syzkaller login: [ 92.000409][ T9] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:26789' (ED25519) to the list of known hosts.
2025/07/03 07:59:28 ignoring optional flag "sandboxArg"="0"
2025/07/03 07:59:30 parsed 1 programs
[ 160.238781][ T5337] cgroup: Unknown subsys name 'net'
[ 160.327170][ T5337] cgroup: Unknown subsys name 'cpuset'
[ 160.335848][ T5337] cgroup: Unknown subsys name 'rlimit'
[ 161.953901][ T5337] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 166.568954][ T5352] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 169.491369][ T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 169.514141][ T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 169.832841][ T31] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 169.837084][ T31] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 170.254165][ T5406] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 170.264905][ T5406] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 170.269031][ T5406] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 170.303968][ T5406] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 170.307453][ T5406] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 170.481455][ T5375] syz-executor (5375) used greatest stack depth: 19016 bytes left
[ 171.895072][ T5387] chnl_net:caif_netlink_parms(): no params data found
[ 172.394395][ T5406] Bluetooth: hci0: command tx timeout
[ 172.422330][ T5387] bridge0: port 1(bridge_slave_0) entered blocking state
[ 172.440627][ T5387] bridge0: port 1(bridge_slave_0) entered disabled state
[ 172.451264][ T5387] bridge_slave_0: entered allmulticast mode
[ 172.472433][ T5387] bridge_slave_0: entered promiscuous mode
[ 172.487953][ T5387] bridge0: port 2(bridge_slave_1) entered blocking state
[ 172.493373][ T5387] bridge0: port 2(bridge_slave_1) entered disabled state
[ 172.496746][ T5387] bridge_slave_1: entered allmulticast mode
[ 172.522806][ T5387] bridge_slave_1: entered promiscuous mode
[ 172.597606][ T5387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 172.625708][ T5387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 172.701310][ T5387] team0: Port device team_slave_0 added
[ 172.725930][ T5387] team0: Port device team_slave_1 added
[ 172.775951][ T5387] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 172.779348][ T5387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 172.804392][ T5387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 172.823719][ T5387] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 172.826960][ T5387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 172.853171][ T5387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 172.920724][ T5387] hsr_slave_0: entered promiscuous mode
[ 172.933952][ T5387] hsr_slave_1: entered promiscuous mode
[ 173.229965][ T5387] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 173.258647][ T5387] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 173.271225][ T5387] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 173.298272][ T5387] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 173.388491][ T5387] 8021q: adding VLAN 0 to HW filter on device bond0
[ 173.409598][ T5387] 8021q: adding VLAN 0 to HW filter on device team0
[ 173.420267][ T31] bridge0: port 1(bridge_slave_0) entered blocking state
[ 173.424412][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 173.438091][ T31] bridge0: port 2(bridge_slave_1) entered blocking state
[ 173.442164][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 173.709829][ T5387] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 173.920126][ T5387] veth0_vlan: entered promiscuous mode
[ 173.930468][ T5387] veth1_vlan: entered promiscuous mode
[ 173.961410][ T5387] veth0_macvtap: entered promiscuous mode
[ 173.969412][ T5387] veth1_macvtap: entered promiscuous mode
[ 173.986587][ T5387] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 173.998506][ T5387] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 174.007547][ T5387] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 174.011698][ T5387] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 174.016739][ T5387] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 174.020531][ T5387] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/07/03 07:59:46 executed programs: 0
[ 174.444225][ T4668] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 174.452867][ T4668] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 174.456756][ T4668] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 174.461063][ T4668] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 174.469784][ T4668] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 174.474711][ T4668] Bluetooth: hci0: command tx timeout
[ 174.593330][ T45] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 174.597838][ T45] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 174.610178][ T5406] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 174.614288][ T5406] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 174.618385][ T5406] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 174.637866][ T5461] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 174.642136][ T5461] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 174.646750][ T5461] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 174.663079][ T5461] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 174.686380][ T5461] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 174.749115][ T4668] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 174.753509][ T4668] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 174.758235][ T4668] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 174.762800][ T4668] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 174.768850][ T4668] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 174.772554][ T4668] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 174.783173][ T5472] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 174.786066][ T4668] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 174.789574][ T5472] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 174.793766][ T4668] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 174.823134][ T5406] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 174.827582][ T5406] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 174.833103][ T5406] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 174.855849][ T5406] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 174.860364][ T5406] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 176.122061][ T1038] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 176.581645][ T5456] chnl_net:caif_netlink_parms(): no params data found
[ 176.633013][ T4668] Bluetooth: hci4: command tx timeout
[ 176.635864][ T4668] Bluetooth: hci1: command tx timeout
[ 176.808217][ T1038] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 176.873195][ T4668] Bluetooth: hci2: command tx timeout
