syzkaller login: [ 91.784697][ T54] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:52518' (ED25519) to the list of known hosts.
2025/09/02 17:27:59 parsed 1 programs
[ 108.193656][ T5363] cgroup: Unknown subsys name 'net'
[ 108.263854][ T5363] cgroup: Unknown subsys name 'cpuset'
[ 108.270384][ T5363] cgroup: Unknown subsys name 'rlimit'
[ 109.930187][ T5363] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 113.701561][ T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 113.710777][ T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 113.718392][ T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 113.722480][ T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 113.726044][ T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 114.714294][ T5378] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 116.984187][ T1043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.027319][ T1043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.709892][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.716727][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.912922][ T5379] chnl_net:caif_netlink_parms(): no params data found
[ 118.312204][ T5394] syz-executor (5394) used greatest stack depth: 18664 bytes left
[ 119.369794][ T5379] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.372888][ T5379] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.376297][ T5379] bridge_slave_0: entered allmulticast mode
[ 119.398457][ T5379] bridge_slave_0: entered promiscuous mode
[ 119.470892][ T5379] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.473864][ T5379] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.497190][ T5379] bridge_slave_1: entered allmulticast mode
[ 119.527198][ T5379] bridge_slave_1: entered promiscuous mode
[ 119.655594][ T5379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 119.709401][ T5379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 119.809006][ T5379] team0: Port device team_slave_0 added
[ 120.110262][ T5379] team0: Port device team_slave_1 added
[ 120.236026][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 120.239326][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 120.278757][ T5379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 120.357213][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 120.359998][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 120.371995][ T5379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 120.547380][ T5379] hsr_slave_0: entered promiscuous mode
[ 120.550520][ T5379] hsr_slave_1: entered promiscuous mode
[ 121.035218][ T5379] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 121.055572][ T5379] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 121.070149][ T5379] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 121.087427][ T5379] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 121.192323][ T5379] 8021q: adding VLAN 0 to HW filter on device bond0
[ 121.209888][ T5379] 8021q: adding VLAN 0 to HW filter on device team0
[ 121.217113][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.219998][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 121.233040][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.236034][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 121.415907][ T5379] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 121.615334][ T5379] veth0_vlan: entered promiscuous mode
[ 121.624815][ T5379] veth1_vlan: entered promiscuous mode
[ 121.654132][ T5379] veth0_macvtap: entered promiscuous mode
[ 121.661817][ T5379] veth1_macvtap: entered promiscuous mode
[ 121.674330][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 121.684945][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 121.696125][ T1038] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.709789][ T1038] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.713660][ T1038] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.728169][ T1038] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/09/02 17:28:15 executed programs: 0
[ 121.975033][ T4708] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 121.990034][ T4708] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 121.996952][ T4708] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 122.000396][ T4708] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 122.003637][ T4708] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 122.054943][ T45] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 122.077087][ T45] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 122.081889][ T45] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 122.111088][ T45] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 122.121269][ T45] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 122.161027][ T4708] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 122.167802][ T4708] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 122.171317][ T4708] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 122.175286][ T4708] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 122.183891][ T5502] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 122.187851][ T5502] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 122.200919][ T5502] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 122.204077][ T5502] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 122.207628][ T5502] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 122.217590][ T5502] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 122.238651][ T4708] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 122.257302][ T5504] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 122.262003][ T5504] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 122.265613][ T5504] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 122.269934][ T5504] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 122.323248][ T5504] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 122.338065][ T5504] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 122.341653][ T5504] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 122.351525][ T5504] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 122.356718][ T5504] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 123.584637][ T1095] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 123.961007][ T1095] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 124.017669][ T5504] Bluetooth: hci0: command tx timeout
[ 124.126371][ T5493] chnl_net:caif_netlink_parms(): no params data found
[ 124.146109][ T1095] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 124.177615][ T5504] Bluetooth: hci1: command tx timeout
[ 124.257271][ T5504] Bluetooth: hci2: command tx timeout
[ 124.259932][ T5504] Bluetooth: hci3: command tx timeout
[ 124.337193][ T45] Bluetooth: hci4: command tx timeout
[ 124.418593][ T45] Bluetooth: hci5: command tx timeout
[ 124.487793][ T5493] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.490911][ T5493] bridge0: port 1(bridge_slave_0) entered disabled state
[ 124.493924][ T5493] bridge_slave_0: entered allmulticast mode
[ 124.508072][ T5493] bridge_slave_0: entered promiscuous mode
[ 124.574613][ T5493] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.579299][ T5493] bridge0: port 2(bridge_slave_1) entered disabled state
[ 124.582362][ T5493] bridge_slave_1: entered allmulticast mode
[ 124.598394][ T5493] bridge_slave_1: entered promiscuous mode
[ 124.888745][ T5493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 124.918877][ T1095] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.075953][ T5493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 125.135855][ T5486] chnl_net:caif_netlink_parms(): no params data found
[ 125.165649][ T5489] chnl_net:caif_netlink_parms(): no params data found
[ 125.303928][ T5493] team0: Port device team_slave_0 added
[ 125.359526][ T5493] team0: Port device team_slave_1 added
[ 125.394752][ T5495] chnl_net:caif_netlink_parms(): no params data found
[ 125.447081][ T5498] chnl_net:caif_netlink_parms(): no params data found
[ 125.454670][ T5505] chnl_net:caif_netlink_parms(): no params data found
[ 125.593865][ T5493] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 125.599169][ T5493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 125.611996][ T5493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 125.642658][ T5493] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 125.645653][ T5493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 125.670273][ T5493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 126.024488][ T1095] bridge_slave_1: left allmulticast mode
[ 126.027358][ T1095] bridge_slave_1: left promiscuous mode
[ 126.030349][ T1095] bridge0: port 2(bridge_slave_1) entered disabled state
[ 126.064822][ T1095] bridge_slave_0: left allmulticast mode
[ 126.086003][ T1095] bridge_slave_0: left promiscuous mode
[ 126.096335][ T1095] bridge0: port 1(bridge_slave_0) entered disabled state
[ 126.101681][ T45] Bluetooth: hci0: command tx timeout
[ 126.257474][ T45] Bluetooth: hci1: command tx timeout
[ 126.337960][ T45] Bluetooth: hci3: command tx timeout
[ 126.340315][ T45] Bluetooth: hci2: command tx timeout
[ 126.418270][ T5504] Bluetooth: hci4: command tx timeout
[ 126.488825][ T1095] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 126.495126][ T1095] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 126.499071][ T5504] Bluetooth: hci5: command tx timeout
[ 126.506321][ T1095] bond0 (unregistering): Released all slaves
[ 126.597744][ T5486] bridge0: port 1(bridge_slave_0) entered blocking state
[ 126.600863][ T5486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 126.604049][ T5486] bridge_slave_0: entered allmulticast mode
[ 126.644599][ T5486] bridge_slave_0: entered promiscuous mode
[ 126.671553][ T5486] bridge0: port 2(bridge_slave_1) entered blocking state
[ 126.674664][ T5486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 126.698008][ T5486] bridge_slave_1: entered allmulticast mode
[ 126.712020][ T5486] bridge_slave_1: entered promiscuous mode
[ 126.912295][ T1095] hsr_slave_0: left promiscuous mode
[ 126.915258][ T1095] hsr_slave_1: left promiscuous mode
