Warning: Permanently added '10.128.1.132' (ED25519) to the list of known hosts.
2026/04/21 12:00:48 parsed 1 programs
[   92.427651][   T24] cfg80211: failed to load regulatory.db
[   94.654804][ T5845] cgroup: Unknown subsys name 'net'
[   94.768069][ T5845] cgroup: Unknown subsys name 'cpuset'
[   94.777561][ T5845] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   96.636240][ T5845] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   99.808509][ T5862] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  100.559604][   T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  100.570472][   T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  100.579188][   T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  100.588205][   T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  100.596571][   T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  101.976894][ T5900] chnl_net:caif_netlink_parms(): no params data found
[  102.094367][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.102912][ T5900] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.110359][ T5900] bridge_slave_0: entered allmulticast mode
[  102.117800][ T5900] bridge_slave_0: entered promiscuous mode
[  102.128091][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.135522][ T5900] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.142727][ T5900] bridge_slave_1: entered allmulticast mode
[  102.150644][ T5900] bridge_slave_1: entered promiscuous mode
[  102.180360][ T5900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.192166][ T5900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.220483][ T5900] team0: Port device team_slave_0 added
[  102.228174][ T5900] team0: Port device team_slave_1 added
[  102.252115][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.259209][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.285404][ T5900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.298635][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.306040][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.332358][ T5900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.374981][ T5900] hsr_slave_0: entered promiscuous mode
[  102.381609][ T5900] hsr_slave_1: entered promiscuous mode
[  102.535676][ T5900] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.548418][ T5900] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  102.557254][ T5900] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.567606][ T5900] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  102.575676][ T5900] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.587648][ T5900] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  102.597963][ T5900] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  102.607506][ T5900] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  102.639661][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.647312][ T5900] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.655343][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.662522][ T5900] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.727651][ T5900] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.750874][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.759438][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.775722][ T5900] 8021q: adding VLAN 0 to HW filter on device team0
[  102.790332][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.797684][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.812897][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.820265][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.016764][ T5900] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.077001][ T5900] veth0_vlan: entered promiscuous mode
[  103.091900][ T5900] veth1_vlan: entered promiscuous mode
[  103.125299][ T5900] veth0_macvtap: entered promiscuous mode
[  103.136727][ T5900] veth1_macvtap: entered promiscuous mode
[  103.156119][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.174035][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.191462][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.201426][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.216875][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.232572][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.412739][   T82] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.478308][   T82] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.552534][   T82] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.640063][   T82] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.771934][ T1124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.780482][ T1124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.820397][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.828898][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/21 12:01:02 executed programs: 0
[  105.578821][ T5163] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  105.589887][ T5163] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  105.598977][ T5163] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  105.608235][ T5163] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  105.616380][ T5163] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.764661][ T5958] chnl_net:caif_netlink_parms(): no params data found
