syzkaller login: [ 91.969087][ T54] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:33410' (ED25519) to the list of known hosts.
2025/08/24 04:26:13 parsed 1 programs
[ 116.912587][ T5360] cgroup: Unknown subsys name 'net'
[ 117.008264][ T5360] cgroup: Unknown subsys name 'cpuset'
[ 117.013575][ T5360] cgroup: Unknown subsys name 'rlimit'
[ 118.737001][ T5360] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 122.760119][ T5379] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 122.765277][ T5379] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 122.768935][ T5379] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 122.772829][ T5379] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 122.776479][ T5379] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 123.596266][ T5375] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 127.252278][ T5377] chnl_net:caif_netlink_parms(): no params data found
[ 128.035514][ T1040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.039300][ T1040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.587289][ T1040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.590355][ T1040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 129.052440][ T5377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 129.077131][ T5377] bridge0: port 1(bridge_slave_0) entered disabled state
[ 129.080369][ T5377] bridge_slave_0: entered allmulticast mode
[ 129.118130][ T5377] bridge_slave_0: entered promiscuous mode
[ 129.145475][ T5377] bridge0: port 2(bridge_slave_1) entered blocking state
[ 129.148742][ T5377] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.152115][ T5377] bridge_slave_1: entered allmulticast mode
[ 129.222327][ T5377] bridge_slave_1: entered promiscuous mode
[ 129.507644][ T5377] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 129.537892][ T5377] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 129.731601][ T5377] team0: Port device team_slave_0 added
[ 129.757254][ T5377] team0: Port device team_slave_1 added
[ 130.000391][ T5377] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 130.025269][ T5377] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 130.069508][ T5377] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 130.124119][ T5377] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 130.127436][ T5377] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 130.179955][ T5377] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 130.390526][ T5377] hsr_slave_0: entered promiscuous mode
[ 130.404921][ T5377] hsr_slave_1: entered promiscuous mode
[ 131.136823][ T5377] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 131.163204][ T5377] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 131.174939][ T5377] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 131.194561][ T5377] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 131.346405][ T5377] 8021q: adding VLAN 0 to HW filter on device bond0
[ 131.367339][ T5377] 8021q: adding VLAN 0 to HW filter on device team0
[ 131.374029][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 131.377071][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 131.396525][ T1041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 131.399642][ T1041] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 131.658590][ T5377] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 131.708100][ T5377] veth0_vlan: entered promiscuous mode
[ 131.718427][ T5377] veth1_vlan: entered promiscuous mode
[ 131.751877][ T5377] veth0_macvtap: entered promiscuous mode
[ 131.760850][ T5377] veth1_macvtap: entered promiscuous mode
[ 131.777597][ T5377] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 131.789206][ T5377] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 131.805659][ T1041] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 131.817517][ T1041] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 131.823897][ T1041] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 131.832629][ T1041] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/08/24 04:26:31 executed programs: 0
[ 132.130911][ T4702] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 132.174787][ T4702] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 132.182575][ T4702] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 132.206132][ T4702] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 132.209909][ T4702] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 132.259456][ T4702] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 132.279153][ T4702] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 132.285455][ T4702] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 132.299493][ T4702] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 132.308800][ T45] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 132.313562][ T45] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 132.317119][ T45] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 132.321328][ T45] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 132.337595][ T5379] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 132.341880][ T5379] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 132.424909][ T5492] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 132.444372][ T5492] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 132.453662][ T5492] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 132.462160][ T5492] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 132.465483][ T5492] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 132.500264][ T5379] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 132.514686][ T5379] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 132.525998][ T5379] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 132.531990][ T5379] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 132.536601][ T5379] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 132.715762][ T5492] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 132.720621][ T5492] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 132.724809][ T5492] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 132.740618][ T5492] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 132.765066][ T5492] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 132.839118][ T3103] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 133.405394][ T3103] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 133.927055][ T3103] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 134.287005][ T5492] Bluetooth: hci0: command tx timeout
[ 134.366919][ T5492] Bluetooth: hci2: command tx timeout
[ 134.370167][ T5492] Bluetooth: hci1: command tx timeout
[ 134.455457][ T3103] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 134.509249][ T5481] chnl_net:caif_netlink_parms(): no params data found
[ 134.518458][ T5379] Bluetooth: hci3: command tx timeout
[ 134.596512][ T5379] Bluetooth: hci4: command tx timeout
[ 134.835298][ T5379] Bluetooth: hci5: command tx timeout
[ 135.347416][ T5481] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.350441][ T5481] bridge0: port 1(bridge_slave_0) entered disabled state
[ 135.353612][ T5481] bridge_slave_0: entered allmulticast mode
[ 135.373492][ T5481] bridge_slave_0: entered promiscuous mode
[ 135.451131][ T5485] chnl_net:caif_netlink_parms(): no params data found
[ 135.468831][ T5481] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.472421][ T5481] bridge0: port 2(bridge_slave_1) entered disabled state
[ 135.485070][ T5481] bridge_slave_1: entered allmulticast mode
[ 135.495547][ T5481] bridge_slave_1: entered promiscuous mode
[ 135.596515][ T5481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 135.629736][ T5486] chnl_net:caif_netlink_parms(): no params data found
[ 135.700913][ T5481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 135.806575][ T3103] bridge_slave_1: left allmulticast mode
[ 135.809408][ T3103] bridge_slave_1: left promiscuous mode
[ 135.823887][ T3103] bridge0: port 2(bridge_slave_1) entered disabled state
[ 135.839081][ T3103] bridge_slave_0: left allmulticast mode
[ 135.841462][ T3103] bridge_slave_0: left promiscuous mode
[ 135.845671][ T3103] bridge0: port 1(bridge_slave_0) entered disabled state
[ 136.290982][ T3103] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 136.300007][ T3103] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 136.307281][ T3103] bond0 (unregistering): Released all slaves
[ 136.356391][ T5379] Bluetooth: hci0: command tx timeout
[ 136.437910][ T5379] Bluetooth: hci1: command tx timeout
[ 136.440331][ T5379] Bluetooth: hci2: command tx timeout
[ 136.490438][ T3103] hsr_slave_0: left promiscuous mode
[ 136.493521][ T3103] hsr_slave_1: left promiscuous mode
[ 136.497242][ T3103] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 136.500949][ T3103] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 136.507947][ T3103] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 136.511196][ T3103] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 136.530297][ T3103] veth1_macvtap: left promiscuous mode
[ 136.533542][ T3103] veth0_macvtap: left promiscuous mode
[ 136.536933][ T3103] veth1_vlan: left promiscuous mode
[ 136.539410][ T3103] veth0_vlan: left promiscuous mode
[ 136.594598][ T5492] Bluetooth: hci3: command tx timeout
[ 136.674188][ T5492] Bluetooth: hci4: command tx timeout
[ 136.917544][ T5492] Bluetooth: hci5: command tx timeout
[ 137.115524][ T3103] team0 (unregistering): Port device team_slave_1 removed
[ 137.162892][ T3103] team0 (unregistering): Port device team_slave_0 removed
[ 137.563431][ T5481] team0: Port device team_slave_0 added
[ 137.705069][ T5481] team0: Port device team_slave_1 added
[ 137.943054][ T5489] chnl_net:caif_netlink_parms(): no params data found
[ 137.973279][ T5481] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 137.992362][ T5481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 138.007437][ T5481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 138.022442][ T5503] chnl_net:caif_netlink_parms(): no params data found