[ 126.927449][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 126.930656][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 126.950426][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 126.953377][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 126.988226][ T1095] veth1_macvtap: left promiscuous mode
[ 126.990887][ T1095] veth0_macvtap: left promiscuous mode
[ 126.993365][ T1095] veth1_vlan: left promiscuous mode
[ 126.995740][ T1095] veth0_vlan: left promiscuous mode
[ 127.474714][ T1095] team0 (unregistering): Port device team_slave_1 removed
[ 127.496363][ T1095] team0 (unregistering): Port device team_slave_0 removed
[ 127.915909][ T5489] bridge0: port 1(bridge_slave_0) entered blocking state
[ 127.925520][ T5489] bridge0: port 1(bridge_slave_0) entered disabled state
[ 127.938971][ T5489] bridge_slave_0: entered allmulticast mode
[ 127.946225][ T5489] bridge_slave_0: entered promiscuous mode
[ 127.960685][ T5493] hsr_slave_0: entered promiscuous mode
[ 127.963986][ T5493] hsr_slave_1: entered promiscuous mode
[ 127.978022][ T5505] bridge0: port 1(bridge_slave_0) entered blocking state
[ 127.981143][ T5505] bridge0: port 1(bridge_slave_0) entered disabled state
[ 127.984253][ T5505] bridge_slave_0: entered allmulticast mode
[ 127.996057][ T5505] bridge_slave_0: entered promiscuous mode
[ 128.004693][ T5486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 128.015242][ T5486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 128.054826][ T5489] bridge0: port 2(bridge_slave_1) entered blocking state
[ 128.061904][ T5489] bridge0: port 2(bridge_slave_1) entered disabled state
[ 128.065203][ T5489] bridge_slave_1: entered allmulticast mode
[ 128.078033][ T5489] bridge_slave_1: entered promiscuous mode
[ 128.099636][ T5505] bridge0: port 2(bridge_slave_1) entered blocking state
[ 128.102472][ T5505] bridge0: port 2(bridge_slave_1) entered disabled state
[ 128.105411][ T5505] bridge_slave_1: entered allmulticast mode
[ 128.131416][ T5505] bridge_slave_1: entered promiscuous mode
[ 128.175453][ T5495] bridge0: port 1(bridge_slave_0) entered blocking state
[ 128.178773][ T5504] Bluetooth: hci0: command tx timeout
[ 128.181374][ T5495] bridge0: port 1(bridge_slave_0) entered disabled state
[ 128.184449][ T5495] bridge_slave_0: entered allmulticast mode
[ 128.208133][ T5495] bridge_slave_0: entered promiscuous mode
[ 128.337001][ T5504] Bluetooth: hci1: command tx timeout
[ 128.365226][ T5495] bridge0: port 2(bridge_slave_1) entered blocking state
[ 128.371507][ T5495] bridge0: port 2(bridge_slave_1) entered disabled state
[ 128.374653][ T5495] bridge_slave_1: entered allmulticast mode
[ 128.394611][ T5495] bridge_slave_1: entered promiscuous mode
[ 128.417874][ T5504] Bluetooth: hci2: command tx timeout
[ 128.421081][ T45] Bluetooth: hci3: command tx timeout
[ 128.425000][ T5498] bridge0: port 1(bridge_slave_0) entered blocking state
[ 128.432074][ T5498] bridge0: port 1(bridge_slave_0) entered disabled state
[ 128.435103][ T5498] bridge_slave_0: entered allmulticast mode
[ 128.466927][ T5498] bridge_slave_0: entered promiscuous mode
[ 128.475023][ T5498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 128.478504][ T5498] bridge0: port 2(bridge_slave_1) entered disabled state
[ 128.481576][ T5498] bridge_slave_1: entered allmulticast mode
[ 128.498915][ T5504] Bluetooth: hci4: command tx timeout
[ 128.501318][ T5498] bridge_slave_1: entered promiscuous mode
[ 128.542451][ T5489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 128.567091][ T5505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 128.572325][ T5486] team0: Port device team_slave_0 added
[ 128.577657][ T5504] Bluetooth: hci5: command tx timeout
[ 128.631121][ T5489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 128.652942][ T5505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 128.680345][ T5486] team0: Port device team_slave_1 added
[ 128.696296][ T5495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 128.724735][ T5498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 128.781632][ T5495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 128.799940][ T5498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 128.812571][ T5505] team0: Port device team_slave_0 added
[ 128.842950][ T5489] team0: Port device team_slave_0 added
[ 128.860832][ T5505] team0: Port device team_slave_1 added
[ 128.892061][ T5486] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 128.894812][ T5486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 128.919406][ T5486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 128.982940][ T5495] team0: Port device team_slave_0 added
[ 128.988080][ T5489] team0: Port device team_slave_1 added
[ 129.014588][ T5498] team0: Port device team_slave_0 added
[ 129.030885][ T5486] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 129.033569][ T5486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.080783][ T5486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 129.112909][ T5495] team0: Port device team_slave_1 added
[ 129.160405][ T5498] team0: Port device team_slave_1 added