[ 176.876782][ T4668] Bluetooth: hci3: command tx timeout
[ 176.880291][ T4668] Bluetooth: hci5: command tx timeout
[ 176.956813][ T4668] Bluetooth: hci6: command tx timeout
[ 177.040662][ T1038] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 177.120034][ T1038] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 177.150932][ T5456] bridge0: port 1(bridge_slave_0) entered blocking state
[ 177.163008][ T5456] bridge0: port 1(bridge_slave_0) entered disabled state
[ 177.166186][ T5456] bridge_slave_0: entered allmulticast mode
[ 177.170253][ T5456] bridge_slave_0: entered promiscuous mode
[ 177.206480][ T5456] bridge0: port 2(bridge_slave_1) entered blocking state
[ 177.209690][ T5456] bridge0: port 2(bridge_slave_1) entered disabled state
[ 177.216280][ T5456] bridge_slave_1: entered allmulticast mode
[ 177.220829][ T5456] bridge_slave_1: entered promiscuous mode
[ 177.311734][ T5456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 177.395992][ T5456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 177.652115][ T5456] team0: Port device team_slave_0 added
[ 177.770695][ T5456] team0: Port device team_slave_1 added
[ 177.836590][ T5458] chnl_net:caif_netlink_parms(): no params data found
[ 177.889050][ T5456] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 177.892276][ T5456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 177.920150][ T5456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 177.936685][ T5462] chnl_net:caif_netlink_parms(): no params data found
[ 178.020471][ T5456] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 178.027283][ T5456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 178.053765][ T5456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 178.149025][ T1038] bridge_slave_1: left allmulticast mode
[ 178.151790][ T1038] bridge_slave_1: left promiscuous mode
[ 178.157753][ T1038] bridge0: port 2(bridge_slave_1) entered disabled state
[ 178.177303][ T1038] bridge_slave_0: left allmulticast mode
[ 178.180063][ T1038] bridge_slave_0: left promiscuous mode
[ 178.192126][ T1038] bridge0: port 1(bridge_slave_0) entered disabled state
[ 178.687808][ T1038] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 178.695683][ T1038] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 178.700652][ T1038] bond0 (unregistering): Released all slaves
[ 178.713371][ T4668] Bluetooth: hci4: command tx timeout
[ 178.715846][ T4668] Bluetooth: hci1: command tx timeout
[ 178.953031][ T45] Bluetooth: hci5: command tx timeout
[ 178.955527][ T45] Bluetooth: hci3: command tx timeout
[ 178.958585][ T45] Bluetooth: hci2: command tx timeout
[ 179.033548][ T4668] Bluetooth: hci6: command tx timeout
[ 179.170440][ T5456] hsr_slave_0: entered promiscuous mode
[ 179.182364][ T5456] hsr_slave_1: entered promiscuous mode
[ 179.197057][ T5456] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 179.200589][ T5456] Cannot create hsr debugfs directory
[ 179.321606][ T1038] hsr_slave_0: left promiscuous mode
[ 179.327229][ T1038] hsr_slave_1: left promiscuous mode
[ 179.330229][ T1038] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 179.336981][ T1038] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 179.341213][ T1038] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 179.346238][ T1038] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 179.359114][ T1038] veth1_macvtap: left promiscuous mode
[ 179.361836][ T1038] veth0_macvtap: left promiscuous mode
[ 179.366327][ T1038] veth1_vlan: left promiscuous mode
[ 179.369300][ T1038] veth0_vlan: left promiscuous mode
[ 179.701095][ T1038] team0 (unregistering): Port device team_slave_1 removed
[ 179.725688][ T1038] team0 (unregistering): Port device team_slave_0 removed
[ 180.071289][ T5455] chnl_net:caif_netlink_parms(): no params data found
[ 180.098895][ T5458] bridge0: port 1(bridge_slave_0) entered blocking state
[ 180.102566][ T5458] bridge0: port 1(bridge_slave_0) entered disabled state
[ 180.113033][ T5458] bridge_slave_0: entered allmulticast mode
[ 180.117520][ T5458] bridge_slave_0: entered promiscuous mode
[ 180.190496][ T5459] chnl_net:caif_netlink_parms(): no params data found
[ 180.223286][ T5458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 180.226799][ T5458] bridge0: port 2(bridge_slave_1) entered disabled state
[ 180.230095][ T5458] bridge_slave_1: entered allmulticast mode
[ 180.242277][ T5458] bridge_slave_1: entered promiscuous mode
[ 180.252331][ T5462] bridge0: port 1(bridge_slave_0) entered blocking state
[ 180.263015][ T5462] bridge0: port 1(bridge_slave_0) entered disabled state
[ 180.266436][ T5462] bridge_slave_0: entered allmulticast mode
[ 180.270011][ T5462] bridge_slave_0: entered promiscuous mode
[ 180.297280][ T5462] bridge0: port 2(bridge_slave_1) entered blocking state
[ 180.300785][ T5462] bridge0: port 2(bridge_slave_1) entered disabled state
[ 180.316133][ T5462] bridge_slave_1: entered allmulticast mode
[ 180.323121][ T5462] bridge_slave_1: entered promiscuous mode
[ 180.451112][ T5464] chnl_net:caif_netlink_parms(): no params data found
[ 180.642264][ T5458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 180.666225][ T5458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 180.730741][ T5462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 180.757610][ T5462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 180.792915][ T4668] Bluetooth: hci1: command tx timeout
[ 180.795505][ T4668] Bluetooth: hci4: command tx timeout
[ 180.854232][ T5458] team0: Port device team_slave_0 added
[ 180.939107][ T5458] team0: Port device team_slave_1 added
[ 180.948394][ T5462] team0: Port device team_slave_0 added
[ 181.033197][ T45] Bluetooth: hci2: command tx timeout
[ 181.036531][ T45] Bluetooth: hci3: command tx timeout
[ 181.039091][ T45] Bluetooth: hci5: command tx timeout
[ 181.055161][ T5462] team0: Port device team_slave_1 added
[ 181.098357][ T5458] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 181.101706][ T5458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 181.117106][ T4668] Bluetooth: hci6: command tx timeout
[ 181.120600][ T5458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 181.139214][ T5455] bridge0: port 1(bridge_slave_0) entered blocking state
[ 181.142371][ T5455] bridge0: port 1(bridge_slave_0) entered disabled state
[ 181.146651][ T5455] bridge_slave_0: entered allmulticast mode
[ 181.150892][ T5455] bridge_slave_0: entered promiscuous mode
[ 181.159674][ T5455] bridge0: port 2(bridge_slave_1) entered blocking state
[ 181.165217][ T5455] bridge0: port 2(bridge_slave_1) entered disabled state
[ 181.168587][ T5455] bridge_slave_1: entered allmulticast mode
[ 181.176108][ T5455] bridge_slave_1: entered promiscuous mode
