last executing test programs: 561.378886ms ago: executing program 3 (id=4): mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB=',rootmode=00000000000000000100000', @ANYRESDEC=0x0, @ANYRESDEC=0x0]) pipe(&(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) openat$6lowpan_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x7fff, 0x0) 72.649485ms ago: executing program 1 (id=2): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001400)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_KEY={0x4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x24}}, 0x0) 0s ago: executing program 2 (id=3): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) semctl$SETVAL(0x0, 0x0, 0x10, &(0x7f0000000040)=0x3) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901) fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000180)='\xd9\x00', &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f00000000c0)='./bus\x00', 0x50, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESHEX, @ANYRESHEX, @ANYRESOCT, @ANYBLOB="a60b8f2f94f38c9c515f0a49abc35b272f81737b1b8fb0591ebfcd504abdec6006007f2d3331275784d9e3d3e712d86ca48a7445f18ab74b", @ANYRES64], 0x2, 0x62e, &(0x7f0000000cc0)="$eJzs3c1rXNcZB+DfHcmy5ICjNLbjlkBEDGmpqK0PlFbd1C2lqBBKSBddC1vGwmMnlZSihNKoX3TbRf6AdKFdV4VuCgVDum532WoZKHSTlbqacu/cGY1seTqKJc04eR5z55wz595z3/PO/ZgZIybAl9bKbMYfpsjK7BvbZXtvd7G5t7t4v1NPcj5JIxlvFykeJMXHyc20l3y1fLIernjSfj5cX37rk8/2Pm23xuulWr/Rb7vB7NRLZpKM1eVJjXfrqccrujMsE3atkzgYtnNJWof8/MpBT38Xnvq8BUZB0b5vdrXqM3u6Os0zWb8PaN8V2/fsZ9rOsAMAAACAM/D8fvaznYvDjgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeJfXv/1e/+j/ZfSrFTIrO7/9PdPrr+mgaMLKHjdMOBAAAAAAAAABO3yv72c92LnbarSKNJK9WjUvV43N5N5tZy0auZzur2cpWNjKfZLpnoInt1a2tjfkBtlw4csuFAQOeevo5AwAAAAAAAMAX0G+ycvD//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAqKZKxdVMulTn06jfEkk0kmyvV2kn916s+yh8MOAAAAAM7A8/vZz3YudtqtovrMf6X63D+Zd/MgW1nPVppZy+3qu4D2p/7G3u5ic2938X65PD7u9/9zrDCqEdP+7uHoPV+t1pjKnaxXz1zPrbydZm6nUW1ZutqJ5+i4fl3GVHyvNmBkt+uynPkf6/L0jQ2wznSVkXPdjMzVsZXZeKF/Jg6/OjvH3dN8Gt1vfi6dQs4v1GWRPPfjM8v5IOpMvJI6Ews9R9+V/plIvv7XP//sbvPBvbt3NmdHZ0rHcL7VanXqjx4Tiz2ZeOkLn4lec1UmLnfbK/lRfprZzOTNbGQ9v8hqtrKWmfywqq3Wx3P5ON0/UzcPtd6sHqeeHMlE/bq0rx7Hi+nVatuLWc9P8nZuZy2vV/8WMp9vZylLWe55hS8PcNY3jnfWX/tGXSkn+If+Ez1jZV5fqPP6QXLomjtd9fU+c5ClFDnpa+P41+pKuY/f1uVoeDQT8z2ZeLH/8fKn6rKy2Xxwb+Pu6jsD7u+1uizPo9+P1F2iPF6+Ur5YVevw0VH2vXhk33zVd6nb13is73K37/+dqRP1e7jHR1qo+l46sm+x6rva03fU+y0ARt6Fb16YmPr31D+nPpr63dTdqTcmf3D+O+dfnsi5f5z77vjc2GuNl4u/5KP86uDzPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Pltvvf+vdVmc23jkUqr1frgCV2ftzKW42z197+d5N47v0d0gtM52crkcVZujUbMx6n8t9VqnciAO30O2hOrtGojkbohVYZ8YQJO3Y2t++/c2Hzv/W+td26RS0vLc8tLry/euLPeXJtrPw45SOBUHNz0hx0JAAAAAAAAAAAAMKiz+HOCYc8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeLatzGb8YYrMz12fK9t7u4vNcunUD9YcT9JIUvwyKT5Obqa9ZLpnuOJJ+/lwffmtTz7b+/RgrPHO+o1+2w1mp14yk2SsLk9qvFtPPV7RnWGZsGudxMGw/S8AAP//C8wPrA==") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f00000004c0), 0x208e24b) writev(r3, &(0x7f0000000740)=[{&(0x7f0000000140)="13", 0x1}], 0x1) setsockopt$inet6_tcp_int(r2, 0x6, 0x1b, &(0x7f0000000140)=0x6, 0x4) syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3", @ANYBLOB="c0ce73f8a966be9cf1cf143308b5d0464c013a03cf747777ea0ed09488b887670fea47a722146c19d62fe2c62ecde5b162e2fb73643ae88ea8d6f8f3df37ae115ee13002250daf6e2ccf671184f26bbe816796091c40f4969de8958994f0575c9f764ebacb9487efa5bafd65f5804572b810887b51d2766c7ce0f8d31c2688550cd257027de2fced10cee98f0f7bb6f3b2f10c632c2b7dc7b2959ba50ccaf9b7317343e7a3fe34abd8bb3504792e5a82b10db09a71b29af0e82e7011c58841416983971a959f370eecd275cb7abac8dcffd4bfebf53c68a5a752b4fc77bf2b3ea9e7f54c", @ANYRES32], 0x0) r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$binfmt_aout(r4, 0x0, 0xff2e) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.224' (ED25519) to the list of known hosts. [ 49.649912][ T5225] cgroup: Unknown subsys name 'net' [ 49.754618][ T5225] cgroup: Unknown subsys name 'cpuset' [ 49.762119][ T5225] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 51.092216][ T5225] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.399932][ T5238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 53.412816][ T5238] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 53.420272][ T5238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 53.431187][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 53.444638][ T5238] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 53.464637][ T5243] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 53.472995][ T5243] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 53.499340][ T4630] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 53.505937][ T5246] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 53.507265][ T4630] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 53.524722][ T4630] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 53.531956][ T5246] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 53.539605][ T4630] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 53.547433][ T4630] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 53.554951][ T4630] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 53.560602][ T5253] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 53.563107][ T4630] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 53.576243][ T5253] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 53.576646][ T4630] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 53.583777][ T5253] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 53.591716][ T4630] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 53.598074][ T5253] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 53.604786][ T4630] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 53.613243][ T5253] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 53.626906][ T5253] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 53.634812][ T5253] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 53.642693][ T4630] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.642912][ T5253] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 53.656960][ T4630] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 53.664419][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 54.043055][ T5239] chnl_net:caif_netlink_parms(): no params data found [ 54.053343][ T5235] chnl_net:caif_netlink_parms(): no params data found [ 54.062996][ T5240] chnl_net:caif_netlink_parms(): no params data found [ 54.216445][ T5247] chnl_net:caif_netlink_parms(): no params data found [ 54.247899][ T5240] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.258350][ T5240] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.267431][ T5240] bridge_slave_0: entered allmulticast mode [ 54.278074][ T5240] bridge_slave_0: entered promiscuous mode [ 54.311347][ T5245] chnl_net:caif_netlink_parms(): no params data found [ 54.323085][ T5240] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.330141][ T5240] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.337627][ T5240] bridge_slave_1: entered allmulticast mode [ 54.344848][ T5240] bridge_slave_1: entered promiscuous mode [ 54.351430][ T5239] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.358597][ T5239] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.366153][ T5239] bridge_slave_0: entered allmulticast mode [ 54.373070][ T5239] bridge_slave_0: entered promiscuous mode [ 54.379949][ T5239] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.387331][ T5239] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.394662][ T5239] bridge_slave_1: entered allmulticast mode [ 54.401079][ T5239] bridge_slave_1: entered promiscuous mode [ 54.413680][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.421084][ T5235] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.428600][ T5235] bridge_slave_0: entered allmulticast mode [ 54.435472][ T5235] bridge_slave_0: entered promiscuous mode [ 54.473434][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.480521][ T5235] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.488108][ T5235] bridge_slave_1: entered allmulticast mode [ 54.495324][ T5235] bridge_slave_1: entered promiscuous mode [ 54.536157][ T5240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.547222][ T5239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.558953][ T5239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.601361][ T5240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.626777][ T5235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.639116][ T5235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.661377][ T5247] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.669779][ T5247] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.677133][ T5247] bridge_slave_0: entered allmulticast mode [ 54.684279][ T5247] bridge_slave_0: entered promiscuous mode [ 54.691236][ T5247] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.698363][ T5247] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.705572][ T5247] bridge_slave_1: entered allmulticast mode [ 54.712480][ T5247] bridge_slave_1: entered promiscuous mode [ 54.734031][ T5239] team0: Port device team_slave_0 added [ 54.769129][ T5240] team0: Port device team_slave_0 added [ 54.776735][ T5239] team0: Port device team_slave_1 added [ 54.795588][ T5247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.810258][ T5240] team0: Port device team_slave_1 added [ 54.824491][ T5235] team0: Port device team_slave_0 added [ 54.845736][ T5247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.870133][ T5235] team0: Port device team_slave_1 added [ 54.883539][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.890698][ T5245] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.898140][ T5245] bridge_slave_0: entered allmulticast mode [ 54.904704][ T5245] bridge_slave_0: entered promiscuous mode [ 54.926231][ T5239] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.935560][ T5239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.962391][ T5239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.974339][ T5239] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.981292][ T5239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.007628][ T5239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.027149][ T5245] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.034463][ T5245] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.041596][ T5245] bridge_slave_1: entered allmulticast mode [ 55.048334][ T5245] bridge_slave_1: entered promiscuous mode [ 55.071074][ T5240] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.078257][ T5240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.104292][ T5240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.119292][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.126723][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.152687][ T5235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.171648][ T5247] team0: Port device team_slave_0 added [ 55.178436][ T5240] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.185466][ T5240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.211384][ T5240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.227786][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.234802][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.261885][ T5235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.291282][ T5245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.301226][ T5247] team0: Port device team_slave_1 added [ 55.333640][ T5245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.360824][ T5239] hsr_slave_0: entered promiscuous mode [ 55.369874][ T5239] hsr_slave_1: entered promiscuous mode [ 55.392602][ T5235] hsr_slave_0: entered promiscuous mode [ 55.398715][ T5235] hsr_slave_1: entered promiscuous mode [ 55.406737][ T5235] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.414578][ T5235] Cannot create hsr debugfs directory [ 55.429693][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.436706][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.462661][ T5247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.477952][ T5240] hsr_slave_0: entered promiscuous mode [ 55.484448][ T5240] hsr_slave_1: entered promiscuous mode [ 55.490399][ T5240] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.498194][ T5240] Cannot create hsr debugfs directory [ 55.525247][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.532220][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.558454][ T5247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.562387][ T5253] Bluetooth: hci0: command tx timeout [ 55.576752][ T5245] team0: Port device team_slave_0 added [ 55.623221][ T5245] team0: Port device team_slave_1 added [ 55.641843][ T5253] Bluetooth: hci2: command tx timeout [ 55.718173][ T5247] hsr_slave_0: entered promiscuous mode [ 55.724669][ T5253] Bluetooth: hci4: command tx timeout [ 55.724679][ T5248] Bluetooth: hci1: command tx timeout [ 55.735627][ T5248] Bluetooth: hci3: command tx timeout [ 55.742588][ T5247] hsr_slave_1: entered promiscuous mode [ 55.748733][ T5247] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.756709][ T5247] Cannot create hsr debugfs directory [ 55.764749][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.771699][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.797921][ T5245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.830788][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.837783][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.863721][ T5245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.969904][ T5245] hsr_slave_0: entered promiscuous mode [ 55.976031][ T5245] hsr_slave_1: entered promiscuous mode [ 55.982124][ T5245] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.989871][ T5245] Cannot create hsr debugfs directory [ 56.068990][ T5240] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 56.082741][ T5240] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 56.093590][ T5240] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 56.130634][ T5240] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 56.214018][ T5235] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.227810][ T5235] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 56.249051][ T5235] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 56.257925][ T5235] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 56.298702][ T5239] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 56.308379][ T5239] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 56.322329][ T5239] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 56.336114][ T5239] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 56.385140][ T5247] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 56.398255][ T5247] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 56.409583][ T5247] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 56.418450][ T5247] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 56.487113][ T5245] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 56.496775][ T5245] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 56.509595][ T5240] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.533186][ T5245] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 56.550746][ T5245] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 56.571011][ T5240] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.603802][ T72] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.610927][ T72] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.666693][ T72] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.673811][ T72] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.691209][ T5239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.730371][ T5245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.740266][ T5239] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.770932][ T72] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.778058][ T72] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.795407][ T5235] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.815909][ T5245] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.828538][ T5235] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.855281][ T2956] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.862411][ T2956] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.879508][ T2956] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.886583][ T2956] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.907216][ T2956] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.914299][ T2956] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.925842][ T2956] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.932933][ T2956] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.977566][ T3023] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.984645][ T3023] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.027105][ T5247] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.081333][ T5247] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.108164][ T5235] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.136958][ T1207] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.144066][ T1207] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.194280][ T1207] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.201358][ T1207] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.297489][ T5240] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.404002][ T5240] veth0_vlan: entered promiscuous mode [ 57.460155][ T5240] veth1_vlan: entered promiscuous mode [ 57.489202][ T5239] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.544511][ T5240] veth0_macvtap: entered promiscuous mode [ 57.586103][ T5240] veth1_macvtap: entered promiscuous mode [ 57.614881][ T5235] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.637634][ T5245] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.644496][ T5253] Bluetooth: hci0: command tx timeout [ 57.679165][ T5239] veth0_vlan: entered promiscuous mode [ 57.691028][ T5239] veth1_vlan: entered promiscuous mode [ 57.701666][ T5240] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.722339][ T5253] Bluetooth: hci2: command tx timeout [ 57.737924][ T5247] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.757376][ T5235] veth0_vlan: entered promiscuous mode [ 57.778351][ T5240] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.802564][ T5253] Bluetooth: hci4: command tx timeout [ 57.802608][ T5248] Bluetooth: hci3: command tx timeout [ 57.807962][ T5253] Bluetooth: hci1: command tx timeout [ 57.834017][ T5235] veth1_vlan: entered promiscuous mode [ 57.881446][ T5240] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.891267][ T5240] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.903781][ T5240] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.913661][ T5240] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.929974][ T5239] veth0_macvtap: entered promiscuous mode [ 57.955272][ T5245] veth0_vlan: entered promiscuous mode [ 57.998955][ T5239] veth1_macvtap: entered promiscuous mode [ 58.036504][ T5235] veth0_macvtap: entered promiscuous mode [ 58.047967][ T5245] veth1_vlan: entered promiscuous mode [ 58.070505][ T5235] veth1_macvtap: entered promiscuous mode [ 58.095129][ T1207] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.105584][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.116460][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.127220][ T1207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.137591][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.164663][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.176175][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.187161][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.195194][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.207149][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.217321][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.228181][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.238887][ T5239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.260589][ T5235] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.269659][ T5235] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.279024][ T5235] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.289128][ T5235] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.317121][ T5245] veth0_macvtap: entered promiscuous mode [ 58.325142][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.337293][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.347384][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.360782][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.372998][ T5239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.393769][ T5245] veth1_macvtap: entered promiscuous mode [ 58.409434][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.415181][ T5247] veth0_vlan: entered promiscuous mode [ 58.425408][ T5239] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.428795][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.435832][ T5239] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.451135][ T5239] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.460350][ T5239] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.511443][ T5247] veth1_vlan: entered promiscuous mode [ 58.539672][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.551137][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.562800][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.573488][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.584033][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.594620][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.606911][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.628843][ T5240] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 58.640294][ T5247] veth0_macvtap: entered promiscuous mode [ 58.663998][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.677181][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.688531][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.702615][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.715338][ T5245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.726501][ T5245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.739445][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.761636][ T5247] veth1_macvtap: entered promiscuous mode [ 58.782812][ T5245] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.791518][ T5245] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.806032][ T5245] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.826705][ T5245] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.870332][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.881554][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.891440][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.902273][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.912156][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.923239][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.933123][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.943734][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.954883][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.977067][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.986355][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.992134][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.003388][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.012671][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.023492][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.035655][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.046274][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.056096][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.066599][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.077487][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.102884][ T2919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.113561][ T2919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.124317][ T5247] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.133607][ T5247] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.142960][ T5247] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.151878][ T5247] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.197319][ T3023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.206035][ T3023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.262673][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.279834][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.350454][ T1117] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.378993][ T1117] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.722541][ T5253] Bluetooth: hci0: command tx timeout [ 59.842943][ T5253] Bluetooth: hci2: command tx timeout [ 59.882040][ T5253] Bluetooth: hci3: command tx timeout [ 59.888206][ T5253] Bluetooth: hci1: command tx timeout [ 59.894030][ T5253] Bluetooth: hci4: command tx timeout [ 61.838259][ T5238] Bluetooth: hci0: command tx timeout [ 61.882120][ T5238] Bluetooth: hci2: command tx timeout [ 61.968275][ T5238] Bluetooth: hci4: command tx timeout [ 61.973802][ T5238] Bluetooth: hci1: command tx timeout [ 61.979203][ T5238] Bluetooth: hci3: command tx timeout [ 71.501661][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.508206][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.461165][ T47] cfg80211: failed to load regulatory.db [ 81.313659][ T5329] loop2: detected capacity change from 0 to 1024 [ 82.922377][ T5329] ======================================================= [ 82.922377][ T5329] WARNING: The mand mount option has been deprecated and [ 82.922377][ T5329] and is ignored by this kernel. Remove the mand [ 82.922377][ T5329] option from the mount to silence this warning. [ 82.922377][ T5329] ======================================================= [ 103.712086][ T47] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 113.091821][ T47] usb 3-1: device descriptor read/all, error -110 [ 113.334205][ T47] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 118.391996][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.428355][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.443665][ T5332] ================================================================== [ 118.451744][ T5332] BUG: KASAN: slab-use-after-free in bpf_trace_run2+0xfa/0x540 [ 118.459294][ T5332] Read of size 8 at addr ffff88801dee0318 by task syz.2.3/5332 [ 118.459314][ T5332] [ 118.459331][ T5332] CPU: 0 UID: 0 PID: 5332 Comm: syz.2.3 Not tainted 6.12.0-rc3-next-20241016-syzkaller #0 [ 118.467852][ T2919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.469181][ T5332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 118.469199][ T5332] Call Trace: [ 118.469207][ T5332] [ 118.501796][ T2919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.503071][ T5332] dump_stack_lvl+0x241/0x360 [ 118.503098][ T5332] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.520237][ T5332] ? __pfx__printk+0x10/0x10 [ 118.524828][ T5332] ? _printk+0xd5/0x120 [ 118.528977][ T5332] ? __virt_addr_valid+0x183/0x530 [ 118.534076][ T5332] ? __virt_addr_valid+0x183/0x530 [ 118.539175][ T5332] print_report+0x169/0x550 [ 118.543673][ T5332] ? __virt_addr_valid+0x183/0x530 [ 118.548783][ T5332] ? __virt_addr_valid+0x183/0x530 [ 118.553882][ T5332] ? __virt_addr_valid+0x45f/0x530 [ 118.558981][ T5332] ? __phys_addr+0xba/0x170 [ 118.563472][ T5332] ? bpf_trace_run2+0xfa/0x540 [ 118.568227][ T5332] kasan_report+0x143/0x180 [ 118.572723][ T5332] ? bpf_trace_run2+0xfa/0x540 [ 118.577480][ T5332] bpf_trace_run2+0xfa/0x540 [ 118.582066][ T5332] ? arch_do_signal_or_restart+0x51f/0x860 [ 118.587865][ T5332] ? __pfx_lock_release+0x10/0x10 [ 118.592878][ T5332] ? __pfx_bpf_trace_run2+0x10/0x10 [ 118.598066][ T5332] ? __might_fault+0xc6/0x120 [ 118.602728][ T5332] ? trace_sys_enter+0x9d/0x150 [ 118.607565][ T5332] __bpf_trace_sys_enter+0x38/0x60 [ 118.612924][ T5332] trace_sys_enter+0xd9/0x150 [ 118.617587][ T5332] syscall_trace_enter+0xf8/0x150 [ 118.622600][ T5332] do_syscall_64+0xcc/0x230 [ 118.627089][ T5332] ? clear_bhb_loop+0x35/0x90 [ 118.631756][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.637643][ T5332] RIP: 0033:0x7fcc5b519959 [ 118.642048][ T5332] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 118.661646][ T5332] RSP: 002b:00007fcc5c40ab40 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 118.670060][ T5332] RAX: ffffffffffffffda RBX: 00007fcc5b736138 RCX: 00007fcc5b519959 [ 118.678022][ T5332] RDX: 00007fcc5c40ab40 RSI: 00007fcc5c40ac70 RDI: 0000000000000011 [ 118.685986][ T5332] RBP: 00007fcc5b736130 R08: 0000000000000000 R09: 0000000000000000 [ 118.693947][ T5332] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc5b73613c [ 118.701909][ T5332] R13: 0000000000000000 R14: 00007ffd60f72000 R15: 00007ffd60f720e8 [ 118.709870][ T5332] [ 118.713138][ T5332] [ 118.715453][ T5332] Allocated by task 5329: [ 118.719761][ T5332] kasan_save_track+0x3f/0x80 [ 118.724426][ T5332] __kasan_kmalloc+0x98/0xb0 [ 118.729003][ T5332] __kmalloc_cache_noprof+0x243/0x390 [ 118.734369][ T5332] bpf_raw_tp_link_attach+0x2a0/0x6e0 [ 118.739732][ T5332] bpf_raw_tracepoint_open+0x177/0x1f0 [ 118.745181][ T5332] __sys_bpf+0x3c0/0x810 [ 118.749412][ T5332] __x64_sys_bpf+0x7c/0x90 [ 118.753817][ T5332] do_syscall_64+0xf3/0x230 [ 118.758305][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.764186][ T5332] [ 118.766494][ T5332] Freed by task 5235: [ 118.770458][ T5332] kasan_save_track+0x3f/0x80 [ 118.775120][ T5332] kasan_save_free_info+0x40/0x50 [ 118.780137][ T5332] __kasan_slab_free+0x59/0x70 [ 118.784891][ T5332] kfree+0x1a0/0x460 [ 118.788775][ T5332] rcu_core+0xaaa/0x17a0 [ 118.793005][ T5332] handle_softirqs+0x2c5/0x980 [ 118.797758][ T5332] __irq_exit_rcu+0xf4/0x1c0 [ 118.802337][ T5332] irq_exit_rcu+0x9/0x30 [ 118.806567][ T5332] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 118.812190][ T5332] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 118.818157][ T5332] [ 118.820466][ T5332] Last potentially related work creation: [ 118.826162][ T5332] kasan_save_stack+0x3f/0x60 [ 118.830829][ T5332] __kasan_record_aux_stack+0xac/0xc0 [ 118.836191][ T5332] call_rcu+0x167/0xa70 [ 118.840334][ T5332] bpf_link_release+0x78/0x90 [ 118.845002][ T5332] __fput+0x23c/0xa50 [ 118.848972][ T5332] task_work_run+0x24f/0x310 [ 118.853550][ T5332] get_signal+0x15e8/0x1740 [ 118.858044][ T5332] arch_do_signal_or_restart+0x96/0x860 [ 118.863582][ T5332] syscall_exit_to_user_mode+0xc9/0x370 [ 118.869122][ T5332] do_syscall_64+0x100/0x230 [ 118.873700][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.879579][ T5332] [ 118.881890][ T5332] The buggy address belongs to the object at ffff88801dee0300 [ 118.881890][ T5332] which belongs to the cache kmalloc-128 of size 128 [ 118.895931][ T5332] The buggy address is located 24 bytes inside of [ 118.895931][ T5332] freed 128-byte region [ffff88801dee0300, ffff88801dee0380) [ 118.909629][ T5332] [ 118.912288][ T5332] The buggy address belongs to the physical page: [ 118.918688][ T5332] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88801dee0200 pfn:0x1dee0 [ 118.928740][ T5332] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff) [ 118.936793][ T5332] page_type: f5(slab) [ 118.940763][ T5332] raw: 00fff00000000200 ffff88801ac41a00 ffffea00017842d0 ffffea000091c4d0 [ 118.949334][ T5332] raw: ffff88801dee0200 000000000010000e 00000001f5000000 0000000000000000 [ 118.957899][ T5332] page dumped because: kasan: bad access detected [ 118.964299][ T5332] page_owner tracks the page as allocated [ 118.969992][ T5332] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5329, tgid 