[ 138.037556][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[ 138.040701][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[ 138.058939][ T5485] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.063606][ T5485] bridge0: port 1(bridge_slave_0) entered disabled state
[ 138.070155][ T5485] bridge_slave_0: entered allmulticast mode
[ 138.074567][ T5485] bridge_slave_0: entered promiscuous mode
[ 138.116571][ T5481] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 138.120089][ T5481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 138.145536][ T5481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 138.196412][ T5485] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.199689][ T5485] bridge0: port 2(bridge_slave_1) entered disabled state
[ 138.202725][ T5485] bridge_slave_1: entered allmulticast mode
[ 138.237882][ T5485] bridge_slave_1: entered promiscuous mode
[ 138.282568][ T5486] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.297393][ T5486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 138.300653][ T5486] bridge_slave_0: entered allmulticast mode
[ 138.320637][ T5486] bridge_slave_0: entered promiscuous mode
[ 138.355130][ T5486] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.358738][ T5486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 138.362035][ T5486] bridge_slave_1: entered allmulticast mode
[ 138.389277][ T5486] bridge_slave_1: entered promiscuous mode
[ 138.434333][ T5492] Bluetooth: hci0: command tx timeout
[ 138.447708][ T5497] chnl_net:caif_netlink_parms(): no params data found
[ 138.514817][ T5492] Bluetooth: hci2: command tx timeout
[ 138.517305][ T5492] Bluetooth: hci1: command tx timeout
[ 138.562783][ T5485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 138.589192][ T5485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 138.681119][ T5379] Bluetooth: hci3: command tx timeout
[ 138.754356][ T5379] Bluetooth: hci4: command tx timeout
[ 138.886569][ T5485] team0: Port device team_slave_0 added
[ 138.891801][ T5485] team0: Port device team_slave_1 added
[ 138.996392][ T5379] Bluetooth: hci5: command tx timeout
[ 139.156466][ T5486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 139.179039][ T5486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 139.252375][ T5481] hsr_slave_0: entered promiscuous mode
[ 139.263780][ T5481] hsr_slave_1: entered promiscuous mode
[ 139.476735][ T5503] bridge0: port 1(bridge_slave_0) entered blocking state
[ 139.481945][ T5503] bridge0: port 1(bridge_slave_0) entered disabled state
[ 139.489101][ T5503] bridge_slave_0: entered allmulticast mode
[ 139.493324][ T5503] bridge_slave_0: entered promiscuous mode
[ 139.499888][ T5485] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 139.502949][ T5485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 139.519243][ T5485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 139.553112][ T5486] team0: Port device team_slave_0 added
[ 139.588274][ T5486] team0: Port device team_slave_1 added
[ 139.591333][ T5503] bridge0: port 2(bridge_slave_1) entered blocking state
[ 139.603156][ T5503] bridge0: port 2(bridge_slave_1) entered disabled state
[ 139.618946][ T5503] bridge_slave_1: entered allmulticast mode
[ 139.625510][ T5503] bridge_slave_1: entered promiscuous mode
[ 139.662351][ T5485] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 139.666138][ T5485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 139.697588][ T5485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 139.763055][ T5489] bridge0: port 1(bridge_slave_0) entered blocking state
[ 139.778941][ T5489] bridge0: port 1(bridge_slave_0) entered disabled state
[ 139.783159][ T5489] bridge_slave_0: entered allmulticast mode
[ 139.798106][ T5489] bridge_slave_0: entered promiscuous mode
[ 139.817453][ T5489] bridge0: port 2(bridge_slave_1) entered blocking state
[ 139.822408][ T5489] bridge0: port 2(bridge_slave_1) entered disabled state
[ 139.847878][ T5489] bridge_slave_1: entered allmulticast mode
[ 139.852214][ T5489] bridge_slave_1: entered promiscuous mode
[ 139.978099][ T5497] bridge0: port 1(bridge_slave_0) entered blocking state
[ 139.981357][ T5497] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.004802][ T5497] bridge_slave_0: entered allmulticast mode
[ 140.009573][ T5497] bridge_slave_0: entered promiscuous mode
[ 140.096868][ T5503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 140.139608][ T5497] bridge0: port 2(bridge_slave_1) entered blocking state
[ 140.142809][ T5497] bridge0: port 2(bridge_slave_1) entered disabled state
[ 140.147850][ T5497] bridge_slave_1: entered allmulticast mode
[ 140.151970][ T5497] bridge_slave_1: entered promiscuous mode
[ 140.161318][ T5489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 140.169261][ T5489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 140.179732][ T5486] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 140.182760][ T5486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 140.199883][ T5486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 140.207991][ T5503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 140.305773][ T5486] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 140.309131][ T5486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 140.324617][ T5486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 140.349443][ T5485] hsr_slave_0: entered promiscuous mode
