Warning: Permanently added '10.128.1.195' (ED25519) to the list of known hosts. 2026/04/02 07:35:11 parsed 1 programs [ 84.047649][ T5775] cgroup: Unknown subsys name 'net' [ 84.178744][ T5775] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.888701][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.245012][ T8] cfg80211: failed to load regulatory.db [ 89.222926][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.232876][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.242147][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.250951][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.264669][ T5827] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 89.272143][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.580936][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.589244][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.637275][ T2927] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.645203][ T2927] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.885711][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 90.954524][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.962712][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.969876][ T5854] bridge_slave_0: entered allmulticast mode [ 90.976864][ T5854] bridge_slave_0: entered promiscuous mode [ 90.986306][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.993787][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.001068][ T5854] bridge_slave_1: entered allmulticast mode [ 91.007949][ T5854] bridge_slave_1: entered promiscuous mode [ 91.043522][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.055183][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.081967][ T5854] team0: Port device team_slave_0 added [ 91.090054][ T5854] team0: Port device team_slave_1 added [ 91.124974][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.132570][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.158826][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.171933][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.178917][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.205257][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.253605][ T5854] hsr_slave_0: entered promiscuous mode [ 91.260598][ T5854] hsr_slave_1: entered promiscuous mode [ 91.440662][ T5854] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.453248][ T5854] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.467349][ T5854] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.482153][ T5854] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.529655][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.537426][ T5854] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.545569][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.552707][ T5854] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.638630][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.673937][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.684069][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.699384][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.715105][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.722526][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.743817][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.751154][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.816232][ T5854] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.997752][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.042479][ T5854] veth0_vlan: entered promiscuous mode [ 92.054636][ T5854] veth1_vlan: entered promiscuous mode [ 92.092844][ T5854] veth0_macvtap: entered promiscuous mode [ 92.103882][ T5854] veth1_macvtap: entered promiscuous mode [ 92.119686][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.136424][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.156213][ T5854] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.166642][ T5854] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.177270][ T5854] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.186506][ T5854] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.738852][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2026/04/02 07:35:22 executed programs: 0 [ 93.264250][ T5083] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.274033][ T5083] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.282644][ T5083] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.292061][ T5083] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.300013][ T5083] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 93.307675][ T5083] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.440129][ T5879] chnl_net:caif_netlink_parms(): no params data found [ 93.506882][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.514110][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.521976][ T5879] bridge_slave_0: entered allmulticast mode [ 93.528954][ T5879] bridge_slave_0: entered promiscuous mode [ 93.537720][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.545166][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.552561][ T5879] bridge_slave_1: entered allmulticast mode [ 93.559466][ T5879] bridge_slave_1: entered promiscuous mode [ 93.589519][ T5879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.602810][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.639527][ T5879] team0: Port device team_slave_0 added [ 93.651652][ T5879] team0: Port device team_slave_1 added [ 93.674998][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.682550][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.710311][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.722524][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.729514][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.757768][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.805070][ T5879] hsr_slave_0: entered promiscuous mode [ 93.812306][ T5879] hsr_slave_1: entered promiscuous mode [ 93.818467][ T5879] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.826392][ T5879] Cannot create hsr debugfs directory [ 94.856179][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.322182][ T5827] Bluetooth: hci0: command tx timeout [ 97.074642][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.145931][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.409289][ T5827] Bluetooth: hci0: command tx timeout [ 98.036203][ T5879] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.048420][ T5879] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.063533][ T5879] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.079918][ T5879] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.102392][ T12] hsr_slave_0: left promiscuous mode [ 98.109193][ T12] hsr_slave_1: left promiscuous mode [ 98.118970][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.127079][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.138740][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.148002][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.161083][ T12] bridge_slave_1: left allmulticast mode [ 98.166936][ T12] bridge_slave_1: left promiscuous mode [ 98.176620][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.190228][ T12] bridge_slave_0: left allmulticast mode [ 98.200110][ T12] bridge_slave_0: left promiscuous mode [ 98.219104][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.254092][ T12] veth1_macvtap: left promiscuous mode [ 98.260147][ T12] veth0_macvtap: left promiscuous mode [ 98.268062][ T12] veth1_vlan: left promiscuous mode [ 98.274913][ T12] veth0_vlan: left promiscuous mode [ 98.715271][ T12] team0 (unregistering): Port device team_slave_1 removed [ 98.748804][ T12] team0 (unregistering): Port device team_slave_0 removed [ 98.785675][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 98.824040][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 99.072007][ T12] bond0 (unregistering): Released all slaves [ 99.211690][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.247283][ T5879] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.260345][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.267572][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.305044][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.312235][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.481281][ T5827] Bluetooth: hci0: command tx timeout [ 99.563388][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.609969][ T5879] veth0_vlan: entered promiscuous