syzkaller login: [ 92.015798][ T10] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:16459' (ED25519) to the list of known hosts.
2025/08/10 13:44:29 ignoring optional flag "sandboxArg"="0"
2025/08/10 13:44:30 parsed 1 programs
[ 120.310901][ T5359] cgroup: Unknown subsys name 'net'
[ 120.387353][ T5359] cgroup: Unknown subsys name 'cpuset'
[ 120.394150][ T5359] cgroup: Unknown subsys name 'rlimit'
[ 122.091700][ T5359] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 126.899600][ T5380] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 128.236375][ T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.241063][ T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.548031][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 129.551290][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 130.219065][ T5399] syz-executor (5399) used greatest stack depth: 18664 bytes left
[ 132.560090][ T5383] chnl_net:caif_netlink_parms(): no params data found
[ 132.865699][ T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 132.882491][ T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 132.897957][ T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 132.919142][ T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 132.924946][ T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 133.856326][ T5383] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.860999][ T5383] bridge0: port 1(bridge_slave_0) entered disabled state
[ 133.882717][ T5383] bridge_slave_0: entered allmulticast mode
[ 133.893048][ T5383] bridge_slave_0: entered promiscuous mode
[ 133.957821][ T5383] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.961047][ T5383] bridge0: port 2(bridge_slave_1) entered disabled state
[ 133.978075][ T5383] bridge_slave_1: entered allmulticast mode
[ 133.992070][ T5383] bridge_slave_1: entered promiscuous mode
[ 134.421379][ T5383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 134.451682][ T5383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 134.599685][ T5383] team0: Port device team_slave_0 added
[ 134.647490][ T5383] team0: Port device team_slave_1 added
[ 134.706319][ T5383] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 134.709587][ T5383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 134.743706][ T5383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 134.750494][ T5383] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 134.761994][ T5383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 134.781955][ T5383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 134.881277][ T5383] hsr_slave_0: entered promiscuous mode
[ 134.889529][ T5383] hsr_slave_1: entered promiscuous mode
[ 135.043368][ T45] Bluetooth: hci0: command tx timeout
[ 135.109049][ T5383] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 135.119781][ T5383] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 135.128463][ T5383] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 135.135046][ T5383] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 135.226657][ T5383] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.248852][ T5383] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.260437][ T38] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.263669][ T38] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.279637][ T1043] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.283112][ T1043] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.331737][ T5383] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 135.339509][ T5383] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 135.514023][ T5383] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 135.740971][ T5383] veth0_vlan: entered promiscuous mode
[ 135.753626][ T5383] veth1_vlan: entered promiscuous mode
[ 135.787729][ T5383] veth0_macvtap: entered promiscuous mode
[ 135.795720][ T5383] veth1_macvtap: entered promiscuous mode
[ 135.811530][ T5383] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 135.826545][ T5383] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 135.838659][ T38] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.856986][ T38] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.865994][ T38] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.869808][ T38] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/08/10 13:44:48 executed programs: 0
