Warning: Permanently added '10.128.0.175' (ED25519) to the list of known hosts.
2026/02/23 13:43:28 parsed 1 programs
[   88.252942][ T5771] cgroup: Unknown subsys name 'net'
[   88.419415][ T5771] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   90.238966][ T5771] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.235954][ T1187] cfg80211: failed to load regulatory.db
[   92.837272][ T5803] chnl_net:caif_netlink_parms(): no params data found
[   92.926472][ T5803] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.935458][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.943189][ T5803] bridge_slave_0: entered allmulticast mode
[   92.950808][ T5803] bridge_slave_0: entered promiscuous mode
[   92.960219][ T5803] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.967852][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.975299][ T5803] bridge_slave_1: entered allmulticast mode
[   92.982750][ T5803] bridge_slave_1: entered promiscuous mode
[   93.016194][ T5803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.028160][ T5803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.058835][ T5803] team0: Port device team_slave_0 added
[   93.072466][ T5803] team0: Port device team_slave_1 added
[   93.102716][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.109828][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.136018][ T5803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.150693][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.157680][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.184229][ T5803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.237012][ T5803] hsr_slave_0: entered promiscuous mode
[   93.244178][ T5803] hsr_slave_1: entered promiscuous mode
[   93.440923][ T5803] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.460455][ T5803] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.472477][ T5803] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.484335][ T5803] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.524153][ T5803] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.531686][ T5803] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.540017][ T5803] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.547289][ T5803] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.594804][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.604877][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.649082][ T5803] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.672404][ T5803] 8021q: adding VLAN 0 to HW filter on device team0
[   93.697259][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.704455][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.718893][ T1131] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.726081][ T1131] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.957864][ T5803] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.018963][ T5803] veth0_vlan: entered promiscuous mode
[   94.034129][ T5803] veth1_vlan: entered promiscuous mode
[   94.075561][ T5803] veth0_macvtap: entered promiscuous mode
[   94.086264][ T5803] veth1_macvtap: entered promiscuous mode
[   94.107166][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.123818][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.136808][ T5803] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.145890][ T5803] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.155526][ T5803] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.164361][ T5803] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.346840][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.688222][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   94.697704][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   94.706034][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   94.715830][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   94.723774][   T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   94.731752][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.116153][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.128466][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.161607][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.169668][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.877879][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/02/23 13:43:40 executed programs: 0
