Warning: Permanently added '[localhost]:4600' (ED25519) to the list of known hosts.
2026/01/28 16:21:31 parsed 1 programs
syzkaller login: [ 89.341378][ T5311] cgroup: Unknown subsys name 'net'
[ 89.396786][ T5311] cgroup: Unknown subsys name 'cpuset'
[ 89.402741][ T5311] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 91.270907][ T5311] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 97.042818][ T1225] cfg80211: failed to load regulatory.db
[ 97.228613][ T5336] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 98.474814][ T5361] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 98.478742][ T5361] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 98.483056][ T5361] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 98.493564][ T5361] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 98.509991][ T5361] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.691010][ T5361] Bluetooth: hci0: command tx timeout
[ 103.259899][ T1051] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.263432][ T1051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 103.405011][ T31] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.419822][ T31] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 103.690353][ T5382] chnl_net:caif_netlink_parms(): no params data found
[ 104.024222][ T5382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.027089][ T5382] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.046304][ T5382] bridge_slave_0: entered allmulticast mode
[ 104.079766][ T5382] bridge_slave_0: entered promiscuous mode
[ 104.085857][ T5382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.088936][ T5382] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.111227][ T5382] bridge_slave_1: entered allmulticast mode
[ 104.135582][ T5382] bridge_slave_1: entered promiscuous mode
[ 104.203449][ T5382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 104.239957][ T5382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 104.327579][ T5382] team0: Port device team_slave_0 added
[ 104.340950][ T5382] team0: Port device team_slave_1 added
[ 104.480336][ T5382] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.483524][ T5382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 104.526306][ T5382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.567900][ T5382] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.571647][ T5382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 104.609869][ T5382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.740713][ T5382] hsr_slave_0: entered promiscuous mode
[ 104.744226][ T5382] hsr_slave_1: entered promiscuous mode
[ 105.132680][ T5382] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 105.162575][ T5382] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 105.173317][ T5382] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 105.190646][ T5382] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 105.376560][ T5382] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.420496][ T5382] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.436401][ T3007] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.439735][ T3007] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.471193][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.474242][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.763187][ T5382] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.801033][ T5382] veth0_vlan: entered promiscuous mode
[ 105.813045][ T5382] veth1_vlan: entered promiscuous mode
[ 105.839090][ T5382] veth0_macvtap: entered promiscuous mode
[ 105.845855][ T5382] veth1_macvtap: entered promiscuous mode
[ 105.862227][ T5382] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 105.872706][ T5382] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 105.883078][ T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.889245][ T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.908314][ T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.922051][ T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/01/28 16:21:50 executed programs: 0
[ 106.269956][ T4671] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 106.289348][ T4671] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 106.296769][ T4671] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 106.321188][ T4671] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 106.326832][ T4671] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 106.379089][ T4671] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 106.385724][ T4671] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 106.392994][ T46] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 106.396554][ T46] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 106.401111][ T46] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 106.405219][ T46] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 106.409140][ T46] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 106.412869][ T46] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 106.417005][ T46] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 106.430443][ T46] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 106.550432][ T5439] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 106.560410][ T5439] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 106.564274][ T5439] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 106.569123][ T5439] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 106.573340][ T5439] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 106.708685][ T5440] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 106.720321][ T5440] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 106.723938][ T5440] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 106.727610][ T5440] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 106.736485][ T5440] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 106.799957][ T4671] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 106.831439][ T4671] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 106.837475][ T4671] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 106.880771][ T4671] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 106.884654][ T4671] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 107.742679][ T1051] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 108.232712][ T5428] chnl_net:caif_netlink_parms(): no params data found
[ 108.370280][ T4671] Bluetooth: hci0: command tx timeout
[ 108.449985][ T4671] Bluetooth: hci2: command tx timeout
[ 108.452549][ T4671] Bluetooth: hci1: command tx timeout
[ 108.602634][ T5428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 108.605735][ T5428] bridge0: port 1(bridge_slave_0) entered disabled state
[ 108.608954][ T5428] bridge_slave_0: entered allmulticast mode
[ 108.631235][ T5428] bridge_slave_0: entered promiscuous mode
[ 108.692722][ T1051] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 108.714863][ T5428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.718941][ T5428] bridge0: port 2(bridge_slave_1) entered disabled state
[ 108.730036][ T5428] bridge_slave_1: entered allmulticast mode
[ 108.736956][ T5428] bridge_slave_1: entered promiscuous mode
[ 108.770268][ T5440] Bluetooth: hci3: command tx timeout
[ 108.849897][ T5440] Bluetooth: hci5: command tx timeout
[ 108.877303][ T5444] chnl_net:caif_netlink_parms(): no params data found
[ 108.929841][ T5440] Bluetooth: hci4: command tx timeout
[ 108.934308][ T5428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 108.973452][ T5445] chnl_net:caif_netlink_parms(): no params data found
[ 108.988998][ T1051] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 109.000799][ T5428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 109.222157][ T1051] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 109.261387][ T5428] team0: Port device team_slave_0 added
[ 109.288515][ T5428] team0: Port device team_slave_1 added
[ 109.307230][ T5434] chnl_net:caif_netlink_parms(): no params data found
[ 109.416137][ T5449] chnl_net:caif_netlink_parms(): no params data found
[ 109.456639][ T5431] chnl_net:caif_netlink_parms(): no params data found
[ 109.481159][ T5428] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 109.485153][ T5428] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 109.509838][ T5428] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 109.544141][ T5444] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.547468][ T5444] bridge0: port 1(bridge_slave_0) entered disabled state
[ 109.559981][ T5444] bridge_slave_0: entered allmulticast mode
[ 109.569901][ T5444] bridge_slave_0: entered promiscuous mode
[ 109.575518][ T5444] bridge0: port 2(bridge_slave_1) entered blocking state
[ 109.578568][ T5444] bridge0: port 2(bridge_slave_1) entered disabled state
[ 109.590201][ T5444] bridge_slave_1: entered allmulticast mode
[ 109.599825][ T5444] bridge_slave_1: entered promiscuous mode
[ 109.662533][ T5428] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 109.665156][ T5428] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 109.689757][ T5428] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 109.793380][ T5444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 109.811785][ T5444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 109.876386][ T5445] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.880797][ T5445] bridge0: port 1(bridge_slave_0) entered disabled state
[ 109.883903][ T5445] bridge_slave_0: entered allmulticast mode
[ 109.900158][ T5445] bridge_slave_0: entered promiscuous mode
[ 109.948342][ T5428] hsr_slave_0: entered promiscuous mode
[ 109.956369][ T5428] hsr_slave_1: entered promiscuous mode
[ 109.960105][ T5428] debugfs: 'hsr0' already exists in 'hsr'
[ 109.962880][ T5428] Cannot create hsr debugfs directory
[ 110.002358][ T5445] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.007298][ T5445] bridge0: port 2(bridge_slave_1) entered disabled state
[ 110.013841][ T5445] bridge_slave_1: entered allmulticast mode
[ 110.017777][ T5445] bridge_slave_1: entered promiscuous mode
[ 110.137266][ T1051] bridge_slave_1: left allmulticast mode
[ 110.150883][ T1051] bridge_slave_1: left promiscuous mode
[ 110.154304][ T1051] bridge0: port 2(bridge_slave_1) entered disabled state