[ 136.138848][ T4700] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 136.146482][ T4700] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 136.153368][ T4700] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 136.157138][ T4700] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 136.171070][ T4700] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 136.275058][ T5447] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 136.356741][ T5499] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 136.361492][ T5499] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 136.365572][ T5499] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 136.370132][ T45] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 136.374515][ T5499] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 136.378698][ T45] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 136.383377][ T5499] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 136.386989][ T45] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 136.391333][ T5499] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 136.395403][ T45] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 136.398922][ T5499] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 136.404349][ T5499] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 136.407889][ T5499] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 136.413469][ T5499] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 136.418595][ T5499] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 136.422361][ T5499] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 136.428094][ T5499] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 136.441526][ T5499] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 136.457506][ T5495] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 136.494704][ T5383] syz-executor (5383) used greatest stack depth: 17512 bytes left
[ 136.509307][ T4700] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 136.520223][ T4700] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 136.534086][ T4700] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 136.542577][ T4700] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 136.552771][ T4700] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 137.694776][ T1041] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 138.106793][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[ 138.110035][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[ 138.306110][ T5482] chnl_net:caif_netlink_parms(): no params data found
[ 138.402899][ T5499] Bluetooth: hci1: command tx timeout
[ 138.486506][ T5499] Bluetooth: hci5: command tx timeout
[ 138.489468][ T5499] Bluetooth: hci2: command tx timeout
[ 138.493273][ T4700] Bluetooth: hci3: command tx timeout
[ 138.496443][ T4700] Bluetooth: hci4: command tx timeout
[ 138.523578][ T1041] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 138.642237][ T5499] Bluetooth: hci6: command tx timeout
[ 138.805709][ T5482] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.808970][ T5482] bridge0: port 1(bridge_slave_0) entered disabled state
[ 138.822741][ T5482] bridge_slave_0: entered allmulticast mode
[ 138.833779][ T5482] bridge_slave_0: entered promiscuous mode
[ 138.897537][ T5482] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.900682][ T5482] bridge0: port 2(bridge_slave_1) entered disabled state
[ 138.914011][ T5482] bridge_slave_1: entered allmulticast mode
[ 138.923595][ T5482] bridge_slave_1: entered promiscuous mode
[ 139.046735][ T1041] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 139.165812][ T1041] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 139.196341][ T5482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 139.304149][ T5482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 139.578494][ T5492] chnl_net:caif_netlink_parms(): no params data found
[ 139.623448][ T5482] team0: Port device team_slave_0 added
[ 139.699960][ T5482] team0: Port device team_slave_1 added
[ 140.079726][ T1041] bridge_slave_1: left allmulticast mode
[ 140.102895][ T1041] bridge_slave_1: left promiscuous mode
[ 140.106165][ T1041] bridge0: port 2(bridge_slave_1) entered disabled state
[ 140.143878][ T1041] bridge_slave_0: left allmulticast mode
[ 140.146589][ T1041] bridge_slave_0: left promiscuous mode
[ 140.150640][ T1041] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.492950][ T5499] Bluetooth: hci1: command tx timeout
[ 140.563708][ T5499] Bluetooth: hci2: command tx timeout
[ 140.565971][ T5499] Bluetooth: hci4: command tx timeout
[ 140.568171][ T5499] Bluetooth: hci3: command tx timeout
[ 140.570647][ T5499] Bluetooth: hci5: command tx timeout
[ 140.723424][ T5499] Bluetooth: hci6: command tx timeout
[ 140.759904][ T1041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 140.768638][ T1041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 140.774215][ T1041] bond0 (unregistering): Released all slaves
[ 140.896683][ T5482] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 140.900632][ T5482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 140.915989][ T5482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 140.961357][ T5500] chnl_net:caif_netlink_parms(): no params data found
[ 141.011107][ T5490] chnl_net:caif_netlink_parms(): no params data found
[ 141.091642][ T5489] chnl_net:caif_netlink_parms(): no params data found
[ 141.124805][ T5482] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 141.128012][ T5482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 141.168608][ T5482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 141.280240][ T1041] hsr_slave_0: left promiscuous mode