[   97.982769][ T5083] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.994582][ T5083] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   98.003628][ T5083] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   98.013108][ T5083] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   98.021750][ T5083] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   98.029292][ T5083] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   98.190015][ T5876] chnl_net:caif_netlink_parms(): no params data found
[   98.266723][ T5876] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.274194][ T5876] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.281725][ T5876] bridge_slave_0: entered allmulticast mode
[   98.289079][ T5876] bridge_slave_0: entered promiscuous mode
[   98.299098][ T5876] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.306515][ T5876] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.314050][ T5876] bridge_slave_1: entered allmulticast mode
[   98.321571][ T5876] bridge_slave_1: entered promiscuous mode
[   98.352008][ T5876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.365571][ T5876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.397955][ T5876] team0: Port device team_slave_0 added
[   98.408888][ T5876] team0: Port device team_slave_1 added
[   98.435012][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.442113][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.468380][ T5876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.481723][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.488715][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.516131][ T5876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.559584][ T5876] hsr_slave_0: entered promiscuous mode
[   98.568453][ T5876] hsr_slave_1: entered promiscuous mode
[   98.575074][ T5876] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   98.583098][ T5876] Cannot create hsr debugfs directory
[   99.301753][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.356028][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.074560][ T5083] Bluetooth: hci0: command tx timeout
[  100.264249][ T5876] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  100.278125][ T5876] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  100.296186][ T5876] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  100.307157][ T5876] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  100.334442][   T11] hsr_slave_0: left promiscuous mode
[  100.341527][   T11] hsr_slave_1: left promiscuous mode
[  100.348315][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.358690][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.374294][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.382184][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.393153][   T11] bridge_slave_1: left allmulticast mode
[  100.398891][   T11] bridge_slave_1: left promiscuous mode
[  100.406440][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.424793][   T11] bridge_slave_0: left allmulticast mode
[  100.431902][   T11] bridge_slave_0: left promiscuous mode
[  100.437957][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.477261][   T11] veth1_macvtap: left promiscuous mode
[  100.485892][   T11] veth0_macvtap: left promiscuous mode
[  100.492536][   T11] veth1_vlan: left promiscuous mode
[  100.498196][   T11] veth0_vlan: left promiscuous mode
[  101.058480][   T11] team0 (unregistering): Port device team_slave_1 removed
[  101.103391][   T11] team0 (unregistering): Port device team_slave_0 removed
[  101.140228][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.184877][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.437196][   T11] bond0 (unregistering): Released all slaves
[  101.601344][ T5876] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.634018][ T5876] 8021q: adding VLAN 0 to HW filter on device team0
[  101.649097][ T1131] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.656284][ T1131] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.680790][ T2948] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.688003][ T2948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.755416][ T5876] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  101.945110][ T5876] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.005628][ T5876] veth0_vlan: entered promiscuous mode