[ 110.189171][ T1051] bridge_slave_0: left allmulticast mode
[ 110.192495][ T1051] bridge_slave_0: left promiscuous mode
[ 110.195046][ T1051] bridge0: port 1(bridge_slave_0) entered disabled state
[ 110.458039][ T5440] Bluetooth: hci0: command tx timeout
[ 110.530133][ T5440] Bluetooth: hci1: command tx timeout
[ 110.532688][ T5440] Bluetooth: hci2: command tx timeout
[ 110.840466][ T1051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 110.846610][ T1051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 110.851722][ T4671] Bluetooth: hci3: command tx timeout
[ 110.856770][ T1051] bond0 (unregistering): Released all slaves
[ 110.922446][ T5444] team0: Port device team_slave_0 added
[ 110.930381][ T4671] Bluetooth: hci5: command tx timeout
[ 111.011124][ T4671] Bluetooth: hci4: command tx timeout
[ 111.046217][ T5444] team0: Port device team_slave_1 added
[ 111.049896][ T5431] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.053005][ T5431] bridge0: port 1(bridge_slave_0) entered disabled state
[ 111.056172][ T5431] bridge_slave_0: entered allmulticast mode
[ 111.120981][ T5431] bridge_slave_0: entered promiscuous mode
[ 111.154013][ T5445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.159098][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.174601][ T5434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 111.189669][ T5434] bridge_slave_0: entered allmulticast mode
[ 111.197929][ T5434] bridge_slave_0: entered promiscuous mode
[ 111.219093][ T5449] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.227153][ T5449] bridge0: port 1(bridge_slave_0) entered disabled state
[ 111.244189][ T5449] bridge_slave_0: entered allmulticast mode
[ 111.248315][ T5449] bridge_slave_0: entered promiscuous mode
[ 111.261944][ T5449] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.264773][ T5449] bridge0: port 2(bridge_slave_1) entered disabled state
[ 111.267652][ T5449] bridge_slave_1: entered allmulticast mode
[ 111.280937][ T5449] bridge_slave_1: entered promiscuous mode
[ 111.368726][ T5431] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.377301][ T5431] bridge0: port 2(bridge_slave_1) entered disabled state
[ 111.389220][ T5431] bridge_slave_1: entered allmulticast mode
[ 111.393352][ T5431] bridge_slave_1: entered promiscuous mode
[ 111.401782][ T5445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 111.406091][ T5434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.409172][ T5434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 111.420200][ T5434] bridge_slave_1: entered allmulticast mode
[ 111.429896][ T5434] bridge_slave_1: entered promiscuous mode
[ 111.532011][ T5444] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 111.535039][ T5444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 111.558434][ T5444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 111.608272][ T5449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.640838][ T5449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 111.777974][ T5444] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 111.799605][ T5444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 111.820543][ T5444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 111.866749][ T5434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.942537][ T5431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.993195][ T5445] team0: Port device team_slave_0 added
[ 111.997449][ T5434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 112.025068][ T5449] team0: Port device team_slave_0 added
[ 112.052337][ T1051] hsr_slave_0: left promiscuous mode
[ 112.056015][ T1051] hsr_slave_1: left promiscuous mode
[ 112.059073][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 112.064474][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 112.068670][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 112.072768][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 112.086074][ T1051] veth1_macvtap: left promiscuous mode
[ 112.088859][ T1051] veth0_macvtap: left promiscuous mode
[ 112.092097][ T1051] veth1_vlan: left promiscuous mode
[ 112.094614][ T1051] veth0_vlan: left promiscuous mode
[ 112.464502][ T1051] team0 (unregistering): Port device team_slave_1 removed
[ 112.489148][ T1051] team0 (unregistering): Port device team_slave_0 removed
[ 112.533095][ T4671] Bluetooth: hci0: command tx timeout
[ 112.610457][ T4671] Bluetooth: hci2: command tx timeout
[ 112.612862][ T4671] Bluetooth: hci1: command tx timeout
[ 112.777945][ T5431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 112.813559][ T5444] hsr_slave_0: entered promiscuous mode
[ 112.817366][ T5444] hsr_slave_1: entered promiscuous mode
[ 112.823535][ T5445] team0: Port device team_slave_1 added
[ 112.835752][ T5449] team0: Port device team_slave_1 added
[ 112.930063][ T5440] Bluetooth: hci3: command tx timeout
[ 112.934562][ T5434] team0: Port device team_slave_0 added
[ 112.961302][ T5431] team0: Port device team_slave_0 added
[ 113.009665][ T5440] Bluetooth: hci5: command tx timeout
[ 113.024359][ T5434] team0: Port device team_slave_1 added