[ 141.288639][ T1041] hsr_slave_1: left promiscuous mode
[ 141.293124][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 141.297554][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 141.306793][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 141.310693][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 141.327480][ T1041] veth1_macvtap: left promiscuous mode
[ 141.331296][ T1041] veth0_macvtap: left promiscuous mode
[ 141.335628][ T1041] veth1_vlan: left promiscuous mode
[ 141.339039][ T1041] veth0_vlan: left promiscuous mode
[ 141.720519][ T1041] team0 (unregistering): Port device team_slave_1 removed
[ 141.757163][ T1041] team0 (unregistering): Port device team_slave_0 removed
[ 142.218724][ T5492] bridge0: port 1(bridge_slave_0) entered blocking state
[ 142.232259][ T5492] bridge0: port 1(bridge_slave_0) entered disabled state
[ 142.236092][ T5492] bridge_slave_0: entered allmulticast mode
[ 142.240058][ T5492] bridge_slave_0: entered promiscuous mode
[ 142.357061][ T5492] bridge0: port 2(bridge_slave_1) entered blocking state
[ 142.360602][ T5492] bridge0: port 2(bridge_slave_1) entered disabled state
[ 142.380699][ T5492] bridge_slave_1: entered allmulticast mode
[ 142.393525][ T5492] bridge_slave_1: entered promiscuous mode
[ 142.440820][ T5491] chnl_net:caif_netlink_parms(): no params data found
[ 142.504336][ T5482] hsr_slave_0: entered promiscuous mode
[ 142.507936][ T5482] hsr_slave_1: entered promiscuous mode
[ 142.562884][ T5499] Bluetooth: hci1: command tx timeout
[ 142.643579][ T5499] Bluetooth: hci5: command tx timeout
[ 142.646125][ T5499] Bluetooth: hci3: command tx timeout
[ 142.648359][ T5499] Bluetooth: hci4: command tx timeout
[ 142.650736][ T5499] Bluetooth: hci2: command tx timeout
[ 142.726026][ T5492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 142.802315][ T5499] Bluetooth: hci6: command tx timeout
[ 142.835695][ T5492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 143.009053][ T5490] bridge0: port 1(bridge_slave_0) entered blocking state
[ 143.023667][ T5490] bridge0: port 1(bridge_slave_0) entered disabled state
[ 143.026844][ T5490] bridge_slave_0: entered allmulticast mode
[ 143.062362][ T5490] bridge_slave_0: entered promiscuous mode
[ 143.075466][ T5490] bridge0: port 2(bridge_slave_1) entered blocking state
[ 143.079684][ T5490] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.110429][ T5490] bridge_slave_1: entered allmulticast mode
[ 143.128872][ T5490] bridge_slave_1: entered promiscuous mode
[ 143.142189][ T5500] bridge0: port 1(bridge_slave_0) entered blocking state
[ 143.145522][ T5500] bridge0: port 1(bridge_slave_0) entered disabled state
[ 143.148731][ T5500] bridge_slave_0: entered allmulticast mode
[ 143.199909][ T5500] bridge_slave_0: entered promiscuous mode
[ 143.234761][ T5500] bridge0: port 2(bridge_slave_1) entered blocking state
[ 143.238326][ T5500] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.268140][ T5500] bridge_slave_1: entered allmulticast mode
[ 143.292604][ T5500] bridge_slave_1: entered promiscuous mode
[ 143.296344][ T5489] bridge0: port 1(bridge_slave_0) entered blocking state
[ 143.299666][ T5489] bridge0: port 1(bridge_slave_0) entered disabled state
[ 143.325543][ T5489] bridge_slave_0: entered allmulticast mode
[ 143.348290][ T5489] bridge_slave_0: entered promiscuous mode
[ 143.374959][ T5489] bridge0: port 2(bridge_slave_1) entered blocking state
[ 143.378035][ T5489] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.381245][ T5489] bridge_slave_1: entered allmulticast mode
[ 143.406602][ T5489] bridge_slave_1: entered promiscuous mode
[ 143.510131][ T5492] team0: Port device team_slave_0 added
[ 143.517254][ T5492] team0: Port device team_slave_1 added
[ 143.618119][ T5490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 143.630110][ T5490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 143.637413][ T5500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 143.669026][ T5489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 143.675159][ T5491] bridge0: port 1(bridge_slave_0) entered blocking state
[ 143.678201][ T5491] bridge0: port 1(bridge_slave_0) entered disabled state
[ 143.685667][ T5491] bridge_slave_0: entered allmulticast mode
[ 143.690114][ T5491] bridge_slave_0: entered promiscuous mode
[ 143.696124][ T5491] bridge0: port 2(bridge_slave_1) entered blocking state
[ 143.699494][ T5491] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.705619][ T5491] bridge_slave_1: entered allmulticast mode
[ 143.709539][ T5491] bridge_slave_1: entered promiscuous mode
