Warning: Permanently added '10.128.1.41' (ED25519) to the list of known hosts.
2026/02/08 16:32:08 parsed 1 programs
[ 75.118137][ T5771] cgroup: Unknown subsys name 'net'
[ 75.292673][ T5771] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 77.017924][ T5771] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 79.666257][ T1083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.674266][ T1083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.703445][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.712346][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 81.495857][ T5830] chnl_net:caif_netlink_parms(): no params data found
[ 81.586002][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.593107][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.600974][ T5830] bridge_slave_0: entered allmulticast mode
[ 81.607983][ T5830] bridge_slave_0: entered promiscuous mode
[ 81.623803][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.631014][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.638388][ T5830] bridge_slave_1: entered allmulticast mode
[ 81.645134][ T5830] bridge_slave_1: entered promiscuous mode
[ 81.682506][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.694266][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.719865][ T5830] team0: Port device team_slave_0 added
[ 81.728595][ T5830] team0: Port device team_slave_1 added
[ 81.757657][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 81.764602][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.790818][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 81.804365][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 81.811392][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.837612][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 81.925971][ T5830] hsr_slave_0: entered promiscuous mode
[ 81.932592][ T5830] hsr_slave_1: entered promiscuous mode
[ 82.246031][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 82.282366][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 82.294778][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 82.308829][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 82.450909][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.469229][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.481852][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.489300][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.505036][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.512188][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 82.683972][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 82.723147][ T5830] veth0_vlan: entered promiscuous mode
[ 82.733909][ T5830] veth1_vlan: entered promiscuous mode
[ 82.762658][ T5830] veth0_macvtap: entered promiscuous mode
[ 82.771668][ T5830] veth1_macvtap: entered promiscuous mode
[ 82.790266][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 82.803542][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 82.814741][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.824059][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.833104][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.842573][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.960182][ T1094] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.099666][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 83.107677][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 83.115130][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 83.124334][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 83.132818][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 83.140294][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/02/08 16:32:18 executed programs: 0
[ 84.051082][ T5084] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 84.059440][ T5084] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 84.068621][ T5084] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 84.077805][ T5084] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 84.085553][ T5084] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 84.093205][ T5084] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 84.224941][ T5879] chnl_net:caif_netlink_parms(): no params data found