[  102.022896][ T5876] veth1_vlan: entered promiscuous mode
[  102.097048][ T5876] veth0_macvtap: entered promiscuous mode
[  102.117211][ T5876] veth1_macvtap: entered promiscuous mode
[  102.147674][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.161478][ T5083] Bluetooth: hci0: command tx timeout
[  102.182859][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.197913][ T5876] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.208751][ T5876] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.218851][ T5876] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.228885][ T5876] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.371336][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.379252][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.433201][ T2948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.442632][ T2948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.504252][    C1] ==================================================================
[  102.504266][    C1] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6bf/0x900
[  102.504305][    C1] Write of size 128 at addr ffff88802d0c9890 by task syz.0.17/5920
[  102.504320][    C1] 
[  102.504337][    C1] CPU: 1 PID: 5920 Comm: syz.0.17 Not tainted syzkaller #0
[  102.504354][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  102.504376][    C1] Call Trace:
[  102.504391][    C1]  <#DB>
[  102.504397][    C1]  dump_stack_lvl+0x18c/0x250
[  102.504426][    C1]  ? read_lock_is_recursive+0x20/0x20
[  102.504449][    C1]  ? show_regs_print_info+0x20/0x20
[  102.504476][    C1]  ? load_image+0x400/0x400
[  102.504498][    C1]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  102.504522][    C1]  ? __virt_addr_valid+0x18c/0x540
[  102.504546][    C1]  ? __virt_addr_valid+0x469/0x540
[  102.504572][    C1]  print_report+0xa8/0x210
[  102.504596][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[  102.504618][    C1]  kasan_report+0x117/0x150
[  102.504643][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[  102.504672][    C1]  kasan_check_range+0x241/0x290
[  102.504703][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[  102.504729][    C1]  __asan_memcpy+0x40/0x70
[  102.504757][    C1]  __bpf_get_stackid+0x6bf/0x900
[  102.504787][    C1]  bpf_get_stackid_pe+0x343/0x410
[  102.504816][    C1]  bpf_prog_6611c23d801ea08d+0x29/0x3e
[  102.504840][    C1]  bpf_overflow_handler+0x1fc/0x510
[  102.504869][    C1]  ? perf_prepare_header+0x1e0/0x1e0
[  102.504890][    C1]  ? bpf_overflow_handler+0xde/0x510
[  102.504917][    C1]  ? tp_perf_event_destroy+0x20/0x20
[  102.504949][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[  102.504973][    C1]  __perf_event_overflow+0x447/0x630
[  102.505000][    C1]  perf_swevent_event+0x324/0x630
[  102.505025][    C1]  ? perf_tp_event+0x1450/0x1450
[  102.505053][    C1]  perf_bp_event+0x2a7/0x380
[  102.505078][    C1]  ? perf_event_free_bpf_prog+0x120/0x120
[  102.505119][    C1]  ? lock_acquire+0x2c2/0x420
[  102.505145][    C1]  hw_breakpoint_exceptions_notify+0x23e/0x670
[  102.505173][    C1]  notifier_call_chain+0x197/0x380
[  102.505199][    C1]  ? atomic_notifier_call_chain+0x26/0x180
[  102.505225][    C1]  atomic_notifier_call_chain+0xda/0x180
[  102.505251][    C1]  notify_die+0x145/0x1a0
[  102.505277][    C1]  ? srcu_init_notifier_head+0x90/0x90
[  102.505310][    C1]  notify_debug+0x2e/0x50
[  102.505327][    C1]  exc_debug+0xde/0x140
[  102.505358][    C1]  asm_exc_debug+0x1e/0x40
[  102.505376][    C1] RIP: 0010:__get_user_nocheck_8+0xd/0x20
[  102.505409][    C1] Code: fa 0f 01 cb 0f ae e8 8b 10 31 c0 0f 01 ca c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb 0f ae e8 48 8b 10 <31> c0 0f 01 ca c3 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 ca
[  102.505426][    C1] RSP: 0000:ffffc900044cf618 EFLAGS: 00040802
[  102.505444][    C1] RAX: 0000200000000300 RBX: 00000000ffffffff RCX: 1ffff92000899ee2
[  102.505459][    C1] RDX: 00006370692f736e RSI: 0000200000000300 RDI: 0000000000000000
[  102.505471][    C1] RBP: 0000200000000300 R08: 000000000000007f R09: 0000000000000000
[  102.505483][    C1] R10: dffffc0000000000 R11: fffffbfff2237ea1 R12: 0000000000000001
[  102.505496][    C1] R13: 1ffff92000899ee0 R14: 000000000000007f R15: dffffc0000000000
