Warning: Permanently added '10.128.1.201' (ED25519) to the list of known hosts.
2025/07/21 01:43:43 ignoring optional flag "sandboxArg"="0"
2025/07/21 01:43:44 parsed 1 programs
[ 93.543626][ T5851] cgroup: Unknown subsys name 'net'
[ 93.677910][ T5851] cgroup: Unknown subsys name 'cpuset'
[ 93.687618][ T5851] cgroup: Unknown subsys name 'rlimit'
[ 95.429002][ T5851] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 97.143490][ T9] cfg80211: failed to load regulatory.db
[ 98.697547][ T5865] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 100.147496][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 100.155646][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 100.196895][ T3514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 100.205502][ T3514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.671474][ T5913] chnl_net:caif_netlink_parms(): no params data found
[ 101.770525][ T5913] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.778598][ T5913] bridge0: port 1(bridge_slave_0) entered disabled state
[ 101.785984][ T5913] bridge_slave_0: entered allmulticast mode
[ 101.793540][ T5913] bridge_slave_0: entered promiscuous mode
[ 101.802707][ T5913] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.810389][ T5913] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.817708][ T5913] bridge_slave_1: entered allmulticast mode
[ 101.825113][ T5913] bridge_slave_1: entered promiscuous mode
[ 101.868317][ T5913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 101.880477][ T5913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 101.917475][ T5913] team0: Port device team_slave_0 added
[ 101.926259][ T5913] team0: Port device team_slave_1 added
[ 101.956912][ T5913] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 101.964023][ T5913] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 101.990045][ T5913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.002967][ T5913] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 102.010042][ T5913] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 102.036581][ T5913] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 102.090833][ T5913] hsr_slave_0: entered promiscuous mode
[ 102.097453][ T5913] hsr_slave_1: entered promiscuous mode
[ 102.257637][ T5913] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 102.270474][ T5913] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 102.281953][ T5913] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 102.293593][ T5913] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 102.377491][ T5913] 8021q: adding VLAN 0 to HW filter on device bond0
[ 102.400335][ T5913] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.413533][ T285] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.420884][ T285] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.439639][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.446920][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.648188][ T5913] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 102.695803][ T5913] veth0_vlan: entered promiscuous mode
[ 102.707537][ T5913] veth1_vlan: entered promiscuous mode
[ 102.737409][ T5913] veth0_macvtap: entered promiscuous mode
[ 102.751950][ T5913] veth1_macvtap: entered promiscuous mode
[ 102.774647][ T5913] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.788778][ T5913] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.802069][ T5913] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.811316][ T5913] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.820348][ T5913] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.829388][ T5913] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.990602][ T3514] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.073239][ T3514] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.152331][ T3514] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.244974][ T3514] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.442675][ T5940] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 103.452696][ T5940] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 103.462402][ T5940] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 103.471159][ T5940] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 103.478949][ T5940] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/07/21 01:43:59 executed programs: 0
