Warning: Permanently added '10.128.0.95' (ED25519) to the list of known hosts.
2025/07/17 21:40:49 ignoring optional flag "sandboxArg"="0"
2025/07/17 21:40:50 parsed 1 programs
[ 70.571863][ T5790] cgroup: Unknown subsys name 'net'
[ 70.701745][ T5790] cgroup: Unknown subsys name 'rlimit'
[ 71.682176][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.688793][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 72.157643][ T5790] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 74.052926][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.091258][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 74.263525][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.285096][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.496408][ T5831] chnl_net:caif_netlink_parms(): no params data found
[ 75.769035][ T5861] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 75.778754][ T5861] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 75.787489][ T5861] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 75.816094][ T5861] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 75.824258][ T5861] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 75.839165][ T5861] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 75.967347][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.990933][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.015248][ T5831] bridge_slave_0: entered allmulticast mode
[ 76.022664][ T5831] bridge_slave_0: entered promiscuous mode
[ 76.066069][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.073359][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.095907][ T5831] bridge_slave_1: entered allmulticast mode
[ 76.103305][ T5831] bridge_slave_1: entered promiscuous mode
[ 76.221279][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.325216][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.461605][ T5831] team0: Port device team_slave_0 added
[ 76.513921][ T5831] team0: Port device team_slave_1 added
[ 76.595116][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.602115][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.629344][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.643383][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.650890][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.677173][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.923740][ T5831] hsr_slave_0: entered promiscuous mode
[ 76.936268][ T5831] hsr_slave_1: entered promiscuous mode
[ 77.454103][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 77.466597][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 77.478829][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 77.500920][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 77.631236][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[ 77.657155][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[ 77.670717][ T3472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.678147][ T3472] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 77.697418][ T3461] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.704588][ T3461] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 77.915268][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 77.924763][ T5101] Bluetooth: hci0: command tx timeout
[ 77.972202][ T5831] veth0_vlan: entered promiscuous mode
[ 77.982739][ T5831] veth1_vlan: entered promiscuous mode
[ 78.008663][ T5831] veth0_macvtap: entered promiscuous mode
[ 78.029656][ T5831] veth1_macvtap: entered promiscuous mode
[ 78.049175][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 78.062645][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 78.074204][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.084398][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.093238][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.102149][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/07/17 21:40:59 executed programs: 0
[ 78.241942][ T5831] syz-executor (5831) used greatest stack depth: 20616 bytes left