[ 181.203113][ T5462] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 181.206212][ T5462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 181.242890][ T5462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 181.252378][ T5458] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 181.267267][ T5458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 181.303130][ T5458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 181.311168][ T5459] bridge0: port 1(bridge_slave_0) entered blocking state
[ 181.323885][ T5459] bridge0: port 1(bridge_slave_0) entered disabled state
[ 181.327446][ T5459] bridge_slave_0: entered allmulticast mode
[ 181.331463][ T5459] bridge_slave_0: entered promiscuous mode
[ 181.349762][ T5459] bridge0: port 2(bridge_slave_1) entered blocking state
[ 181.363160][ T5459] bridge0: port 2(bridge_slave_1) entered disabled state
[ 181.366310][ T5459] bridge_slave_1: entered allmulticast mode
[ 181.377285][ T5459] bridge_slave_1: entered promiscuous mode
[ 181.437353][ T5462] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 181.440438][ T5462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 181.476986][ T5462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 181.557288][ T5464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 181.560743][ T5464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 181.573343][ T5464] bridge_slave_0: entered allmulticast mode
[ 181.577661][ T5464] bridge_slave_0: entered promiscuous mode
[ 181.657968][ T5455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 181.665953][ T5464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 181.669105][ T5464] bridge0: port 2(bridge_slave_1) entered disabled state
[ 181.672338][ T5464] bridge_slave_1: entered allmulticast mode
[ 181.694073][ T5464] bridge_slave_1: entered promiscuous mode
[ 181.737711][ T5459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 181.744492][ T5455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 181.812152][ T5458] hsr_slave_0: entered promiscuous mode
[ 181.816458][ T5458] hsr_slave_1: entered promiscuous mode
[ 181.822214][ T5459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 181.869356][ T5464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 181.912935][ T5462] hsr_slave_0: entered promiscuous mode
[ 181.916233][ T5462] hsr_slave_1: entered promiscuous mode
[ 181.918964][ T5462] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 181.922443][ T5462] Cannot create hsr debugfs directory
[ 181.941706][ T5464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 181.973397][ T5455] team0: Port device team_slave_0 added
[ 182.067315][ T5459] team0: Port device team_slave_0 added
[ 182.076465][ T5455] team0: Port device team_slave_1 added
[ 182.129671][ T5459] team0: Port device team_slave_1 added
[ 182.258794][ T5464] team0: Port device team_slave_0 added
[ 182.307507][ T5455] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 182.310690][ T5455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 182.355459][ T5455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 182.384983][ T5456] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 182.424794][ T5464] team0: Port device team_slave_1 added
[ 182.429058][ T5459] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 182.432219][ T5459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 182.464179][ T5459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 182.506351][ T5455] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 182.510209][ T5455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 182.531729][ T5455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 182.555857][ T5456] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 182.575366][ T5459] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 182.578549][ T5459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 182.593403][ T5459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 182.648716][ T5456] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 182.735191][ T5456] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 182.754099][ T5464] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 182.757230][ T5464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 182.789343][ T5464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 182.797833][ T5464] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 182.801077][ T5464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 182.819919][ T5464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 182.873363][ T4668] Bluetooth: hci4: command tx timeout
[ 182.876168][ T4668] Bluetooth: hci1: command tx timeout
[ 182.897473][ T5455] hsr_slave_0: entered promiscuous mode
[ 182.900925][ T5455] hsr_slave_1: entered promiscuous mode
[ 182.905395][ T5455] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 182.909137][ T5455] Cannot create hsr debugfs directory
[ 182.988442][ T5459] hsr_slave_0: entered promiscuous mode
[ 182.991381][ T5459] hsr_slave_1: entered promiscuous mode
[ 182.997923][ T5459] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 183.001754][ T5459] Cannot create hsr debugfs directory
[ 183.088663][ T5464] hsr_slave_0: entered promiscuous mode
[ 183.092280][ T5464] hsr_slave_1: entered promiscuous mode
[ 183.098670][ T5464] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 183.102177][ T5464] Cannot create hsr debugfs directory
[ 183.113472][ T45] Bluetooth: hci5: command tx timeout
[ 183.116128][ T45] Bluetooth: hci3: command tx timeout
[ 183.118818][ T45] Bluetooth: hci2: command tx timeout
[ 183.194121][ T4668] Bluetooth: hci6: command tx timeout
[ 183.304252][ T5458] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 183.486663][ T5458] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 183.498155][ T5458] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 183.524499][ T5458] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 184.135402][ T5456] 8021q: adding VLAN 0 to HW filter on device bond0
[ 184.141257][ T5462] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 184.187293][ T5456] 8021q: adding VLAN 0 to HW filter on device team0
[ 184.209841][ T5462] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 184.244478][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state
[ 184.247761][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 184.260444][ T5462] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 184.278296][ T5462] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 184.319733][ T1039] bridge0: port 2(bridge_slave_1) entered blocking state
[ 184.323094][ T1039] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 184.498918][ T5459] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 184.579357][ T5459] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 184.631954][ T5455] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 184.661535][ T5459] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 184.686422][ T5459] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 184.743964][ T5458] 8021q: adding VLAN 0 to HW filter on device bond0