[ 104.351667][ T5940] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 104.362814][ T5940] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 104.370921][ T5940] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 104.379770][ T5940] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 104.396074][ T5940] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 104.592416][ T5955] chnl_net:caif_netlink_parms(): no params data found
[ 104.678591][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.686258][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.693663][ T5955] bridge_slave_0: entered allmulticast mode
[ 104.701944][ T5955] bridge_slave_0: entered promiscuous mode
[ 104.710793][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.718290][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.725580][ T5955] bridge_slave_1: entered allmulticast mode
[ 104.732952][ T5955] bridge_slave_1: entered promiscuous mode
[ 104.769972][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 104.782157][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 104.825185][ T5955] team0: Port device team_slave_0 added
[ 104.833662][ T5955] team0: Port device team_slave_1 added
[ 104.866994][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.874577][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.901327][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.916204][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.923237][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.949461][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.997626][ T5955] hsr_slave_0: entered promiscuous mode
[ 105.004804][ T5955] hsr_slave_1: entered promiscuous mode
[ 105.011436][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 105.020209][ T5955] Cannot create hsr debugfs directory
[ 106.241802][ T3514] bridge_slave_1: left allmulticast mode
[ 106.249900][ T3514] bridge_slave_1: left promiscuous mode
[ 106.259578][ T3514] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.277461][ T3514] bridge_slave_0: left allmulticast mode
[ 106.283188][ T3514] bridge_slave_0: left promiscuous mode
[ 106.290112][ T3514] bridge0: port 1(bridge_slave_0) entered disabled state
[ 106.420912][ T5167] Bluetooth: hci0: command tx timeout
[ 106.704461][ T3514] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 106.717579][ T3514] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 106.728469][ T3514] bond0 (unregistering): Released all slaves
[ 106.881384][ T3514] hsr_slave_0: left promiscuous mode
[ 106.891061][ T3514] hsr_slave_1: left promiscuous mode
[ 106.899043][ T3514] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 106.906931][ T3514] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 106.915798][ T3514] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 106.923256][ T3514] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 106.941886][ T3514] veth1_macvtap: left promiscuous mode
[ 106.947672][ T3514] veth0_macvtap: left promiscuous mode
[ 106.953336][ T3514] veth1_vlan: left promiscuous mode
[ 106.959086][ T3514] veth0_vlan: left promiscuous mode
[ 107.312770][ T3514] team0 (unregistering): Port device team_slave_1 removed
[ 107.343195][ T3514] team0 (unregistering): Port device team_slave_0 removed
[ 107.842581][ T5955] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 107.876860][ T5955] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 107.907005][ T5955] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 107.920435][ T5955] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 108.069476][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[ 108.318829][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[ 108.333290][ T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 108.340594][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 108.368609][ T285] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.375891][ T285] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 108.494285][ T5167] Bluetooth: hci0: command tx timeout
[ 108.832765][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 108.903327][ T5955] veth0_vlan: entered promiscuous mode
[ 108.920989][ T5955] veth1_vlan: entered promiscuous mode
[ 108.968492][ T5955] veth0_macvtap: entered promiscuous mode
[ 108.989632][ T5955] veth1_macvtap: entered promiscuous mode