[ 113.028274][ T5431] team0: Port device team_slave_1 added
[ 113.089768][ T5440] Bluetooth: hci4: command tx timeout
[ 113.103183][ T5445] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 113.106279][ T5445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.129504][ T5445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 113.146010][ T5449] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 113.149229][ T5449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.193328][ T5449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 113.311698][ T5445] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 113.314758][ T5445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.339530][ T5445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 113.350125][ T5449] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 113.353229][ T5449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.389649][ T5449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 113.433709][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 113.436871][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.448882][ T5434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 113.460893][ T5431] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 113.463761][ T5431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.476160][ T5431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 113.532973][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 113.536046][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.556492][ T5434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 113.574663][ T5431] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 113.577723][ T5431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.606168][ T5431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 113.711824][ T5445] hsr_slave_0: entered promiscuous mode
[ 113.717780][ T5445] hsr_slave_1: entered promiscuous mode
[ 113.722159][ T5445] debugfs: 'hsr0' already exists in 'hsr'
[ 113.724674][ T5445] Cannot create hsr debugfs directory
[ 113.732563][ T5449] hsr_slave_0: entered promiscuous mode
[ 113.735716][ T5449] hsr_slave_1: entered promiscuous mode
[ 113.738473][ T5449] debugfs: 'hsr0' already exists in 'hsr'
[ 113.741434][ T5449] Cannot create hsr debugfs directory
[ 113.897958][ T5431] hsr_slave_0: entered promiscuous mode
[ 113.901497][ T5431] hsr_slave_1: entered promiscuous mode
[ 113.911658][ T5431] debugfs: 'hsr0' already exists in 'hsr'
[ 113.914235][ T5431] Cannot create hsr debugfs directory
[ 113.982897][ T5434] hsr_slave_0: entered promiscuous mode
[ 113.991626][ T5434] hsr_slave_1: entered promiscuous mode
[ 114.000089][ T5434] debugfs: 'hsr0' already exists in 'hsr'
[ 114.002306][ T5434] Cannot create hsr debugfs directory
[ 114.136454][ T5428] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 114.183354][ T5428] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 114.200691][ T5428] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 114.219134][ T5428] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 114.609066][ T5444] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 114.615170][ T5440] Bluetooth: hci0: command tx timeout
[ 114.675832][ T5444] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 114.689580][ T5440] Bluetooth: hci1: command tx timeout
[ 114.691736][ T5440] Bluetooth: hci2: command tx timeout
[ 114.746775][ T5444] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 114.763266][ T5444] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 114.932716][ T5449] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 114.988291][ T5428] 8021q: adding VLAN 0 to HW filter on device bond0
[ 115.013126][ T4671] Bluetooth: hci3: command tx timeout
[ 115.028094][ T5449] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 115.049236][ T5428] 8021q: adding VLAN 0 to HW filter on device team0
[ 115.070429][ T5449] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 115.090073][ T4671] Bluetooth: hci5: command tx timeout
[ 115.093248][ T5449] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 115.102413][ T5444] 8021q: adding VLAN 0 to HW filter on device bond0
[ 115.110434][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.113590][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 115.144296][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.147571][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 115.161949][ T5445] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 115.172228][ T4671] Bluetooth: hci4: command tx timeout
[ 115.212266][ T5445] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 115.238325][ T5445] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 115.248352][ T5444] 8021q: adding VLAN 0 to HW filter on device team0
