syzkaller login: [ 91.823401][ T10] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:23785' (ED25519) to the list of known hosts.
2025/07/13 13:12:30 ignoring optional flag "sandboxArg"="0"
2025/07/13 13:12:32 parsed 1 programs
[ 162.925256][ T5354] cgroup: Unknown subsys name 'net'
[ 163.016948][ T5354] cgroup: Unknown subsys name 'cpuset'
[ 163.022299][ T5354] cgroup: Unknown subsys name 'rlimit'
[ 164.722536][ T5354] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 169.174147][ T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 169.186341][ T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 169.201224][ T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 169.223595][ T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 169.233820][ T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 170.221744][ T2997] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 170.253120][ T2997] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 170.270767][ T5370] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 170.809721][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 170.813320][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 177.908213][ T5403] chnl_net:caif_netlink_parms(): no params data found
[ 178.125965][ T5403] bridge0: port 1(bridge_slave_0) entered blocking state
[ 178.128938][ T5403] bridge0: port 1(bridge_slave_0) entered disabled state
[ 178.131958][ T5403] bridge_slave_0: entered allmulticast mode
[ 178.155352][ T5403] bridge_slave_0: entered promiscuous mode
[ 178.162015][ T5403] bridge0: port 2(bridge_slave_1) entered blocking state
[ 178.179547][ T5403] bridge0: port 2(bridge_slave_1) entered disabled state
[ 178.189994][ T5403] bridge_slave_1: entered allmulticast mode
[ 178.201675][ T5403] bridge_slave_1: entered promiscuous mode
[ 178.285368][ T5403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 178.291737][ T5403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 178.384305][ T5403] team0: Port device team_slave_0 added
[ 178.402779][ T5403] team0: Port device team_slave_1 added
[ 178.457174][ T5403] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 178.460282][ T5403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 178.493075][ T5403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 178.500059][ T5403] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 178.513112][ T5403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 178.543816][ T5403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 178.634725][ T5403] hsr_slave_0: entered promiscuous mode
[ 178.647601][ T5403] hsr_slave_1: entered promiscuous mode
[ 178.949778][ T5403] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 178.972626][ T5403] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 178.987483][ T5403] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 179.005915][ T5403] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 179.257658][ T5403] 8021q: adding VLAN 0 to HW filter on device bond0
[ 179.294029][ T5403] 8021q: adding VLAN 0 to HW filter on device team0
[ 179.306334][ T14] bridge0: port 1(bridge_slave_0) entered blocking state
[ 179.309643][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 179.336698][ T14] bridge0: port 2(bridge_slave_1) entered blocking state
[ 179.339684][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 179.697742][ T5403] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 179.774437][ T5403] veth0_vlan: entered promiscuous mode
[ 179.798983][ T5403] veth1_vlan: entered promiscuous mode
[ 179.858251][ T5403] veth0_macvtap: entered promiscuous mode
[ 179.865870][ T5403] veth1_macvtap: entered promiscuous mode
[ 179.880854][ T5403] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 179.891689][ T5403] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 179.901412][ T5403] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 179.906750][ T5403] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 179.910771][ T5403] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 179.916418][ T5403] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 180.185502][ T4686] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 180.200106][ T4686] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 180.211965][ T4686] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 180.219388][ T4686] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 180.223791][ T4686] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/07/13 13:12:51 executed programs: 0