[  102.505520][    C1]  </#DB>
[  102.505526][    C1]  <TASK>
[  102.505531][    C1]  perf_callchain_user+0xbe4/0x15c0
[  102.505571][    C1]  get_perf_callchain+0x394/0x510
[  102.505593][    C1]  ? put_callchain_entry+0xb0/0xb0
[  102.505613][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  102.505631][    C1]  ? local_clock_noinstr+0xc/0xd0
[  102.505650][    C1]  ? __perf_event_header__init_id+0x3c5/0x480
[  102.505673][    C1]  perf_prepare_sample+0x3c7/0x1df0
[  102.505704][    C1]  ? read_lock_is_recursive+0x20/0x20
[  102.505724][    C1]  ? perf_callchain+0x220/0x220
[  102.505743][    C1]  ? bpf_get_stackid_pe+0x343/0x410
[  102.505768][    C1]  perf_event_output_forward+0x187/0x3e0
[  102.505789][    C1]  ? perf_event_output_forward+0xb9/0x3e0
[  102.505808][    C1]  ? perf_prepare_header+0x1e0/0x1e0
[  102.505829][    C1]  ? bpf_overflow_handler+0xde/0x510
[  102.505855][    C1]  ? tp_perf_event_destroy+0x20/0x20
[  102.505880][    C1]  ? __se_sys_ioctl+0x48/0x170
[  102.505906][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[  102.505930][    C1]  __perf_event_overflow+0x447/0x630
[  102.505956][    C1]  perf_swevent_event+0x324/0x630
[  102.505982][    C1]  ? perf_tp_event+0x1450/0x1450
[  102.506008][    C1]  perf_bp_event+0x2a7/0x380
[  102.506029][    C1]  ? get_futex_key+0x7f0/0x1010
[  102.506060][    C1]  ? perf_event_free_bpf_prog+0x120/0x120
[  102.506083][    C1]  ? verify_lock_unused+0x140/0x140
[  102.506127][    C1]  hw_breakpoint_exceptions_notify+0x2fb/0x670
[  102.506153][    C1]  notifier_call_chain+0x197/0x380
[  102.506177][    C1]  ? atomic_notifier_call_chain+0x26/0x180
[  102.506202][    C1]  atomic_notifier_call_chain+0xda/0x180
[  102.506226][    C1]  notify_die+0x145/0x1a0
[  102.506252][    C1]  ? srcu_init_notifier_head+0x90/0x90
[  102.506284][    C1]  notify_debug+0x2e/0x50
[  102.506301][    C1]  noist_exc_debug+0x77/0x120
[  102.506329][    C1]  ? clear_bhb_loop+0x40/0x90
[  102.506351][    C1]  asm_exc_debug+0x33/0x40
[  102.506369][    C1] RIP: 0033:0x7eff12d7b43d
[  102.506385][    C1] Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 c5 fd 74 0f <c5> fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 90 f3 0f bc
[  102.506400][    C1] RSP: 002b:00007fff3f9c82b8 EFLAGS: 00000283
[  102.506414][    C1] RAX: 0000000000000300 RBX: 00007fff3f9c87f0 RCX: 2f666c65732f636f
[  102.506427][    C1] RDX: 0000200000000300 RSI: 00007eff12e5c9c0 RDI: 0000200000000300
[  102.506438][    C1] RBP: 0000200000000300 R08: 00007fff3f9c8a20 R09: 00000000ffffffff
[  102.506450][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  102.506460][    C1] R13: 0000000000000073 R14: 00007eff12e31e03 R15: 00007fff3f9c88b0
[  102.506481][    C1]  </TASK>
[  102.506487][    C1] 
[  102.506490][    C1] Allocated by task 5920:
[  102.506497][    C1]  kasan_set_track+0x4e/0x70
[  102.506533][    C1]  __kasan_kmalloc+0x8f/0xa0
[  102.506553][    C1]  __kmalloc_node+0xb4/0x230
[  102.506576][    C1]  bpf_map_area_alloc+0x5e/0x110
[  102.506602][    C1]  prealloc_elems_and_freelist+0x86/0x1c0
[  102.506624][    C1]  stack_map_alloc+0x33a/0x4c0
[  102.506644][    C1]  map_create+0x877/0x12f0
[  102.506661][    C1]  __sys_bpf+0x651/0x890
[  102.506677][    C1]  __x64_sys_bpf+0x7c/0x90
[  102.506699][    C1]  do_syscall_64+0x55/0xa0
[  102.506723][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  102.506741][    C1] 
[  102.506744][    C1] The buggy address belongs to the object at ffff88802d0c9880
[  102.506744][    C1]  which belongs to the cache kmalloc-cg-64 of size 64
[  102.506758][    C1] The buggy address is located 16 bytes inside of
[  102.506758][    C1]  allocated 40-byte region [ffff88802d0c9880, ffff88802d0c98a8)
[  102.506775][    C1] 
[  102.506778][    C1] The buggy address belongs to the physical page:
[  102.506792][    C1] page:ffffea0000b43240 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d0c9
[  102.506816][    C1] memcg:ffff88803177d801
[  102.506823][    C1] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[  102.506846][    C1] page_type: 0xffffffff()
[  102.506862][    C1] raw: 00fff00000000800 ffff888017c4da00 dead000000000122 0000000000000000
[  102.506878][    C1] raw: 0000000000000000 0000000080200020 00000001ffffffff ffff88803177d801
[  102.506886][    C1] page dumped because: kasan: bad access detected