[ 115.283596][ T5445] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 115.298502][ T5428] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 115.305476][ T5428] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 115.349440][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.352359][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 115.357250][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.360456][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 115.399066][ T5431] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 115.476414][ T5431] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 115.503287][ T5431] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 115.535394][ T5444] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 115.550716][ T5444] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 115.572114][ T5431] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 115.667204][ T5449] 8021q: adding VLAN 0 to HW filter on device bond0
[ 115.796304][ T5434] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 115.837811][ T5434] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 115.851856][ T5434] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 115.875095][ T5449] 8021q: adding VLAN 0 to HW filter on device team0
[ 115.903860][ T5434] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 115.961601][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.965806][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 116.017984][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.020863][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 116.033996][ T5428] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 116.097789][ T5445] 8021q: adding VLAN 0 to HW filter on device bond0
[ 116.148662][ T5445] 8021q: adding VLAN 0 to HW filter on device team0
[ 116.175646][ T5449] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 116.251400][ T5431] 8021q: adding VLAN 0 to HW filter on device bond0
[ 116.295550][ T5444] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 116.312424][ T3007] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.315625][ T3007] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 116.420089][ T5428] veth0_vlan: entered promiscuous mode
[ 116.457598][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.460693][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 116.522831][ T5431] 8021q: adding VLAN 0 to HW filter on device team0
[ 116.577978][ T5428] veth1_vlan: entered promiscuous mode
[ 116.595411][ T3007] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.598769][ T3007] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 116.607578][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.610872][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 116.643811][ T5434] 8021q: adding VLAN 0 to HW filter on device bond0
[ 116.768384][ T5428] veth0_macvtap: entered promiscuous mode
[ 116.851800][ T5434] 8021q: adding VLAN 0 to HW filter on device team0
[ 116.859002][ T5428] veth1_macvtap: entered promiscuous mode
[ 116.876909][ T5431] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 116.920684][ T5449] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 116.976099][ T5428] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 117.018336][ T133] bridge0: port 1(bridge_slave_0) entered blocking state
[ 117.021587][ T133] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 117.173003][ T5428] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 117.180676][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.185016][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.189062][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.217262][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state
[ 117.220524][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 117.281105][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.456318][ T5434] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 117.496195][ T5434] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 117.593620][ T5444] veth0_vlan: entered promiscuous mode
[ 117.640224][ T5431] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 117.695037][ T5444] veth1_vlan: entered promiscuous mode
[ 117.746041][ T3007] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.758348][ T3007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.773986][ T5445] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 117.923322][ T1043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.931764][ T1043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.958948][ T5431] veth0_vlan: entered promiscuous mode
[ 117.976187][ T5449] veth0_vlan: entered promiscuous mode
[ 117.982881][ T5444] veth0_macvtap: entered promiscuous mode
[ 118.015117][ T5444] veth1_macvtap: entered promiscuous mode
[ 118.054644][ T5434] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 118.071219][ T5431] veth1_vlan: entered promiscuous mode
[ 118.085944][ T5445] veth0_vlan: entered promiscuous mode
2026/01/28 16:22:02 executed programs: 12
[ 118.143009][ T5449] veth1_vlan: entered promiscuous mode
[ 118.168921][ T5444] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 118.208211][ T5444] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 118.290461][ T1137] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.323943][ T5445] veth1_vlan: entered promiscuous mode