[ 180.353240][ T45] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 180.388497][ T45] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 180.403865][ T45] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 180.432358][ T5476] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 180.436880][ T5476] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 180.440290][ T5476] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 180.444190][ T5476] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 180.447937][ T5476] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 180.451452][ T5476] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 180.457391][ T4686] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 180.536601][ T5479] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 180.553332][ T5476] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 180.563597][ T5478] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 180.567146][ T5478] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 180.571783][ T5476] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 180.576109][ T5476] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 180.579831][ T5478] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 180.583753][ T5476] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 180.588255][ T5372] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 180.597007][ T5478] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 180.709860][ T5476] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 180.716367][ T5476] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 180.719964][ T5476] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 180.723998][ T5476] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 180.727480][ T5476] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 182.294540][ T5476] Bluetooth: hci0: command tx timeout
[ 182.482323][ T22] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 182.538752][ T5476] Bluetooth: hci1: command tx timeout
[ 182.541592][ T5476] Bluetooth: hci2: command tx timeout
[ 182.615991][ T5476] Bluetooth: hci4: command tx timeout
[ 182.694034][ T5476] Bluetooth: hci3: command tx timeout
[ 182.784471][ T5476] Bluetooth: hci5: command tx timeout
[ 182.892652][ T5465] chnl_net:caif_netlink_parms(): no params data found
[ 183.124690][ T22] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 183.202406][ T22] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 183.316524][ T22] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 183.406144][ T5465] bridge0: port 1(bridge_slave_0) entered blocking state
[ 183.409446][ T5465] bridge0: port 1(bridge_slave_0) entered disabled state
[ 183.412731][ T5465] bridge_slave_0: entered allmulticast mode
[ 183.424469][ T5465] bridge_slave_0: entered promiscuous mode
[ 183.440590][ T5465] bridge0: port 2(bridge_slave_1) entered blocking state
[ 183.455250][ T5465] bridge0: port 2(bridge_slave_1) entered disabled state
[ 183.458340][ T5465] bridge_slave_1: entered allmulticast mode
[ 183.473481][ T5465] bridge_slave_1: entered promiscuous mode
[ 183.665291][ T5465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 183.709021][ T5470] chnl_net:caif_netlink_parms(): no params data found
[ 183.736063][ T5465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 183.920825][ T5465] team0: Port device team_slave_0 added
[ 184.005918][ T5465] team0: Port device team_slave_1 added
[ 184.201400][ T5477] chnl_net:caif_netlink_parms(): no params data found
[ 184.248698][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 184.251770][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 184.288270][ T5465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 184.327487][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 184.330577][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 184.375966][ T5476] Bluetooth: hci0: command tx timeout
[ 184.378826][ T5465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 184.407416][ T5474] chnl_net:caif_netlink_parms(): no params data found
[ 184.413893][ T22] bridge_slave_1: left allmulticast mode
[ 184.416124][ T22] bridge_slave_1: left promiscuous mode
[ 184.419183][ T22] bridge0: port 2(bridge_slave_1) entered disabled state
[ 184.454988][ T22] bridge_slave_0: left allmulticast mode
[ 184.458308][ T22] bridge_slave_0: left promiscuous mode
[ 184.462036][ T22] bridge0: port 1(bridge_slave_0) entered disabled state
[ 184.614218][ T5476] Bluetooth: hci2: command tx timeout
[ 184.616658][ T5476] Bluetooth: hci1: command tx timeout
[ 184.694746][ T5478] Bluetooth: hci4: command tx timeout
[ 184.776438][ T5478] Bluetooth: hci3: command tx timeout
[ 184.855248][ T5478] Bluetooth: hci5: command tx timeout
[ 185.154912][ T22] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 185.160949][ T22] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 185.168587][ T22] bond0 (unregistering): Released all slaves
[ 185.291933][ T5470] bridge0: port 1(bridge_slave_0) entered blocking state
[ 185.306110][ T5470] bridge0: port 1(bridge_slave_0) entered disabled state
[ 185.309406][ T5470] bridge_slave_0: entered allmulticast mode
[ 185.324555][ T5470] bridge_slave_0: entered promiscuous mode
[ 185.579926][ T5470] bridge0: port 2(bridge_slave_1) entered blocking state
[ 185.593609][ T5470] bridge0: port 2(bridge_slave_1) entered disabled state
[ 185.596977][ T5470] bridge_slave_1: entered allmulticast mode