[ 140.352813][ T5485] hsr_slave_1: entered promiscuous mode
[ 140.362392][ T5485] debugfs: 'hsr0' already exists in 'hsr'
[ 140.366138][ T5485] Cannot create hsr debugfs directory
[ 140.456623][ T5497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 140.465732][ T5489] team0: Port device team_slave_0 added
[ 140.491150][ T5503] team0: Port device team_slave_0 added
[ 140.514901][ T5379] Bluetooth: hci0: command tx timeout
[ 140.529952][ T5497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 140.587260][ T5489] team0: Port device team_slave_1 added
[ 140.596654][ T5379] Bluetooth: hci1: command tx timeout
[ 140.599180][ T5379] Bluetooth: hci2: command tx timeout
[ 140.631986][ T5497] team0: Port device team_slave_0 added
[ 140.648588][ T5503] team0: Port device team_slave_1 added
[ 140.754597][ T5492] Bluetooth: hci3: command tx timeout
[ 140.770689][ T5486] hsr_slave_0: entered promiscuous mode
[ 140.781659][ T5486] hsr_slave_1: entered promiscuous mode
[ 140.797100][ T5486] debugfs: 'hsr0' already exists in 'hsr'
[ 140.799654][ T5486] Cannot create hsr debugfs directory
[ 140.803561][ T5497] team0: Port device team_slave_1 added
[ 140.834396][ T5492] Bluetooth: hci4: command tx timeout
[ 140.919752][ T5489] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 140.923107][ T5489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 140.956818][ T5489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 141.075190][ T5492] Bluetooth: hci5: command tx timeout
[ 141.100498][ T5489] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 141.103504][ T5489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 141.119324][ T5489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 141.128609][ T5497] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 141.131652][ T5497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 141.146987][ T5497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 141.151912][ T5503] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 141.156999][ T5503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 141.171263][ T5503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 141.214689][ T5497] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 141.218084][ T5497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 141.250409][ T5497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 141.262968][ T5503] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 141.269909][ T5503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 141.283098][ T5503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 141.553074][ T5489] hsr_slave_0: entered promiscuous mode
[ 141.559433][ T5489] hsr_slave_1: entered promiscuous mode
[ 141.562283][ T5489] debugfs: 'hsr0' already exists in 'hsr'
[ 141.565235][ T5489] Cannot create hsr debugfs directory
[ 141.573112][ T5497] hsr_slave_0: entered promiscuous mode
[ 141.580304][ T5497] hsr_slave_1: entered promiscuous mode
[ 141.583312][ T5497] debugfs: 'hsr0' already exists in 'hsr'
[ 141.585975][ T5497] Cannot create hsr debugfs directory
[ 141.666754][ T5503] hsr_slave_0: entered promiscuous mode
[ 141.670060][ T5503] hsr_slave_1: entered promiscuous mode
[ 141.673107][ T5503] debugfs: 'hsr0' already exists in 'hsr'
[ 141.678626][ T5503] Cannot create hsr debugfs directory
[ 141.910453][ T5481] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 142.020013][ T5481] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 142.067922][ T5481] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 142.117577][ T5481] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 142.326768][ T5485] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 142.341155][ T5485] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 142.463560][ T5485] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 142.477853][ T5485] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 142.947867][ T5481] 8021q: adding VLAN 0 to HW filter on device bond0
[ 143.080716][ T5485] 8021q: adding VLAN 0 to HW filter on device bond0
[ 143.089143][ T5486] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 143.110567][ T5486] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 143.130966][ T5481] 8021q: adding VLAN 0 to HW filter on device team0
[ 143.164666][ T5486] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 143.189997][ T5486] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 143.216894][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state
[ 143.220262][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 143.237857][ T1039] bridge0: port 2(bridge_slave_1) entered blocking state
[ 143.241070][ T1039] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 143.316494][ T5485] 8021q: adding VLAN 0 to HW filter on device team0
[ 143.422672][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state