[ 78.290894][ T5861] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 78.300890][ T5861] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 78.312285][ T5861] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 78.332113][ T5861] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 78.341603][ T5861] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 78.352281][ T5861] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 78.359651][ T5861] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 78.373126][ T5861] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 78.375218][ T5901] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 78.389317][ T5901] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 78.398399][ T5901] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 78.415340][ T5861] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 78.415582][ T5901] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 78.446621][ T5861] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 78.454026][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 78.454504][ T5861] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 78.472663][ T5861] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 78.482290][ T5861] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 78.492287][ T5861] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 78.515157][ T5861] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 78.535216][ T5861] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 78.557592][ T5861] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 78.565751][ T5861] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 78.576782][ T5861] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 79.172729][ T41] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.225420][ T5904] chnl_net:caif_netlink_parms(): no params data found
[ 79.311684][ T5898] chnl_net:caif_netlink_parms(): no params data found
[ 79.329886][ T5895] chnl_net:caif_netlink_parms(): no params data found
[ 79.376912][ T5906] chnl_net:caif_netlink_parms(): no params data found
[ 79.402487][ T5904] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.409771][ T5904] bridge0: port 1(bridge_slave_0) entered disabled state
[ 79.417393][ T5904] bridge_slave_0: entered allmulticast mode
[ 79.424103][ T5904] bridge_slave_0: entered promiscuous mode
[ 79.478204][ T5904] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.485799][ T5904] bridge0: port 2(bridge_slave_1) entered disabled state
[ 79.493052][ T5904] bridge_slave_1: entered allmulticast mode
[ 79.500648][ T5904] bridge_slave_1: entered promiscuous mode
[ 79.594400][ T5904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 79.631245][ T5906] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.638894][ T5906] bridge0: port 1(bridge_slave_0) entered disabled state
[ 79.646416][ T5906] bridge_slave_0: entered allmulticast mode
[ 79.653132][ T5906] bridge_slave_0: entered promiscuous mode
[ 79.663466][ T5904] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 79.691735][ T5898] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.699188][ T5898] bridge0: port 1(bridge_slave_0) entered disabled state
[ 79.706626][ T5898] bridge_slave_0: entered allmulticast mode
[ 79.713320][ T5898] bridge_slave_0: entered promiscuous mode
[ 79.720938][ T5895] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.728235][ T5895] bridge0: port 1(bridge_slave_0) entered disabled state
[ 79.738184][ T5895] bridge_slave_0: entered allmulticast mode
[ 79.744941][ T5895] bridge_slave_0: entered promiscuous mode
[ 79.752059][ T5906] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.759681][ T5906] bridge0: port 2(bridge_slave_1) entered disabled state
[ 79.768043][ T5906] bridge_slave_1: entered allmulticast mode
[ 79.774742][ T5906] bridge_slave_1: entered promiscuous mode
[ 79.797601][ T5904] team0: Port device team_slave_0 added
[ 79.803916][ T5898] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.811136][ T5898] bridge0: port 2(bridge_slave_1) entered disabled state
[ 79.819412][ T5898] bridge_slave_1: entered allmulticast mode