[  105.844040][ T5958] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.851268][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.858818][ T5958] bridge_slave_0: entered allmulticast mode
[  105.866262][ T5958] bridge_slave_0: entered promiscuous mode
[  105.874972][ T5958] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.882436][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.889748][ T5958] bridge_slave_1: entered allmulticast mode
[  105.897032][ T5958] bridge_slave_1: entered promiscuous mode
[  105.926647][ T5958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.939281][ T5958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.970585][ T5958] team0: Port device team_slave_0 added
[  105.978404][ T5958] team0: Port device team_slave_1 added
[  106.004567][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.011570][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.038523][ T5958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.051940][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.059254][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.085712][ T5958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.132429][ T5958] hsr_slave_0: entered promiscuous mode
[  106.139550][ T5958] hsr_slave_1: entered promiscuous mode
[  106.146148][ T5958] debugfs: 'hsr0' already exists in 'hsr'
[  106.152002][ T5958] Cannot create hsr debugfs directory
[  106.561463][   T82] bridge_slave_1: left allmulticast mode
[  106.567768][   T82] bridge_slave_1: left promiscuous mode
[  106.575372][   T82] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.589544][   T82] bridge_slave_0: left allmulticast mode
[  106.596364][   T82] bridge_slave_0: left promiscuous mode
[  106.602085][   T82] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.768753][   T82] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.780647][   T82] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.790939][   T82] bond0 (unregistering): Released all slaves
[  106.923014][   T82] hsr_slave_0: left promiscuous mode
[  106.934980][   T82] hsr_slave_1: left promiscuous mode
[  106.946287][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.954270][   T82] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.963327][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.973838][   T82] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.993798][   T82] veth1_macvtap: left promiscuous mode
[  107.000333][   T82] veth0_macvtap: left promiscuous mode
[  107.006973][   T82] veth1_vlan: left promiscuous mode
[  107.012500][   T82] veth0_vlan: left promiscuous mode
[  107.407482][   T82] team0 (unregistering): Port device team_slave_1 removed
[  107.439179][   T82] team0 (unregistering): Port device team_slave_0 removed
[  107.616152][ T5507] 8021q: adding VLAN 0 to HW filter on device eth1
[  107.705761][   T50] Bluetooth: hci0: command tx timeout
[  107.957360][ T5958] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.975844][ T5958] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  107.992082][ T5958] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.007777][ T5958] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  108.015956][ T5958] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.034366][ T5958] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  108.042724][ T5958] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.055576][ T5958] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  108.677058][ T5958] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.722921][ T5958] 8021q: adding VLAN 0 to HW filter on device team0
[  108.739877][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.747314][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.779373][  T139] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.786645][  T139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.258104][ T5958] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.300601][ T5958] veth0_vlan: entered promiscuous mode
[  109.318367][ T5958] veth1_vlan: entered promiscuous mode
[  109.347658][ T5958] veth0_macvtap: entered promiscuous mode
[  109.359283][ T5958] veth1_macvtap: entered promiscuous mode
[  109.376126][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.393143][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.409426][ T1124] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.419441][ T1124] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.430309][ T1124] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.442422][ T1124] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.516631][ T1124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.527262][ T1124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.559449][ T1124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.568196][ T1124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.666707][ T6005] ==================================================================
[  109.674856][ T6005] BUG: KASAN: slab-out-of-bounds in cache_seq_start_rcu+0x3fe/0x420
[  109.682875][ T6005] Read of size 8 at addr ffff888032101800 by task syz.0.17/6005