[ 185.619760][ T5470] bridge_slave_1: entered promiscuous mode
[ 185.687576][ T22] hsr_slave_0: left promiscuous mode
[ 185.695740][ T22] hsr_slave_1: left promiscuous mode
[ 185.710102][ T22] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 185.715433][ T22] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 185.726933][ T22] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 185.730328][ T22] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 185.768396][ T22] veth1_macvtap: left promiscuous mode
[ 185.771149][ T22] veth0_macvtap: left promiscuous mode
[ 185.774432][ T22] veth1_vlan: left promiscuous mode
[ 185.776895][ T22] veth0_vlan: left promiscuous mode
[ 186.211444][ T22] team0 (unregistering): Port device team_slave_1 removed
[ 186.238404][ T22] team0 (unregistering): Port device team_slave_0 removed
[ 186.456997][ T5478] Bluetooth: hci0: command tx timeout
[ 186.694393][ T5478] Bluetooth: hci1: command tx timeout
[ 186.696871][ T5478] Bluetooth: hci2: command tx timeout
[ 186.776262][ T5476] Bluetooth: hci4: command tx timeout
[ 186.789079][ T5470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 186.804029][ T5470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 186.822852][ T5465] hsr_slave_0: entered promiscuous mode
[ 186.836637][ T5465] hsr_slave_1: entered promiscuous mode
[ 186.853604][ T5476] Bluetooth: hci3: command tx timeout
[ 186.933425][ T5476] Bluetooth: hci5: command tx timeout
[ 187.026992][ T5469] chnl_net:caif_netlink_parms(): no params data found
[ 187.050689][ T5477] bridge0: port 1(bridge_slave_0) entered blocking state
[ 187.060994][ T5477] bridge0: port 1(bridge_slave_0) entered disabled state
[ 187.074915][ T5477] bridge_slave_0: entered allmulticast mode
[ 187.095364][ T5477] bridge_slave_0: entered promiscuous mode
[ 187.124222][ T5477] bridge0: port 2(bridge_slave_1) entered blocking state
[ 187.127223][ T5477] bridge0: port 2(bridge_slave_1) entered disabled state
[ 187.130215][ T5477] bridge_slave_1: entered allmulticast mode
[ 187.145249][ T5477] bridge_slave_1: entered promiscuous mode
[ 187.165992][ T5470] team0: Port device team_slave_0 added
[ 187.275779][ T5470] team0: Port device team_slave_1 added
[ 187.391264][ T5486] chnl_net:caif_netlink_parms(): no params data found
[ 187.411887][ T5477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 187.447139][ T5474] bridge0: port 1(bridge_slave_0) entered blocking state
[ 187.450332][ T5474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 187.465455][ T5474] bridge_slave_0: entered allmulticast mode
[ 187.476164][ T5474] bridge_slave_0: entered promiscuous mode
[ 187.493995][ T5474] bridge0: port 2(bridge_slave_1) entered blocking state
[ 187.497068][ T5474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 187.500308][ T5474] bridge_slave_1: entered allmulticast mode
[ 187.524222][ T5474] bridge_slave_1: entered promiscuous mode
[ 187.549077][ T5477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 187.894399][ T5477] team0: Port device team_slave_0 added
[ 187.898725][ T5470] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 187.901792][ T5470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 187.943579][ T5470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 188.018856][ T5477] team0: Port device team_slave_1 added
[ 188.036690][ T5474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 188.042933][ T5474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 188.086256][ T5470] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 188.089185][ T5470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 188.126715][ T5470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 188.197653][ T5469] bridge0: port 1(bridge_slave_0) entered blocking state
[ 188.201057][ T5469] bridge0: port 1(bridge_slave_0) entered disabled state
[ 188.214513][ T5469] bridge_slave_0: entered allmulticast mode
[ 188.218177][ T5469] bridge_slave_0: entered promiscuous mode
[ 188.324602][ T5469] bridge0: port 2(bridge_slave_1) entered blocking state
[ 188.327841][ T5469] bridge0: port 2(bridge_slave_1) entered disabled state
[ 188.331147][ T5469] bridge_slave_1: entered allmulticast mode
[ 188.338667][ T5469] bridge_slave_1: entered promiscuous mode
[ 188.356101][ T5477] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 188.358903][ T5477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 188.383635][ T5477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 188.465942][ T5474] team0: Port device team_slave_0 added
[ 188.489236][ T5474] team0: Port device team_slave_1 added
[ 188.492407][ T5477] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 188.504017][ T5477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 188.526262][ T5477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 188.533615][ T5476] Bluetooth: hci0: command tx timeout
[ 188.557851][ T5486] bridge0: port 1(bridge_slave_0) entered blocking state