[ 84.288085][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 84.295174][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state
[ 84.302492][ T5879] bridge_slave_0: entered allmulticast mode
[ 84.310809][ T5879] bridge_slave_0: entered promiscuous mode
[ 84.318603][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state
[ 84.326117][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state
[ 84.333238][ T5879] bridge_slave_1: entered allmulticast mode
[ 84.340450][ T5879] bridge_slave_1: entered promiscuous mode
[ 84.367514][ T5879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 84.380084][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 84.408647][ T5879] team0: Port device team_slave_0 added
[ 84.417863][ T5879] team0: Port device team_slave_1 added
[ 84.440098][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 84.447168][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 84.473132][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 84.486297][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 84.493251][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 84.519502][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 84.565011][ T5879] hsr_slave_0: entered promiscuous mode
[ 84.571349][ T5879] hsr_slave_1: entered promiscuous mode
[ 84.579083][ T5879] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 84.586926][ T5879] Cannot create hsr debugfs directory
[ 85.438084][ T1094] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 86.126437][ T5084] Bluetooth: hci0: command tx timeout
[ 86.918458][ T786] cfg80211: failed to load regulatory.db
[ 87.958942][ T1094] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 88.028771][ T1094] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 88.198664][ T5084] Bluetooth: hci0: command tx timeout
[ 88.923970][ T5879] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 88.938549][ T5879] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 88.961342][ T1094] hsr_slave_0: left promiscuous mode
[ 88.971150][ T1094] hsr_slave_1: left promiscuous mode
[ 88.977481][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 88.984924][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 88.996565][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 89.003986][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 89.014566][ T1094] bridge_slave_1: left allmulticast mode
[ 89.020321][ T1094] bridge_slave_1: left promiscuous mode
[ 89.029264][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 89.041147][ T1094] bridge_slave_0: left allmulticast mode
[ 89.048368][ T1094] bridge_slave_0: left promiscuous mode
[ 89.054040][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 89.074824][ T1094] veth1_macvtap: left promiscuous mode
[ 89.081810][ T1094] veth0_macvtap: left promiscuous mode
[ 89.088735][ T1094] veth1_vlan: left promiscuous mode
[ 89.094065][ T1094] veth0_vlan: left promiscuous mode
[ 89.498842][ T1094] team0 (unregistering): Port device team_slave_1 removed
[ 89.531460][ T1094] team0 (unregistering): Port device team_slave_0 removed
[ 89.561893][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 89.600463][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 89.824054][ T1094] bond0 (unregistering): Released all slaves
[ 89.892628][ T5879] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 89.902324][ T5879] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 89.993695][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0
[ 90.026407][ T5879] 8021q: adding VLAN 0 to HW filter on device team0
[ 90.042182][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.049381][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 90.071367][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.078490][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 90.286263][ T5084] Bluetooth: hci0: command tx timeout
[ 90.342864][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 90.400852][ T5879] veth0_vlan: entered promiscuous mode
[ 90.413720][ T5879] veth1_vlan: entered promiscuous mode