[ 79.826826][ T5898] bridge_slave_1: entered promiscuous mode
[ 79.833825][ T5895] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.841614][ T5895] bridge0: port 2(bridge_slave_1) entered disabled state
[ 79.848939][ T5895] bridge_slave_1: entered allmulticast mode
[ 79.856304][ T5895] bridge_slave_1: entered promiscuous mode
[ 79.874156][ T5904] team0: Port device team_slave_1 added
[ 79.948428][ T5898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 79.972607][ T5906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 79.985511][ T5906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 79.995643][ T5904] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.002672][ T5904] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.033120][ T5904] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 80.048656][ T5898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 80.060053][ T5895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 80.072522][ T5895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 80.092638][ T5904] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 80.099914][ T5904] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.127602][ T5904] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 80.203028][ T5898] team0: Port device team_slave_0 added
[ 80.213331][ T5898] team0: Port device team_slave_1 added
[ 80.234503][ T5906] team0: Port device team_slave_0 added
[ 80.266905][ T5895] team0: Port device team_slave_0 added
[ 80.274639][ T5906] team0: Port device team_slave_1 added
[ 80.284580][ T5904] hsr_slave_0: entered promiscuous mode
[ 80.292578][ T5904] hsr_slave_1: entered promiscuous mode
[ 80.298870][ T5904] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 80.307026][ T5904] Cannot create hsr debugfs directory
[ 80.325915][ T5898] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.332892][ T5898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.359298][ T5898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 80.371819][ T5895] team0: Port device team_slave_1 added
[ 80.426147][ T5898] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 80.433149][ T5898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.459458][ T5898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 80.475044][ T5901] Bluetooth: hci2: command tx timeout
[ 80.475328][ T5861] Bluetooth: hci1: command tx timeout
[ 80.490019][ T5895] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.497048][ T5895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.523117][ T5895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 80.537656][ T5906] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.544622][ T5906] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.555229][ T5861] Bluetooth: hci3: command tx timeout
[ 80.571839][ T5906] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 80.605851][ T5895] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 80.612830][ T5895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.640255][ T5895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 80.650540][ T5861] Bluetooth: hci4: command tx timeout
[ 80.662241][ T5906] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 80.669303][ T5906] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.695420][ T5906] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 80.804805][ T5906] hsr_slave_0: entered promiscuous mode
[ 80.811870][ T5906] hsr_slave_1: entered promiscuous mode
[ 80.818117][ T5906] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 80.825782][ T5906] Cannot create hsr debugfs directory
[ 80.888775][ T5898] hsr_slave_0: entered promiscuous mode
[ 80.895585][ T5898] hsr_slave_1: entered promiscuous mode
[ 80.901647][ T5898] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 80.909879][ T5898] Cannot create hsr debugfs directory
[ 80.930523][ T5895] hsr_slave_0: entered promiscuous mode
[ 80.939694][ T5895] hsr_slave_1: entered promiscuous mode
[ 80.945891][ T5895] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 80.953555][ T5895] Cannot create hsr debugfs directory