[ 143.727077][ T5500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 143.731425][ T5492] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 143.735150][ T5492] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 143.749336][ T5492] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 143.765690][ T5489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 143.806395][ T5492] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 143.809577][ T5492] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 143.824417][ T5492] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 143.919851][ T5490] team0: Port device team_slave_0 added
[ 143.996357][ T5489] team0: Port device team_slave_0 added
[ 144.036467][ T5491] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 144.057993][ T5490] team0: Port device team_slave_1 added
[ 144.062889][ T5500] team0: Port device team_slave_0 added
[ 144.133178][ T5492] hsr_slave_0: entered promiscuous mode
[ 144.146566][ T5492] hsr_slave_1: entered promiscuous mode
[ 144.152481][ T5492] debugfs: 'hsr0' already exists in 'hsr'
[ 144.155562][ T5492] Cannot create hsr debugfs directory
[ 144.165095][ T5489] team0: Port device team_slave_1 added
[ 144.173725][ T5491] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 144.179436][ T5500] team0: Port device team_slave_1 added
[ 144.364626][ T5490] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 144.368129][ T5490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 144.393846][ T5490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 144.447422][ T5500] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 144.450422][ T5500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 144.467283][ T5500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 144.513535][ T5490] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 144.516214][ T5490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 144.531684][ T5490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 144.551617][ T5489] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 144.554892][ T5489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 144.568383][ T5489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 144.574834][ T5491] team0: Port device team_slave_0 added
[ 144.578518][ T5500] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 144.586187][ T5500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 144.597727][ T5500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 144.636082][ T5489] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 144.639515][ T5489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 144.653412][ T5499] Bluetooth: hci1: command tx timeout
[ 144.659953][ T5489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 144.675298][ T5491] team0: Port device team_slave_1 added
[ 144.724307][ T5499] Bluetooth: hci2: command tx timeout
[ 144.726953][ T5499] Bluetooth: hci4: command tx timeout
[ 144.729592][ T5499] Bluetooth: hci3: command tx timeout
[ 144.734104][ T5494] Bluetooth: hci5: command tx timeout
[ 144.882668][ T5499] Bluetooth: hci6: command tx timeout
[ 144.957444][ T5482] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 144.979751][ T5491] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 144.994094][ T5491] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 145.025254][ T5491] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 145.032697][ T5491] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 145.035829][ T5491] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 145.072067][ T5491] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 145.099143][ T5489] hsr_slave_0: entered promiscuous mode
[ 145.103346][ T5489] hsr_slave_1: entered promiscuous mode
[ 145.115078][ T5489] debugfs: 'hsr0' already exists in 'hsr'
[ 145.117951][ T5489] Cannot create hsr debugfs directory
[ 145.134551][ T5490] hsr_slave_0: entered promiscuous mode
[ 145.137750][ T5490] hsr_slave_1: entered promiscuous mode
[ 145.140861][ T5490] debugfs: 'hsr0' already exists in 'hsr'
[ 145.163942][ T5490] Cannot create hsr debugfs directory
[ 145.185379][ T5500] hsr_slave_0: entered promiscuous mode
[ 145.188823][ T5500] hsr_slave_1: entered promiscuous mode
[ 145.209521][ T5500] debugfs: 'hsr0' already exists in 'hsr'
[ 145.214314][ T5500] Cannot create hsr debugfs directory
[ 145.234860][ T5482] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 145.320055][ T5482] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 145.399009][ T5482] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 145.637063][ T5491] hsr_slave_0: entered promiscuous mode
[ 145.640370][ T5491] hsr_slave_1: entered promiscuous mode
[ 145.646206][ T5491] debugfs: 'hsr0' already exists in 'hsr'
[ 145.648941][ T5491] Cannot create hsr debugfs directory
[ 146.457761][ T5500] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 146.497997][ T5500] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 146.521586][ T5500] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 146.570127][ T5500] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 146.593867][ T5482] 8021q: adding VLAN 0 to HW filter on device bond0
[ 146.661715][ T5482] 8021q: adding VLAN 0 to HW filter on device team0