[ 188.560858][ T5486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 188.571497][ T5486] bridge_slave_0: entered allmulticast mode
[ 188.588600][ T5486] bridge_slave_0: entered promiscuous mode
[ 188.711780][ T5486] bridge0: port 2(bridge_slave_1) entered blocking state
[ 188.727095][ T5486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 188.730258][ T5486] bridge_slave_1: entered allmulticast mode
[ 188.742420][ T5486] bridge_slave_1: entered promiscuous mode
[ 188.774854][ T5476] Bluetooth: hci2: command tx timeout
[ 188.777135][ T5476] Bluetooth: hci1: command tx timeout
[ 188.780016][ T5469] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 188.798270][ T5469] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 188.815231][ T5470] hsr_slave_0: entered promiscuous mode
[ 188.825755][ T5470] hsr_slave_1: entered promiscuous mode
[ 188.829162][ T5470] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 188.832517][ T5470] Cannot create hsr debugfs directory
[ 188.853359][ T5478] Bluetooth: hci4: command tx timeout
[ 188.933461][ T5478] Bluetooth: hci3: command tx timeout
[ 188.965102][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 188.967978][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 188.995727][ T5474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 189.008037][ T5477] hsr_slave_0: entered promiscuous mode
[ 189.011161][ T5477] hsr_slave_1: entered promiscuous mode
[ 189.015961][ T5478] Bluetooth: hci5: command tx timeout
[ 189.021609][ T5477] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 189.026828][ T5477] Cannot create hsr debugfs directory
[ 189.042143][ T5486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 189.076647][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 189.079594][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 189.092853][ T5474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 189.118086][ T5486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 189.132446][ T5469] team0: Port device team_slave_0 added
[ 189.182510][ T5469] team0: Port device team_slave_1 added
[ 189.321001][ T5465] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 189.340259][ T5465] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 189.490755][ T5465] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 189.509509][ T5486] team0: Port device team_slave_0 added
[ 189.513725][ T5469] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 189.516659][ T5469] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 189.553944][ T5469] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 189.579540][ T5474] hsr_slave_0: entered promiscuous mode
[ 189.593883][ T5474] hsr_slave_1: entered promiscuous mode
[ 189.597207][ T5474] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 189.600331][ T5474] Cannot create hsr debugfs directory
[ 189.634956][ T5465] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 189.645488][ T5486] team0: Port device team_slave_1 added
[ 189.651751][ T5469] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 189.666259][ T5469] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 189.686507][ T5469] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 189.865922][ T5486] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 189.868692][ T5486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 189.882312][ T5486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 189.970199][ T5486] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 189.975795][ T5486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 189.994891][ T5486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 190.092664][ T5469] hsr_slave_0: entered promiscuous mode
[ 190.101618][ T5469] hsr_slave_1: entered promiscuous mode
[ 190.107791][ T5469] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 190.110913][ T5469] Cannot create hsr debugfs directory
[ 190.320448][ T5486] hsr_slave_0: entered promiscuous mode
[ 190.327164][ T5486] hsr_slave_1: entered promiscuous mode
[ 190.329918][ T5486] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 190.334358][ T5486] Cannot create hsr debugfs directory
[ 190.664190][ T5477] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 190.717927][ T5465] 8021q: adding VLAN 0 to HW filter on device bond0
[ 190.728675][ T5477] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 190.767717][ T5477] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 190.806338][ T5477] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 190.820270][ T5465] 8021q: adding VLAN 0 to HW filter on device team0