[ 129.166923][ T5505] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 129.169863][ T5505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.199148][ T5505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 129.281864][ T5505] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 129.284781][ T5505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.318777][ T5505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 129.371187][ T5489] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 129.373995][ T5489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.392046][ T5489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 129.426516][ T5495] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 129.434769][ T5495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.457707][ T5495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 129.465334][ T5489] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 129.472365][ T5489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.484020][ T5489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 129.502400][ T5498] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 129.505323][ T5498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.518858][ T5498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 129.534090][ T5486] hsr_slave_0: entered promiscuous mode
[ 129.540867][ T5486] hsr_slave_1: entered promiscuous mode
[ 129.543711][ T5486] debugfs: 'hsr0' already exists in 'hsr'
[ 129.546135][ T5486] Cannot create hsr debugfs directory
[ 129.552560][ T5495] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 129.555425][ T5495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.575167][ T5495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 129.600607][ T5498] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 129.603356][ T5498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 129.616992][ T5498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 129.654994][ T5505] hsr_slave_0: entered promiscuous mode
[ 129.658293][ T5505] hsr_slave_1: entered promiscuous mode
[ 129.661255][ T5505] debugfs: 'hsr0' already exists in 'hsr'
[ 129.663619][ T5505] Cannot create hsr debugfs directory
[ 129.942265][ T5498] hsr_slave_0: entered promiscuous mode
[ 129.947720][ T5498] hsr_slave_1: entered promiscuous mode
[ 129.959856][ T5498] debugfs: 'hsr0' already exists in 'hsr'
[ 129.962254][ T5498] Cannot create hsr debugfs directory
[ 129.970250][ T5489] hsr_slave_0: entered promiscuous mode
[ 129.981593][ T5489] hsr_slave_1: entered promiscuous mode
[ 129.997697][ T5489] debugfs: 'hsr0' already exists in 'hsr'
[ 130.000040][ T5489] Cannot create hsr debugfs directory
[ 130.049564][ T5495] hsr_slave_0: entered promiscuous mode
[ 130.060300][ T5495] hsr_slave_1: entered promiscuous mode
[ 130.063162][ T5495] debugfs: 'hsr0' already exists in 'hsr'
[ 130.065271][ T5495] Cannot create hsr debugfs directory
[ 130.259554][ T5504] Bluetooth: hci0: command tx timeout
[ 130.322126][ T5493] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 130.417741][ T5504] Bluetooth: hci1: command tx timeout
[ 130.424674][ T5493] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 130.476347][ T5493] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 130.497657][ T5504] Bluetooth: hci2: command tx timeout
[ 130.500268][ T5504] Bluetooth: hci3: command tx timeout
[ 130.543165][ T5493] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 130.577696][ T45] Bluetooth: hci4: command tx timeout
[ 130.656861][ T45] Bluetooth: hci5: command tx timeout
[ 130.969235][ T5486] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 130.982143][ T5486] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 131.034924][ T5486] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 131.061234][ T5486] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 131.122826][ T5505] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 131.180399][ T5505] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 131.214670][ T5505] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 131.252288][ T5493] 8021q: adding VLAN 0 to HW filter on device bond0
[ 131.255090][ T5505] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 131.336217][ T5493] 8021q: adding VLAN 0 to HW filter on device team0
[ 131.352068][ T5498] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 131.372738][ T5498] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 131.405415][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 131.408558][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 131.438885][ T5498] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 131.474990][ T5498] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 131.496265][ T1043] bridge0: port 2(bridge_slave_1) entered blocking state
[ 131.499146][ T1043] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 131.644230][ T5489] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 131.652988][ T5489] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 131.760220][ T5486] 8021q: adding VLAN 0 to HW filter on device bond0