[  102.506894][    C1] page_owner tracks the page as allocated
[  102.506900][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 11, tgid 11 (kworker/u4:0), ts 99501997825, free_ts 99478466886
[  102.506935][    C1]  post_alloc_hook+0x1c1/0x200
[  102.506968][    C1]  get_page_from_freelist+0x1951/0x19e0
[  102.506985][    C1]  __alloc_pages+0x1f0/0x460
[  102.506998][    C1]  alloc_slab_page+0x5d/0x160
[  102.507012][    C1]  new_slab+0x87/0x2d0
[  102.507039][    C1]  ___slab_alloc+0xc5d/0x12f0
[  102.507063][    C1]  __kmem_cache_alloc_node+0x19e/0x250
[  102.507087][    C1]  __kmalloc_node+0xa4/0x230
[  102.507110][    C1]  kvmalloc_node+0x70/0x180
[  102.507133][    C1]  __nf_hook_entries_try_shrink+0x310/0x6d0
[  102.507154][    C1]  __nf_unregister_net_hook+0x4e1/0x6e0
[  102.507174][    C1]  nf_unregister_net_hooks+0xcb/0x130
[  102.507193][    C1]  nf_defrag_ipv6_disable+0x95/0xe0
[  102.507211][    C1]  nf_ct_netns_put+0x375/0x520
[  102.507231][    C1]  nf_conncount_destroy+0x41/0x150
[  102.507246][    C1]  ovs_ct_exit+0x9c/0x200
[  102.507266][    C1] page last free stack trace:
[  102.507270][    C1]  free_unref_page_prepare+0x7b2/0x8c0
[  102.507297][    C1]  free_unref_page+0x32/0x2e0
[  102.507322][    C1]  __slab_free+0x35a/0x400
[  102.507336][    C1]  qlist_free_all+0x75/0xd0
[  102.507359][    C1]  kasan_quarantine_reduce+0x143/0x160
[  102.507384][    C1]  __kasan_slab_alloc+0x22/0x80
[  102.507403][    C1]  slab_post_alloc_hook+0x6e/0x4b0
[  102.507428][    C1]  kmem_cache_alloc+0x11a/0x2d0
[  102.507452][    C1]  getname_flags+0xbb/0x500
[  102.507477][    C1]  do_sys_openat2+0xda/0x1d0
[  102.507498][    C1]  __x64_sys_openat+0x139/0x160
[  102.507518][    C1]  do_syscall_64+0x55/0xa0
[  102.507541][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  102.507560][    C1] 
[  102.507562][    C1] Memory state around the buggy address:
[  102.507571][    C1]  ffff88802d0c9780: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[  102.507583][    C1]  ffff88802d0c9800: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[  102.507594][    C1] >ffff88802d0c9880: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[  102.507603][    C1]                                   ^
[  102.507612][    C1]  ffff88802d0c9900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  102.507623][    C1]  ffff88802d0c9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  102.507631][    C1] ==================================================================
[  102.507646][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  102.507654][    C1] CPU: 1 PID: 5920 Comm: syz.0.17 Not tainted syzkaller #0
[  102.507671][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  102.507681][    C1] Call Trace:
[  102.507694][    C1]  <#DB>
[  102.507701][    C1]  dump_stack_lvl+0x18c/0x250
[  102.507731][    C1]  ? show_regs_print_info+0x20/0x20
[  102.507758][    C1]  ? load_image+0x400/0x400
[  102.507787][    C1]  panic+0x2dc/0x730
[  102.507806][    C1]  ? __lock_acquire+0x7d40/0x7d40
[  102.507829][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  102.507854][    C1]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  102.507875][    C1]  ? _raw_spin_unlock+0x40/0x40
[  102.507896][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[  102.507918][    C1]  check_panic_on_warn+0x84/0xa0
[  102.507940][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[  102.507962][    C1]  end_report+0x6f/0x130
[  102.507983][    C1]  kasan_report+0x128/0x150
[  102.508007][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[  102.508035][    C1]  kasan_check_range+0x241/0x290
[  102.508058][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[  102.508082][    C1]  __asan_memcpy+0x40/0x70
[  102.508108][    C1]  __bpf_get_stackid+0x6bf/0x900
[  102.508136][    C1]  bpf_get_stackid_pe+0x343/0x410
[  102.508163][    C1]  bpf_prog_6611c23d801ea08d+0x29/0x3e
[  102.508181][    C1]  bpf_overflow_handler+0x1fc/0x510
[  102.508208][    C1]  ? perf_prepare_header+0x1e0/0x1e0
[  102.508229][    C1]  ? bpf_overflow_handler+0xde/0x510
[  102.508255][    C1]  ? tp_perf_event_destroy+0x20/0x20
[  102.508284][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[  102.508306][    C1]  __perf_event_overflow+0x447/0x630