[ 90.439749][ T5879] veth0_macvtap: entered promiscuous mode
[ 90.450319][ T5879] veth1_macvtap: entered promiscuous mode
[ 90.467557][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 90.481483][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 90.492928][ T5879] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.501824][ T5879] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.511109][ T5879] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.519905][ T5879] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.617659][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.629880][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.675505][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.683720][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/08 16:32:25 executed programs: 2
[ 91.652530][ T12] ==================================================================
[ 91.660620][ T12] BUG: KASAN: slab-use-after-free in __lock_acquire+0x10d/0x7d40
[ 91.668337][ T12] Read of size 8 at addr ffff888026238f30 by task kworker/u4:1/12
[ 91.676129][ T12]
[ 91.678443][ T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Not tainted syzkaller #0
[ 91.685801][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 91.695846][ T12] Workqueue: kkcmd kcm_tx_work
[ 91.700611][ T12] Call Trace:
[ 91.703884][ T12]
[ 91.706814][ T12] dump_stack_lvl+0x18c/0x250
[ 91.711492][ T12] ? __lock_acquire+0x7d40/0x7d40
[ 91.716521][ T12] ? show_regs_print_info+0x20/0x20
[ 91.721717][ T12] ? load_image+0x400/0x400
[ 91.726218][ T12] ? __virt_addr_valid+0x469/0x540
[ 91.731344][ T12] print_report+0xa8/0x210
[ 91.735757][ T12] ? __lock_acquire+0x10d/0x7d40
[ 91.740687][ T12] kasan_report+0x117/0x150
[ 91.745187][ T12] ? __lock_acquire+0x10d/0x7d40
[ 91.750119][ T12] __lock_acquire+0x10d/0x7d40
[ 91.754880][ T12] ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 91.760864][ T12] ? lock_chain_count+0x20/0x20
[ 91.765726][ T12] ? lockdep_hardirqs_on+0x98/0x150
[ 91.770929][ T12] ? finish_task_switch+0x265/0x8f0
[ 91.776131][ T12] ? verify_lock_unused+0x140/0x140
[ 91.781334][ T12] ? __schedule+0x155b/0x45a0
[ 91.786024][ T12] lock_acquire+0x19e/0x420
[ 91.790530][ T12] ? __lock_sock+0x16a/0x2c0
[ 91.795127][ T12] ? asan.module_dtor+0x20/0x20
[ 91.799988][ T12] ? __local_bh_disable_ip+0x115/0x1a0
[ 91.805453][ T12] ? read_lock_is_recursive+0x20/0x20
[ 91.810839][ T12] ? kthread_data+0x4f/0xc0
[ 91.815347][ T12] ? kthread_data+0x4f/0xc0
[ 91.819850][ T12] ? __lock_sock+0x16a/0x2c0
[ 91.824447][ T12] _raw_spin_lock_bh+0x36/0x50
[ 91.829216][ T12] ? __lock_sock+0x16a/0x2c0
[ 91.833813][ T12] __lock_sock+0x16a/0x2c0
[ 91.838238][ T12] ? sk_stream_moderate_sndbuf+0x220/0x220
[ 91.844049][ T12] ? do_raw_spin_lock+0x11f/0x2c0
[ 91.849080][ T12] ? wake_bit_function+0x200/0x200
[ 91.854195][ T12] ? __rwlock_init+0x150/0x150
[ 91.858967][ T12] ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 91.864958][ T12] ? lock_sock_nested+0x6a/0x100
[ 91.869905][ T12] lock_sock_nested+0x9f/0x100
[ 91.874681][ T12] kcm_tx_work+0x31/0x180
[ 91.879023][ T12] ? process_scheduled_works+0x96f/0x15d0
[ 91.884750][ T12] process_scheduled_works+0xa5d/0x15d0
[ 91.890314][ T12] ? assign_work+0x430/0x430
[ 91.894913][ T12] ? assign_work+0x3d0/0x430
[ 91.899515][ T12] worker_thread+0xa55/0xfc0
[ 91.904127][ T12] kthread+0x2fa/0x390
[ 91.908205][ T12] ? pr_cont_work+0x560/0x560
[ 91.912888][ T12] ? kthread_blkcg+0xd0/0xd0
[ 91.917482][ T12] ret_from_fork+0x48/0x80
[ 91.921913][ T12] ? kthread_blkcg+0xd0/0xd0
[ 91.926510][ T12] ret_from_fork_asm+0x11/0x20
[ 91.931286][ T12]
[ 91.934307][ T12]
[ 91.936631][ T12] Allocated by task 5933:
[ 91.940956][ T12] kasan_set_track+0x4e/0x70
[ 91.945551][ T12] __kasan_slab_alloc+0x6c/0x80
[ 91.950405][ T12] slab_post_alloc_hook+0x6e/0x4b0
[ 91.955524][ T12] kmem_cache_alloc+0x11a/0x2d0
[ 91.960381][ T12] sk_prot_alloc+0x57/0x210
[ 91.964891][ T12] sk_alloc+0x3a/0x360
[ 91.968966][ T12] kcm_ioctl+0x213/0x1090
[ 91.973304][ T12] sock_do_ioctl+0xfc/0x310
[ 91.977810][ T12] sock_ioctl+0x5ba/0x7e0
[ 91.982138][ T12] __se_sys_ioctl+0xfd/0x170