[ 190.884770][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 190.887430][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 190.898649][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 190.901536][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 190.942875][ T5470] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 190.962813][ T5465] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 190.974037][ T5465] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 191.010509][ T5470] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 191.080800][ T5470] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 191.111210][ T5470] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 191.250886][ T5474] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 191.279540][ T5474] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 191.398898][ T5477] 8021q: adding VLAN 0 to HW filter on device bond0
[ 191.402134][ T5474] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 191.436286][ T5474] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 191.527445][ T5477] 8021q: adding VLAN 0 to HW filter on device team0
[ 191.636836][ T5469] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 191.661822][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 191.665120][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 191.698149][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 191.701460][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 191.771764][ T5465] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 191.804071][ T5469] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 191.852713][ T5469] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 191.957960][ T5469] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 192.308550][ T5477] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 192.312695][ T5477] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 192.339874][ T5465] veth0_vlan: entered promiscuous mode
[ 192.352306][ T5486] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 192.438019][ T5465] veth1_vlan: entered promiscuous mode
[ 192.468096][ T5486] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 192.550735][ T5470] 8021q: adding VLAN 0 to HW filter on device bond0
[ 192.602687][ T5486] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 192.718575][ T5474] 8021q: adding VLAN 0 to HW filter on device bond0
[ 192.721635][ T5486] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 192.788745][ T5465] veth0_macvtap: entered promiscuous mode
[ 192.867498][ T5470] 8021q: adding VLAN 0 to HW filter on device team0
[ 192.917833][ T5465] veth1_macvtap: entered promiscuous mode
[ 192.929327][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 192.932282][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 192.965435][ T5474] 8021q: adding VLAN 0 to HW filter on device team0
[ 193.088724][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 193.091892][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 193.116680][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 193.119740][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 193.134773][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 193.137795][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 193.197417][ T5469] 8021q: adding VLAN 0 to HW filter on device bond0
[ 193.221092][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 193.312911][ T5477] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 193.362244][ T5470] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 193.386912][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 193.525527][ T5465] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.529056][ T5465] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.532693][ T5465] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.587119][ T5465] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.609882][ T5469] 8021q: adding VLAN 0 to HW filter on device team0
[ 193.742652][ T1034] bridge0: port 1(bridge_slave_0) entered blocking state
[ 193.746001][ T1034] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 193.779135][ T1034] bridge0: port 2(bridge_slave_1) entered blocking state
[ 193.782317][ T1034] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 193.941311][ T5477] veth0_vlan: entered promiscuous mode
[ 194.147413][ T5477] veth1_vlan: entered promiscuous mode
[ 194.182776][ T5470] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 194.258365][ T5469] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 194.288422][ T5469] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 194.310975][ T5486] 8021q: adding VLAN 0 to HW filter on device bond0
[ 194.382125][ T5477] veth0_macvtap: entered promiscuous mode
[ 194.465049][ T5486] 8021q: adding VLAN 0 to HW filter on device team0
[ 194.509099][ T1034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 194.512353][ T1034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 194.519230][ T5477] veth1_macvtap: entered promiscuous mode