[ 146.705428][ T5490] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 146.733718][ T5490] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 146.750477][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 146.753762][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 146.834743][ T5490] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 146.855292][ T1041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 146.858658][ T1041] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 146.915376][ T5490] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 147.079735][ T5492] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 147.106130][ T5500] 8021q: adding VLAN 0 to HW filter on device bond0
[ 147.214752][ T5492] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 147.237421][ T5492] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 147.367613][ T5492] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 147.449214][ T5500] 8021q: adding VLAN 0 to HW filter on device team0
[ 147.556088][ T5489] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 147.601090][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 147.604357][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 147.658238][ T5489] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 147.676587][ T1041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 147.679833][ T1041] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 147.765659][ T5489] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 147.858297][ T5489] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 147.987468][ T5482] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 147.998724][ T5490] 8021q: adding VLAN 0 to HW filter on device bond0
[ 148.109166][ T5491] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 148.166911][ T5491] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 148.200652][ T5490] 8021q: adding VLAN 0 to HW filter on device team0
[ 148.295349][ T5491] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 148.345232][ T5491] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 148.424199][ T38] bridge0: port 1(bridge_slave_0) entered blocking state
[ 148.428079][ T38] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 148.456947][ T38] bridge0: port 2(bridge_slave_1) entered blocking state
[ 148.460587][ T38] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 148.507427][ T5482] veth0_vlan: entered promiscuous mode
[ 148.617414][ T5482] veth1_vlan: entered promiscuous mode
[ 148.796319][ T5492] 8021q: adding VLAN 0 to HW filter on device bond0
[ 149.003368][ T5492] 8021q: adding VLAN 0 to HW filter on device team0
[ 149.009258][ T5500] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 149.106249][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 149.109851][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 149.140423][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 149.144490][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 149.248283][ T5482] veth0_macvtap: entered promiscuous mode
[ 149.314591][ T5489] 8021q: adding VLAN 0 to HW filter on device bond0
[ 149.400734][ T5482] veth1_macvtap: entered promiscuous mode
[ 149.490300][ T5482] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 149.546730][ T5500] veth0_vlan: entered promiscuous mode
[ 149.577956][ T5482] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 149.611220][ T5489] 8021q: adding VLAN 0 to HW filter on device team0
[ 149.646118][ T5490] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 149.674313][ T5500] veth1_vlan: entered promiscuous mode
[ 149.694405][ T38] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.701486][ T38] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.757061][ T5491] 8021q: adding VLAN 0 to HW filter on device bond0
[ 149.832177][ T38] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.901798][ T31] bridge0: port 1(bridge_slave_0) entered blocking state
[ 149.905656][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 149.939090][ T31] bridge0: port 2(bridge_slave_1) entered blocking state
[ 149.943260][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 149.983514][ T38] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.044540][ T5500] veth0_macvtap: entered promiscuous mode
[ 150.117156][ T5491] 8021q: adding VLAN 0 to HW filter on device team0
[ 150.174827][ T5500] veth1_macvtap: entered promiscuous mode
[ 150.228630][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 150.232490][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 150.359677][ T1041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 150.363090][ T1041] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 150.436610][ T5500] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 150.494097][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 150.498405][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 150.540737][ T5500] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 150.607028][ T5490] veth0_vlan: entered promiscuous mode