[ 91.986733][ T12] do_syscall_64+0x55/0xa0
[ 91.991154][ T12] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 91.997048][ T12]
[ 91.999372][ T12] Freed by task 5934:
[ 92.003349][ T12] kasan_set_track+0x4e/0x70
[ 92.007944][ T12] kasan_save_free_info+0x2e/0x50
[ 92.012972][ T12] ____kasan_slab_free+0x126/0x1e0
[ 92.018087][ T12] slab_free_freelist_hook+0x130/0x1a0
[ 92.023549][ T12] kmem_cache_free+0xf8/0x270
[ 92.028231][ T12] __sk_destruct+0x4d1/0x660
[ 92.032826][ T12] kcm_release+0x524/0x5b0
[ 92.037248][ T12] sock_close+0xbd/0x230
[ 92.041491][ T12] __fput+0x234/0x970
[ 92.045486][ T12] __se_sys_close+0x15f/0x220
[ 92.050172][ T12] do_syscall_64+0x55/0xa0
[ 92.054595][ T12] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 92.060492][ T12]
[ 92.062821][ T12] Last potentially related work creation:
[ 92.068532][ T12] kasan_save_stack+0x3e/0x60
[ 92.073212][ T12] __kasan_record_aux_stack+0xaf/0xc0
[ 92.078593][ T12] insert_work+0x3d/0x310
[ 92.082925][ T12] __queue_work+0xc39/0x1020
[ 92.087520][ T12] queue_work_on+0x128/0x1f0
[ 92.092112][ T12] kcm_unattach+0x861/0xe80
[ 92.096627][ T12] kcm_ioctl+0x7c4/0x1090
[ 92.100962][ T12] sock_do_ioctl+0xfc/0x310
[ 92.105466][ T12] sock_ioctl+0x5ba/0x7e0
[ 92.109797][ T12] __se_sys_ioctl+0xfd/0x170
[ 92.114391][ T12] do_syscall_64+0x55/0xa0
[ 92.118814][ T12] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 92.124707][ T12]
[ 92.127030][ T12] Second to last potentially related work creation:
[ 92.133612][ T12] kasan_save_stack+0x3e/0x60
[ 92.138293][ T12] __kasan_record_aux_stack+0xaf/0xc0
[ 92.143668][ T12] insert_work+0x3d/0x310
[ 92.148003][ T12] __queue_work+0xc39/0x1020
[ 92.152596][ T12] queue_work_on+0x128/0x1f0
[ 92.157189][ T12] kcm_ioctl+0xee4/0x1090
[ 92.161524][ T12] sock_do_ioctl+0xfc/0x310
[ 92.166031][ T12] sock_ioctl+0x5ba/0x7e0
[ 92.170360][ T12] __se_sys_ioctl+0xfd/0x170
[ 92.174955][ T12] do_syscall_64+0x55/0xa0
[ 92.179380][ T12] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 92.185315][ T12]
[ 92.187640][ T12] The buggy address belongs to the object at ffff888026238e80
[ 92.187640][ T12] which belongs to the cache KCM of size 1728
[ 92.201084][ T12] The buggy address is located 176 bytes inside of
[ 92.201084][ T12] freed 1728-byte region [ffff888026238e80, ffff888026239540)
[ 92.214983][ T12]
[ 92.217320][ T12] The buggy address belongs to the physical page:
[ 92.223732][ T12] page:ffffea0000988e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26238
[ 92.233890][ T12] head:ffffea0000988e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 92.242829][ T12] memcg:ffff888077874301
[ 92.247070][ T12] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 92.255050][ T12] page_type: 0xffffffff()
[ 92.259389][ T12] raw: 00fff00000000840 ffff88814c008a00 dead000000000122 0000000000000000
[ 92.267978][ T12] raw: 0000000000000000 0000000080110011 00000001ffffffff ffff888077874301
[ 92.276560][ T12] page dumped because: kasan: bad access detected
[ 92.282972][ T12] page_owner tracks the page as allocated
[ 92.288689][ T12] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5929, tgid 5927 (syz.0.17), ts 90801553628, free_ts 89305430821
[ 92.311097][ T12] post_alloc_hook+0x1c1/0x200
[ 92.315874][ T12] get_page_from_freelist+0x1951/0x19e0
[ 92.321424][ T12] __alloc_pages+0x1f0/0x460
[ 92.326021][ T12] alloc_slab_page+0x5d/0x160
[ 92.330701][ T12] new_slab+0x87/0x2d0
[ 92.334776][ T12] ___slab_alloc+0xc5d/0x12f0
[ 92.339462][ T12] kmem_cache_alloc+0x1b3/0x2d0
[ 92.344326][ T12] sk_prot_alloc+0x57/0x210
[ 92.348833][ T12] sk_alloc+0x3a/0x360
[ 92.352904][ T12] kcm_ioctl+0x213/0x1090
[ 92.357242][ T12] sock_do_ioctl+0xfc/0x310
[ 92.361747][ T12] sock_ioctl+0x5ba/0x7e0
[ 92.366080][ T12] __se_sys_ioctl+0xfd/0x170
[ 92.370678][ T12] do_syscall_64+0x55/0xa0
[ 92.375102][ T12] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 92.381001][ T12] page last free stack trace:
[ 92.385675][ T12] free_unref_page_prepare+0x7b2/0x8c0
[ 92.391143][ T12] free_unref_page+0x32/0x2e0
[ 92.395826][ T12] __unfreeze_partials+0x1cf/0x210
[ 92.400938][ T12] put_cpu_partial+0x17c/0x250