[ 118.336212][ T1137] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.346189][ T1137] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.416812][ T1137] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.437258][ T5431] veth0_macvtap: entered promiscuous mode
[ 118.455033][ T5449] veth0_macvtap: entered promiscuous mode
[ 118.535295][ T5431] veth1_macvtap: entered promiscuous mode
[ 118.561183][ T5449] veth1_macvtap: entered promiscuous mode
[ 118.663638][ T5449] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 118.683407][ T5449] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 118.735599][ T5445] veth0_macvtap: entered promiscuous mode
[ 118.777484][ T5434] veth0_vlan: entered promiscuous mode
[ 118.786992][ T5431] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 118.801616][ T5445] veth1_macvtap: entered promiscuous mode
[ 118.806031][ T1051] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.811864][ T1051] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.868208][ T5434] veth1_vlan: entered promiscuous mode
[ 118.884793][ T5431] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 118.888658][ T1051] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.893644][ T1051] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.979318][ T3007] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 118.995859][ T3007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.004665][ T31] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.127098][ T1137] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.131569][ T1137] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.135000][ T1137] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.204377][ T5445] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 119.232006][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.235292][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.245151][ T5434] veth0_macvtap: entered promiscuous mode
[ 119.280973][ T5445] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 119.348873][ T5434] veth1_macvtap: entered promiscuous mode
[ 119.475272][ T3007] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.486075][ T3007] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.504756][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.507913][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.535180][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 119.583563][ T3007] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.620101][ T3007] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.686117][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 119.707143][ T133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.724678][ T133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.775708][ T3007] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.794339][ T3007] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.798073][ T3007] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.826583][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.840235][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 119.853518][ T3007] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.064392][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.067344][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.232498][ T1051] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.265380][ T1051] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.369135][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.402842][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.630142][ T1042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.633592][ T1042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.874197][ T3007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.903651][ T3007] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/01/28 16:22:07 executed programs: 161
[ 124.223012][ T1042] ==================================================================
[ 124.227516][ T1042] BUG: KASAN: slab-use-after-free in drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.231601][ T1042] Read of size 1 at addr ffff888054e73809 by task kworker/u4:6/1042
[ 124.235780][ T1042]
[ 124.236891][ T1042] CPU: 0 UID: 0 PID: 1042 Comm: kworker/u4:6 Not tainted syzkaller #0 PREEMPT(full)
[ 124.236907][ T1042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 124.236916][ T1042] Workqueue: events_unbound commit_work
[ 124.236957][ T1042] Call Trace:
[ 124.236965][ T1042]
[ 124.236971][ T1042] dump_stack_lvl+0xe8/0x150
[ 124.236989][ T1042] print_report+0xba/0x230
[ 124.237002][ T1042] ? drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.237019][ T1042] kasan_report+0x117/0x150
[ 124.237031][ T1042] ? drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.237050][ T1042] drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.237067][ T1042] ? try_to_wake_up+0x7f4/0x1380
[ 124.237080][ T1042] ? preempt_schedule_thunk+0x16/0x30
[ 124.237092][ T1042] ? __pfx_drm_atomic_helper_wait_for_vblanks+0x10/0x10
[ 124.237108][ T1042] ? _raw_spin_unlock_irqrestore+0x74/0x80
[ 124.237238][ T1042] ? drm_atomic_helper_commit_hw_done+0x3da/0x410
[ 124.237257][ T1042] drm_atomic_helper_commit_tail+0x2d1/0x500
[ 124.237275][ T1042] ? ktime_get+0x1d2/0x200