[ 150.657445][ T5492] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 150.716564][ T1097] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.813590][ T5490] veth1_vlan: entered promiscuous mode
[ 150.909407][ T1097] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.922515][ T1097] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.927002][ T1097] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.041456][ T5490] veth0_macvtap: entered promiscuous mode
[ 151.124793][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.130731][ T5490] veth1_macvtap: entered promiscuous mode
[ 151.137589][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 151.260488][ T5490] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 151.408238][ T5490] batman_adv: batadv0: Interface activated: batadv_slave_1
2025/08/10 13:45:04 executed programs: 12
[ 151.503412][ T5489] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 151.652053][ T1041] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.774672][ T38] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.780215][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.800900][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 151.805716][ T38] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 152.030642][ T38] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 152.178215][ T5489] veth0_vlan: entered promiscuous mode
[ 152.321466][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 152.349719][ T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 152.364916][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 152.369311][ T5489] veth1_vlan: entered promiscuous mode
[ 152.374805][ T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 152.465955][ T5491] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 152.612468][ T5492] veth0_vlan: entered promiscuous mode
[ 152.669422][ T5489] veth0_macvtap: entered promiscuous mode
[ 152.759754][ T5492] veth1_vlan: entered promiscuous mode
[ 152.791604][ T5489] veth1_macvtap: entered promiscuous mode
[ 152.925332][ T5489] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 152.933630][ T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 152.963906][ T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 152.999936][ T5489] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 153.103722][ T1097] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.109145][ T1097] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.249488][ T1097] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.271319][ T1097] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.320996][ T5492] veth0_macvtap: entered promiscuous mode
[ 153.458210][ T5492] veth1_macvtap: entered promiscuous mode
[ 153.650123][ T5492] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 153.708564][ T5492] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 153.822519][ T1041] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.827749][ T1041] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.889135][ T1041] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.963855][ T1041] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.987567][ T133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 153.991095][ T133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 154.319941][ T1037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 154.352301][ T1037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 154.501594][ T5491] veth0_vlan: entered promiscuous mode
[ 154.588868][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 154.613422][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 154.623911][ T5491] veth1_vlan: entered promiscuous mode
[ 154.708991][ T5783] ==================================================================
[ 154.712432][ T5783] BUG: KASAN: slab-use-after-free in nr_rt_ioctl+0x594/0xd50
[ 154.715864][ T5783] Read of size 2 at addr ffff8880599ce132 by task syz.0.68/5783
[ 154.720774][ T5783]
[ 154.721970][ T5783] CPU: 0 UID: 0 PID: 5783 Comm: syz.0.68 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(full)
[ 154.721986][ T5783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 154.721993][ T5783] Call Trace:
[ 154.722001][ T5783]
[ 154.722007][ T5783] dump_stack_lvl+0x189/0x250
[ 154.722023][ T5783] ? __kasan_check_byte+0x12/0x40
[ 154.722092][ T5783] ? __pfx_dump_stack_lvl+0x10/0x10
[ 154.722103][ T5783] ? lock_release+0x4b/0x3e0
[ 154.722119][ T5783] ? __virt_addr_valid+0x4a5/0x5c0
[ 154.722133][ T5783] print_report+0xca/0x240
[ 154.722143][ T5783] ? nr_rt_ioctl+0x594/0xd50
[ 154.722155][ T5783] kasan_report+0x118/0x150
[ 154.722167][ T5783] ? nr_rt_ioctl+0x594/0xd50
[ 154.722177][ T5783] nr_rt_ioctl+0x594/0xd50
[ 154.722189][ T5783] ? __pfx_nr_rt_ioctl+0x10/0x10
[ 154.722201][ T5783] ? apparmor_capable+0x137/0x1b0
[ 154.722213][ T5783] ? capable+0x89/0xe0
[ 154.722224][ T5783] ? nr_ioctl+0x1b1/0x3b0