[ 184.753037][ T5455] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 184.783352][ T5455] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 184.911369][ T5455] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 185.016565][ T5458] 8021q: adding VLAN 0 to HW filter on device team0
[ 185.108135][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state
[ 185.111129][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 185.221004][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 185.223936][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 185.276044][ T5464] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 185.339391][ T5464] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 185.393974][ T5464] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 185.409319][ T5464] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 185.456065][ T5456] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 185.491598][ T5462] 8021q: adding VLAN 0 to HW filter on device bond0
[ 185.587759][ T5462] 8021q: adding VLAN 0 to HW filter on device team0
[ 185.749341][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 185.753058][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 185.881226][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 185.884904][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 185.946706][ T5459] 8021q: adding VLAN 0 to HW filter on device bond0
[ 185.986947][ T5456] veth0_vlan: entered promiscuous mode
[ 186.185860][ T5459] 8021q: adding VLAN 0 to HW filter on device team0
[ 186.207373][ T5455] 8021q: adding VLAN 0 to HW filter on device bond0
[ 186.246559][ T5456] veth1_vlan: entered promiscuous mode
[ 186.359828][ T54] bridge0: port 1(bridge_slave_0) entered blocking state
[ 186.363256][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 186.406101][ T54] bridge0: port 2(bridge_slave_1) entered blocking state
[ 186.409542][ T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 186.480737][ T5464] 8021q: adding VLAN 0 to HW filter on device bond0
[ 186.560013][ T5456] veth0_macvtap: entered promiscuous mode
[ 186.610681][ T5455] 8021q: adding VLAN 0 to HW filter on device team0
[ 186.654802][ T5456] veth1_macvtap: entered promiscuous mode
[ 186.670549][ T5458] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 186.767069][ T5464] 8021q: adding VLAN 0 to HW filter on device team0
[ 186.864718][ T54] bridge0: port 1(bridge_slave_0) entered blocking state
[ 186.868110][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 186.877495][ T54] bridge0: port 2(bridge_slave_1) entered blocking state
[ 186.880710][ T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 186.905220][ T54] bridge0: port 1(bridge_slave_0) entered blocking state
[ 186.908747][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 186.981688][ T5456] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 187.070466][ T54] bridge0: port 2(bridge_slave_1) entered blocking state
[ 187.073784][ T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 187.158558][ T5456] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 187.231848][ T5458] veth0_vlan: entered promiscuous mode
[ 187.338882][ T5456] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 187.361911][ T5456] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 187.376208][ T5456] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 187.380042][ T5456] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 187.420348][ T5464] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 187.548212][ T5458] veth1_vlan: entered promiscuous mode
[ 187.756627][ T5462] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 187.798602][ T5458] veth0_macvtap: entered promiscuous mode
[ 187.905606][ T5458] veth1_macvtap: entered promiscuous mode
[ 188.008874][ T5458] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 188.115552][ T5458] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 188.121281][ T5458] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 188.202954][ T5458] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 188.206938][ T5458] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 188.210790][ T5458] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 188.386387][ T5459] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 188.435841][ T3003] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 188.439500][ T3003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 188.526262][ T5464] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 188.600885][ T5455] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 188.659061][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 188.697870][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 188.797957][ T5459] veth0_vlan: entered promiscuous mode
[ 188.918629][ T5459] veth1_vlan: entered promiscuous mode
2025/07/03 08:00:01 executed programs: 12
[ 189.061563][ T5455] veth0_vlan: entered promiscuous mode
[ 189.177385][ T5455] veth1_vlan: entered promiscuous mode
[ 189.220327][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 189.263621][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 189.358704][ T5459] veth0_macvtap: entered promiscuous mode
[ 189.401623][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 189.425274][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 189.456184][ T5459] veth1_macvtap: entered promiscuous mode
[ 189.487394][ T5455] veth0_macvtap: entered promiscuous mode
[ 189.555624][ T5462] veth0_vlan: entered promiscuous mode
[ 189.611945][ T5455] veth1_macvtap: entered promiscuous mode
[ 189.674978][ T5459] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 189.715308][ T5462] veth1_vlan: entered promiscuous mode
[ 189.728305][ T5459] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 189.807002][ T5459] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 189.846629][ T5459] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 189.864121][ T5459] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 189.869802][ T5459] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 189.947501][ T5455] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 190.006742][ T5455] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 190.080940][ T5455] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.099436][ T5455] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.114721][ T5455] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.119746][ T5455] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.131158][ T5694] loop0: detected capacity change from 0 to 32768
[ 190.164202][ T5694] =======================================================
[ 190.164202][ T5694] WARNING: The mand mount option has been deprecated and
[ 190.164202][ T5694] and is ignored by this kernel. Remove the mand
[ 190.164202][ T5694] option from the mount to silence this warning.