[ 143.426636][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 143.462592][ T5481] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 143.472755][ T5481] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 143.536777][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[ 143.540687][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 143.691864][ T5489] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 143.820748][ T5489] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 143.852271][ T5489] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 143.913651][ T5489] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 144.088195][ T5486] 8021q: adding VLAN 0 to HW filter on device bond0
[ 144.223210][ T5486] 8021q: adding VLAN 0 to HW filter on device team0
[ 144.267982][ T5497] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 144.369897][ T5497] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 144.390482][ T5497] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 144.418142][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 144.421521][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 144.442667][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 144.447015][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 144.537869][ T5481] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 144.597760][ T5497] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 144.971819][ T5485] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 144.996082][ T5503] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 145.083607][ T5503] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 145.160551][ T5481] veth0_vlan: entered promiscuous mode
[ 145.181565][ T5503] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 145.231082][ T5503] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 145.291557][ T5481] veth1_vlan: entered promiscuous mode
[ 145.355368][ T5489] 8021q: adding VLAN 0 to HW filter on device bond0
[ 145.575283][ T5485] veth0_vlan: entered promiscuous mode
[ 145.622720][ T5489] 8021q: adding VLAN 0 to HW filter on device team0
[ 145.657411][ T5485] veth1_vlan: entered promiscuous mode
[ 145.700548][ T5481] veth0_macvtap: entered promiscuous mode
[ 145.736443][ T1045] bridge0: port 1(bridge_slave_0) entered blocking state
[ 145.739688][ T1045] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 145.751095][ T5486] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 145.840324][ T5481] veth1_macvtap: entered promiscuous mode
[ 145.881464][ T5497] 8021q: adding VLAN 0 to HW filter on device bond0
[ 145.908472][ T1045] bridge0: port 2(bridge_slave_1) entered blocking state
[ 145.911790][ T1045] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 145.969456][ T5485] veth0_macvtap: entered promiscuous mode
[ 146.010653][ T5497] 8021q: adding VLAN 0 to HW filter on device team0
[ 146.067526][ T5485] veth1_macvtap: entered promiscuous mode
[ 146.113128][ T5481] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 146.151846][ T1045] bridge0: port 1(bridge_slave_0) entered blocking state
[ 146.155504][ T1045] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 146.186462][ T1045] bridge0: port 2(bridge_slave_1) entered blocking state
[ 146.189817][ T1045] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 146.235306][ T5485] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 146.242116][ T5481] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 146.321349][ T5485] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 146.344624][ T3103] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.349297][ T3103] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.355032][ T1138] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.359165][ T1138] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.421087][ T5503] 8021q: adding VLAN 0 to HW filter on device bond0
[ 146.503050][ T5486] veth0_vlan: entered promiscuous mode
[ 146.529082][ T1040] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.607560][ T5486] veth1_vlan: entered promiscuous mode
[ 146.677194][ T1040] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.791854][ T5497] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 146.838920][ T1040] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.925206][ T1040] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.992312][ T5503] 8021q: adding VLAN 0 to HW filter on device team0
[ 147.071894][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[ 147.076548][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 147.130520][ T1036] bridge0: port 2(bridge_slave_1) entered blocking state
[ 147.134345][ T1036] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 147.265128][ T5489] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 147.275064][ T5486] veth0_macvtap: entered promiscuous mode
[ 147.279386][ T1045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 147.282616][ T1045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 147.410841][ T5486] veth1_macvtap: entered promiscuous mode