[ 124.237289][ T1042] commit_tail+0x29a/0x3a0
[ 124.237300][ T1042] ? process_scheduled_works+0xa0f/0x17a0
[ 124.237317][ T1042] process_scheduled_works+0xaec/0x17a0
[ 124.237347][ T1042] ? __pfx_process_scheduled_works+0x10/0x10
[ 124.237372][ T1042] ? do_raw_spin_lock+0x12b/0x2f0
[ 124.237385][ T1042] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 124.237397][ T1042] ? schedule+0x90/0x360
[ 124.237414][ T1042] worker_thread+0xda6/0x1360
[ 124.237446][ T1042] kthread+0x726/0x8b0
[ 124.237460][ T1042] ? __pfx_worker_thread+0x10/0x10
[ 124.237476][ T1042] ? __pfx_kthread+0x10/0x10
[ 124.237489][ T1042] ? _raw_spin_unlock_irq+0x23/0x50
[ 124.237505][ T1042] ? __pfx_kthread+0x10/0x10
[ 124.237517][ T1042] ret_from_fork+0x51b/0xa40
[ 124.237529][ T1042] ? __pfx_ret_from_fork+0x10/0x10
[ 124.237546][ T1042] ? __switch_to+0xc82/0x1410
[ 124.237562][ T1042] ? __pfx_kthread+0x10/0x10
[ 124.237575][ T1042] ret_from_fork_asm+0x1a/0x30
[ 124.237595][ T1042]
[ 124.237604][ T1042]
[ 124.325085][ T1042] Allocated by task 5840:
[ 124.326966][ T1042] kasan_save_track+0x3e/0x80
[ 124.329061][ T1042] __kasan_kmalloc+0x93/0xb0
[ 124.331048][ T1042] __kmalloc_cache_noprof+0x3d1/0x6e0
[ 124.333397][ T1042] drm_atomic_helper_crtc_duplicate_state+0x72/0xb0
[ 124.336342][ T1042] drm_atomic_get_crtc_state+0x1e5/0x610
[ 124.338905][ T1042] page_flip_common+0x56/0x2a0
[ 124.341081][ T1042] drm_atomic_helper_page_flip+0xa5/0x160
[ 124.343648][ T1042] drm_mode_page_flip_ioctl+0xe62/0x1410
[ 124.346177][ T1042] drm_ioctl_kernel+0x2df/0x3b0
[ 124.348409][ T1042] drm_ioctl+0x6ba/0xb80
[ 124.350326][ T1042] __se_sys_ioctl+0xfc/0x170
[ 124.352402][ T1042] do_syscall_64+0xe2/0xf80
[ 124.354444][ T1042] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.357125][ T1042]
[ 124.358207][ T1042] Freed by task 5841:
[ 124.360026][ T1042] kasan_save_track+0x3e/0x80
[ 124.362155][ T1042] kasan_save_free_info+0x46/0x50
[ 124.364420][ T1042] __kasan_slab_free+0x5c/0x80
[ 124.366572][ T1042] kfree+0x1be/0x650
[ 124.368222][ T1042] drm_atomic_state_default_clear+0x43f/0xe70
[ 124.370726][ T1042] __drm_atomic_state_free+0xaf/0x230
[ 124.373092][ T1042] drm_client_modeset_commit_atomic+0x6ec/0x7e0
[ 124.375853][ T1042] drm_client_modeset_commit_locked+0xcb/0x4d0
[ 124.378683][ T1042] drm_client_modeset_commit+0x4a/0x70
[ 124.381161][ T1042] __drm_fb_helper_restore_fbdev_mode_unlocked+0x9c/0x1c0
[ 124.384358][ T1042] drm_fbdev_client_restore+0x1b/0x30
[ 124.386646][ T1042] drm_client_dev_restore+0x14c/0x290
[ 124.388808][ T1042] drm_release+0x31a/0x3f0
[ 124.390617][ T1042] __fput+0x44f/0xa70
[ 124.392304][ T1042] task_work_run+0x1d9/0x270
[ 124.394210][ T1042] exit_to_user_mode_loop+0xed/0x480
[ 124.396422][ T1042] do_syscall_64+0x2b7/0xf80
[ 124.398326][ T1042] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.400831][ T1042]
[ 124.401944][ T1042] The buggy address belongs to the object at ffff888054e73800
[ 124.401944][ T1042] which belongs to the cache kmalloc-512 of size 512
[ 124.408132][ T1042] The buggy address is located 9 bytes inside of
[ 124.408132][ T1042] freed 512-byte region [ffff888054e73800, ffff888054e73a00)
[ 124.414124][ T1042]
[ 124.415232][ T1042] The buggy address belongs to the physical page:
[ 124.418127][ T1042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54e72
[ 124.421816][ T1042] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 124.425222][ T1042] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 124.428363][ T1042] page_type: f5(slab)
[ 124.429989][ T1042] raw: 04fff00000000040 ffff88801a841c80 dead000000000100 dead000000000122
[ 124.433433][ T1042] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 124.437108][ T1042] head: 04fff00000000040 ffff88801a841c80 dead000000000100 dead000000000122
[ 124.440834][ T1042] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 124.444492][ T1042] head: 04fff00000000001 ffffea0001539c81 00000000ffffffff 00000000ffffffff
[ 124.448204][ T1042] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 124.452006][ T1042] page dumped because: kasan: bad access detected
[ 124.454861][ T1042] page_owner tracks the page as allocated
[ 124.457362][ T1042] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4720, tgid 4720 (udevd), ts 119865399274, free_ts 101771293174
[ 124.466552][ T1042] post_alloc_hook+0x228/0x280
[ 124.468750][ T1042] get_page_from_freelist+0x24dc/0x2580
[ 124.471259][ T1042] __alloc_frozen_pages_noprof+0x18d/0x380
[ 124.473854][ T1042] alloc_pages_mpol+0x232/0x4a0
[ 124.476044][ T1042] allocate_slab+0x86/0x3a0
[ 124.478166][ T1042] ___slab_alloc+0xd82/0x1760
[ 124.480336][ T1042] __slab_alloc+0x65/0x100
[ 124.482335][ T1042] __kmalloc_cache_noprof+0x40d/0x6e0
[ 124.484804][ T1042] kernfs_fop_open+0x397/0xca0
[ 124.487029][ T1042] do_dentry_open+0x7ce/0x1420
[ 124.489179][ T1042] vfs_open+0x3b/0x340
[ 124.491032][ T1042] path_openat+0x3486/0x3e20
[ 124.493169][ T1042] do_filp_open+0x22d/0x490
[ 124.495243][ T1042] do_sys_openat2+0x12f/0x220
[ 124.497424][ T1042] __x64_sys_openat+0x138/0x170
[ 124.499555][ T1042] do_syscall_64+0xe2/0xf80