[ 190.164202][ T5694] =======================================================
[ 190.265078][ T5462] veth0_macvtap: entered promiscuous mode
[ 190.344636][ T5462] veth1_macvtap: entered promiscuous mode
[ 190.432470][ T5464] veth0_vlan: entered promiscuous mode
[ 190.455946][ T5694] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 190.660116][ T5462] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 190.700112][ T5464] veth1_vlan: entered promiscuous mode
[ 190.788316][ T5462] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 190.834508][ T5462] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.839508][ T5462] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.880640][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 190.887738][ T5462] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.906763][ T5462] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 190.930764][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 190.962499][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 190.990661][ T5464] veth0_macvtap: entered promiscuous mode
[ 191.076120][ T5464] veth1_macvtap: entered promiscuous mode
[ 191.121799][ T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 191.152233][ T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 191.241238][ T5464] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 191.314540][ T5464] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 191.328098][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 191.354795][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 191.399940][ T5464] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 191.407831][ T3003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 191.420575][ T3003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 191.425936][ T5464] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 191.429662][ T5464] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 191.462052][ T5464] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 191.815455][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 191.818870][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 192.132421][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 192.155159][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 192.284650][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 192.289390][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 192.616434][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 192.620122][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 192.979193][ T5708] loop0: detected capacity change from 0 to 32768
[ 193.290647][ T5708] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 194.762992][ T5456] ocfs2: Unmounting device (7,0) on (node local)
2025/07/03 08:00:07 executed programs: 21
[ 196.980199][ T5731] loop0: detected capacity change from 0 to 32768
[ 197.226196][ T5731] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 197.793713][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 199.544394][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 199.548418][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 199.633607][ T5754] loop0: detected capacity change from 0 to 32768
[ 199.888415][ T5754] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
2025/07/03 08:00:12 executed programs: 33
[ 200.409861][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 202.618282][ T5789] loop0: detected capacity change from 0 to 32768
[ 202.832487][ T5789] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 203.211596][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 205.122092][ T5817] loop0: detected capacity change from 0 to 32768
[ 205.253002][ T5817] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
2025/07/03 08:00:17 executed programs: 47
[ 205.648425][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 207.215215][ T5843] loop0: detected capacity change from 0 to 32768
[ 207.388437][ T5843] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 207.692024][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 209.313474][ T5870] loop0: detected capacity change from 0 to 32768
[ 209.470590][ T5870] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 209.787545][ T5456] ocfs2: Unmounting device (7,0) on (node local)
2025/07/03 08:00:23 executed programs: 62
[ 211.438054][ T5896] loop0: detected capacity change from 0 to 32768
[ 211.632354][ T5896] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 211.944288][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 213.842049][ T5926] loop0: detected capacity change from 0 to 32768
[ 214.005020][ T5926] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 214.404886][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 215.817399][ T5952] loop0: detected capacity change from 0 to 32768
[ 215.950264][ T5952] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 216.281280][ T5456] ocfs2: Unmounting device (7,0) on (node local)