[ 147.472888][ T5486] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 147.514734][ T3103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 147.518082][ T3103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 147.612065][ T5486] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 147.669522][ T1036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 147.673493][ T1036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 147.782814][ T5489] veth0_vlan: entered promiscuous mode
[ 147.853028][ T5497] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 147.885793][ T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 147.892354][ T1045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 147.931287][ T1045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 147.940609][ T5489] veth1_vlan: entered promiscuous mode
2025/08/24 04:26:47 executed programs: 12
[ 148.061317][ T43] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 148.168486][ T43] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 148.182337][ T5489] veth0_macvtap: entered promiscuous mode
[ 148.251845][ T43] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 148.299443][ T5489] veth1_macvtap: entered promiscuous mode
[ 148.658190][ T5489] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 148.704828][ T5489] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 148.737365][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 148.789806][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 148.849218][ T5503] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 149.009215][ T1090] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.113630][ T3103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 149.135921][ T3103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 149.149441][ T1090] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.250709][ T1090] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.277271][ T1090] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.373687][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 149.434392][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 149.749108][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 149.795747][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 150.081724][ T5497] veth0_vlan: entered promiscuous mode
[ 150.243697][ T5497] veth1_vlan: entered promiscuous mode
[ 150.752651][ T5497] veth0_macvtap: entered promiscuous mode
[ 150.881685][ T5497] veth1_macvtap: entered promiscuous mode
[ 151.066836][ T5503] veth0_vlan: entered promiscuous mode
[ 151.116455][ T5497] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 151.238511][ T5503] veth1_vlan: entered promiscuous mode
[ 151.253686][ T5497] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 151.365063][ T1040] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.380513][ T1090] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.425982][ T3103] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.434264][ T43] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.528356][ T5503] veth0_macvtap: entered promiscuous mode
[ 151.598583][ T5503] veth1_macvtap: entered promiscuous mode
[ 151.718810][ T5503] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 151.782428][ T5503] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 151.864327][ T3103] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.869581][ T3103] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.875180][ T1090] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.880003][ T1090] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 152.167774][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 152.171442][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 152.506416][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 152.510779][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 152.632686][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 152.684247][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 153.072685][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 153.114554][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/08/24 04:26:52 executed programs: 120
2025/08/24 04:26:57 executed programs: 355
[ 159.072398][ T6102] ==================================================================
[ 159.076845][ T6102] BUG: KASAN: slab-use-after-free in nr_rt_ioctl+0x594/0xd50
[ 159.080359][ T6102] Read of size 2 at addr ffff88803f6c9932 by task syz.4.404/6102
[ 159.084979][ T6102]
[ 159.086214][ T6102] CPU: 0 UID: 0 PID: 6102 Comm: syz.4.404 Not tainted syzkaller #0 PREEMPT(full)
[ 159.086233][ T6102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 159.086241][ T6102] Call Trace:
[ 159.086249][ T6102]
[ 159.086256][ T6102] dump_stack_lvl+0x189/0x250
[ 159.086276][ T6102] ? __kasan_check_byte+0x12/0x40
[ 159.086351][ T6102] ? __pfx_dump_stack_lvl+0x10/0x10
[ 159.086364][ T6102] ? lock_release+0x4b/0x3e0
[ 159.086383][ T6102] ? __virt_addr_valid+0x4a5/0x5c0
[ 159.086400][ T6102] print_report+0xca/0x240
[ 159.086411][ T6102] ? nr_rt_ioctl+0x594/0xd50
[ 159.086424][ T6102] kasan_report+0x118/0x150