[  109.690598][ T6005] 
[  109.692926][ T6005] CPU: 1 UID: 0 PID: 6005 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  109.692947][ T6005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  109.692957][ T6005] Call Trace:
[  109.692964][ T6005]  <TASK>
[  109.692971][ T6005]  dump_stack_lvl+0x100/0x190
[  109.692992][ T6005]  print_report+0x13d/0x4b0
[  109.693017][ T6005]  ? __virt_addr_valid+0x239/0x430
[  109.693044][ T6005]  ? cache_seq_start_rcu+0x3fe/0x420
[  109.693060][ T6005]  kasan_report+0xdf/0x1d0
[  109.693079][ T6005]  ? cache_seq_start_rcu+0x3fe/0x420
[  109.693097][ T6005]  cache_seq_start_rcu+0x3fe/0x420
[  109.693115][ T6005]  seq_read_iter+0x2c1/0x1270
[  109.693136][ T6005]  seq_read+0x33b/0x4c0
[  109.693153][ T6005]  ? __pfx_seq_read+0x10/0x10
[  109.693171][ T6005]  ? futex_hash+0x141/0x370
[  109.693200][ T6005]  ? __pfx_seq_read+0x10/0x10
[  109.693216][ T6005]  proc_reg_read+0x240/0x330
[  109.693234][ T6005]  ? __pfx_proc_reg_read+0x10/0x10
[  109.693259][ T6005]  vfs_read+0x1e4/0xb30
[  109.693278][ T6005]  ? __pfx_vfs_read+0x10/0x10
[  109.693295][ T6005]  ? do_futex+0x192/0x350
[  109.693311][ T6005]  ? __pfx_do_futex+0x10/0x10
[  109.693327][ T6005]  ? find_held_lock+0x2b/0x80
[  109.693349][ T6005]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  109.693368][ T6005]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  109.693388][ T6005]  ? __x64_sys_futex+0x34f/0x4d0
[  109.693405][ T6005]  ? __x64_sys_futex+0x358/0x4d0
[  109.693423][ T6005]  __x64_sys_pread64+0x1eb/0x250
[  109.693443][ T6005]  ? __pfx___x64_sys_pread64+0x10/0x10
[  109.693463][ T6005]  ? rcu_is_watching+0x12/0xc0
[  109.693483][ T6005]  do_syscall_64+0x10b/0xf80
[  109.693506][ T6005]  ? clear_bhb_loop+0x40/0x90
[  109.693525][ T6005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.693542][ T6005] RIP: 0033:0x7f203139c819
[  109.693556][ T6005] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  109.693574][ T6005] RSP: 002b:00007fffbbaf1e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  109.693591][ T6005] RAX: ffffffffffffffda RBX: 00007f2031615fa0 RCX: 00007f203139c819
[  109.693602][ T6005] RDX: 0000000000000566 RSI: 0000000000000000 RDI: 0000000000000003
[  109.693612][ T6005] RBP: 00007f2031432c91 R08: 0000000000000000 R09: 0000000000000000
[  109.693622][ T6005] R10: 0000000080000002 R11: 0000000000000246 R12: 0000000000000000
[  109.693632][ T6005] R13: 00007f2031615fac R14: 00007f2031615fa0 R15: 00007f2031615fa0
[  109.693648][ T6005]  </TASK>
[  109.693653][ T6005] 
[  109.939920][ T6005] Allocated by task 5958:
[  109.944259][ T6005]  kasan_save_stack+0x30/0x50
[  109.948955][ T6005]  kasan_save_track+0x14/0x30
[  109.953644][ T6005]  __kasan_kmalloc+0xaa/0xb0
[  109.958262][ T6005]  __kmalloc_noprof+0x301/0x850
[  109.963143][ T6005]  cache_create_net+0xa2/0x1f0
[  109.967952][ T6005]  nfsd_export_init+0x62/0x250
[  109.972740][ T6005]  nfsd_net_init+0x69/0x3e0
[  109.977262][ T6005]  ops_init+0x1e2/0x5f0
[  109.981452][ T6005]  setup_net+0x118/0x3a0
[  109.985805][ T6005]  copy_net_ns+0x46f/0x7c0
[  109.990234][ T6005]  create_new_namespaces+0x3ea/0xac0
[  109.995628][ T6005]  unshare_nsproxy_namespaces+0xf2/0x220
[  110.001367][ T6005]  ksys_unshare+0x438/0xab0
[  110.005912][ T6005]  __x64_sys_unshare+0x31/0x40
[  110.010707][ T6005]  do_syscall_64+0x10b/0xf80
[  110.015404][ T6005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.021316][ T6005] 
[  110.023655][ T6005] The buggy address belongs to the object at ffff888032101000
[  110.023655][ T6005]  which belongs to the cache kmalloc-2k of size 2048
[  110.037817][ T6005] The buggy address is located 0 bytes to the right of
[  110.037817][ T6005]  allocated 2048-byte region [ffff888032101000, ffff888032101800)
[  110.052667][ T6005] 
[  110.055001][ T6005] The buggy address belongs to the physical page:
[  110.061416][ T6005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x32100
[  110.070185][ T6005] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  110.078701][ T6005] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  110.086525][ T6005] page_type: f5(slab)
[  110.090538][ T6005] raw: 00fff00000000040 ffff88813fe86000 dead000000000100 dead000000000122
[  110.099153][ T6005] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  110.108546][ T6005] head: 00fff00000000040 ffff88813fe86000 dead000000000100 dead000000000122
[  110.117235][ T6005] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  110.125918][ T6005] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  110.134605][ T6005] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  110.143543][ T6005] page dumped because: kasan: bad access detected
[  110.150396][ T6005] page_owner tracks the page as allocated
[  110.156288][ T6005] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5958, tgid 5958 (syz-executor), ts 105642349994, free_ts 66007171474
[  110.177881][ T6005]  post_alloc_hook+0x153/0x170
[  110.182672][ T6005]  get_page_from_freelist+0x11a6/0x33b0
[  110.188237][ T6005]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  110.194232][ T6005]  new_slab+0xa6/0x6c0