[ 131.780617][ T5489] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 131.894646][ T5489] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 132.020942][ T5486] 8021q: adding VLAN 0 to HW filter on device team0
[ 132.027952][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[ 132.031374][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 132.214448][ T1043] bridge0: port 2(bridge_slave_1) entered blocking state
[ 132.217765][ T1043] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 132.335823][ T5505] 8021q: adding VLAN 0 to HW filter on device bond0
[ 132.673648][ T5505] 8021q: adding VLAN 0 to HW filter on device team0
[ 132.838371][ T5498] 8021q: adding VLAN 0 to HW filter on device bond0
[ 132.849096][ T69] bridge0: port 1(bridge_slave_0) entered blocking state
[ 132.852076][ T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 132.857585][ T69] bridge0: port 2(bridge_slave_1) entered blocking state
[ 132.860735][ T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 132.894402][ T5493] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 132.902351][ T5495] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 132.963362][ T5489] 8021q: adding VLAN 0 to HW filter on device bond0
[ 133.005918][ T5498] 8021q: adding VLAN 0 to HW filter on device team0
[ 133.092191][ T5495] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 133.103152][ T5495] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 133.131841][ T69] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.134889][ T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 133.200341][ T5495] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 133.211341][ T5489] 8021q: adding VLAN 0 to HW filter on device team0
[ 133.254840][ T69] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.257986][ T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 133.303622][ T5493] veth0_vlan: entered promiscuous mode
[ 133.320344][ T5505] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 133.422470][ T5493] veth1_vlan: entered promiscuous mode
[ 133.470400][ T5486] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 133.504126][ T69] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.507013][ T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 133.520760][ T69] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.523685][ T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 133.872307][ T5493] veth0_macvtap: entered promiscuous mode
[ 133.890763][ T5489] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 133.948054][ T5493] veth1_macvtap: entered promiscuous mode
[ 134.031192][ T5486] veth0_vlan: entered promiscuous mode
[ 134.114576][ T5493] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 134.174740][ T5495] 8021q: adding VLAN 0 to HW filter on device bond0
[ 134.229118][ T5486] veth1_vlan: entered promiscuous mode
[ 134.272225][ T5493] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 134.402354][ T5486] veth0_macvtap: entered promiscuous mode
[ 134.451091][ T5495] 8021q: adding VLAN 0 to HW filter on device team0
[ 134.468535][ T5486] veth1_macvtap: entered promiscuous mode
[ 134.562129][ T1095] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 134.675014][ T5486] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 134.690054][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 134.692922][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 134.697805][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 134.701121][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 134.722677][ T5505] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 134.725902][ T1095] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 134.829769][ T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 134.849872][ T5486] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 134.883718][ T5489] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 134.913856][ T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.055014][ T5498] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 135.088961][ T1095] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.183068][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 135.186402][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 135.235321][ T1095] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.241441][ T1095] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.245158][ T1095] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.335613][ T5489] veth0_vlan: entered promiscuous mode
[ 135.450937][ T5489] veth1_vlan: entered promiscuous mode
[ 135.530351][ T5498] veth0_vlan: entered promiscuous mode
[ 135.548255][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 135.551658][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 135.639382][ T5498] veth1_vlan: entered promiscuous mode
[ 135.734837][ T5489] veth0_macvtap: entered promiscuous mode
2025/09/02 17:28:29 executed programs: 12
[ 135.901580][ T5489] veth1_macvtap: entered promiscuous mode
[ 135.963159][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 135.966513][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 136.004111][ T5498] veth0_macvtap: entered promiscuous mode