[ 159.086439][ T6102] ? nr_rt_ioctl+0x594/0xd50
[ 159.086454][ T6102] nr_rt_ioctl+0x594/0xd50
[ 159.086470][ T6102] ? __pfx_nr_rt_ioctl+0x10/0x10
[ 159.086486][ T6102] ? apparmor_capable+0x137/0x1b0
[ 159.086500][ T6102] ? capable+0x89/0xe0
[ 159.086510][ T6102] ? nr_ioctl+0x1b1/0x3b0
[ 159.086522][ T6102] sock_do_ioctl+0xdc/0x300
[ 159.086536][ T6102] ? __pfx_sock_do_ioctl+0x10/0x10
[ 159.086547][ T6102] ? do_futex+0x395/0x420
[ 159.086593][ T6102] sock_ioctl+0x576/0x790
[ 159.086606][ T6102] ? __pfx_sock_ioctl+0x10/0x10
[ 159.086616][ T6102] ? __pfx___se_sys_futex+0x10/0x10
[ 159.086634][ T6102] ? bpf_lsm_file_ioctl+0x9/0x20
[ 159.086645][ T6102] ? __pfx_sock_ioctl+0x10/0x10
[ 159.086659][ T6102] __se_sys_ioctl+0xfc/0x170
[ 159.086670][ T6102] do_syscall_64+0xfa/0x3b0
[ 159.086823][ T6102] ? lockdep_hardirqs_on+0x9c/0x150
[ 159.086836][ T6102] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 159.086847][ T6102] ? clear_bhb_loop+0x60/0xb0
[ 159.086859][ T6102] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 159.086870][ T6102] RIP: 0033:0x7f242678ebe9
[ 159.086881][ T6102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 159.086896][ T6102] RSP: 002b:00007ffc4dd61288 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 159.086912][ T6102] RAX: ffffffffffffffda RBX: 00007f24269b5fa0 RCX: 00007f242678ebe9
[ 159.086920][ T6102] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 0000000000000004
[ 159.086926][ T6102] RBP: 00007f2426811e19 R08: 0000000000000000 R09: 0000000000000000
[ 159.086937][ T6102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 159.086944][ T6102] R13: 00007f24269b5fa0 R14: 00007f24269b5fa0 R15: 0000000000000002
[ 159.086956][ T6102]
[ 159.086960][ T6102]
[ 159.203365][ T6102] Allocated by task 6102:
[ 159.205303][ T6102] kasan_save_track+0x3e/0x80
[ 159.207457][ T6102] __kasan_kmalloc+0x93/0xb0
[ 159.209513][ T6102] __kmalloc_cache_noprof+0x230/0x3d0
[ 159.212266][ T6102] nr_add_node+0x7f8/0x2570
[ 159.214770][ T6102] nr_rt_ioctl+0xc12/0xd50
[ 159.217194][ T6102] sock_do_ioctl+0xdc/0x300
[ 159.219242][ T6102] sock_ioctl+0x576/0x790
[ 159.221224][ T6102] __se_sys_ioctl+0xfc/0x170
[ 159.223311][ T6102] do_syscall_64+0xfa/0x3b0
[ 159.225337][ T6102] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 159.228162][ T6102]
[ 159.229251][ T6102] Freed by task 6102:
[ 159.231142][ T6102] kasan_save_track+0x3e/0x80
[ 159.233586][ T6102] kasan_save_free_info+0x46/0x50
[ 159.236427][ T6102] __kasan_slab_free+0x5b/0x80
[ 159.238721][ T6102] kfree+0x18e/0x440
[ 159.240572][ T6102] nr_rt_ioctl+0x2e7/0xd50
[ 159.242668][ T6102] sock_do_ioctl+0xdc/0x300
[ 159.244729][ T6102] sock_ioctl+0x576/0x790
[ 159.246775][ T6102] __se_sys_ioctl+0xfc/0x170
[ 159.248987][ T6102] do_syscall_64+0xfa/0x3b0
[ 159.251226][ T6102] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 159.253956][ T6102]
[ 159.255144][ T6102] The buggy address belongs to the object at ffff88803f6c9900
[ 159.255144][ T6102] which belongs to the cache kmalloc-64 of size 64
[ 159.261472][ T6102] The buggy address is located 50 bytes inside of
[ 159.261472][ T6102] freed 64-byte region [ffff88803f6c9900, ffff88803f6c9940)
[ 159.267981][ T6102]
[ 159.269107][ T6102] The buggy address belongs to the physical page:
[ 159.271978][ T6102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3f6c9
[ 159.276227][ T6102] anon flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 159.280661][ T6102] page_type: f5(slab)
[ 159.282681][ T6102] raw: 04fff00000000000 ffff88801a4418c0 ffffea0000e85300 dead000000000005
[ 159.286533][ T6102] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000
[ 159.291065][ T6102] page dumped because: kasan: bad access detected
[ 159.294072][ T6102] page_owner tracks the page as allocated
[ 159.297179][ T6102] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5367, tgid 5367 (udevd), ts 148669582283, free_ts 148637504018
[ 159.306522][ T6102] post_alloc_hook+0x240/0x2a0
[ 159.308693][ T6102] get_page_from_freelist+0x21e4/0x22c0
[ 159.311338][ T6102] __alloc_frozen_pages_noprof+0x181/0x370
[ 159.314208][ T6102] alloc_pages_mpol+0x232/0x4a0
[ 159.317203][ T6102] allocate_slab+0x8a/0x370
[ 159.319867][ T6102] ___slab_alloc+0xbeb/0x1410
[ 159.322422][ T6102] __kmalloc_noprof+0x305/0x4f0
[ 159.324488][ T6102] tomoyo_encode+0x28b/0x550
[ 159.326482][ T6102] tomoyo_realpath_from_path+0x58d/0x5d0
[ 159.328925][ T6102] tomoyo_check_open_permission+0x1c1/0x3b0
[ 159.331387][ T6102] security_file_open+0xb1/0x270
[ 159.333602][ T6102] do_dentry_open+0x384/0x13f0
[ 159.335705][ T6102] vfs_open+0x3b/0x340
[ 159.337623][ T6102] path_openat+0x2ee5/0x3830
[ 159.339756][ T6102] do_filp_open+0x1fa/0x410
[ 159.341682][ T6102] do_sys_openat2+0x121/0x1c0
[ 159.344561][ T6102] page last free pid 15 tgid 15 stack trace:
[ 159.348937][ T6102] __free_frozen_pages+0xbc4/0xd30
[ 159.351162][ T6102] rcu_core+0xca8/0x1770
[ 159.352974][ T6102] handle_softirqs+0x283/0x870
[ 159.355033][ T6102] run_ksoftirqd+0x9b/0x100
[ 159.357062][ T6102] smpboot_thread_fn+0x53f/0xa60
[ 159.359497][ T6102] kthread+0x70e/0x8a0