[ 124.501514][ T1042] page last free pid 73 tgid 73 stack trace:
[ 124.504090][ T1042] __free_frozen_pages+0xbf8/0xd70
[ 124.506429][ T1042] __put_partials+0x146/0x170
[ 124.508499][ T1042] __slab_free+0x294/0x320
[ 124.510477][ T1042] qlist_free_all+0x97/0x100
[ 124.512527][ T1042] kasan_quarantine_reduce+0x148/0x160
[ 124.514985][ T1042] __kasan_slab_alloc+0x22/0x80
[ 124.517214][ T1042] kmem_cache_alloc_node_noprof+0x427/0x6f0
[ 124.519791][ T1042] zswap_store+0xb68/0x1f80
[ 124.521875][ T1042] swap_writeout+0x70c/0xd70
[ 124.523977][ T1042] shrink_folio_list+0x332f/0x5160
[ 124.526262][ T1042] evict_folios+0x4795/0x5880
[ 124.528403][ T1042] try_to_shrink_lruvec+0x88b/0xb20
[ 124.530749][ T1042] shrink_one+0x25c/0x710
[ 124.532662][ T1042] shrink_node+0x2f8b/0x35f0
[ 124.534712][ T1042] kswapd+0x144c/0x2800
[ 124.536648][ T1042] kthread+0x726/0x8b0
[ 124.538495][ T1042]
[ 124.539631][ T1042] Memory state around the buggy address:
[ 124.542124][ T1042] ffff888054e73700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 124.545536][ T1042] ffff888054e73780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 124.549127][ T1042] >ffff888054e73800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.552662][ T1042] ^
[ 124.554637][ T1042] ffff888054e73880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.558176][ T1042] ffff888054e73900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.561602][ T1042] ==================================================================
[ 124.723497][ T1042] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 124.726751][ T1042] CPU: 0 UID: 0 PID: 1042 Comm: kworker/u4:6 Not tainted syzkaller #0 PREEMPT(full)
[ 124.730880][ T1042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 124.735359][ T1042] Workqueue: events_unbound commit_work
[ 124.737879][ T1042] Call Trace:
[ 124.739397][ T1042]
[ 124.740765][ T1042] vpanic+0x1e0/0x670
[ 124.742602][ T1042] panic+0xc5/0xd0
[ 124.744313][ T1042] ? __pfx_panic+0x10/0x10
[ 124.746334][ T1042] ? preempt_schedule_thunk+0x16/0x30
[ 124.748745][ T1042] ? drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.751601][ T1042] check_panic_on_warn+0x89/0xb0
[ 124.753897][ T1042] ? drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.756848][ T1042] end_report+0x6f/0x140
[ 124.758812][ T1042] kasan_report+0x128/0x150
[ 124.760831][ T1042] ? drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.763810][ T1042] drm_atomic_helper_wait_for_vblanks+0x348/0x910
[ 124.766671][ T1042] ? try_to_wake_up+0x7f4/0x1380
[ 124.768805][ T1042] ? preempt_schedule_thunk+0x16/0x30
[ 124.770996][ T1042] ? __pfx_drm_atomic_helper_wait_for_vblanks+0x10/0x10
[ 124.773783][ T1042] ? _raw_spin_unlock_irqrestore+0x74/0x80
[ 124.776117][ T1042] ? drm_atomic_helper_commit_hw_done+0x3da/0x410
[ 124.778723][ T1042] drm_atomic_helper_commit_tail+0x2d1/0x500
[ 124.781155][ T1042] ? ktime_get+0x1d2/0x200
[ 124.783006][ T1042] commit_tail+0x29a/0x3a0
[ 124.785110][ T1042] ? process_scheduled_works+0xa0f/0x17a0
[ 124.787621][ T1042] process_scheduled_works+0xaec/0x17a0
[ 124.790124][ T1042] ? __pfx_process_scheduled_works+0x10/0x10
[ 124.792822][ T1042] ? do_raw_spin_lock+0x12b/0x2f0
[ 124.795147][ T1042] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 124.797622][ T1042] ? schedule+0x90/0x360
[ 124.799563][ T1042] worker_thread+0xda6/0x1360
[ 124.801697][ T1042] kthread+0x726/0x8b0
[ 124.803480][ T1042] ? __pfx_worker_thread+0x10/0x10
[ 124.805800][ T1042] ? __pfx_kthread+0x10/0x10
[ 124.807812][ T1042] ? _raw_spin_unlock_irq+0x23/0x50
[ 124.810093][ T1042] ? __pfx_kthread+0x10/0x10
[ 124.812211][ T1042] ret_from_fork+0x51b/0xa40
[ 124.814287][ T1042] ? __pfx_ret_from_fork+0x10/0x10
[ 124.816621][ T1042] ? __switch_to+0xc82/0x1410
[ 124.818652][ T1042] ? __pfx_kthread+0x10/0x10
[ 124.820711][ T1042] ret_from_fork_asm+0x1a/0x30
[ 124.822838][ T1042]
[ 124.824580][ T1042] Kernel Offset: disabled
[ 124.826523][ T1042] Rebooting in 86400 seconds..
VM DIAGNOSIS:
16:22:08 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90003007250
R8 =ffff8880343c0237 R9 =1ffff11006878046 R10=dffffc0000000000 R11=ffffffff85335ee0
R12=dffffc0000000000 R13=ffffffff9a02ca09 R14=ffffffff9a3416a0 R15=0000000000000000
RIP=ffffffff85335f5c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808ccea000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2ff63fff CR3=0000000056563000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffc000 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7a79732f74656e2f 70756f7267637a79
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc1c204c6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc1c204c6 00007ffdc1c204cc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7c78e08704
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7c78e08750
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7c78e086c4
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7c78e08742
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000032647261632f 6972642f7665642f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000500060006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000