workqueue: kkcmd kcm_tx_work [ 127.941079][ T283] Call Trace: [ 127.944358][ T283] [ 127.947289][ T283] dump_stack_lvl+0x168/0x230 [ 127.951966][ T283] ? __lock_acquire+0xba0/0xba0 [ 127.956829][ T283] ? show_regs_print_info+0x20/0x20 [ 127.962028][ T283] ? load_image+0x630/0x630 [ 127.966743][ T283] ? _raw_spin_lock_irqsave+0xa6/0xe0 [ 127.972145][ T283] ? __virt_addr_valid+0x16c/0x380 [ 127.977252][ T283] ? __virt_addr_valid+0x2c5/0x380 [ 127.982528][ T283] print_report+0xac/0x220 [ 127.987051][ T283] ? __lock_acquire+0x91/0xba0 [ 127.991926][ T283] kasan_report+0x117/0x150 [ 127.996433][ T283] ? __lock_acquire+0x91/0xba0 [ 128.001198][ T283] __lock_acquire+0x91/0xba0 [ 128.005789][ T283] lock_acquire+0x171/0x350 [ 128.010331][ T283] ? kcm_tx_work+0x31/0x180 [ 128.014846][ T283] ? read_lock_is_recursive+0x20/0x20 [ 128.020313][ T283] ? __lock_acquire+0xba0/0xba0 [ 128.025168][ T283] lock_sock_nested+0x48/0xf0 [ 128.029930][ T283] ? kcm_tx_work+0x31/0x180 [ 128.034471][ T283] kcm_tx_work+0x31/0x180 [ 128.038805][ T283] ? process_scheduled_works+0x910/0x1420 [ 128.044697][ T283] process_scheduled_works+0x9cd/0x1420 [ 128.050264][ T283] ? assign_work+0x3e0/0x3e0 [ 128.054870][ T283] ? assign_work+0x38b/0x3e0 [ 128.059471][ T283] worker_thread+0xa0f/0xec0 [ 128.064356][ T283] ? _raw_spin_unlock_irqrestore+0xa1/0x100 [ 128.070270][ T283] kthread+0x27c/0x2e0 [ 128.074345][ T283] ? pr_cont_work+0x560/0x560 [ 128.079141][ T283] ? kthread_blkcg+0xd0/0xd0 [ 128.083772][ T283] ret_from_fork+0x48/0x80 [ 128.088208][ T283] ? kthread_blkcg+0xd0/0xd0 [ 128.093001][ T283] ret_from_fork_asm+0x11/0x20 [ 128.097872][ T283] [ 128.100884][ T283] [ 128.103304][ T283] Allocated by task 6346: [ 128.107650][ T283] kasan_set_track+0x4e/0x70 [ 128.112396][ T283] __kasan_slab_alloc+0x6c/0x80 [ 128.117375][ T283] slab_post_alloc_hook+0x66/0x430 [ 128.122486][ T283] kmem_cache_alloc+0x11e/0x2a0 [ 128.127335][ T283] sk_prot_alloc+0x57/0x210 [ 128.131834][ T283] sk_alloc+0x38/0x8c0 [ 128.135897][ T283] kcm_ioctl+0x210/0xfc0 [ 128.140139][ T283] sock_do_ioctl+0xd7/0x2f0 [ 128.144718][ T283] sock_ioctl+0x5fc/0x770 [ 128.149054][ T283] __se_sys_ioctl+0xfd/0x170 [ 128.153644][ T283] do_syscall_64+0x55/0xb0 [ 128.158064][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.163949][ T283] [ 128.166265][ T283] Freed by task 6347: [ 128.170231][ T283] kasan_set_track+0x4e/0x70 [ 128.174862][ T283] kasan_save_free_info+0x2e/0x50 [ 128.179886][ T283] ____kasan_slab_free+0x126/0x1e0 [ 128.184994][ T283] slab_free_freelist_hook+0x130/0x1b0 [ 128.190447][ T283] kmem_cache_free+0xe7/0x250 [ 128.195130][ T283] __sk_destruct+0x4f3/0x730 [ 128.199713][ T283] kcm_release+0x4c8/0x530 [ 128.204121][ T283] sock_close+0xbd/0x230 [ 128.208357][ T283] __fput+0x21b/0x960 [ 128.212336][ T283] __se_sys_close+0x15f/0x220 [ 128.217003][ T283] do_syscall_64+0x55/0xb0 [ 128.221421][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.227305][ T283] [ 128.229628][ T283] Last potentially related work creation: [ 128.235363][ T283] kasan_save_stack+0x3e/0x60 [ 128.240295][ T283] __kasan_record_aux_stack+0xaf/0xc0 [ 128.245669][ T283] insert_work+0x3c/0x240 [ 128.249993][ T283] __queue_work+0x9e3/0xd00 [ 128.254508][ T283] queue_work_on+0xe7/0x1b0 [ 128.259020][ T283] kcm_unattach+0x947/0xf40 [ 128.263612][ T283] kcm_ioctl+0x7ce/0xfc0 [ 128.267870][ T283] sock_do_ioctl+0xd7/0x2f0 [ 128.272372][ T283] sock_ioctl+0x5fc/0x770 [ 128.276693][ T283] __se_sys_ioctl+0xfd/0x170 [ 128.281277][ T283] do_syscall_64+0x55/0xb0 [ 128.285883][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.291800][ T283] [ 128.294130][ T283] Second to last potentially related work creation: [ 128.300739][ T283] kasan_save_stack+0x3e/0x60 [ 128.305446][ T283] __kasan_record_aux_stack+0xaf/0xc0 [ 128.310848][ T283] insert_work+0x3c/0x240 [ 128.315185][ T283] __queue_work+0x9e3/0xd00 [ 128.319819][ T283] queue_work_on+0xe7/0x1b0 [ 128.324328][ T283] kcm_ioctl+0xe2c/0xfc0 [ 128.328567][ T283] sock_do_ioctl+0xd7/0x2f0 [ 128.333150][ T283] sock_ioctl+0x5fc/0x770 [ 128.337475][ T283] __se_sys_ioctl+0xfd/0x170 [ 128.342068][ T283] do_syscall_64+0x55/0xb0 [ 128.346564][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.352460][ T283] [ 128.354791][ T283] The buggy address belongs to the object at ffff8880207be580 [ 128.354791][ T283] which belongs to the cache KCM of size 1720 [ 128.368318][ T283] The buggy address is located 312 bytes inside of [ 128.368318][ T283] freed 1720-byte region [ffff8880207be580, ffff8880207bec38) [ 128.382494][ T283] [ 128.384907][ T283] The buggy address belongs to the physical page: [ 128.391449][ T283] page:ffffea000081ee00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x207b8 [ 128.401621][ T283] head:ffffea000081ee00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 128.410590][ T283] memcg:ffff888069920501 [ 128.414826][ T283] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 128.422795][ T283] page_type: 0xffffffff() [ 128.427117][ T283] raw: 00fff00000000840 ffff88814c3548c0 dead000000000122 0000000000000000 [ 128.435722][ T283] raw: 0000000000000000 0000000080110011 00000001ffffffff ffff888069920501 [ 128.444378][ T283] page dumped because: kasan: bad access detected [ 128.450786][ T283] page_owner tracks the page as allocated [ 128.456492][ T283] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6281, tgid 6280 (syz.0.16), ts 114311879856, free_ts 114157313960 [ 128.479159][ T283] post_alloc_hook+0x26b/0x290 [ 128.483923][ T283] get_page_from_freelist+0x2a35/0x2b70 [ 128.489463][ T283] __alloc_pages+0x1e3/0x430 [ 128.494046][ T283] alloc_slab_page+0x5d/0x170 [ 128.498714][ T283] new_slab+0x70/0x260 [ 128.502776][ T283] ___slab_alloc+0xa3e/0xee0 [ 128.507356][ T283] kmem_cache_alloc+0x19c/0x2a0 [ 128.512211][ T283] sk_prot_alloc+0x57/0x210 [ 128.516713][ T283] sk_alloc+0x38/0x8c0 [ 128.520772][ T283] kcm_create+0x185/0x5e0 [ 128.525100][ T283] __sock_create+0x3d9/0x8b0 [ 128.529686][ T283] __sys_socket+0xd7/0x1a0 [ 128.534108][ T283] __x64_sys_socket+0x7a/0x90 [ 128.538988][ T283] do_syscall_64+0x55/0xb0 [ 128.543416][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.549305][ T283] page last free stack trace: [ 128.554065][ T283] free_unref_page_prepare+0x7d5/0x8e0 [ 128.559518][ T283] free_unref_page+0x32/0x290 [ 128.564183][ T283] __unfreeze_partials+0x1a4/0x1e0 [ 128.569400][ T283] put_cpu_partial+0x14c/0x1b0 [ 128.574180][ T283] __slab_free+0x297/0x380 [ 128.578765][ T283] qlist_free_all+0x75/0xe0 [ 128.583375][ T283] kasan_quarantine_reduce+0x143/0x160 [ 128.588837][ T283] __kasan_slab_alloc+0x22/0x80 [ 128.594044][ T283] slab_post_alloc_hook+0x66/0x430 [ 128.599271][ T283] kmem_cache_alloc_node+0x150/0x2e0 [ 128.604600][ T283] __alloc_skb+0x10d/0x440 [ 128.609029][ T283] netlink_ack+0x372/0x1000 [ 128.613562][ T283] netlink_rcv_skb+0x29a/0x480 [ 128.618363][ T283] genl_rcv+0x28/0x40 [ 128.622422][ T283] netlink_unicast+0x71b/0x890 [ 128.627197][ T283] netlink_sendmsg+0x937/0xba0 [ 128.631977][ T283] [ 128.634302][ T283] Memory state around the buggy address: [ 128.640020][ T283] ffff8880207be580: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.648077][ T283] ffff8880207be600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.656129][ T283] >ffff8880207be680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.664180][ T283] ^ [ 128.670165][ T283] ffff8880207be700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.678408][ T283] ffff8880207be780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 128.686475][ T283] ================================================================== [ 128.694544][ T283] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 128.702019][ T283] Kernel Offset: disabled [ 128.706349][ T283] Rebooting in 86400 seconds..