[ 109.017848][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 109.038353][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 109.052769][ T5955] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.064456][ T5955] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.073429][ T5955] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.086031][ T5955] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.160725][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.169834][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.200471][ T3514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.210370][ T3514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/21 01:44:04 executed programs: 3
[ 110.574188][ T5167] Bluetooth: hci0: command tx timeout
[ 112.654663][ T5167] Bluetooth: hci0: command tx timeout
2025/07/21 01:44:10 executed programs: 9
2025/07/21 01:44:15 executed programs: 15
2025/07/21 01:44:20 executed programs: 21
2025/07/21 01:44:25 executed programs: 27
2025/07/21 01:44:30 executed programs: 33
[ 138.108441][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 138.115093][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
2025/07/21 01:44:35 executed programs: 39
[ 141.915467][ T37] ==================================================================
[ 141.923591][ T37] BUG: KASAN: slab-use-after-free in _raw_spin_lock_bh+0x36/0x50
[ 141.931381][ T37] Read of size 1 at addr ffff888076111858 by task kworker/u8:3/37
[ 141.939212][ T37]
[ 141.941573][ T37] CPU: 0 UID: 0 PID: 37 Comm: kworker/u8:3 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)
[ 141.941592][ T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 141.941603][ T37] Workqueue: kkcmd kcm_tx_work
[ 141.941654][ T37] Call Trace:
[ 141.941662][ T37]
[ 141.941669][ T37] dump_stack_lvl+0x189/0x250
[ 141.941689][ T37] ? __virt_addr_valid+0x1c8/0x5c0
[ 141.941708][ T37] ? rcu_is_watching+0x15/0xb0
[ 141.941725][ T37] ? __kasan_check_byte+0x12/0x40
[ 141.941748][ T37] ? __pfx_dump_stack_lvl+0x10/0x10
[ 141.941765][ T37] ? rcu_is_watching+0x15/0xb0
[ 141.941782][ T37] ? lock_release+0x4b/0x3e0
[ 141.941798][ T37] ? __virt_addr_valid+0x1c8/0x5c0
[ 141.941817][ T37] ? __virt_addr_valid+0x4a5/0x5c0
[ 141.941837][ T37] print_report+0xca/0x230
[ 141.941850][ T37] ? _raw_spin_lock_bh+0x36/0x50
[ 141.941878][ T37] kasan_report+0x118/0x150
[ 141.941901][ T37] ? _raw_spin_lock_bh+0x36/0x50
[ 141.941927][ T37] ? __lock_sock+0x156/0x2b0
[ 141.941941][ T37] __kasan_check_byte+0x2a/0x40
[ 141.941962][ T37] lock_acquire+0x8d/0x360
[ 141.941977][ T37] ? schedule+0x91/0x360
[ 141.941990][ T37] ? kthread_data+0x4f/0xc0
[ 141.942008][ T37] ? __lock_sock+0x156/0x2b0
[ 141.942021][ T37] _raw_spin_lock_bh+0x36/0x50
[ 141.942043][ T37] ? __lock_sock+0x156/0x2b0
[ 141.942057][ T37] __lock_sock+0x156/0x2b0
[ 141.942072][ T37] ? __pfx___lock_sock+0x10/0x10
[ 141.942085][ T37] ? do_raw_spin_lock+0x121/0x290
[ 141.942106][ T37] ? __pfx_autoremove_wake_function+0x10/0x10
[ 141.942130][ T37] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 141.942154][ T37] ? lock_sock_nested+0x6a/0x100
[ 141.942172][ T37] lock_sock_nested+0x9f/0x100
[ 141.942190][ T37] kcm_tx_work+0x31/0x180
[ 141.942206][ T37] ? process_scheduled_works+0x9ef/0x17b0
[ 141.942224][ T37] process_scheduled_works+0xae1/0x17b0
[ 141.942252][ T37] ? __pfx_process_scheduled_works+0x10/0x10
[ 141.942276][ T37] worker_thread+0x8a0/0xda0
[ 141.942294][ T37] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 141.942321][ T37] ? __kthread_parkme+0x7b/0x200
[ 141.942342][ T37] kthread+0x70e/0x8a0
[ 141.942363][ T37] ? __pfx_worker_thread+0x10/0x10
[ 141.942380][ T37] ? __pfx_kthread+0x10/0x10
[ 141.942401][ T37] ? _raw_spin_unlock_irq+0x23/0x50
[ 141.942413][ T37] ? lockdep_hardirqs_on+0x9c/0x150
[ 141.942428][ T37] ? __pfx_kthread+0x10/0x10
[ 141.942448][ T37] ret_from_fork+0x3fc/0x770
[ 141.942464][ T37] ? __pfx_ret_from_fork+0x10/0x10
[ 141.942482][ T37] ? __switch_to_asm+0x39/0x70
[ 141.942511][ T37] ? __switch_to_asm+0x33/0x70
[ 141.942538][ T37] ? __pfx_kthread+0x10/0x10
[ 141.942569][ T37] ret_from_fork_asm+0x1a/0x30
[ 141.942601][ T37]
[ 141.942607][ T37]
[ 142.210370][ T37] Allocated by task 6176:
[ 142.214710][ T37] kasan_save_track+0x3e/0x80
[ 142.219411][ T37] __kasan_slab_alloc+0x6c/0x80
[ 142.224285][ T37] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 142.229763][ T37] sk_prot_alloc+0x57/0x220