2025/07/03 08:00:28 executed programs: 78
[ 217.787253][ T5976] loop0: detected capacity change from 0 to 32768
[ 217.926174][ T5976] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 218.245572][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 219.987523][ T6007] loop0: detected capacity change from 0 to 32768
[ 220.191756][ T6007] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 220.616997][ T5456] ocfs2: Unmounting device (7,0) on (node local)
2025/07/03 08:00:33 executed programs: 92
[ 222.146414][ T6034] loop0: detected capacity change from 0 to 32768
[ 222.309150][ T6034] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 222.614743][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 224.298448][ T6057] loop0: detected capacity change from 0 to 32768
[ 224.491882][ T6057] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 224.802913][ T5456] ocfs2: Unmounting device (7,0) on (node local)
[ 226.874259][ T6086] loop0: detected capacity change from 0 to 32768
2025/07/03 08:00:39 executed programs: 106
[ 227.095422][ T6086] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[ 227.202247][ T6105] ==================================================================
[ 227.206047][ T6105] BUG: KASAN: slab-use-after-free in ocfs2_fault+0xd3/0x3f0
[ 227.209465][ T6105] Read of size 8 at addr ffff888012645418 by task syz.0.104/6105
[ 227.214185][ T6105]
[ 227.215614][ T6105] CPU: 0 UID: 0 PID: 6105 Comm: syz.0.104 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full)
[ 227.215627][ T6105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 227.215632][ T6105] Call Trace:
[ 227.215638][ T6105]
[ 227.215642][ T6105] dump_stack_lvl+0x189/0x250
[ 227.215658][ T6105] ? __virt_addr_valid+0x1c8/0x5c0
[ 227.215666][ T6105] ? rcu_is_watching+0x15/0xb0
[ 227.215676][ T6105] ? __kasan_check_byte+0x12/0x40
[ 227.215683][ T6105] ? __pfx_dump_stack_lvl+0x10/0x10
[ 227.215692][ T6105] ? rcu_is_watching+0x15/0xb0
[ 227.215702][ T6105] ? lock_release+0x4b/0x3e0
[ 227.215712][ T6105] ? __virt_addr_valid+0x1c8/0x5c0
[ 227.215719][ T6105] ? __virt_addr_valid+0x4a5/0x5c0
[ 227.215725][ T6105] print_report+0xd2/0x2b0
[ 227.215738][ T6105] ? ocfs2_fault+0xd3/0x3f0
[ 227.215745][ T6105] kasan_report+0x118/0x150
[ 227.215752][ T6105] ? ocfs2_fault+0xd3/0x3f0
[ 227.215759][ T6105] ocfs2_fault+0xd3/0x3f0
[ 227.215765][ T6105] ? __pfx_ocfs2_fault+0x10/0x10
[ 227.215772][ T6105] ? __raw_spin_lock_init+0x45/0x100
[ 227.215780][ T6105] __do_fault+0x138/0x390
[ 227.215788][ T6105] __handle_mm_fault+0x37ed/0x5620
[ 227.215801][ T6105] ? __pfx___handle_mm_fault+0x10/0x10
[ 227.215813][ T6105] ? __pfx___might_resched+0x10/0x10
[ 227.215824][ T6105] handle_mm_fault+0x40a/0x8e0
[ 227.215839][ T6105] __get_user_pages+0x1af4/0x30b0
[ 227.215850][ T6105] ? mt_find+0x15c/0x5f0
[ 227.215938][ T6105] ? __pfx___get_user_pages+0x10/0x10
[ 227.215952][ T6105] populate_vma_page_range+0x26b/0x340
[ 227.215966][ T6105] ? __pfx_populate_vma_page_range+0x10/0x10
[ 227.215976][ T6105] ? userfaultfd_unmap_complete+0x278/0x2d0
[ 227.215992][ T6105] ? down_read+0x1ad/0x2e0
[ 227.216000][ T6105] __mm_populate+0x24c/0x380
[ 227.216009][ T6105] ? __pfx___mm_populate+0x10/0x10
[ 227.216018][ T6105] ? up_write+0x1c4/0x420
[ 227.216025][ T6105] vm_mmap_pgoff+0x3f0/0x4c0
[ 227.216035][ T6105] ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 227.216044][ T6105] ? __fget_files+0x2a/0x420
[ 227.216052][ T6105] ? __fget_files+0x3a0/0x420
[ 227.216059][ T6105] ? __fget_files+0x2a/0x420
[ 227.216066][ T6105] ksys_mmap_pgoff+0x51f/0x760
[ 227.216077][ T6105] do_syscall_64+0xfa/0x3b0
[ 227.216086][ T6105] ? lockdep_hardirqs_on+0x9c/0x150
[ 227.216096][ T6105] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 227.216103][ T6105] ? clear_bhb_loop+0x60/0xb0
[ 227.216110][ T6105] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 227.216117][ T6105] RIP: 0033:0x7f3d4338e929
[ 227.216127][ T6105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 227.216133][ T6105] RSP: 002b:00007f3d44250038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 227.216141][ T6105] RAX: ffffffffffffffda RBX: 00007f3d435b6080 RCX: 00007f3d4338e929
[ 227.216146][ T6105] RDX: 00000000027ffff7 RSI: 0000000000600000 RDI: 0000200000000000
[ 227.216151][ T6105] RBP: 00007f3d43410b39 R08: 0000000000000005 R09: 0000000000000000
[ 227.216160][ T6105] R10: 0000000004012011 R11: 0000000000000246 R12: 0000000000000000
[ 227.216165][ T6105] R13: 0000000000000000 R14: 00007f3d435b6080 R15: 00007ffe1ba4aaf8
[ 227.216172][ T6105]
[ 227.216174][ T6105]
[ 227.368060][ T6105] Allocated by task 6105:
[ 227.369929][ T6105] kasan_save_track+0x3e/0x80
[ 227.372017][ T6105] __kasan_slab_alloc+0x6c/0x80
[ 227.374115][ T6105] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 227.376202][ T6105] vm_area_alloc+0x24/0x140
[ 227.378437][ T6105] mmap_region+0xcc7/0x1f30