[ 92.405704][ T12] __slab_free+0x319/0x400
[ 92.410123][ T12] qlist_free_all+0x75/0xd0
[ 92.414633][ T12] kasan_quarantine_reduce+0x143/0x160
[ 92.420100][ T12] __kasan_slab_alloc+0x22/0x80
[ 92.424952][ T12] slab_post_alloc_hook+0x6e/0x4b0
[ 92.430076][ T12] __kmem_cache_alloc_node+0x13a/0x250
[ 92.435540][ T12] kmalloc_trace+0x2a/0xe0
[ 92.439963][ T12] netdevice_event+0x3cc/0x8e0
[ 92.444733][ T12] notifier_call_chain+0x197/0x380
[ 92.449850][ T12] unregister_netdevice_many_notify+0x100d/0x1900
[ 92.456275][ T12] default_device_exit_batch+0x9ee/0xa80
[ 92.461913][ T12] cleanup_net+0x795/0xbb0
[ 92.466342][ T12]
[ 92.468666][ T12] Memory state around the buggy address:
[ 92.474292][ T12] ffff888026238e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 92.482357][ T12] ffff888026238e80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 92.490421][ T12] >ffff888026238f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 92.498478][ T12] ^
[ 92.504106][ T12] ffff888026238f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 92.512166][ T12] ffff888026239000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 92.520223][ T12] ==================================================================
[ 92.528283][ T12] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 92.535478][ T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Not tainted syzkaller #0
[ 92.542849][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 92.552907][ T12] Workqueue: kkcmd kcm_tx_work
[ 92.557690][ T12] Call Trace:
[ 92.560971][ T12]
[ 92.563905][ T12] dump_stack_lvl+0x18c/0x250
[ 92.568596][ T12] ? show_regs_print_info+0x20/0x20
[ 92.573800][ T12] ? load_image+0x400/0x400
[ 92.578336][ T12] panic+0x2dc/0x730
[ 92.582239][ T12] ? bpf_jit_dump+0xd0/0xd0
[ 92.586749][ T12] ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 92.592645][ T12] ? _raw_spin_unlock+0x40/0x40
[ 92.597501][ T12] ? print_memory_metadata+0x314/0x400
[ 92.602967][ T12] ? __lock_acquire+0x10d/0x7d40
[ 92.607912][ T12] check_panic_on_warn+0x84/0xa0
[ 92.612856][ T12] ? __lock_acquire+0x10d/0x7d40
[ 92.617797][ T12] end_report+0x6f/0x130
[ 92.622048][ T12] kasan_report+0x128/0x150
[ 92.626558][ T12] ? __lock_acquire+0x10d/0x7d40
[ 92.631505][ T12] __lock_acquire+0x10d/0x7d40
[ 92.636275][ T12] ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 92.642264][ T12] ? lock_chain_count+0x20/0x20
[ 92.647128][ T12] ? lockdep_hardirqs_on+0x98/0x150
[ 92.652334][ T12] ? finish_task_switch+0x265/0x8f0
[ 92.657537][ T12] ? verify_lock_unused+0x140/0x140
[ 92.662743][ T12] ? __schedule+0x155b/0x45a0
[ 92.667443][ T12] lock_acquire+0x19e/0x420
[ 92.671952][ T12] ? __lock_sock+0x16a/0x2c0
[ 92.676553][ T12] ? asan.module_dtor+0x20/0x20
[ 92.681412][ T12] ? __local_bh_disable_ip+0x115/0x1a0
[ 92.686877][ T12] ? read_lock_is_recursive+0x20/0x20
[ 92.692258][ T12] ? kthread_data+0x4f/0xc0
[ 92.696773][ T12] ? kthread_data+0x4f/0xc0
[ 92.701280][ T12] ? __lock_sock+0x16a/0x2c0
[ 92.705882][ T12] _raw_spin_lock_bh+0x36/0x50
[ 92.710652][ T12] ? __lock_sock+0x16a/0x2c0
[ 92.715247][ T12] __lock_sock+0x16a/0x2c0
[ 92.719674][ T12] ? sk_stream_moderate_sndbuf+0x220/0x220
[ 92.725489][ T12] ? do_raw_spin_lock+0x11f/0x2c0
[ 92.730521][ T12] ? wake_bit_function+0x200/0x200
[ 92.735638][ T12] ? __rwlock_init+0x150/0x150
[ 92.740415][ T12] ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 92.746399][ T12] ? lock_sock_nested+0x6a/0x100
[ 92.751343][ T12] lock_sock_nested+0x9f/0x100
[ 92.756118][ T12] kcm_tx_work+0x31/0x180
[ 92.760462][ T12] ? process_scheduled_works+0x96f/0x15d0
[ 92.766186][ T12] process_scheduled_works+0xa5d/0x15d0
[ 92.771762][ T12] ? assign_work+0x430/0x430
[ 92.776360][ T12] ? assign_work+0x3d0/0x430
[ 92.780962][ T12] worker_thread+0xa55/0xfc0
[ 92.785569][ T12] kthread+0x2fa/0x390
[ 92.789646][ T12] ? pr_cont_work+0x560/0x560
[ 92.794335][ T12] ? kthread_blkcg+0xd0/0xd0
[ 92.798929][ T12] ret_from_fork+0x48/0x80
[ 92.803349][ T12] ? kthread_blkcg+0xd0/0xd0
[ 92.807941][ T12] ret_from_fork_asm+0x11/0x20
[ 92.812723][ T12]
[ 92.816056][ T12] Kernel Offset: disabled
[ 92.820374][ T12] Rebooting in 86400 seconds..