[ 142.234293][ T37] sk_alloc+0x3a/0x370
[ 142.238382][ T37] kcm_ioctl+0x214/0xff0
[ 142.242647][ T37] sock_do_ioctl+0xd9/0x300
[ 142.247338][ T37] sock_ioctl+0x576/0x790
[ 142.251690][ T37] __se_sys_ioctl+0xf9/0x170
[ 142.256316][ T37] do_syscall_64+0xfa/0x3b0
[ 142.260856][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 142.266775][ T37]
[ 142.269142][ T37] Freed by task 6177:
[ 142.273225][ T37] kasan_save_track+0x3e/0x80
[ 142.277933][ T37] kasan_save_free_info+0x46/0x50
[ 142.282973][ T37] __kasan_slab_free+0x62/0x70
[ 142.287766][ T37] kmem_cache_free+0x18f/0x400
[ 142.292568][ T37] __sk_destruct+0x4d2/0x660
[ 142.297180][ T37] kcm_release+0x528/0x5c0
[ 142.301623][ T37] sock_close+0xc0/0x240
[ 142.305883][ T37] __fput+0x44c/0xa70
[ 142.309875][ T37] fput_close_sync+0x119/0x200
[ 142.314651][ T37] __x64_sys_close+0x7f/0x110
[ 142.319351][ T37] do_syscall_64+0xfa/0x3b0
[ 142.323870][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 142.329782][ T37]
[ 142.332114][ T37] Last potentially related work creation:
[ 142.337837][ T37] kasan_save_stack+0x3e/0x60
[ 142.342532][ T37] kasan_record_aux_stack+0xbd/0xd0
[ 142.347747][ T37] insert_work+0x3d/0x330
[ 142.352090][ T37] __queue_work+0xcfc/0xfe0
[ 142.356608][ T37] queue_work_on+0x181/0x270
[ 142.361214][ T37] kcm_unattach+0x863/0xe90
[ 142.365729][ T37] kcm_ioctl+0x794/0xff0
[ 142.369982][ T37] sock_do_ioctl+0xd9/0x300
[ 142.374504][ T37] sock_ioctl+0x576/0x790
[ 142.378889][ T37] __se_sys_ioctl+0xf9/0x170
[ 142.383495][ T37] do_syscall_64+0xfa/0x3b0
[ 142.388013][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 142.393922][ T37]
[ 142.396255][ T37] Second to last potentially related work creation:
[ 142.402857][ T37] kasan_save_stack+0x3e/0x60
[ 142.407554][ T37] kasan_record_aux_stack+0xbd/0xd0
[ 142.412768][ T37] insert_work+0x3d/0x330
[ 142.417206][ T37] __queue_work+0xcfc/0xfe0
[ 142.421738][ T37] queue_work_on+0x181/0x270
[ 142.426350][ T37] kcm_ioctl+0xe52/0xff0
[ 142.430605][ T37] sock_do_ioctl+0xd9/0x300
[ 142.435124][ T37] sock_ioctl+0x576/0x790
[ 142.439470][ T37] __se_sys_ioctl+0xf9/0x170
[ 142.444077][ T37] do_syscall_64+0xfa/0x3b0
[ 142.448596][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 142.454501][ T37]
[ 142.456838][ T37] The buggy address belongs to the object at ffff888076111680
[ 142.456838][ T37] which belongs to the cache KCM of size 1792
[ 142.470298][ T37] The buggy address is located 472 bytes inside of
[ 142.470298][ T37] freed 1792-byte region [ffff888076111680, ffff888076111d80)
[ 142.484198][ T37]
[ 142.486534][ T37] The buggy address belongs to the physical page:
[ 142.492972][ T37] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76110
[ 142.501761][ T37] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 142.510282][ T37] memcg:ffff88803452d801
[ 142.514530][ T37] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 142.522097][ T37] page_type: f5(slab)
[ 142.526097][ T37] raw: 00fff00000000040 ffff88802f665dc0 dead000000000122 0000000000000000
[ 142.534701][ T37] raw: 0000000000000000 0000000080110011 00000000f5000000 ffff88803452d801
[ 142.543304][ T37] head: 00fff00000000040 ffff88802f665dc0 dead000000000122 0000000000000000
[ 142.551992][ T37] head: 0000000000000000 0000000080110011 00000000f5000000 ffff88803452d801
[ 142.560765][ T37] head: 00fff00000000003 ffffea0001d84401 00000000ffffffff 00000000ffffffff
[ 142.569451][ T37] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 142.578130][ T37] page dumped because: kasan: bad access detected
[ 142.584581][ T37] page_owner tracks the page as allocated
[ 142.590302][ T37] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6160, tgid 6158 (syz.0.50), ts 138462937313, free_ts 103488764834
[ 142.611797][ T37] post_alloc_hook+0x240/0x2a0
[ 142.616698][ T37] get_page_from_freelist+0x21e4/0x22c0
[ 142.622269][ T37] __alloc_frozen_pages_noprof+0x181/0x370
[ 142.628091][ T37] alloc_pages_mpol+0x232/0x4a0
[ 142.632964][ T37] allocate_slab+0x8a/0x3b0
[ 142.637484][ T37] ___slab_alloc+0xbfc/0x1480
[ 142.642172][ T37] kmem_cache_alloc_noprof+0x283/0x3c0
[ 142.647739][ T37] sk_prot_alloc+0x57/0x220
[ 142.652264][ T37] sk_alloc+0x3a/0x370
[ 142.656363][ T37] kcm_ioctl+0x214/0xff0
[ 142.660648][ T37] sock_do_ioctl+0xd9/0x300
[ 142.665167][ T37] sock_ioctl+0x576/0x790
[ 142.669512][ T37] __se_sys_ioctl+0xf9/0x170