[ 194.568426][ T5474] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 194.581421][ T5477] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 194.650279][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[ 194.653547][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 194.717090][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[ 194.720095][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 194.806084][ T5477] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 194.811614][ T5477] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 194.888810][ T5477] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 194.892364][ T5477] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 194.913174][ T5477] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 195.001667][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 195.038165][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 195.272279][ T5470] veth0_vlan: entered promiscuous mode
2025/07/13 13:13:07 executed programs: 12
[ 195.561226][ T5470] veth1_vlan: entered promiscuous mode
[ 195.753287][ T5469] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 195.881478][ T5470] veth0_macvtap: entered promiscuous mode
[ 195.935347][ T5470] veth1_macvtap: entered promiscuous mode
[ 195.960598][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 195.981151][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 196.062056][ T5470] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 196.102557][ T5469] veth0_vlan: entered promiscuous mode
[ 196.151839][ T5469] veth1_vlan: entered promiscuous mode
[ 196.171024][ T5486] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 196.186974][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 196.190452][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 196.205961][ T5474] veth0_vlan: entered promiscuous mode
[ 196.230033][ T5470] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 196.258292][ T5470] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 196.262256][ T5470] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 196.297435][ T5470] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 196.301007][ T5470] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 196.390041][ T5474] veth1_vlan: entered promiscuous mode
[ 196.429997][ T5689] loop0: detected capacity change from 0 to 32768
[ 196.674010][ T5469] veth0_macvtap: entered promiscuous mode
[ 196.678988][ T5469] veth1_macvtap: entered promiscuous mode
[ 196.818302][ T5474] veth0_macvtap: entered promiscuous mode
[ 196.958993][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 196.961834][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 196.966239][ T5474] veth1_macvtap: entered promiscuous mode
[ 197.111160][ T5469] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 197.161927][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 197.289293][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 197.345126][ T5469] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 197.415003][ T5474] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.418547][ T5474] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.421995][ T5474] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.486224][ T5474] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.515449][ T22] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 197.529207][ T5469] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.555326][ T22] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 197.573467][ T5469] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.582489][ T5469] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.595402][ T5469] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 197.922146][ T5704] loop0: detected capacity change from 0 to 32768
[ 197.945852][ T5486] veth0_vlan: entered promiscuous mode
[ 198.070875][ T5486] veth1_vlan: entered promiscuous mode
[ 198.328484][ T5486] veth0_macvtap: entered promiscuous mode
[ 198.425734][ T5486] veth1_macvtap: entered promiscuous mode
[ 198.432375][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 198.505601][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 198.634624][ T5486] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 198.670682][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 198.700942][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 198.745918][ T5486] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 198.844541][ T5486] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 198.893781][ T5486] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 198.905989][ T5486] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 198.942890][ T5486] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 199.062705][ T1034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 199.088667][ T1034] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 199.302209][ T3020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 199.336931][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 199.339868][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[ 199.351601][ T3020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 199.519662][ T5710] loop0: detected capacity change from 0 to 32768