[ 81.152197][ T5904] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 81.187764][ T5904] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 81.201522][ T5904] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 81.237003][ T5904] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 81.363784][ T5906] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 81.378769][ T5906] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 81.393455][ T5906] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 81.414156][ T41] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.431590][ T5906] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 81.524472][ T5904] 8021q: adding VLAN 0 to HW filter on device bond0
[ 81.549029][ T5904] 8021q: adding VLAN 0 to HW filter on device team0
[ 81.567318][ T3461] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.574457][ T3461] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 81.597680][ T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.604957][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 81.638453][ T5906] 8021q: adding VLAN 0 to HW filter on device bond0
[ 81.683571][ T5906] 8021q: adding VLAN 0 to HW filter on device team0
[ 81.699150][ T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.706354][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 81.727169][ T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.734836][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 81.920481][ T42] cfg80211: failed to load regulatory.db
[ 81.954312][ T5904] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 82.003171][ T5904] veth0_vlan: entered promiscuous mode
[ 82.030699][ T5904] veth1_vlan: entered promiscuous mode
[ 82.067398][ T5904] veth0_macvtap: entered promiscuous mode
[ 82.087993][ T5906] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 82.099232][ T5904] veth1_macvtap: entered promiscuous mode
[ 82.119941][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 82.130894][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 82.143928][ T5904] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 82.166568][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 82.179306][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 82.191009][ T5904] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 82.216310][ T5904] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.225394][ T5904] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.234099][ T5904] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.243584][ T5904] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.270551][ T5906] veth0_vlan: entered promiscuous mode
[ 82.300865][ T5906] veth1_vlan: entered promiscuous mode
[ 82.349242][ T3472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 82.359676][ T5906] veth0_macvtap: entered promiscuous mode
[ 82.365663][ T3472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 82.402884][ T5906] veth1_macvtap: entered promiscuous mode
[ 82.422945][ T3472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 82.432782][ T3472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 82.437771][ T5906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 82.451620][ T5906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 82.461804][ T5906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 82.472425][ T5906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 82.484496][ T5906] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 82.497921][ T5906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 82.509114][ T5906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 82.519038][ T5906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 82.529568][ T5906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 82.541018][ T5906] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 82.554174][ T5906] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.563691][ T5861] Bluetooth: hci1: command tx timeout
[ 82.566257][ T5901] Bluetooth: hci2: command tx timeout