[ 227.381477][ T6105] do_mmap+0xc45/0x10d0
[ 227.384525][ T6105] vm_mmap_pgoff+0x31b/0x4c0
[ 227.386541][ T6105] ksys_mmap_pgoff+0x51f/0x760
[ 227.388374][ T6105] do_syscall_64+0xfa/0x3b0
[ 227.390509][ T6105] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 227.393212][ T6105]
[ 227.394316][ T6105] Freed by task 6095:
[ 227.396246][ T6105] kasan_save_track+0x3e/0x80
[ 227.398498][ T6105] kasan_save_free_info+0x46/0x50
[ 227.400847][ T6105] __kasan_slab_free+0x62/0x70
[ 227.403302][ T6105] slab_free_after_rcu_debug+0x129/0x2a0
[ 227.406099][ T6105] rcu_core+0xca5/0x1710
[ 227.408067][ T6105] handle_softirqs+0x286/0x870
[ 227.410316][ T6105] __irq_exit_rcu+0xca/0x1f0
[ 227.412552][ T6105] irq_exit_rcu+0x9/0x30
[ 227.414935][ T6105] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 227.417920][ T6105] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 227.420598][ T6105]
[ 227.421658][ T6105] Last potentially related work creation:
[ 227.424267][ T6105] kasan_save_stack+0x3e/0x60
[ 227.426440][ T6105] kasan_record_aux_stack+0xbd/0xd0
[ 227.428969][ T6105] kmem_cache_free+0x2f6/0x400
[ 227.431281][ T6105] vms_complete_munmap_vmas+0x626/0x8a0
[ 227.433984][ T6105] mmap_region+0x161d/0x1f30
[ 227.436202][ T6105] do_mmap+0xc45/0x10d0
[ 227.438191][ T6105] vm_mmap_pgoff+0x31b/0x4c0
[ 227.440345][ T6105] ksys_mmap_pgoff+0x51f/0x760
[ 227.442900][ T6105] do_syscall_64+0xfa/0x3b0
[ 227.445394][ T6105] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 227.448412][ T6105]
[ 227.449580][ T6105] The buggy address belongs to the object at ffff8880126453c0
[ 227.449580][ T6105] which belongs to the cache vm_area_struct of size 256
[ 227.455658][ T6105] The buggy address is located 88 bytes inside of
[ 227.455658][ T6105] freed 256-byte region [ffff8880126453c0, ffff8880126454c0)
[ 227.462017][ T6105]
[ 227.463388][ T6105] The buggy address belongs to the physical page:
[ 227.467265][ T6105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12645
[ 227.471314][ T6105] memcg:ffff888011cf4c81
[ 227.473286][ T6105] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 227.476530][ T6105] page_type: f5(slab)
[ 227.478492][ T6105] raw: 00fff00000000000 ffff88801b6dbb40 ffffea00007b0700 dead000000000004
[ 227.483473][ T6105] raw: 0000000000000000 00000000800c000c 00000000f5000000 ffff888011cf4c81
[ 227.487520][ T6105] page dumped because: kasan: bad access detected
[ 227.490327][ T6105] page_owner tracks the page as allocated
[ 227.493042][ T6105] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4707, tgid 4707 (klogd), ts 30018422513, free_ts 30014122520
[ 227.501748][ T6105] post_alloc_hook+0x240/0x2a0
[ 227.504316][ T6105] get_page_from_freelist+0x21e4/0x22c0
[ 227.507000][ T6105] __alloc_frozen_pages_noprof+0x181/0x370
[ 227.509757][ T6105] alloc_pages_mpol+0x232/0x4a0
[ 227.511921][ T6105] allocate_slab+0x8a/0x3b0
[ 227.513942][ T6105] ___slab_alloc+0xbfc/0x1480
[ 227.516148][ T6105] kmem_cache_alloc_noprof+0x283/0x3c0
[ 227.519005][ T6105] vm_area_dup+0x2b/0x680
[ 227.521303][ T6105] __split_vma+0x1a9/0xa00
[ 227.523372][ T6105] vma_modify+0x13b3/0x1970
[ 227.525458][ T6105] vma_modify_flags+0x1e8/0x230
[ 227.527690][ T6105] mprotect_fixup+0x400/0x9b0
[ 227.530100][ T6105] do_mprotect_pkey+0x8cd/0xce0
[ 227.532514][ T6105] __x64_sys_mprotect+0x80/0x90
[ 227.534948][ T6105] do_syscall_64+0xfa/0x3b0
[ 227.537060][ T6105] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 227.539784][ T6105] page last free pid 15 tgid 15 stack trace:
[ 227.542570][ T6105] __free_frozen_pages+0xc71/0xe70
[ 227.545041][ T6105] __tlb_remove_table+0x2d2/0x3b0
[ 227.547421][ T6105] tlb_remove_table_rcu+0x85/0x100
[ 227.550339][ T6105] rcu_core+0xca5/0x1710
[ 227.552844][ T6105] handle_softirqs+0x286/0x870
[ 227.555005][ T6105] run_ksoftirqd+0x9b/0x100
[ 227.556978][ T6105] smpboot_thread_fn+0x53f/0xa60
[ 227.559056][ T6105] kthread+0x70e/0x8a0
[ 227.561031][ T6105] ret_from_fork+0x3fc/0x770
[ 227.563201][ T6105] ret_from_fork_asm+0x1a/0x30
[ 227.565347][ T6105]
[ 227.566513][ T6105] Memory state around the buggy address:
[ 227.569062][ T6105] ffff888012645300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 227.573207][ T6105] ffff888012645380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 227.577153][ T6105] >ffff888012645400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 227.580984][ T6105] ^
[ 227.583475][ T6105] ffff888012645480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 227.587733][ T6105] ffff888012645500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 227.592715][ T6105] ==================================================================
[ 229.690603][ T6105] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 229.694127][ T6105] CPU: 0 UID: 0 PID: 6105 Comm: syz.0.104 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full)
[ 229.699684][ T6105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 229.704258][ T6105] Call Trace:
[ 229.705771][ T6105]
[ 229.707133][ T6105] dump_stack_lvl+0x99/0x250
[ 229.709275][ T6105] ? __asan_memcpy+0x40/0x70
[ 229.711451][ T6105] ? __pfx_dump_stack_lvl+0x10/0x10
[ 229.713863][ T6105] ? __pfx__printk+0x10/0x10
[ 229.716011][ T6105] panic+0x2db/0x790
[ 229.717750][ T6105] ? __pfx_panic+0x10/0x10
[ 229.719931][ T6105] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 229.722844][ T6105] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 229.725608][ T6105] ? print_memory_metadata+0x314/0x400
[ 229.728088][ T6105] ? ocfs2_fault+0xd3/0x3f0
[ 229.730169][ T6105] check_panic_on_warn+0x89/0xb0
[ 229.732486][ T6105] ? ocfs2_fault+0xd3/0x3f0
[ 229.734765][ T6105] end_report+0x78/0x160
[ 229.736997][ T6105] kasan_report+0x129/0x150
[ 229.738967][ T6105] ? ocfs2_fault+0xd3/0x3f0
[ 229.740986][ T6105] ocfs2_fault+0xd3/0x3f0
[ 229.742975][ T6105] ? __pfx_ocfs2_fault+0x10/0x10
[ 229.745233][ T6105] ? __raw_spin_lock_init+0x45/0x100
[ 229.747710][ T6105] __do_fault+0x138/0x390
[ 229.749655][ T6105] __handle_mm_fault+0x37ed/0x5620
[ 229.752144][ T6105] ? __pfx___handle_mm_fault+0x10/0x10
[ 229.754743][ T6105] ? __pfx___might_resched+0x10/0x10
[ 229.757143][ T6105] handle_mm_fault+0x40a/0x8e0
[ 229.759259][ T6105] __get_user_pages+0x1af4/0x30b0
[ 229.761427][ T6105] ? mt_find+0x15c/0x5f0
[ 229.763441][ T6105] ? __pfx___get_user_pages+0x10/0x10
[ 229.765829][ T6105] populate_vma_page_range+0x26b/0x340
[ 229.768217][ T6105] ? __pfx_populate_vma_page_range+0x10/0x10
[ 229.770809][ T6105] ? userfaultfd_unmap_complete+0x278/0x2d0
[ 229.773533][ T6105] ? down_read+0x1ad/0x2e0
[ 229.775622][ T6105] __mm_populate+0x24c/0x380
[ 229.777769][ T6105] ? __pfx___mm_populate+0x10/0x10
[ 229.779989][ T6105] ? up_write+0x1c4/0x420
[ 229.781904][ T6105] vm_mmap_pgoff+0x3f0/0x4c0
[ 229.783894][ T6105] ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 229.786310][ T6105] ? __fget_files+0x2a/0x420
[ 229.788581][ T6105] ? __fget_files+0x3a0/0x420
[ 229.790698][ T6105] ? __fget_files+0x2a/0x420
[ 229.792762][ T6105] ksys_mmap_pgoff+0x51f/0x760
[ 229.794874][ T6105] do_syscall_64+0xfa/0x3b0
[ 229.796928][ T6105] ? lockdep_hardirqs_on+0x9c/0x150
[ 229.799359][ T6105] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 229.802561][ T6105] ? clear_bhb_loop+0x60/0xb0
[ 229.804655][ T6105] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 229.807252][ T6105] RIP: 0033:0x7f3d4338e929
[ 229.809246][ T6105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 229.817923][ T6105] RSP: 002b:00007f3d44250038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 229.821616][ T6105] RAX: ffffffffffffffda RBX: 00007f3d435b6080 RCX: 00007f3d4338e929
[ 229.825011][ T6105] RDX: 00000000027ffff7 RSI: 0000000000600000 RDI: 0000200000000000
[ 229.828593][ T6105] RBP: 00007f3d43410b39 R08: 0000000000000005 R09: 0000000000000000
[ 229.832314][ T6105] R10: 0000000004012011 R11: 0000000000000246 R12: 0000000000000000
[ 229.835805][ T6105] R13: 0000000000000000 R14: 00007f3d435b6080 R15: 00007ffe1ba4aaf8
[ 229.839323][ T6105]
[ 229.841078][ T6105] Kernel Offset: disabled
[ 229.842926][ T6105] Rebooting in 86400 seconds..
VM DIAGNOSIS:
08:00:39 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000073 RBX=0000000000000073 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900019def50
R8 =ffff888033778237 R9 =1ffff110066ef046 R10=dffffc0000000000 R11=ffffffff854782e0
R12=dffffc0000000000 R13=ffffffff99ac48e0 R14=ffffffff99dc9760 R15=0000000000000000
RIP=ffffffff8547835c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3d442506c0 ffffffff 00c00000
GS =0000 ffff88808d250000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fbb4db98000 CR3=0000000050187000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000820 Opmask01=0000000000000000 Opmask02=000000000000001f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d442705a0 00007f3d44270580
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d442706e0 00007f3d44270560
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d442705a0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d442706e0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d442706e0 00007f3d44270560
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d442705a0 00007f3d44270580
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d43411bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3d43411c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000327366636f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 63612c3130303030 3030303030303030 303030303030303d 636f6c6c616c6163
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030303030303030 30303030303d636f 6c6c616c61636f6c 2c6c63616f6e2c6c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8800167cceb42f46 08ce2129d5dc3587 6c4e95aa00588d6b 9fa8002c30303030
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000