[ 136.103608][ T5498] veth1_macvtap: entered promiscuous mode
[ 136.130796][ T5489] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 136.244751][ T5489] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 136.255534][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 136.265104][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 136.271411][ T5505] veth0_vlan: entered promiscuous mode
[ 136.294036][ T5498] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 136.383045][ T180] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.400649][ T180] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.412955][ T5495] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 136.462163][ T180] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.467480][ T5498] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 136.547569][ T5505] veth1_vlan: entered promiscuous mode
[ 136.581881][ T180] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.595974][ T180] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.714924][ T180] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.736196][ T180] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.803058][ T180] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.009482][ T180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 137.025521][ T180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.194271][ T5505] veth0_macvtap: entered promiscuous mode
[ 137.211456][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 137.214750][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.318594][ T5505] veth1_macvtap: entered promiscuous mode
[ 137.479331][ T5505] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 137.484835][ T5505] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 137.549046][ T180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 137.552296][ T180] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.630971][ T43] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.644506][ T43] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.739426][ T43] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.750943][ T1038] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.757446][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 137.760694][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.873606][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[ 137.879205][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[ 138.151655][ T5495] veth0_vlan: entered promiscuous mode
[ 138.225014][ T5495] veth1_vlan: entered promiscuous mode
[ 138.313210][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 138.316439][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 138.542681][ T5495] veth0_macvtap: entered promiscuous mode
[ 138.614284][ T180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 138.635240][ T180] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 138.641167][ T5495] veth1_macvtap: entered promiscuous mode
[ 138.841023][ T5495] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 138.879563][ T5495] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 138.973658][ T69] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.091360][ T69] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.203735][ T69] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.254502][ T69] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.563130][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.566516][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.826476][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.881466][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/09/02 17:28:34 executed programs: 161
2025/09/02 17:28:39 executed programs: 454
2025/09/02 17:28:44 executed programs: 765
[ 154.200405][ T6676] ==================================================================
[ 154.203935][ T6676] BUG: KASAN: slab-use-after-free in nr_rt_ioctl+0x594/0xd50
[ 154.207201][ T6676] Read of size 2 at addr ffff888043f35832 by task syz.1.964/6676
[ 154.211569][ T6676]
[ 154.212659][ T6676] CPU: 0 UID: 0 PID: 6676 Comm: syz.1.964 Not tainted syzkaller #0 PREEMPT(full)
[ 154.212673][ T6676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 154.212680][ T6676] Call Trace:
[ 154.212688][ T6676]
[ 154.212694][ T6676] dump_stack_lvl+0x189/0x250
[ 154.212712][ T6676] ? __kasan_check_byte+0x12/0x40
[ 154.212771][ T6676] ? __pfx_dump_stack_lvl+0x10/0x10
[ 154.212784][ T6676] ? lock_release+0x4b/0x3e0
[ 154.212799][ T6676] ? __virt_addr_valid+0x4a5/0x5c0
[ 154.212815][ T6676] print_report+0xca/0x240
[ 154.212826][ T6676] ? nr_rt_ioctl+0x594/0xd50
[ 154.212838][ T6676] kasan_report+0x118/0x150
[ 154.212850][ T6676] ? nr_rt_ioctl+0x594/0xd50
[ 154.212863][ T6676] nr_rt_ioctl+0x594/0xd50
[ 154.212879][ T6676] ? __pfx_nr_rt_ioctl+0x10/0x10
[ 154.212893][ T6676] ? apparmor_capable+0x137/0x1b0
[ 154.212907][ T6676] ? capable+0x89/0xe0
[ 154.212916][ T6676] ? nr_ioctl+0x1b1/0x3b0
[ 154.212926][ T6676] sock_do_ioctl+0xd9/0x300
[ 154.212944][ T6676] ? __pfx_sock_do_ioctl+0x10/0x10