[ 82.580762][ T5906] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.589850][ T5906] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.599400][ T5906] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.635168][ T5901] Bluetooth: hci3: command tx timeout
[ 82.706172][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 82.715645][ T5901] Bluetooth: hci4: command tx timeout
[ 82.719836][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 82.759441][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 82.767853][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/17 21:41:05 executed programs: 10
[ 83.538233][ T41] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.624018][ T41] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.776821][ T48] ==================================================================
[ 83.785030][ T48] BUG: KASAN: slab-use-after-free in __lock_acquire+0xff/0x7c80
[ 83.792779][ T48] Read of size 8 at addr ffff8880784687f0 by task kworker/u4:3/48
[ 83.800603][ T48]
[ 83.802954][ T48] CPU: 0 PID: 48 Comm: kworker/u4:3 Not tainted 6.6.98-syzkaller #0
[ 83.811133][ T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 83.821203][ T48] Workqueue: kkcmd kcm_tx_work
[ 83.826011][ T48] Call Trace:
[ 83.829319][ T48]
[ 83.832273][ T48] dump_stack_lvl+0x16c/0x230
[ 83.836979][ T48] ? __lock_acquire+0x7c80/0x7c80
[ 83.842029][ T48] ? show_regs_print_info+0x20/0x20
[ 83.847250][ T48] ? load_image+0x3b0/0x3b0
[ 83.851789][ T48] ? __virt_addr_valid+0x469/0x540
[ 83.856919][ T48] print_report+0xac/0x230
[ 83.861364][ T48] ? __lock_acquire+0xff/0x7c80
[ 83.866283][ T48] kasan_report+0x117/0x150
[ 83.870822][ T48] ? __lock_acquire+0xff/0x7c80
[ 83.875703][ T48] __lock_acquire+0xff/0x7c80
[ 83.880402][ T48] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 83.886405][ T48] ? finish_task_switch+0x265/0x920
[ 83.891620][ T48] ? lockdep_hardirqs_on+0x98/0x150
[ 83.896839][ T48] ? finish_task_switch+0x265/0x920
[ 83.902809][ T48] ? verify_lock_unused+0x140/0x140
[ 83.908090][ T48] ? __schedule+0x14ea/0x4580
[ 83.912785][ T48] lock_acquire+0x197/0x410
[ 83.917314][ T48] ? __lock_sock+0x156/0x2a0
[ 83.921908][ T48] ? asan.module_dtor+0x20/0x20
[ 83.926761][ T48] ? __local_bh_disable_ip+0xff/0x190
[ 83.932122][ T48] ? read_lock_is_recursive+0x20/0x20
[ 83.937506][ T48] ? kthread_data+0x4f/0xc0
[ 83.942016][ T48] ? kthread_data+0x4f/0xc0
[ 83.946533][ T48] ? __lock_sock+0x156/0x2a0
[ 83.951124][ T48] _raw_spin_lock_bh+0x36/0x50
[ 83.955891][ T48] ? __lock_sock+0x156/0x2a0
[ 83.960493][ T48] __lock_sock+0x156/0x2a0
[ 83.964924][ T48] ? sk_stream_moderate_sndbuf+0x220/0x220
[ 83.970719][ T48] ? do_raw_spin_lock+0x121/0x2c0
[ 83.975736][ T48] ? wake_bit_function+0x200/0x200
[ 83.980839][ T48] ? __rwlock_init+0x150/0x150
[ 83.985600][ T48] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 83.991594][ T48] ? lock_sock_nested+0x6a/0x100
[ 83.996548][ T48] lock_sock_nested+0x9f/0x100
[ 84.001322][ T48] kcm_tx_work+0x31/0x180
[ 84.005649][ T48] ? process_scheduled_works+0x957/0x15b0
[ 84.011356][ T48] process_scheduled_works+0xa45/0x15b0
[ 84.016902][ T48] ? assign_work+0x400/0x400
[ 84.021480][ T48] ? assign_work+0x39e/0x400
[ 84.026059][ T48] worker_thread+0xa55/0xfc0
[ 84.030650][ T48] kthread+0x2fa/0x390
[ 84.034706][ T48] ? pr_cont_work+0x560/0x560
[ 84.039371][ T48] ? kthread_blkcg+0xd0/0xd0
[ 84.043949][ T48] ret_from_fork+0x48/0x80
[ 84.048360][ T48] ? kthread_blkcg+0xd0/0xd0
[ 84.052936][ T48] ret_from_fork_asm+0x11/0x20
[ 84.057715][ T48]
[ 84.060725][ T48]
[ 84.063041][ T48] Allocated by task 5969:
[ 84.067358][ T48] kasan_set_track+0x4e/0x70
[ 84.071936][ T48] __kasan_slab_alloc+0x6c/0x80
[ 84.076771][ T48] slab_post_alloc_hook+0x6e/0x4d0
[ 84.081872][ T48] kmem_cache_alloc+0x11e/0x2e0
[ 84.086715][ T48] sk_prot_alloc+0x57/0x210
[ 84.091204][ T48] sk_alloc+0x3a/0x360
[ 84.095266][ T48] kcm_ioctl+0x215/0xff0
[ 84.099496][ T48] sock_do_ioctl+0xd7/0x2f0
[ 84.103987][ T48] sock_ioctl+0x623/0x7a0
[ 84.108306][ T48] __se_sys_ioctl+0xfd/0x170
[ 84.112885][ T48] do_syscall_64+0x55/0xb0