[ 154.722240][ T5783] sock_do_ioctl+0xdc/0x300
[ 154.722252][ T5783] ? __pfx_sock_do_ioctl+0x10/0x10
[ 154.722262][ T5783] ? do_futex+0x395/0x420
[ 154.722274][ T5783] sock_ioctl+0x576/0x790
[ 154.722282][ T5783] ? __pfx_sock_ioctl+0x10/0x10
[ 154.722291][ T5783] ? __pfx___se_sys_futex+0x10/0x10
[ 154.722302][ T5783] ? bpf_lsm_file_ioctl+0x9/0x20
[ 154.722312][ T5783] ? __pfx_sock_ioctl+0x10/0x10
[ 154.722322][ T5783] __se_sys_ioctl+0xfc/0x170
[ 154.722333][ T5783] do_syscall_64+0xfa/0x3b0
[ 154.722384][ T5783] ? lockdep_hardirqs_on+0x9c/0x150
[ 154.722397][ T5783] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.722407][ T5783] ? clear_bhb_loop+0x60/0xb0
[ 154.722418][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.722428][ T5783] RIP: 0033:0x7f1f1198ebe9
[ 154.722440][ T5783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 154.722449][ T5783] RSP: 002b:00007fff57d95be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 154.722460][ T5783] RAX: ffffffffffffffda RBX: 00007f1f11bb5fa0 RCX: 00007f1f1198ebe9
[ 154.722467][ T5783] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 0000000000000007
[ 154.722474][ T5783] RBP: 00007f1f11a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 154.722479][ T5783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 154.722485][ T5783] R13: 00007f1f11bb5fa0 R14: 00007f1f11bb5fa0 R15: 0000000000000002
[ 154.722495][ T5783]
[ 154.722499][ T5783]
[ 154.821877][ T5783] Allocated by task 5783:
[ 154.823933][ T5783] kasan_save_track+0x3e/0x80
[ 154.825761][ T5783] __kasan_kmalloc+0x93/0xb0
[ 154.827392][ T5783] __kmalloc_cache_noprof+0x230/0x3d0
[ 154.829626][ T5783] nr_add_node+0x7f8/0x2570
[ 154.831346][ T5783] nr_rt_ioctl+0xc12/0xd50
[ 154.833035][ T5783] sock_do_ioctl+0xdc/0x300
[ 154.834719][ T5783] sock_ioctl+0x576/0x790
[ 154.836432][ T5783] __se_sys_ioctl+0xfc/0x170
[ 154.838562][ T5783] do_syscall_64+0xfa/0x3b0
[ 154.840738][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.843496][ T5783]
[ 154.844755][ T5783] Freed by task 5783:
[ 154.846396][ T5783] kasan_save_track+0x3e/0x80
[ 154.848376][ T5783] kasan_save_free_info+0x46/0x50
[ 154.850552][ T5783] __kasan_slab_free+0x5b/0x80
[ 154.852479][ T5783] kfree+0x18e/0x440
[ 154.854056][ T5783] nr_rt_ioctl+0x2e7/0xd50
[ 154.855647][ T5783] sock_do_ioctl+0xdc/0x300
[ 154.857638][ T5783] sock_ioctl+0x576/0x790
[ 154.859408][ T5783] __se_sys_ioctl+0xfc/0x170
[ 154.861215][ T5783] do_syscall_64+0xfa/0x3b0
[ 154.863009][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.865205][ T5783]
[ 154.866015][ T5783] The buggy address belongs to the object at ffff8880599ce100
[ 154.866015][ T5783] which belongs to the cache kmalloc-64 of size 64
[ 154.870796][ T5783] The buggy address is located 50 bytes inside of
[ 154.870796][ T5783] freed 64-byte region [ffff8880599ce100, ffff8880599ce140)
[ 154.876705][ T5783]
[ 154.877734][ T5783] The buggy address belongs to the physical page:
[ 154.880525][ T5783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x599ce
[ 154.884488][ T5783] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 154.887737][ T5783] page_type: f5(slab)
[ 154.889458][ T5783] raw: 04fff00000000000 ffff88801a4418c0 dead000000000122 0000000000000000
[ 154.893238][ T5783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[ 154.896920][ T5783] page dumped because: kasan: bad access detected
[ 154.900315][ T5783] page_owner tracks the page as allocated
[ 154.902998][ T5783] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5783, tgid 5783 (syz-executor), ts 154689536339, free_ts 154632860257
[ 154.911350][ T5783] post_alloc_hook+0x240/0x2a0
[ 154.913749][ T5783] get_page_from_freelist+0x21e4/0x22c0
[ 154.916239][ T5783] __alloc_frozen_pages_noprof+0x181/0x370
[ 154.918531][ T5783] alloc_pages_mpol+0x232/0x4a0
[ 154.920160][ T5783] allocate_slab+0x8a/0x370
[ 154.921816][ T5783] ___slab_alloc+0xbeb/0x1410
[ 154.923544][ T5783] __kmalloc_noprof+0x305/0x4f0
[ 154.925524][ T5783] tomoyo_encode+0x28b/0x550
[ 154.927460][ T5783] tomoyo_realpath_from_path+0x58d/0x5d0
[ 154.929924][ T5783] tomoyo_check_open_permission+0x1c1/0x3b0
[ 154.932425][ T5783] security_file_open+0xb1/0x270
[ 154.934773][ T5783] do_dentry_open+0x384/0x13f0
[ 154.936981][ T5783] vfs_open+0x3b/0x340
[ 154.938996][ T5783] path_openat+0x2ee5/0x3830
[ 154.940989][ T5783] do_filp_open+0x1fa/0x410
[ 154.942704][ T5783] do_sys_openat2+0x121/0x1c0
[ 154.944535][ T5783] page last free pid 5780 tgid 5780 stack trace:
[ 154.947196][ T5783] __free_frozen_pages+0xbc4/0xd30
[ 154.949295][ T5783] __tlb_remove_table+0x2d2/0x3b0
[ 154.951360][ T5783] tlb_remove_table_rcu+0x85/0x100
[ 154.953599][ T5783] rcu_core+0xca8/0x1770
[ 154.955635][ T5783] handle_softirqs+0x283/0x870
[ 154.958071][ T5783] __irq_exit_rcu+0xca/0x1f0
[ 154.960602][ T5783] irq_exit_rcu+0x9/0x30
[ 154.962762][ T5783] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 154.964955][ T5783] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 154.967178][ T5783]