[  110.198343][ T6005]  refill_objects+0x277/0x420
[  110.203038][ T6005]  __pcs_replace_empty_main+0x375/0x650
[  110.209045][ T6005]  __kmalloc_noprof+0x688/0x850
[  110.213922][ T6005]  cache_create_net+0xa2/0x1f0
[  110.218708][ T6005]  nfsd_export_init+0x62/0x250
[  110.223499][ T6005]  nfsd_net_init+0x69/0x3e0
[  110.228028][ T6005]  ops_init+0x1e2/0x5f0
[  110.232224][ T6005]  setup_net+0x118/0x3a0
[  110.236515][ T6005]  copy_net_ns+0x46f/0x7c0
[  110.240958][ T6005]  create_new_namespaces+0x3ea/0xac0
[  110.246265][ T6005]  unshare_nsproxy_namespaces+0xf2/0x220
[  110.252104][ T6005]  ksys_unshare+0x438/0xab0
[  110.256629][ T6005] page last free pid 5507 tgid 5507 stack trace:
[  110.262957][ T6005]  __free_frozen_pages+0x747/0x1040
[  110.268172][ T6005]  qlist_free_all+0x47/0xf0
[  110.272723][ T6005]  kasan_quarantine_reduce+0x1a0/0x1f0
[  110.278217][ T6005]  __kasan_slab_alloc+0x69/0x90
[  110.283082][ T6005]  kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  110.289008][ T6005]  __alloc_skb+0x140/0x710
[  110.293441][ T6005]  alloc_skb_with_frags+0xdd/0x760
[  110.298566][ T6005]  sock_alloc_send_pskb+0x801/0x980
[  110.303782][ T6005]  unix_dgram_sendmsg+0x3c7/0x1810
[  110.308915][ T6005]  __sys_sendto+0x468/0x4b0
[  110.313538][ T6005]  __x64_sys_sendto+0xe0/0x1c0
[  110.318319][ T6005]  do_syscall_64+0x10b/0xf80
[  110.323019][ T6005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.328927][ T6005] 
[  110.331262][ T6005] Memory state around the buggy address:
[  110.336912][ T6005]  ffff888032101700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  110.344985][ T6005]  ffff888032101780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  110.353403][ T6005] >ffff888032101800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  110.361782][ T6005]                    ^
[  110.365928][ T6005]  ffff888032101880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  110.373996][ T6005]  ffff888032101900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  110.382084][ T6005] ==================================================================
[  110.391437][   T50] Bluetooth: hci0: command tx timeout
[  110.405325][ T6005] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  110.412698][ T6005] CPU: 1 UID: 0 PID: 6005 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  110.422030][ T6005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  110.432277][ T6005] Call Trace:
[  110.435588][ T6005]  <TASK>
[  110.438619][ T6005]  dump_stack_lvl+0x100/0x190
[  110.443408][ T6005]  vpanic+0x552/0x970
[  110.447498][ T6005]  ? __pfx_vpanic+0x10/0x10
[  110.452017][ T6005]  ? cache_seq_start_rcu+0x3fe/0x420
[  110.457322][ T6005]  panic+0xd1/0xe0
[  110.461074][ T6005]  ? __pfx_panic+0x10/0x10
[  110.465679][ T6005]  ? cache_seq_start_rcu+0x3fe/0x420
[  110.471000][ T6005]  ? preempt_schedule_common+0x42/0xc0
[  110.476660][ T6005]  ? check_panic_on_warn+0x1f/0x90
[  110.481892][ T6005]  check_panic_on_warn.cold+0x19/0x34
[  110.487921][ T6005]  end_report.part.0+0x3a/0x90
[  110.492838][ T6005]  kasan_report.cold+0xe/0x18
[  110.497543][ T6005]  ? cache_seq_start_rcu+0x3fe/0x420
[  110.502875][ T6005]  cache_seq_start_rcu+0x3fe/0x420
[  110.508006][ T6005]  seq_read_iter+0x2c1/0x1270
[  110.512715][ T6005]  seq_read+0x33b/0x4c0
[  110.516971][ T6005]  ? __pfx_seq_read+0x10/0x10
[  110.521665][ T6005]  ? futex_hash+0x141/0x370
[  110.526809][ T6005]  ? __pfx_seq_read+0x10/0x10
[  110.531513][ T6005]  proc_reg_read+0x240/0x330
[  110.536206][ T6005]  ? __pfx_proc_reg_read+0x10/0x10
[  110.541436][ T6005]  vfs_read+0x1e4/0xb30
[  110.545725][ T6005]  ? __pfx_vfs_read+0x10/0x10
[  110.550516][ T6005]  ? do_futex+0x192/0x350
[  110.554865][ T6005]  ? __pfx_do_futex+0x10/0x10
[  110.559555][ T6005]  ? find_held_lock+0x2b/0x80
[  110.564256][ T6005]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  110.570715][ T6005]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  110.577156][ T6005]  ? __x64_sys_futex+0x34f/0x4d0
[  110.582201][ T6005]  ? __x64_sys_futex+0x358/0x4d0
[  110.587169][ T6005]  __x64_sys_pread64+0x1eb/0x250
[  110.592320][ T6005]  ? __pfx___x64_sys_pread64+0x10/0x10
[  110.598032][ T6005]  ? rcu_is_watching+0x12/0xc0
[  110.602829][ T6005]  do_syscall_64+0x10b/0xf80
[  110.607445][ T6005]  ? clear_bhb_loop+0x40/0x90
[  110.612146][ T6005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.618053][ T6005] RIP: 0033:0x7f203139c819
[  110.622484][ T6005] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  110.642376][ T6005] RSP: 002b:00007fffbbaf1e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  110.650804][ T6005] RAX: ffffffffffffffda RBX: 00007f2031615fa0 RCX: 00007f203139c819
[  110.658883][ T6005] RDX: 0000000000000566 RSI: 0000000000000000 RDI: 0000000000000003
[  110.666871][ T6005] RBP: 00007f2031432c91 R08: 0000000000000000 R09: 0000000000000000
[  110.674953][ T6005] R10: 0000000080000002 R11: 0000000000000246 R12: 0000000000000000
[  110.683022][ T6005] R13: 00007f2031615fac R14: 00007f2031615fa0 R15: 00007f2031615fa0
[  110.691708][ T6005]  </TASK>
[  110.695136][ T6005] Kernel Offset: disabled
[  110.699462][ T6005] Rebooting in 86400 seconds..