[ 84.117290][ T48] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 84.123210][ T48]
[ 84.125558][ T48] Freed by task 5970:
[ 84.129538][ T48] kasan_set_track+0x4e/0x70
[ 84.135551][ T48] kasan_save_free_info+0x2e/0x50
[ 84.140574][ T48] ____kasan_slab_free+0x126/0x1e0
[ 84.145671][ T48] slab_free_freelist_hook+0x130/0x1b0
[ 84.151232][ T48] kmem_cache_free+0xf8/0x280
[ 84.156026][ T48] __sk_destruct+0x485/0x620
[ 84.160622][ T48] kcm_release+0x524/0x5b0
[ 84.165179][ T48] sock_close+0xbd/0x230
[ 84.169524][ T48] __fput+0x234/0x970
[ 84.173853][ T48] __se_sys_close+0x15f/0x220
[ 84.178524][ T48] do_syscall_64+0x55/0xb0
[ 84.182940][ T48] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 84.189300][ T48]
[ 84.191719][ T48] Last potentially related work creation:
[ 84.197446][ T48] kasan_save_stack+0x3e/0x60
[ 84.202122][ T48] __kasan_record_aux_stack+0xaf/0xc0
[ 84.207486][ T48] insert_work+0x3d/0x310
[ 84.212008][ T48] __queue_work+0xc39/0x1020
[ 84.216624][ T48] queue_work_on+0x121/0x1e0
[ 84.221213][ T48] kcm_unattach+0x861/0xe80
[ 84.225711][ T48] kcm_ioctl+0x791/0xff0
[ 84.229972][ T48] sock_do_ioctl+0xd7/0x2f0
[ 84.234499][ T48] sock_ioctl+0x623/0x7a0
[ 84.238826][ T48] __se_sys_ioctl+0xfd/0x170
[ 84.243409][ T48] do_syscall_64+0x55/0xb0
[ 84.247815][ T48] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 84.253701][ T48]
[ 84.256009][ T48] Second to last potentially related work creation:
[ 84.262572][ T48] kasan_save_stack+0x3e/0x60
[ 84.267241][ T48] __kasan_record_aux_stack+0xaf/0xc0
[ 84.272599][ T48] insert_work+0x3d/0x310
[ 84.276914][ T48] __queue_work+0xc39/0x1020
[ 84.281485][ T48] queue_work_on+0x121/0x1e0
[ 84.286057][ T48] kcm_ioctl+0xe4f/0xff0
[ 84.290295][ T48] sock_do_ioctl+0xd7/0x2f0
[ 84.294817][ T48] sock_ioctl+0x623/0x7a0
[ 84.299137][ T48] __se_sys_ioctl+0xfd/0x170
[ 84.303714][ T48] do_syscall_64+0x55/0xb0
[ 84.308115][ T48] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 84.313997][ T48]
[ 84.316333][ T48] The buggy address belongs to the object at ffff888078468740
[ 84.316333][ T48] which belongs to the cache KCM of size 1720
[ 84.329764][ T48] The buggy address is located 176 bytes inside of
[ 84.329764][ T48] freed 1720-byte region [ffff888078468740, ffff888078468df8)
[ 84.343636][ T48]
[ 84.345947][ T48] The buggy address belongs to the physical page:
[ 84.352352][ T48] page:ffffea0001e11a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78468
[ 84.362488][ T48] head:ffffea0001e11a00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 84.371839][ T48] memcg:ffff88802f02e601
[ 84.376064][ T48] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.384041][ T48] page_type: 0xffffffff()
[ 84.388362][ T48] raw: 00fff00000000840 ffff88814c2d9780 dead000000000122 0000000000000000
[ 84.396936][ T48] raw: 0000000000000000 0000000080110011 00000001ffffffff ffff88802f02e601
[ 84.405505][ T48] page dumped because: kasan: bad access detected
[ 84.411906][ T48] page_owner tracks the page as allocated
[ 84.417603][ T48] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5961, tgid 5959 (syz.2.18), ts 82874994424, free_ts 82810378782
[ 84.440086][ T48] post_alloc_hook+0x1cd/0x210
[ 84.444852][ T48] get_page_from_freelist+0x195c/0x19f0
[ 84.450477][ T48] __alloc_pages+0x1e3/0x460
[ 84.455053][ T48] alloc_slab_page+0x5d/0x170
[ 84.459719][ T48] new_slab+0x87/0x2e0
[ 84.463778][ T48] ___slab_alloc+0xc6d/0x12f0
[ 84.468441][ T48] kmem_cache_alloc+0x1b7/0x2e0
[ 84.473283][ T48] sk_prot_alloc+0x57/0x210
[ 84.477776][ T48] sk_alloc+0x3a/0x360
[ 84.481846][ T48] kcm_ioctl+0x215/0xff0
[ 84.486097][ T48] sock_do_ioctl+0xd7/0x2f0
[ 84.490598][ T48] sock_ioctl+0x623/0x7a0
[ 84.494926][ T48] __se_sys_ioctl+0xfd/0x170
[ 84.499774][ T48] do_syscall_64+0x55/0xb0
[ 84.504178][ T48] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 84.510065][ T48] page last free stack trace:
[ 84.514720][ T48] free_unref_page_prepare+0x7ce/0x8e0
[ 84.520171][ T48] free_unref_page+0x32/0x2e0
[ 84.524835][ T48] __unfreeze_partials+0x1cf/0x210
[ 84.529943][ T48] put_cpu_partial+0x17c/0x250
[ 84.534696][ T48] __slab_free+0x31d/0x410