[ 199.629854][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 199.678510][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 199.948488][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 199.985699][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/13 13:13:12 executed programs: 23
[ 201.472070][ T5718] loop0: detected capacity change from 0 to 32768
[ 203.212052][ T5726] loop0: detected capacity change from 0 to 32768
[ 204.790495][ T5738] loop0: detected capacity change from 0 to 32768
2025/07/13 13:13:18 executed programs: 37
[ 206.430250][ T5744] loop0: detected capacity change from 0 to 32768
[ 207.141777][ T5631] ==================================================================
[ 207.145382][ T5631] BUG: KASAN: slab-use-after-free in hci_uart_write_work+0x2ca/0x550
[ 207.148763][ T5631] Read of size 8 at addr ffff8880555a35d8 by task kworker/0:7/5631
[ 207.153295][ T5631]
[ 207.154363][ T5631] CPU: 0 UID: 0 PID: 5631 Comm: kworker/0:7 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full)
[ 207.154378][ T5631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 207.154386][ T5631] Workqueue: events hci_uart_write_work
[ 207.154403][ T5631] Call Trace:
[ 207.154409][ T5631]
[ 207.154413][ T5631] dump_stack_lvl+0x189/0x250
[ 207.154423][ T5631] ? __virt_addr_valid+0x1c8/0x5c0
[ 207.154437][ T5631] ? rcu_is_watching+0x15/0xb0
[ 207.154504][ T5631] ? __pfx_dump_stack_lvl+0x10/0x10
[ 207.154517][ T5631] ? rcu_is_watching+0x15/0xb0
[ 207.154528][ T5631] ? lock_release+0x4b/0x3e0
[ 207.154539][ T5631] ? _raw_spin_lock_irqsave+0xb3/0xf0
[ 207.154590][ T5631] ? __virt_addr_valid+0x1c8/0x5c0
[ 207.154604][ T5631] ? __virt_addr_valid+0x4a5/0x5c0
[ 207.154618][ T5631] print_report+0xca/0x230
[ 207.154628][ T5631] ? hci_uart_write_work+0x2ca/0x550
[ 207.154641][ T5631] kasan_report+0x118/0x150
[ 207.154656][ T5631] ? hci_uart_write_work+0x2ca/0x550
[ 207.154668][ T5631] ? __pfx_pty_write+0x10/0x10
[ 207.154680][ T5631] hci_uart_write_work+0x2ca/0x550
[ 207.154696][ T5631] ? process_scheduled_works+0x9ef/0x17b0
[ 207.154708][ T5631] process_scheduled_works+0xae1/0x17b0
[ 207.154725][ T5631] ? __pfx_process_scheduled_works+0x10/0x10
[ 207.154740][ T5631] worker_thread+0x8a0/0xda0
[ 207.154753][ T5631] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 207.154769][ T5631] ? __kthread_parkme+0x7b/0x200
[ 207.154782][ T5631] kthread+0x70e/0x8a0
[ 207.154797][ T5631] ? __pfx_worker_thread+0x10/0x10
[ 207.154810][ T5631] ? __pfx_kthread+0x10/0x10
[ 207.154824][ T5631] ? _raw_spin_unlock_irq+0x23/0x50
[ 207.154845][ T5631] ? lockdep_hardirqs_on+0x9c/0x150
[ 207.154860][ T5631] ? __pfx_kthread+0x10/0x10
[ 207.154874][ T5631] ret_from_fork+0x3fc/0x770
[ 207.154887][ T5631] ? __pfx_ret_from_fork+0x10/0x10
[ 207.154898][ T5631] ? __pfx_kthread+0x10/0x10
[ 207.154912][ T5631] ret_from_fork_asm+0x1a/0x30
[ 207.154931][ T5631]
[ 207.154935][ T5631]
[ 207.242101][ T5631] Allocated by task 54:
[ 207.243923][ T5631] kasan_save_track+0x3e/0x80
[ 207.246085][ T5631] __kasan_slab_alloc+0x6c/0x80
[ 207.248236][ T5631] kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[ 207.250904][ T5631] __alloc_skb+0x112/0x2d0
[ 207.252857][ T5631] h5_prepare_pkt+0x184/0x530
[ 207.254924][ T5631] h5_dequeue+0x197/0x790
[ 207.256871][ T5631] hci_uart_write_work+0x24a/0x550
[ 207.259140][ T5631] process_scheduled_works+0xae1/0x17b0
[ 207.261631][ T5631] worker_thread+0x8a0/0xda0
[ 207.263766][ T5631] kthread+0x70e/0x8a0
[ 207.265670][ T5631] ret_from_fork+0x3fc/0x770
[ 207.267768][ T5631] ret_from_fork_asm+0x1a/0x30
[ 207.269883][ T5631]
[ 207.271400][ T5631] The buggy address belongs to the object at ffff8880555a3500
[ 207.271400][ T5631] which belongs to the cache skbuff_head_cache of size 240
[ 207.277639][ T5631] The buggy address is located 216 bytes inside of
[ 207.277639][ T5631] freed 240-byte region [ffff8880555a3500, ffff8880555a35f0)
[ 207.283534][ T5631]
[ 207.284653][ T5631] The buggy address belongs to the physical page:
[ 207.287439][ T5631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x555a3
[ 207.291471][ T5631] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 207.294796][ T5631] page_type: f5(slab)
[ 207.296533][ T5631] raw: 04fff00000000000 ffff8880304e0b40 dead000000000100 dead000000000122
[ 207.300466][ T5631] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[ 207.304813][ T5631] page dumped because: kasan: bad access detected
[ 207.307565][ T5631] page_owner tracks the page as allocated
[ 207.310152][ T5631] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5474, tgid 5474 (syz-executor), ts 183992405509, free_ts 181552341552
[ 207.319669][ T5631] post_alloc_hook+0x240/0x2a0
[ 207.321752][ T5631] get_page_from_freelist+0x21e4/0x22c0
[ 207.324225][ T5631] __alloc_frozen_pages_noprof+0x181/0x370
[ 207.326729][ T5631] alloc_pages_mpol+0x232/0x4a0
[ 207.328840][ T5631] allocate_slab+0x8a/0x3b0
[ 207.330816][ T5631] ___slab_alloc+0xbfc/0x1480
[ 207.333024][ T5631] kmem_cache_alloc_node_noprof+0x280/0x3c0
[ 207.335416][ T5631] __alloc_skb+0x112/0x2d0
[ 207.337269][ T5631] inet_netconf_notify_devconf+0x173/0x240