5328 (syz.2.3), ts 59417437390, free_ts 59332096345 [ 118.989078][ T5332] post_alloc_hook+0x1f3/0x230 [ 118.993834][ T5332] get_page_from_freelist+0x3123/0x3270 [ 118.999368][ T5332] __alloc_pages_noprof+0x292/0x710 [ 119.004556][ T5332] alloc_slab_page+0x59/0x120 [ 119.009221][ T5332] allocate_slab+0x5a/0x2f0 [ 119.013969][ T5332] ___slab_alloc+0xcd1/0x14b0 [ 119.018635][ T5332] __slab_alloc+0x58/0xa0 [ 119.022954][ T5332] __kmalloc_node_noprof+0x2ee/0x4d0 [ 119.028229][ T5332] alloc_slab_obj_exts+0x3a/0xa0 [ 119.033154][ T5332] __memcg_slab_post_alloc_hook+0x319/0x7e0 [ 119.039034][ T5332] __kmalloc_node_noprof+0x30d/0x4d0 [ 119.044310][ T5332] bpf_map_area_alloc+0x64/0x120 [ 119.049235][ T5332] ringbuf_map_alloc+0x188/0x2f0 [ 119.054162][ T5332] map_create+0x946/0x11c0 [ 119.058567][ T5332] __sys_bpf+0x6d1/0x810 [ 119.062799][ T5332] __x64_sys_bpf+0x7c/0x90 [ 119.067202][ T5332] page last free pid 5245 tgid 5245 stack trace: [ 119.073521][ T5332] free_unref_page+0xcfb/0xf20 [ 119.078283][ T5332] rcu_core+0xaaa/0x17a0 [ 119.082517][ T5332] handle_softirqs+0x2c5/0x980 [ 119.087272][ T5332] __irq_exit_rcu+0xf4/0x1c0 [ 119.091861][ T5332] irq_exit_rcu+0x9/0x30 [ 119.096104][ T5332] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 119.101734][ T5332] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 119.107711][ T5332] [ 119.110021][ T5332] Memory state around the buggy address: [ 119.115644][ T5332] ffff88801dee0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 119.123690][ T5332] ffff88801dee0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 119.131739][ T5332] >ffff88801dee0300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 119.139790][ T5332] ^ [ 119.144627][ T5332] ffff88801dee0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 119.152677][ T5332] ffff88801dee0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc [ 119.160736][ T5332] ================================================================== [ 119.169978][ T5332] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 119.177182][ T5332] CPU: 0 UID: 0 PID: 5332 Comm: syz.2.3 Not tainted 6.12.0-rc3-next-20241016-syzkaller #0 [ 119.187081][ T5332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 119.197142][ T5332] Call Trace: [ 119.200413][ T5332] [ 119.203332][ T5332] dump_stack_lvl+0x241/0x360 [ 119.207998][ T5332] ? __pfx_dump_stack_lvl+0x10/0x10 [ 119.213186][ T5332] ? __pfx__printk+0x10/0x10 [ 119.217771][ T5332] ? vscnprintf+0x5d/0x90 [ 119.222094][ T5332] panic+0x349/0x880 [ 119.225986][ T5332] ? check_panic_on_warn+0x21/0xb0 [ 119.231086][ T5332] ? __pfx_panic+0x10/0x10 [ 119.235497][ T5332] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 119.241386][ T5332] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 119.247268][ T5332] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 119.253589][ T5332] ? print_report+0x502/0x550 [ 119.258276][ T5332] check_panic_on_warn+0x86/0xb0 [ 119.263202][ T5332] ? bpf_trace_run2+0xfa/0x540 [ 119.267953][ T5332] end_report+0x77/0x160 [ 119.272187][ T5332] kasan_report+0x154/0x180 [ 119.276681][ T5332] ? bpf_trace_run2+0xfa/0x540 [ 119.281432][ T5332] bpf_trace_run2+0xfa/0x540 [ 119.286011][ T5332] ? arch_do_signal_or_restart+0x51f/0x860 [ 119.291819][ T5332] ? __pfx_lock_release+0x10/0x10 [ 119.296840][ T5332] ? __pfx_bpf_trace_run2+0x10/0x10 [ 119.302036][ T5332] ? __might_fault+0xc6/0x120 [ 119.306708][ T5332] ? trace_sys_enter+0x9d/0x150 [ 119.311544][ T5332] __bpf_trace_sys_enter+0x38/0x60 [ 119.316642][ T5332] trace_sys_enter+0xd9/0x150 [ 119.321307][ T5332] syscall_trace_enter+0xf8/0x150 [ 119.326320][ T5332] do_syscall_64+0xcc/0x230 [ 119.330826][ T5332] ? clear_bhb_loop+0x35/0x90 [ 119.335500][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.341385][ T5332] RIP: 0033:0x7fcc5b519959 [ 119.345787][ T5332] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 119.365393][ T5332] RSP: 002b:00007fcc5c40ab40 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 119.373808][ T5332] RAX: ffffffffffffffda RBX: 00007fcc5b736138 RCX: 00007fcc5b519959 [ 119.381769][ T5332] RDX: 00007fcc5c40ab40 RSI: 00007fcc5c40ac70 RDI: 0000000000000011 [ 119.389728][ T5332] RBP: 00007fcc5b736130 R08: 0000000000000000 R09: 0000000000000000 [ 119.397689][ T5332] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc5b73613c [ 119.405656][ T5332] R13: 0000000000000000 R14: 00007ffd60f72000 R15: 00007ffd60f720e8 [ 119.413883][ T5332] [ 119.417113][ T5332] Kernel Offset: disabled [ 119.421423][ T5332] Rebooting in 86400 seconds..