mode [ 99.632068][ T5879] veth1_vlan: entered promiscuous mode [ 99.659782][ T5879] veth0_macvtap: entered promiscuous mode [ 99.668947][ T5879] veth1_macvtap: entered promiscuous mode [ 99.697965][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.713618][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.725772][ T5879] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.737772][ T5879] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.746997][ T5879] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.756224][ T5879] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.844902][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.856673][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.894728][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.903316][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.996262][ C1] ================================================================== [ 99.996275][ C1] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6bf/0x900 [ 99.996303][ C1] Write of size 56 at addr ffff888076145710 by task syz.0.17/5924 [ 99.996317][ C1] [ 99.996322][ C1] CPU: 1 PID: 5924 Comm: syz.0.17 Not tainted syzkaller #0 [ 99.996337][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 99.996344][ C1] Call Trace: [ 99.996350][ C1] <#DB> [ 99.996357][ C1] dump_stack_lvl+0x18c/0x250 [ 99.996381][ C1] ? __lock_acquire+0x7d40/0x7d40 [ 99.996400][ C1] ? show_regs_print_info+0x20/0x20 [ 99.996422][ C1] ? load_image+0x400/0x400 [ 99.996451][ C1] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 99.996473][ C1] ? __virt_addr_valid+0x18c/0x540 [ 99.996494][ C1] ? __virt_addr_valid+0x469/0x540 [ 99.996516][ C1] print_report+0xa8/0x210 [ 99.996538][ C1] ? __bpf_get_stackid+0x6bf/0x900 [ 99.996558][ C1] kasan_report+0x117/0x150 [ 99.996579][ C1] ? __bpf_get_stackid+0x6bf/0x900 [ 99.996602][ C1] kasan_check_range+0x241/0x290 [ 99.996622][ C1] ? __bpf_get_stackid+0x6bf/0x900 [ 99.996642][ C1] __asan_memcpy+0x40/0x70 [ 99.996664][ C1] __bpf_get_stackid+0x6bf/0x900 [ 99.996689][ C1] bpf_get_stackid_pe+0x343/0x410 [ 99.996713][ C1] bpf_prog_a82986b851e905af+0x30/0x42 [ 99.996733][ C1] bpf_overflow_handler+0x1fc/0x510 [ 99.996759][ C1] ? bpf_overflow_handler+0xde/0x510 [ 99.996780][ C1] ? tp_perf_event_destroy+0x20/0x20 [ 99.996806][ C1] ? __perf_event_account_interrupt+0x187/0x280 [ 99.996827][ C1] __perf_event_overflow+0x447/0x630 [ 99.996851][ C1] perf_swevent_event+0x319/0x570 [ 99.996872][ C1] ? perf_tp_event+0x1520/0x1520 [ 99.996897][ C1] perf_bp_event+0x319/0x430 [ 99.996919][ C1] ? perf_event_free_bpf_prog+0x120/0x120 [ 99.996954][ C1] ? lock_acquire+0x2c2/0x420 [ 99.996977][ C1] hw_breakpoint_exceptions_notify+0x23e/0x670 [ 99.997002][ C1] notifier_call_chain+0x197/0x380 [ 99.997024][ C1] ? atomic_notifier_call_chain+0x26/0x180 [ 99.997046][ C1] atomic_notifier_call_chain+0xda/0x180 [ 99.997068][ C1] notify_die+0x145/0x1a0 [ 99.997091][ C1] ? srcu_init_notifier_head+0x90/0x90 [ 99.997116][ C1] ? rcu_is_watching+0x15/0xb0 [ 99.997140][ C1] notify_debug+0x2e/0x50 [ 99.997156][ C1] exc_debug+0xde/0x140 [ 99.997174][ C1] asm_exc_debug+0x1e/0x40 [ 99.997193][ C1] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 99.997213][ C1] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01 [ 99.997227][ C1] RSP: 0018:ffffc900032f7d50 EFLAGS: 00050202 [ 99.997244][ C1] RAX: ffffffff842a1401 RBX: 0000000000000050 RCX: 000000000000000f [ 99.997257][ C1] RDX: 0000000000000001 RSI: 0000200000000301 RDI: ffffc900032f7e01 [ 99.997269][ C1] RBP: ffffc900032f7ee8 R08: ffffc900032f7e0f R09: 1ffff9200065efc1 [ 99.997281][ C1] R10: dffffc0000000000 R11: fffff5200065efc2 R12: 0000200000000310 [ 99.997293][ C1] R13: 0000000000000050 R14: ffffc900032f7dc0 R15: 00002000000002c0 [ 99.997308][ C1] ? _copy_from_user+0x11/0xe0 [ 99.997333][ C1] [ 99.997338][ C1] [ 99.997343][ C1] _copy_from_user+0x8b/0xe0 [ 99.997364][ C1] __sys_bpf+0x23e/0x890 [ 99.997384][ C1] ? bpf_link_show_fdinfo+0x390/0x390 [ 99.997402][ C1] ? atomic_notifier_call_chain+0x26/0x180 [ 99.997430][ C1] ? lock_chain_count+0x20/0x20 [ 99.997464][ C1] __x64_sys_bpf+0x7c/0x90 [ 99.997482][ C1] do_syscall_64+0x55/0xa0 [ 99.997504][ C1] ? clear_bhb_loop+0x40/0x90 [ 99.997523][ C1] ? clear_bhb_loop+0x40/0x90 [ 99.997542][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 99.997561][ C1] RIP: 0033:0x7fee1479c819 [ 99.997575][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 99.997588][ C1] RSP: 002b:00007ffedea8f9e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 99.997606][ C1] RAX: ffffffffffffffda RBX: 00007fee14a15fa0 RCX: 00007fee1479c819 [ 99.997618][ C1] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000001c [ 99.997629][ C1] RBP: 00007fee14832c91 R08: 0000000000000000 R09: 0000000000000000 [ 99.997638][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.997648][ C1] R13: 00007fee14a15fac R14: 00007fee14a15fa0 R15: 00007fee14a15fa0 [ 99.997669][ C1] [ 99.997674][ C1] [ 99.997677][ C1] Allocated by task 5924: [ 99.997684][ C1] kasan_set_track+0x4e/0x70 [ 99.997700][ C1] __kasan_kmalloc+0x8f/0xa0 [ 99.997716][ C1] __kmalloc_node+0xb4/0x230 [ 99.997736][ C1] bpf_map_area_alloc+0x5e/0x110 [ 99.997756][ C1] prealloc_elems_and_freelist+0x86/0x1c0 [ 99.997775][ C1] stack_map_alloc+0x33a/0x4c0 [ 99.997790][ C1] map_create+0x877/0x12f0 [ 99.997804][ C1] __sys_bpf+0x651/0x890 [ 99.997818][ C1] __x64_sys_bpf+0x7c/0x90 [ 99.997832][ C1] do_syscall_64+0x55/0xa0 [ 99.997853][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 99.997870][ C1] [ 99.997873][ C1] The buggy address belongs to the object at ffff888076145700 [ 99.997873][ C1] which belongs to the cache kmalloc-cg-64 of size 64 [ 99.997887][ C1] The buggy address is located 16 bytes inside of [ 99.997887][ C1] allocated 40-byte region [ffff888076145700, ffff888076145728) [ 99.997903][ C1] [ 99.997906][ C1] The buggy address belongs to the physical page: [ 99.997912][ C1] page:ffffea0001d85140 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76145 [ 99.997930][ C1] memcg:ffff888076015c01 [ 99.997936][ C1] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff) [ 99.997951][ C1] page_type: 0xffffffff() [ 99.997966][ C1] raw: 00fff00000000800 ffff888017c4da00 dead000000000122 0000000000000000 [ 99.997981][ C1] raw: 0000000000000000 0000000080200020 00000001ffffffff ffff888076015c01 [ 99.997988][ C1] page dumped because: kasan: bad access detected [ 99.997995][ C1] page_owner tracks the page as allocated [ 99.998000][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 12, tgid 12 (kworker/u4:1), ts 99497855092, free_ts 99486078578 [ 99.998027][ C1] post_alloc_hook+0x1c1/0x200 [ 99.998048][ C1] get_page_from_freelist+0x1951/0x19e0 [ 99.998062][ C1] __alloc_pages+0x1f0/0x460 [ 99.998075][ C1] alloc_slab_page+0x5d/0x160 [ 99.998089][ C1] new_slab+0x87/0x2d0 [ 99.998110][ C1] ___slab_alloc+0xc5d/0x12f0 [ 99.998130][ C1] __kmem_cache_alloc_node+0x19e/0x250 [ 99.998151][ C1] __kmalloc_node+0xa4/0x230 [ 99.998170][ C1] kvmalloc_node+0x70/0x180 [ 99.998189][ C1] __nf_hook_entries_try_shrink+0x310/0x6d0 [ 99.998209][ C1] __nf_unregister_net_hook+0x4e1/0x6e0 [ 99.998226][ C1] nf_unregister_net_hooks+0xcb/0x130 [ 99.998244][ C1] nf_ct_netns_put+0x36d/0x520 [ 99.998262][ C1] nf_conncount_destroy+0x41/0x150 [ 99.998276][ C1] ovs_ct_exit+0x9c/0x200 [ 99.998294][ C1] ovs_exit_net+0xed/0x7a0 [ 99.998313][ C1] page last free stack trace: [ 99.998318][ C1] free_unref_page_prepare+0x7b2/0x8c0 [ 99.998340][ C1] free_unref_page_list+0xbe/0x860 [ 99.998361][ C1] release_pages+0x1f7a/0x2200 [ 99.998377][ C1] tlb_flush_mmu+0x379/0x510 [ 99.998396][ C1] tlb_finish_mmu+0xf9/0x220 [ 99.998417][ C1] exit_mmap+0x428/0xb90 [ 99.998435][ C1] __mmput+0x118/0x3c0 [ 99.998457][ C1] exit_mm+0x1f2/0x2c0 [ 99.998477][ C1] do_exit+0x8dd/0x2460 [ 99.998496][ C1] do_group_exit+0x21b/0x2d0 [ 99.998517][ C1] __x64_sys_exit_group+0x3f/0x40 [ 99.998538][ C1] do_syscall_64+0x55/0xa0 [ 99.998558][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 99.998576][ C1] [ 99.998579][ C1] Memory state around the buggy address: [ 99.998587][ C1] ffff888076145600: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 99.998597][ C1] ffff888076145680: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 99.998606][ C1] >ffff888076145700: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 99.998613][ C1] ^ [ 99.998621][ C1] ffff888076145780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 99.998631][ C1] ffff888076145800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 99.998638][ C1] ================================================================== [ 99.998646][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 99.998653][ C1] CPU: 1 PID: 5924 Comm: syz.0.17 Not tainted syzkaller #0 [ 99.998668][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 99.998676][ C1] Call Trace: [ 99.998682][ C1] <#DB> [ 99.998688][ C1] dump_stack_lvl+0x18c/0x250 [ 99.998713][ C1] ? show_regs_print_info+0x20/0x20 [ 99.998737][ C1] ? load_image+0x400/0x400 [ 99.998765][ C1] panic+0x2dc/0x730 [ 99.998783][ C1] ? __lock_acquire+0x7d40/0x7d40 [ 99.998804][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 99.998826][ C1] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 99.998846][ C1] ? _raw_spin_unlock+0x40/0x40 [ 99.998866][ C1] ? __bpf_get_stackid+0x6bf/0x900 [ 99.998886][ C1] check_panic_on_warn+0x84/0xa0 [ 99.998906][ C1] ? __bpf_get_stackid+0x6bf/0x900 [ 99.998925][ C1] end_report+0x6f/0x130 [ 99.998943][ C1] kasan_report+0x128/0x150 [ 99.998965][ C1] ? __bpf_get_stackid+0x6bf/0x900 [ 99.998989][ C1] kasan_check_range+0x241/0x290 [ 99.999009][ C1] ? __bpf_get_stackid+0x6bf/0x900 [ 99.999030][ C1] __asan_memcpy+0x40/0x70 [ 99.999053][ C1] __bpf_get_stackid+0x6bf/0x900 [ 99.999079][ C1] bpf_get_stackid_pe+0x343/0x410 [ 99.999103][ C1] bpf_prog_a82986b851e905af+0x30/0x42 [ 99.999122][ C1] bpf_overflow_handler+0x1fc/0x510 [ 99.999147][ C1] ? bpf_overflow_handler+0xde/0x510 [ 99.999167][ C1] ? tp_perf_event_destroy+0x20/0x20 [ 99.999192][ C1] ? __perf_event_account_interrupt+0x187/0x280 [ 99.999211][ C1] __perf_event_overflow+0x447/0x630 [ 99.999232][ C1] perf_swevent_event+0x319/0x570 [ 99.999252][ C1] ? perf_tp_event+0x1520/0x1520 [ 99.999277][ C1] perf_bp_event+0x319/0x430 [ 99.999298][ C1] ? perf_event_free_bpf_prog+0x120/0x120 [ 99.999333][ C1] ? lock_acquire+0x2c2/0x420 [ 99.999376][ C1] hw_breakpoint_exceptions_notify+0x23e/0x670 [ 99.999398][ C1] notifier_call_chain+0x197/0x380 [ 99.999420][ C1] ? atomic_notifier_call_chain+0x26/0x180 [ 99.999449][ C1] atomic_notifier_call_chain+0xda/0x180 [ 99.999470][ C1] notify_die+0x145/0x1a0 [ 99.999491][ C1] ? srcu_init_notifier_head+0x90/0x90 [ 99.999515][ C1] ? rcu_is_watching+0x15/0xb0 [ 99.999536][ C1] notify_debug+0x2e/0x50 [ 99.999552][ C1] exc_debug+0xde/0x140 [ 99.999569][ C1] asm_exc_debug+0x1e/0x40 [ 99.999585][ C1] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 99.999602][ C1] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01 [ 99.999613][ C1] RSP: 0018:ffffc900032f7d50 EFLAGS: 00050202 [ 99.999625][ C1] RAX: ffffffff842a1401 RBX: 0000000000000050 RCX: 000000000000000f [ 99.999635][ C1] RDX: 0000000000000001 RSI: 0000200000000301 RDI: ffffc900032f7e01 [ 99.999644][ C1] RBP: ffffc900032f7ee8 R08: ffffc900032f7e0f R09: 1ffff9200065efc1 [ 99.999654][ C1] R10: dffffc0000000000 R11: fffff5200065efc2 R12: 0000200000000310 [ 99.999664][ C1] R13: 0000000000000050 R14: ffffc900032f7dc0 R15: 00002000000002c0 [ 99.999680][ C1] ? _copy_from_user+0x11/0xe0 [ 99.999702][ C1] [ 99.999706][ C1] [ 99.999710][ C1] _copy_from_user+0x8b/0xe0 [ 99.999730][ C1] __sys_bpf+0x23e/0x890 [ 99.999749][ C1] ? bpf_link_show_fdinfo+0x390/0x390 [ 99.999765][ C1] ? atomic_notifier_call_chain+0x26/0x180 [ 99.999793][ C1] ? lock_chain_count+0x20/0x20 [ 99.999817][ C1] __x64_sys_bpf+0x7c/0x90 [ 99.999834][ C1] do_syscall_64+0x55/0xa0 [ 99.999856][ C1] ? clear_bhb_loop+0x40/0x90 [ 99.999874][ C1] ? clear_bhb_loop+0x40/0x90 [ 99.999893][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 99.999911][ C1] RIP: 0033:0x7fee1479c819 [ 99.999924][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 99.999936][ C1] RSP: 002b:00007ffedea8f9e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 99.999953][ C1] RAX: ffffffffffffffda RBX: 00007fee14a15fa0 RCX: 00007fee1479c819 [ 99.999965][ C1] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000001c [ 99.999975][ C1] RBP: 00007fee14832c91 R08: 0000000000000000 R09: 0000000000000000 [ 99.999986][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.999996][ C1] R13: 00007fee14a15fac R14: 00007fee14a15fa0 R15: 00007fee14a15fa0 [ 100.000016][ C1] [ 100.000426][ C1] Kernel Offset: disabled