[ 84.539103][ T48] qlist_free_all+0x75/0xe0
[ 84.543599][ T48] kasan_quarantine_reduce+0x143/0x160
[ 84.549059][ T48] __kasan_slab_alloc+0x22/0x80
[ 84.553918][ T48] slab_post_alloc_hook+0x6e/0x4d0
[ 84.559067][ T48] kmem_cache_alloc_lru+0x115/0x2e0
[ 84.564256][ T48] __d_alloc+0x31/0x730
[ 84.568425][ T48] d_alloc+0x4b/0x1b0
[ 84.572564][ T48] lookup_one_qstr_excl+0xca/0x250
[ 84.577675][ T48] do_unlinkat+0x18c/0x570
[ 84.582080][ T48] __x64_sys_unlink+0x49/0x50
[ 84.586743][ T48] do_syscall_64+0x55/0xb0
[ 84.591149][ T48]
[ 84.593456][ T48] Memory state around the buggy address:
[ 84.599074][ T48] ffff888078468680: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc
[ 84.607117][ T48] ffff888078468700: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 84.615161][ T48] >ffff888078468780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.623205][ T48] ^
[ 84.630903][ T48] ffff888078468800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.638955][ T48] ffff888078468880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.647013][ T48] ==================================================================
[ 84.655061][ T48] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 84.662236][ T48] CPU: 0 PID: 48 Comm: kworker/u4:3 Not tainted 6.6.98-syzkaller #0
[ 84.670199][ T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 84.680254][ T48] Workqueue: kkcmd kcm_tx_work
[ 84.685039][ T48] Call Trace:
[ 84.688305][ T48]
[ 84.691223][ T48] dump_stack_lvl+0x16c/0x230
[ 84.695898][ T48] ? show_regs_print_info+0x20/0x20
[ 84.701108][ T48] ? load_image+0x3b0/0x3b0
[ 84.705634][ T48] panic+0x2c0/0x710
[ 84.709537][ T48] ? bpf_jit_dump+0xd0/0xd0
[ 84.714043][ T48] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 84.719934][ T48] ? _raw_spin_unlock+0x40/0x40
[ 84.724800][ T48] ? print_memory_metadata+0x314/0x400
[ 84.730245][ T48] ? __lock_acquire+0xff/0x7c80
[ 84.735092][ T48] check_panic_on_warn+0x84/0xa0
[ 84.740027][ T48] ? __lock_acquire+0xff/0x7c80
[ 84.744868][ T48] end_report+0x6f/0x140
[ 84.749105][ T48] kasan_report+0x128/0x150
[ 84.753599][ T48] ? __lock_acquire+0xff/0x7c80
[ 84.758472][ T48] __lock_acquire+0xff/0x7c80
[ 84.763135][ T48] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 84.769104][ T48] ? finish_task_switch+0x265/0x920
[ 84.774286][ T48] ? lockdep_hardirqs_on+0x98/0x150
[ 84.779477][ T48] ? finish_task_switch+0x265/0x920
[ 84.784659][ T48] ? verify_lock_unused+0x140/0x140
[ 84.789845][ T48] ? __schedule+0x14ea/0x4580
[ 84.794516][ T48] lock_acquire+0x197/0x410
[ 84.799008][ T48] ? __lock_sock+0x156/0x2a0
[ 84.803609][ T48] ? asan.module_dtor+0x20/0x20
[ 84.808470][ T48] ? __local_bh_disable_ip+0xff/0x190
[ 84.813839][ T48] ? read_lock_is_recursive+0x20/0x20
[ 84.819202][ T48] ? kthread_data+0x4f/0xc0
[ 84.823700][ T48] ? kthread_data+0x4f/0xc0
[ 84.828198][ T48] ? __lock_sock+0x156/0x2a0
[ 84.832773][ T48] _raw_spin_lock_bh+0x36/0x50
[ 84.837559][ T48] ? __lock_sock+0x156/0x2a0
[ 84.842134][ T48] __lock_sock+0x156/0x2a0
[ 84.846535][ T48] ? sk_stream_moderate_sndbuf+0x220/0x220
[ 84.852325][ T48] ? do_raw_spin_lock+0x121/0x2c0
[ 84.857340][ T48] ? wake_bit_function+0x200/0x200
[ 84.862439][ T48] ? __rwlock_init+0x150/0x150
[ 84.867192][ T48] ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 84.873168][ T48] ? lock_sock_nested+0x6a/0x100
[ 84.878101][ T48] lock_sock_nested+0x9f/0x100
[ 84.882852][ T48] kcm_tx_work+0x31/0x180
[ 84.887185][ T48] ? process_scheduled_works+0x957/0x15b0
[ 84.892918][ T48] process_scheduled_works+0xa45/0x15b0
[ 84.898476][ T48] ? assign_work+0x400/0x400
[ 84.903153][ T48] ? assign_work+0x39e/0x400
[ 84.907740][ T48] worker_thread+0xa55/0xfc0
[ 84.912357][ T48] kthread+0x2fa/0x390
[ 84.916424][ T48] ? pr_cont_work+0x560/0x560
[ 84.921109][ T48] ? kthread_blkcg+0xd0/0xd0
[ 84.925708][ T48] ret_from_fork+0x48/0x80
[ 84.930127][ T48] ? kthread_blkcg+0xd0/0xd0
[ 84.934727][ T48] ret_from_fork_asm+0x11/0x20
[ 84.939496][ T48]
[ 84.942728][ T48] Kernel Offset: disabled
[ 84.947043][ T48] Rebooting in 86400 seconds..