[ 154.968164][ T5783] Memory state around the buggy address:
[ 154.970338][ T5783] ffff8880599ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 154.973326][ T5783] ffff8880599ce080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 154.976541][ T5783] >ffff8880599ce100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 154.979951][ T5783] ^
[ 154.982595][ T5783] ffff8880599ce180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 154.986913][ T5783] ffff8880599ce200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 154.991420][ T5783] ==================================================================
[ 154.995256][ T5783] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 154.998443][ T5783] CPU: 0 UID: 0 PID: 5783 Comm: syz.0.68 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(full)
[ 155.003497][ T5783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 155.008206][ T5783] Call Trace:
[ 155.009779][ T5783]
[ 155.011200][ T5783] dump_stack_lvl+0x99/0x250
[ 155.013427][ T5783] ? __asan_memcpy+0x40/0x70
[ 155.015487][ T5783] ? __pfx_dump_stack_lvl+0x10/0x10
[ 155.017822][ T5783] ? __pfx__printk+0x10/0x10
[ 155.019930][ T5783] vpanic+0x281/0x750
[ 155.021738][ T5783] ? __pfx_vpanic+0x10/0x10
[ 155.023873][ T5783] ? irqentry_exit+0x74/0x90
[ 155.026259][ T5783] panic+0xb9/0xc0
[ 155.028026][ T5783] ? __pfx_panic+0x10/0x10
[ 155.030019][ T5783] ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 155.032707][ T5783] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 155.035264][ T5783] ? nr_rt_ioctl+0x594/0xd50
[ 155.037282][ T5783] check_panic_on_warn+0x89/0xb0
[ 155.039446][ T5783] ? nr_rt_ioctl+0x594/0xd50
[ 155.041485][ T5783] end_report+0x78/0x160
[ 155.043420][ T5783] kasan_report+0x129/0x150
[ 155.045712][ T5783] ? nr_rt_ioctl+0x594/0xd50
[ 155.048492][ T5783] nr_rt_ioctl+0x594/0xd50
[ 155.050725][ T5783] ? __pfx_nr_rt_ioctl+0x10/0x10
[ 155.052825][ T5783] ? apparmor_capable+0x137/0x1b0
[ 155.055019][ T5783] ? capable+0x89/0xe0
[ 155.056985][ T5783] ? nr_ioctl+0x1b1/0x3b0
[ 155.059028][ T5783] sock_do_ioctl+0xdc/0x300
[ 155.060976][ T5783] ? __pfx_sock_do_ioctl+0x10/0x10
[ 155.063005][ T5783] ? do_futex+0x395/0x420
[ 155.064783][ T5783] sock_ioctl+0x576/0x790
[ 155.066656][ T5783] ? __pfx_sock_ioctl+0x10/0x10
[ 155.068518][ T5783] ? __pfx___se_sys_futex+0x10/0x10
[ 155.070897][ T5783] ? bpf_lsm_file_ioctl+0x9/0x20
[ 155.072970][ T5783] ? __pfx_sock_ioctl+0x10/0x10
[ 155.075155][ T5783] __se_sys_ioctl+0xfc/0x170
[ 155.077151][ T5783] do_syscall_64+0xfa/0x3b0
[ 155.079111][ T5783] ? lockdep_hardirqs_on+0x9c/0x150
[ 155.081583][ T5783] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 155.084384][ T5783] ? clear_bhb_loop+0x60/0xb0
[ 155.086484][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 155.089083][ T5783] RIP: 0033:0x7f1f1198ebe9
[ 155.091145][ T5783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 155.099775][ T5783] RSP: 002b:00007fff57d95be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 155.103442][ T5783] RAX: ffffffffffffffda RBX: 00007f1f11bb5fa0 RCX: 00007f1f1198ebe9
[ 155.106880][ T5783] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 0000000000000007
[ 155.111321][ T5783] RBP: 00007f1f11a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 155.115633][ T5783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 155.119110][ T5783] R13: 00007f1f11bb5fa0 R14: 00007f1f11bb5fa0 R15: 0000000000000002
[ 155.122593][ T5783]
[ 155.124264][ T5783] Kernel Offset: disabled
[ 155.126197][ T5783] Rebooting in 86400 seconds..
VM DIAGNOSIS:
13:45:07 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000065 RBX=0000000000000065 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000d5bf3d0
R8 =ffff888030770237 R9 =1ffff110060ee046 R10=dffffc0000000000 R11=ffffffff855080e0
R12=dffffc0000000000 R13=ffffffff99b048e3 R14=ffffffff99df97a0 R15=0000000000000000
RIP=ffffffff8550815c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055556f44c500 ffffffff 00c00000
GS =0000 ffff88808d211000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055555b77e808 CR3=0000000056158000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000030717062
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff57d96046
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff57d96046 00007fff57d9604c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1f11a12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1f11a12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1f11a12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1f11a12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1f11a12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1f11a12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c667265766f20 6772612061746164 000a747261745374 6f68000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49435740534a05 4257440544514441 000a515744515351 4a4d5655444b5300
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000