[ 154.212954][ T6676] ? do_futex+0x395/0x420
[ 154.212966][ T6676] ? count_memcg_event_mm+0x21/0x260
[ 154.212981][ T6676] sock_ioctl+0x576/0x790
[ 154.212991][ T6676] ? __pfx_sock_ioctl+0x10/0x10
[ 154.213001][ T6676] ? exc_page_fault+0x76/0xf0
[ 154.213051][ T6676] ? __pfx___se_sys_futex+0x10/0x10
[ 154.213065][ T6676] ? bpf_lsm_file_ioctl+0x9/0x20
[ 154.213077][ T6676] ? __pfx_sock_ioctl+0x10/0x10
[ 154.213087][ T6676] __se_sys_ioctl+0xf9/0x170
[ 154.213097][ T6676] do_syscall_64+0xfa/0x3b0
[ 154.213112][ T6676] ? lockdep_hardirqs_on+0x9c/0x150
[ 154.213124][ T6676] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.213134][ T6676] ? clear_bhb_loop+0x60/0xb0
[ 154.213144][ T6676] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.213164][ T6676] RIP: 0033:0x7f4e90f8ebe9
[ 154.213175][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 154.213184][ T6676] RSP: 002b:00007ffed59105a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 154.213200][ T6676] RAX: ffffffffffffffda RBX: 00007f4e911c5fa0 RCX: 00007f4e90f8ebe9
[ 154.213207][ T6676] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 0000000000000004
[ 154.213214][ T6676] RBP: 00007f4e91011e19 R08: 0000000000000000 R09: 0000000000000000
[ 154.213221][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 154.213227][ T6676] R13: 00007f4e911c5fa0 R14: 00007f4e911c5fa0 R15: 0000000000000002
[ 154.213236][ T6676]
[ 154.213240][ T6676]
[ 154.315845][ T6676] Allocated by task 6676:
[ 154.317608][ T6676] kasan_save_track+0x3e/0x80
[ 154.319505][ T6676] __kasan_kmalloc+0x93/0xb0
[ 154.321379][ T6676] __kmalloc_cache_noprof+0x230/0x3d0
[ 154.323568][ T6676] nr_add_node+0x7f8/0x2570
[ 154.325421][ T6676] nr_rt_ioctl+0xc12/0xd50
[ 154.327235][ T6676] sock_do_ioctl+0xd9/0x300
[ 154.329139][ T6676] sock_ioctl+0x576/0x790
[ 154.330873][ T6676] __se_sys_ioctl+0xf9/0x170
[ 154.332773][ T6676] do_syscall_64+0xfa/0x3b0
[ 154.334598][ T6676] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.336942][ T6676]
[ 154.337943][ T6676] Freed by task 6676:
[ 154.339543][ T6676] kasan_save_track+0x3e/0x80
[ 154.341393][ T6676] kasan_save_free_info+0x46/0x50
[ 154.343412][ T6676] __kasan_slab_free+0x5b/0x80
[ 154.345307][ T6676] kfree+0x18e/0x440
[ 154.346854][ T6676] nr_rt_ioctl+0x2e7/0xd50
[ 154.348661][ T6676] sock_do_ioctl+0xd9/0x300
[ 154.350499][ T6676] sock_ioctl+0x576/0x790
[ 154.352258][ T6676] __se_sys_ioctl+0xf9/0x170
[ 154.354245][ T6676] do_syscall_64+0xfa/0x3b0
[ 154.356198][ T6676] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.358752][ T6676]
[ 154.359799][ T6676] The buggy address belongs to the object at ffff888043f35800
[ 154.359799][ T6676] which belongs to the cache kmalloc-64 of size 64
[ 154.365635][ T6676] The buggy address is located 50 bytes inside of
[ 154.365635][ T6676] freed 64-byte region [ffff888043f35800, ffff888043f35840)
[ 154.371366][ T6676]
[ 154.372516][ T6676] The buggy address belongs to the physical page:
[ 154.375333][ T6676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x43f35
[ 154.379092][ T6676] anon flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 154.382443][ T6676] page_type: f5(slab)
[ 154.384269][ T6676] raw: 04fff00000000000 ffff88801a4418c0 ffffea000108f9c0 dead000000000005
[ 154.387804][ T6676] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000
[ 154.391218][ T6676] page dumped because: kasan: bad access detected
[ 154.394133][ T6676] page_owner tracks the page as allocated
[ 154.397140][ T6676] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5505, tgid 5505 (syz-executor), ts 125906482614, free_ts 123044815653
[ 154.405198][ T6676] post_alloc_hook+0x240/0x2a0
[ 154.407154][ T6676] get_page_from_freelist+0x21e4/0x22c0
[ 154.409426][ T6676] __alloc_frozen_pages_noprof+0x181/0x370
[ 154.411852][ T6676] allocate_slab+0x65/0x370
[ 154.413813][ T6676] ___slab_alloc+0xbeb/0x1410
[ 154.415812][ T6676] __kmalloc_node_noprof+0x2fd/0x4e0
[ 154.418052][ T6676] allocate_slab+0x16a/0x370
[ 154.420031][ T6676] ___slab_alloc+0xbeb/0x1410
[ 154.422038][ T6676] __kmalloc_noprof+0x305/0x4f0
[ 154.424200][ T6676] __register_sysctl_table+0x72/0x1340
[ 154.426671][ T6676] __devinet_sysctl_register+0x37f/0x470
[ 154.429259][ T6676] devinet_sysctl_register+0x187/0x200
[ 154.431606][ T6676] inetdev_init+0x2b4/0x500
[ 154.433663][ T6676] inetdev_event+0x301/0x15b0
[ 154.435632][ T6676] notifier_call_chain+0x1b6/0x3e0
[ 154.437742][ T6676] register_netdevice+0x1608/0x1ae0
[ 154.439923][ T6676] page last free pid 5426 tgid 5426 stack trace:
[ 154.442605][ T6676] __free_frozen_pages+0xbc4/0xd30
[ 154.444760][ T6676] vfree+0x25a/0x400
[ 154.446406][ T6676] kcov_close+0x28/0x50
[ 154.448180][ T6676] __fput+0x44c/0xa70
[ 154.449868][ T6676] task_work_run+0x1d4/0x260
[ 154.451755][ T6676] do_exit+0x6b5/0x2300
[ 154.453500][ T6676] do_group_exit+0x21c/0x2d0
[ 154.455328][ T6676] get_signal+0x1286/0x1340
[ 154.457087][ T6676] arch_do_signal_or_restart+0x9a/0x750
[ 154.459344][ T6676] exit_to_user_mode_loop+0x75/0x110
[ 154.461728][ T6676] do_syscall_64+0x2bd/0x3b0