[  102.508332][    C1]  perf_swevent_event+0x324/0x630
[  102.508357][    C1]  ? perf_tp_event+0x1450/0x1450
[  102.508384][    C1]  perf_bp_event+0x2a7/0x380
[  102.508409][    C1]  ? perf_event_free_bpf_prog+0x120/0x120
[  102.508449][    C1]  ? lock_acquire+0x2c2/0x420
[  102.508475][    C1]  hw_breakpoint_exceptions_notify+0x23e/0x670
[  102.508502][    C1]  notifier_call_chain+0x197/0x380
[  102.508526][    C1]  ? atomic_notifier_call_chain+0x26/0x180
[  102.508550][    C1]  atomic_notifier_call_chain+0xda/0x180
[  102.508574][    C1]  notify_die+0x145/0x1a0
[  102.508597][    C1]  ? srcu_init_notifier_head+0x90/0x90
[  102.508628][    C1]  notify_debug+0x2e/0x50
[  102.508644][    C1]  exc_debug+0xde/0x140
[  102.508673][    C1]  asm_exc_debug+0x1e/0x40
[  102.508699][    C1] RIP: 0010:__get_user_nocheck_8+0xd/0x20
[  102.508731][    C1] Code: fa 0f 01 cb 0f ae e8 8b 10 31 c0 0f 01 ca c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb 0f ae e8 48 8b 10 <31> c0 0f 01 ca c3 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 ca
[  102.508746][    C1] RSP: 0000:ffffc900044cf618 EFLAGS: 00040802
[  102.508762][    C1] RAX: 0000200000000300 RBX: 00000000ffffffff RCX: 1ffff92000899ee2
[  102.508776][    C1] RDX: 00006370692f736e RSI: 0000200000000300 RDI: 0000000000000000
[  102.508788][    C1] RBP: 0000200000000300 R08: 000000000000007f R09: 0000000000000000
[  102.508799][    C1] R10: dffffc0000000000 R11: fffffbfff2237ea1 R12: 0000000000000001
[  102.508812][    C1] R13: 1ffff92000899ee0 R14: 000000000000007f R15: dffffc0000000000
[  102.508836][    C1]  </#DB>
[  102.508841][    C1]  <TASK>
[  102.508846][    C1]  perf_callchain_user+0xbe4/0x15c0
[  102.508885][    C1]  get_perf_callchain+0x394/0x510
[  102.508906][    C1]  ? put_callchain_entry+0xb0/0xb0
[  102.508925][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  102.508942][    C1]  ? local_clock_noinstr+0xc/0xd0
[  102.508962][    C1]  ? __perf_event_header__init_id+0x3c5/0x480
[  102.508986][    C1]  perf_prepare_sample+0x3c7/0x1df0
[  102.509009][    C1]  ? read_lock_is_recursive+0x20/0x20
[  102.509031][    C1]  ? perf_callchain+0x220/0x220
[  102.509051][    C1]  ? bpf_get_stackid_pe+0x343/0x410
[  102.509078][    C1]  perf_event_output_forward+0x187/0x3e0
[  102.509099][    C1]  ? perf_event_output_forward+0xb9/0x3e0
[  102.509118][    C1]  ? perf_prepare_header+0x1e0/0x1e0
[  102.509138][    C1]  ? bpf_overflow_handler+0xde/0x510
[  102.509165][    C1]  ? tp_perf_event_destroy+0x20/0x20
[  102.509192][    C1]  ? __se_sys_ioctl+0x48/0x170
[  102.509218][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[  102.509242][    C1]  __perf_event_overflow+0x447/0x630
[  102.509268][    C1]  perf_swevent_event+0x324/0x630
[  102.509294][    C1]  ? perf_tp_event+0x1450/0x1450
[  102.509321][    C1]  perf_bp_event+0x2a7/0x380
[  102.509343][    C1]  ? get_futex_key+0x7f0/0x1010
[  102.509374][    C1]  ? perf_event_free_bpf_prog+0x120/0x120
[  102.509396][    C1]  ? verify_lock_unused+0x140/0x140
[  102.509442][    C1]  hw_breakpoint_exceptions_notify+0x2fb/0x670
[  102.509469][    C1]  notifier_call_chain+0x197/0x380
[  102.509495][    C1]  ? atomic_notifier_call_chain+0x26/0x180
[  102.509521][    C1]  atomic_notifier_call_chain+0xda/0x180
[  102.509546][    C1]  notify_die+0x145/0x1a0
[  102.509569][    C1]  ? srcu_init_notifier_head+0x90/0x90
[  102.509599][    C1]  notify_debug+0x2e/0x50
[  102.509615][    C1]  noist_exc_debug+0x77/0x120
[  102.509643][    C1]  ? clear_bhb_loop+0x40/0x90
[  102.509665][    C1]  asm_exc_debug+0x33/0x40
[  102.509683][    C1] RIP: 0033:0x7eff12d7b43d
[  102.509706][    C1] Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 c5 fd 74 0f <c5> fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 90 f3 0f bc
[  102.509720][    C1] RSP: 002b:00007fff3f9c82b8 EFLAGS: 00000283
[  102.509736][    C1] RAX: 0000000000000300 RBX: 00007fff3f9c87f0 RCX: 2f666c65732f636f
[  102.509749][    C1] RDX: 0000200000000300 RSI: 00007eff12e5c9c0 RDI: 0000200000000300
[  102.509761][    C1] RBP: 0000200000000300 R08: 00007fff3f9c8a20 R09: 00000000ffffffff
[  102.509773][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  102.509783][    C1] R13: 0000000000000073 R14: 00007eff12e31e03 R15: 00007fff3f9c88b0
[  102.509805][    C1]  </TASK>
[  102.510380][    C1] Kernel Offset: disabled