[ 207.339662][ T5631] __devinet_sysctl_register+0x3f6/0x470
[ 207.341977][ T5631] devinet_sysctl_register+0x187/0x200
[ 207.344219][ T5631] inetdev_init+0x2b4/0x500
[ 207.346135][ T5631] inetdev_event+0x301/0x15b0
[ 207.348107][ T5631] notifier_call_chain+0x1b3/0x3e0
[ 207.350413][ T5631] register_netdevice+0x1608/0x1ae0
[ 207.352833][ T5631] team_newlink+0x114/0x160
[ 207.354801][ T5631] page last free pid 5407 tgid 5407 stack trace:
[ 207.357569][ T5631] __free_frozen_pages+0xc71/0xe70
[ 207.359715][ T5631] vfree+0x25a/0x400
[ 207.361572][ T5631] kcov_close+0x28/0x50
[ 207.363425][ T5631] __fput+0x449/0xa70
[ 207.365391][ T5631] task_work_run+0x1d1/0x260
[ 207.367605][ T5631] do_exit+0x6b5/0x22e0
[ 207.369536][ T5631] do_group_exit+0x21c/0x2d0
[ 207.371587][ T5631] get_signal+0x1286/0x1340
[ 207.373748][ T5631] arch_do_signal_or_restart+0x9a/0x750
[ 207.376392][ T5631] exit_to_user_mode_loop+0x75/0x110
[ 207.379197][ T5631] do_syscall_64+0x2bd/0x3b0
[ 207.381832][ T5631] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 207.384570][ T5631]
[ 207.385768][ T5631] Memory state around the buggy address:
[ 207.388290][ T5631] ffff8880555a3480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[ 207.391837][ T5631] ffff8880555a3500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 207.395241][ T5631] >ffff8880555a3580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[ 207.398639][ T5631] ^
[ 207.401777][ T5631] ffff8880555a3600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 207.405248][ T5631] ffff8880555a3680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 207.408849][ T5631] ==================================================================
[ 208.076991][ T5754] loop0: detected capacity change from 0 to 32768
[ 209.093242][ T5631] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 209.096364][ T5631] CPU: 0 UID: 0 PID: 5631 Comm: kworker/0:7 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full)
[ 209.101476][ T5631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 209.105987][ T5631] Workqueue: events hci_uart_write_work
[ 209.108735][ T5631] Call Trace:
[ 209.110224][ T5631]
[ 209.111495][ T5631] dump_stack_lvl+0x99/0x250
[ 209.113698][ T5631] ? __asan_memcpy+0x40/0x70
[ 209.115809][ T5631] ? __pfx_dump_stack_lvl+0x10/0x10
[ 209.118063][ T5631] ? __pfx__printk+0x10/0x10
[ 209.120109][ T5631] panic+0x2db/0x790
[ 209.121942][ T5631] ? __pfx_preempt_schedule+0x10/0x10
[ 209.124260][ T5631] ? __pfx_panic+0x10/0x10
[ 209.126178][ T5631] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 209.128722][ T5631] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 209.131402][ T5631] ? hci_uart_write_work+0x2ca/0x550
[ 209.133742][ T5631] check_panic_on_warn+0x89/0xb0
[ 209.135894][ T5631] ? hci_uart_write_work+0x2ca/0x550
[ 209.138172][ T5631] end_report+0x78/0x160
[ 209.139971][ T5631] kasan_report+0x129/0x150
[ 209.142016][ T5631] ? hci_uart_write_work+0x2ca/0x550
[ 209.144301][ T5631] ? __pfx_pty_write+0x10/0x10
[ 209.146536][ T5631] hci_uart_write_work+0x2ca/0x550
[ 209.148939][ T5631] ? process_scheduled_works+0x9ef/0x17b0
[ 209.151689][ T5631] process_scheduled_works+0xae1/0x17b0
[ 209.154250][ T5631] ? __pfx_process_scheduled_works+0x10/0x10
[ 209.156828][ T5631] worker_thread+0x8a0/0xda0
[ 209.158818][ T5631] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 209.161632][ T5631] ? __kthread_parkme+0x7b/0x200
[ 209.163765][ T5631] kthread+0x70e/0x8a0
[ 209.165556][ T5631] ? __pfx_worker_thread+0x10/0x10
[ 209.167822][ T5631] ? __pfx_kthread+0x10/0x10
[ 209.169919][ T5631] ? _raw_spin_unlock_irq+0x23/0x50
[ 209.172179][ T5631] ? lockdep_hardirqs_on+0x9c/0x150
[ 209.174400][ T5631] ? __pfx_kthread+0x10/0x10
[ 209.176406][ T5631] ret_from_fork+0x3fc/0x770
[ 209.178328][ T5631] ? __pfx_ret_from_fork+0x10/0x10
[ 209.180650][ T5631] ? __pfx_kthread+0x10/0x10
[ 209.183053][ T5631] ret_from_fork_asm+0x1a/0x30
[ 209.185607][ T5631]
[ 209.187513][ T5631] Kernel Offset: disabled
[ 209.189448][ T5631] Rebooting in 86400 seconds..
VM DIAGNOSIS:
13:13:19 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000cdef2b0
R8 =ffff8880339b8237 R9 =1ffff11006737046 R10=dffffc0000000000 R11=ffffffff85479720
R12=dffffc0000000000 R13=ffffffff99af98a6 R14=ffffffff99dfe700 R15=0000000000000000
RIP=ffffffff8547979c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808d21b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb1a36d2080 CR3=0000000045c39000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe874fa200 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8438211b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8438211b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8438211b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8438211b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8438211bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8438211c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000