[ 159.361289][ T6102] ret_from_fork+0x3f9/0x770
[ 159.363479][ T6102] ret_from_fork_asm+0x1a/0x30
[ 159.365780][ T6102]
[ 159.367118][ T6102] Memory state around the buggy address:
[ 159.369646][ T6102] ffff88803f6c9800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 159.373334][ T6102] ffff88803f6c9880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 159.376961][ T6102] >ffff88803f6c9900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 159.381414][ T6102] ^
[ 159.384430][ T6102] ffff88803f6c9980: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc
[ 159.387922][ T6102] ffff88803f6c9a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 159.391358][ T6102] ==================================================================
[ 159.394993][ T6102] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 159.398048][ T6102] CPU: 0 UID: 0 PID: 6102 Comm: syz.4.404 Not tainted syzkaller #0 PREEMPT(full)
[ 159.403506][ T6102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 159.408123][ T6102] Call Trace:
[ 159.409527][ T6102]
[ 159.410836][ T6102] dump_stack_lvl+0x99/0x250
[ 159.412750][ T6102] ? __asan_memcpy+0x40/0x70
[ 159.414694][ T6102] ? __pfx_dump_stack_lvl+0x10/0x10
[ 159.417230][ T6102] ? __pfx__printk+0x10/0x10
[ 159.419109][ T6102] vpanic+0x281/0x750
[ 159.420962][ T6102] ? __pfx_vpanic+0x10/0x10
[ 159.423321][ T6102] ? irqentry_exit+0x74/0x90
[ 159.425713][ T6102] panic+0xb9/0xc0
[ 159.427266][ T6102] ? __pfx_panic+0x10/0x10
[ 159.429193][ T6102] ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 159.431682][ T6102] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 159.434129][ T6102] ? nr_rt_ioctl+0x594/0xd50
[ 159.436122][ T6102] check_panic_on_warn+0x89/0xb0
[ 159.438299][ T6102] ? nr_rt_ioctl+0x594/0xd50
[ 159.440425][ T6102] end_report+0x78/0x160
[ 159.442350][ T6102] kasan_report+0x129/0x150
[ 159.444386][ T6102] ? nr_rt_ioctl+0x594/0xd50
[ 159.447845][ T6102] nr_rt_ioctl+0x594/0xd50
[ 159.450772][ T6102] ? __pfx_nr_rt_ioctl+0x10/0x10
[ 159.452907][ T6102] ? apparmor_capable+0x137/0x1b0
[ 159.454970][ T6102] ? capable+0x89/0xe0
[ 159.456780][ T6102] ? nr_ioctl+0x1b1/0x3b0
[ 159.458715][ T6102] sock_do_ioctl+0xdc/0x300
[ 159.460720][ T6102] ? __pfx_sock_do_ioctl+0x10/0x10
[ 159.462948][ T6102] ? do_futex+0x395/0x420
[ 159.465091][ T6102] sock_ioctl+0x576/0x790
[ 159.467401][ T6102] ? __pfx_sock_ioctl+0x10/0x10
[ 159.469714][ T6102] ? __pfx___se_sys_futex+0x10/0x10
[ 159.471944][ T6102] ? bpf_lsm_file_ioctl+0x9/0x20
[ 159.474107][ T6102] ? __pfx_sock_ioctl+0x10/0x10
[ 159.476241][ T6102] __se_sys_ioctl+0xfc/0x170
[ 159.478341][ T6102] do_syscall_64+0xfa/0x3b0
[ 159.480319][ T6102] ? lockdep_hardirqs_on+0x9c/0x150
[ 159.482941][ T6102] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 159.486151][ T6102] ? clear_bhb_loop+0x60/0xb0
[ 159.488243][ T6102] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 159.490798][ T6102] RIP: 0033:0x7f242678ebe9
[ 159.492788][ T6102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 159.501359][ T6102] RSP: 002b:00007ffc4dd61288 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 159.505038][ T6102] RAX: ffffffffffffffda RBX: 00007f24269b5fa0 RCX: 00007f242678ebe9
[ 159.508925][ T6102] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 0000000000000004
[ 159.512491][ T6102] RBP: 00007f2426811e19 R08: 0000000000000000 R09: 0000000000000000
[ 159.516118][ T6102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 159.519653][ T6102] R13: 00007f24269b5fa0 R14: 00007f24269b5fa0 R15: 0000000000000002
[ 159.523128][ T6102]
[ 159.524801][ T6102] Kernel Offset: disabled
[ 159.526936][ T6102] Rebooting in 86400 seconds..
VM DIAGNOSIS:
04:26:58 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000065 RBX=0000000000000065 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000d75f3d0
R8 =ffff888033980237 R9 =1ffff11006730046 R10=dffffc0000000000 R11=ffffffff8550c0c0
R12=dffffc0000000000 R13=ffffffff99b058e3 R14=ffffffff99dfa820 R15=0000000000000000
RIP=ffffffff8550c13c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555cda9500 ffffffff 00c00000
GS =0000 ffff88808d210000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055555cda9808 CR3=000000004fe51000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000030717062
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4dd616e6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4dd616e6 00007ffc4dd616ec
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2426812e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2426812e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2426812e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2426812e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2426812ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2426812fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c667265766f20 6772612061746164 000a747261745374 6f68000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49435740534a05 4257440544514441 000a515744515351 4a4d5655444b5300
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000