[ 154.463678][ T6676] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.466194][ T6676]
[ 154.467190][ T6676] Memory state around the buggy address:
[ 154.469486][ T6676] ffff888043f35700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 154.472856][ T6676] ffff888043f35780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 154.476086][ T6676] >ffff888043f35800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 154.479405][ T6676] ^
[ 154.481772][ T6676] ffff888043f35880: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc
[ 154.485021][ T6676] ffff888043f35900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 154.488197][ T6676] ==================================================================
[ 154.491641][ T6676] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 154.494987][ T6676] CPU: 0 UID: 0 PID: 6676 Comm: syz.1.964 Not tainted syzkaller #0 PREEMPT(full)
[ 154.498786][ T6676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 154.503231][ T6676] Call Trace:
[ 154.504709][ T6676]
[ 154.505980][ T6676] dump_stack_lvl+0x99/0x250
[ 154.507961][ T6676] ? __asan_memcpy+0x40/0x70
[ 154.509939][ T6676] ? __pfx_dump_stack_lvl+0x10/0x10
[ 154.512115][ T6676] ? __pfx__printk+0x10/0x10
[ 154.514104][ T6676] vpanic+0x281/0x750
[ 154.515771][ T6676] ? __pfx_vpanic+0x10/0x10
[ 154.517683][ T6676] ? irqentry_exit+0x74/0x90
[ 154.519641][ T6676] panic+0xb9/0xc0
[ 154.521356][ T6676] ? __pfx_panic+0x10/0x10
[ 154.523280][ T6676] ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 154.525718][ T6676] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 154.528202][ T6676] ? nr_rt_ioctl+0x594/0xd50
[ 154.530231][ T6676] check_panic_on_warn+0x89/0xb0
[ 154.532416][ T6676] ? nr_rt_ioctl+0x594/0xd50
[ 154.534521][ T6676] end_report+0x78/0x160
[ 154.536380][ T6676] kasan_report+0x129/0x150
[ 154.538203][ T6676] ? nr_rt_ioctl+0x594/0xd50
[ 154.540113][ T6676] nr_rt_ioctl+0x594/0xd50
[ 154.542039][ T6676] ? __pfx_nr_rt_ioctl+0x10/0x10
[ 154.544066][ T6676] ? apparmor_capable+0x137/0x1b0
[ 154.546155][ T6676] ? capable+0x89/0xe0
[ 154.547883][ T6676] ? nr_ioctl+0x1b1/0x3b0
[ 154.549741][ T6676] sock_do_ioctl+0xd9/0x300
[ 154.551662][ T6676] ? __pfx_sock_do_ioctl+0x10/0x10
[ 154.553851][ T6676] ? do_futex+0x395/0x420
[ 154.555664][ T6676] ? count_memcg_event_mm+0x21/0x260
[ 154.557866][ T6676] sock_ioctl+0x576/0x790
[ 154.559715][ T6676] ? __pfx_sock_ioctl+0x10/0x10
[ 154.561805][ T6676] ? exc_page_fault+0x76/0xf0
[ 154.563817][ T6676] ? __pfx___se_sys_futex+0x10/0x10
[ 154.565961][ T6676] ? bpf_lsm_file_ioctl+0x9/0x20
[ 154.568058][ T6676] ? __pfx_sock_ioctl+0x10/0x10
[ 154.570084][ T6676] __se_sys_ioctl+0xf9/0x170
[ 154.572030][ T6676] do_syscall_64+0xfa/0x3b0
[ 154.573950][ T6676] ? lockdep_hardirqs_on+0x9c/0x150
[ 154.576132][ T6676] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.578636][ T6676] ? clear_bhb_loop+0x60/0xb0
[ 154.580735][ T6676] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.583214][ T6676] RIP: 0033:0x7f4e90f8ebe9
[ 154.585167][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 154.593060][ T6676] RSP: 002b:00007ffed59105a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 154.596552][ T6676] RAX: ffffffffffffffda RBX: 00007f4e911c5fa0 RCX: 00007f4e90f8ebe9
[ 154.599926][ T6676] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 0000000000000004
[ 154.603227][ T6676] RBP: 00007f4e91011e19 R08: 0000000000000000 R09: 0000000000000000
[ 154.606590][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 154.609944][ T6676] R13: 00007f4e911c5fa0 R14: 00007f4e911c5fa0 R15: 0000000000000002
[ 154.613356][ T6676]
[ 154.615040][ T6676] Kernel Offset: disabled
[ 154.616858][ T6676] Rebooting in 86400 seconds..
VM DIAGNOSIS:
17:28:47 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000073 RBX=0000000000000073 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000e5df3d0
R8 =ffff888033dd8237 R9 =1ffff110067bb046 R10=dffffc0000000000 R11=ffffffff8550ca40
R12=dffffc0000000000 R13=ffffffff99b088e0 R14=ffffffff99dfd820 R15=0000000000000000
RIP=ffffffff8550cabc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555f49e500 ffffffff 00c00000
GS =0000 ffff88808d20d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4e910dd0c0 CR3=00000000423fd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000030717062
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffed5910a06
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffed5910a06 00007ffed5910a0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4e91012e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4e91012e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4e91012e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4e91012e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4e91012ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4e91012fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c667265766f20 6772612061746164 000a747261745374 6f68000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49435740534a05 4257440544514441 000a515744515351 4a4d5655444b5300
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000