[ 142.674122][ T37] do_syscall_64+0xfa/0x3b0
[ 142.678644][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 142.684556][ T37] page last free pid 5934 tgid 5934 stack trace:
[ 142.690896][ T37] __free_frozen_pages+0xc71/0xe70
[ 142.696037][ T37] vfree+0x25a/0x400
[ 142.699952][ T37] kcov_close+0x28/0x50
[ 142.704145][ T37] __fput+0x44c/0xa70
[ 142.708141][ T37] task_work_run+0x1d1/0x260
[ 142.712765][ T37] do_exit+0x6b5/0x22e0
[ 142.716939][ T37] do_group_exit+0x21c/0x2d0
[ 142.721554][ T37] get_signal+0x1286/0x1340
[ 142.726097][ T37] arch_do_signal_or_restart+0x9a/0x750
[ 142.731669][ T37] exit_to_user_mode_loop+0x75/0x110
[ 142.736972][ T37] do_syscall_64+0x2bd/0x3b0
[ 142.741659][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 142.747568][ T37]
[ 142.749948][ T37] Memory state around the buggy address:
[ 142.755597][ T37] ffff888076111700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 142.763851][ T37] ffff888076111780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 142.771926][ T37] >ffff888076111800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 142.780026][ T37] ^
[ 142.786973][ T37] ffff888076111880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 142.795407][ T37] ffff888076111900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 142.803493][ T37] ==================================================================
[ 142.811734][ T37] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 142.818974][ T37] CPU: 0 UID: 0 PID: 37 Comm: kworker/u8:3 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)
[ 142.830475][ T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 142.840646][ T37] Workqueue: kkcmd kcm_tx_work
[ 142.845449][ T37] Call Trace:
[ 142.848741][ T37]
[ 142.851687][ T37] dump_stack_lvl+0x99/0x250
[ 142.856296][ T37] ? __asan_memcpy+0x40/0x70
[ 142.860909][ T37] ? __pfx_dump_stack_lvl+0x10/0x10
[ 142.866133][ T37] ? __pfx__printk+0x10/0x10
[ 142.870754][ T37] panic+0x2db/0x790
[ 142.874673][ T37] ? lockdep_hardirqs_on+0x9c/0x150
[ 142.879893][ T37] ? __pfx_panic+0x10/0x10
[ 142.884334][ T37] ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 142.890247][ T37] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 142.896179][ T37] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 142.902542][ T37] ? _raw_spin_lock_bh+0x36/0x50
[ 142.907508][ T37] check_panic_on_warn+0x89/0xb0
[ 142.912575][ T37] ? _raw_spin_lock_bh+0x36/0x50
[ 142.917544][ T37] end_report+0x78/0x160
[ 142.921811][ T37] kasan_report+0x129/0x150
[ 142.926339][ T37] ? _raw_spin_lock_bh+0x36/0x50
[ 142.931306][ T37] ? __lock_sock+0x156/0x2b0
[ 142.935907][ T37] __kasan_check_byte+0x2a/0x40
[ 142.940783][ T37] lock_acquire+0x8d/0x360
[ 142.945224][ T37] ? schedule+0x91/0x360
[ 142.949502][ T37] ? kthread_data+0x4f/0xc0
[ 142.954032][ T37] ? __lock_sock+0x156/0x2b0
[ 142.958634][ T37] _raw_spin_lock_bh+0x36/0x50
[ 142.963429][ T37] ? __lock_sock+0x156/0x2b0
[ 142.968037][ T37] __lock_sock+0x156/0x2b0
[ 142.972467][ T37] ? __pfx___lock_sock+0x10/0x10
[ 142.977421][ T37] ? do_raw_spin_lock+0x121/0x290
[ 142.982470][ T37] ? __pfx_autoremove_wake_function+0x10/0x10
[ 142.988560][ T37] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 142.993965][ T37] ? lock_sock_nested+0x6a/0x100
[ 142.998939][ T37] lock_sock_nested+0x9f/0x100
[ 143.003725][ T37] kcm_tx_work+0x31/0x180
[ 143.008069][ T37] ? process_scheduled_works+0x9ef/0x17b0
[ 143.013808][ T37] process_scheduled_works+0xae1/0x17b0
[ 143.019400][ T37] ? __pfx_process_scheduled_works+0x10/0x10
[ 143.025406][ T37] worker_thread+0x8a0/0xda0
[ 143.030022][ T37] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 143.036403][ T37] ? __kthread_parkme+0x7b/0x200
[ 143.041362][ T37] kthread+0x70e/0x8a0
[ 143.045470][ T37] ? __pfx_worker_thread+0x10/0x10
[ 143.050613][ T37] ? __pfx_kthread+0x10/0x10
[ 143.055225][ T37] ? _raw_spin_unlock_irq+0x23/0x50
[ 143.060522][ T37] ? lockdep_hardirqs_on+0x9c/0x150
[ 143.065740][ T37] ? __pfx_kthread+0x10/0x10
[ 143.070397][ T37] ret_from_fork+0x3fc/0x770
[ 143.075013][ T37] ? __pfx_ret_from_fork+0x10/0x10
[ 143.080144][ T37] ? __switch_to_asm+0x39/0x70
[ 143.084948][ T37] ? __switch_to_asm+0x33/0x70
[ 143.089749][ T37] ? __pfx_kthread+0x10/0x10
[ 143.094378][ T37] ret_from_fork_asm+0x1a/0x30
[ 143.099202][ T37]
[ 143.102711][ T37] Kernel Offset: disabled
[ 143.107144][ T37] Rebooting in 86400 seconds..