DUID 00:04:03:bf:74:c9:6b:3e:f6:9c:c6:06:b2:63:41:89:5e:a1
no interfaces have a carrier
[ 42.308662][ T5502] 8021q: adding VLAN 0 to HW filter on device bond0
[ 42.323370][ T5502] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
syzkaller login: [ 60.354684][ T5813] sshd (5813) used greatest stack depth: 20640 bytes left
Warning: Permanently added '10.128.0.189' (ED25519) to the list of known hosts.
2025/03/06 15:14:12 ignoring optional flag "sandboxArg"="0"
2025/03/06 15:14:13 parsed 1 programs
[ 72.620264][ T5835] cgroup: Unknown subsys name 'net'
[ 72.786496][ T5835] cgroup: Unknown subsys name 'cpuset'
[ 72.794258][ T5835] cgroup: Unknown subsys name 'rlimit'
[ 74.124330][ T5835] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 76.578642][ T5846] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 77.778658][ T5890] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 77.787064][ T5890] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 77.794766][ T5890] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 77.803367][ T5890] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 77.811786][ T5890] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 77.823139][ T5890] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.228190][ T5885] chnl_net:caif_netlink_parms(): no params data found
[ 78.627978][ T5885] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.653846][ T5885] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.661089][ T5885] bridge_slave_0: entered allmulticast mode
[ 78.687133][ T5885] bridge_slave_0: entered promiscuous mode
[ 78.855138][ T5885] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.862671][ T5885] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.870263][ T5885] bridge_slave_1: entered allmulticast mode
[ 78.877630][ T5885] bridge_slave_1: entered promiscuous mode
[ 78.946302][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.954432][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.968898][ T5885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 78.999096][ T5885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 79.040884][ T5885] team0: Port device team_slave_0 added
[ 79.089031][ T5885] team0: Port device team_slave_1 added
[ 79.136165][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.166704][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.181806][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 79.194874][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.221734][ T5885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 79.236055][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 79.243027][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.269139][ T5885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 79.338544][ T5885] hsr_slave_0: entered promiscuous mode
[ 79.345565][ T5885] hsr_slave_1: entered promiscuous mode
[ 79.886665][ T5885] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 79.904088][ T5885] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 79.924705][ T5885] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 79.940178][ T5885] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 80.003363][ T5885] 8021q: adding VLAN 0 to HW filter on device bond0
[ 80.022245][ T5885] 8021q: adding VLAN 0 to HW filter on device team0
[ 80.036947][ T4276] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.044233][ T4276] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 80.059158][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.066290][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 80.187736][ T5885] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 80.219116][ T5885] veth0_vlan: entered promiscuous mode
[ 80.228807][ T5885] veth1_vlan: entered promiscuous mode
[ 80.250763][ T5885] veth0_macvtap: entered promiscuous mode
[ 80.258763][ T5885] veth1_macvtap: entered promiscuous mode
[ 80.272375][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.285793][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.300292][ T5885] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.309622][ T5885] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.318493][ T5885] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.327343][ T5885] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/03/06 15:14:23 executed programs: 0
[ 80.520444][ T5890] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 80.529197][ T5890] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 80.536833][ T5890] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 80.559536][ T5951] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 80.568250][ T5951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 80.581581][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 80.589857][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 80.596249][ T5956] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 80.597601][ T5951] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 80.606158][ T5956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 80.611373][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 80.620132][ T5956] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 80.625865][ T5951] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 80.633368][ T5958] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 80.640947][ T5951] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 80.648308][ T5958] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 80.653019][ T5959] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 80.667685][ T5951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 80.675844][ T5960] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 80.677415][ T1149] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.693953][ T5147] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 80.702659][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 80.713181][ T5951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 80.723101][ T5951] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 80.731948][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 80.780869][ T1149] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.842901][ T1149] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.927319][ T1149] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.055414][ T5946] chnl_net:caif_netlink_parms(): no params data found
[ 81.152591][ T5949] chnl_net:caif_netlink_parms(): no params data found
[ 81.199900][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.207115][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.214723][ T5946] bridge_slave_0: entered allmulticast mode
[ 81.221212][ T5946] bridge_slave_0: entered promiscuous mode
[ 81.231241][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.239676][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.247830][ T5946] bridge_slave_1: entered allmulticast mode
[ 81.256246][ T5946] bridge_slave_1: entered promiscuous mode
[ 81.326690][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.351440][ T5947] chnl_net:caif_netlink_parms(): no params data found
[ 81.367365][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.412267][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.420921][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.428149][ T5949] bridge_slave_0: entered allmulticast mode
[ 81.435733][ T5949] bridge_slave_0: entered promiscuous mode
[ 81.445342][ T5946] team0: Port device team_slave_0 added
[ 81.463357][ T5954] chnl_net:caif_netlink_parms(): no params data found
[ 81.475798][ T5946] team0: Port device team_slave_1 added
[ 81.481760][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.488978][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.497866][ T5949] bridge_slave_1: entered allmulticast mode
[ 81.507419][ T5949] bridge_slave_1: entered promiscuous mode
[ 81.592870][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 81.600212][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.626150][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 81.639084][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.673388][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 81.680507][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.706496][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 81.723521][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.772836][ T5949] team0: Port device team_slave_0 added
[ 81.781267][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.788892][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.796312][ T5947] bridge_slave_0: entered allmulticast mode
[ 81.802836][ T5947] bridge_slave_0: entered promiscuous mode
[ 81.830990][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.838415][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.845774][ T5954] bridge_slave_0: entered allmulticast mode
[ 81.852303][ T5954] bridge_slave_0: entered promiscuous mode
[ 81.863178][ T5949] team0: Port device team_slave_1 added
[ 81.879252][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.886667][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.894272][ T5947] bridge_slave_1: entered allmulticast mode
[ 81.901227][ T5947] bridge_slave_1: entered promiscuous mode
[ 81.909033][ T46] cfg80211: failed to load regulatory.db
[ 81.935357][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.942471][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.949725][ T5954] bridge_slave_1: entered allmulticast mode
[ 81.957401][ T5954] bridge_slave_1: entered promiscuous mode
[ 81.997754][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 82.026889][ T5946] hsr_slave_0: entered promiscuous mode
[ 82.033187][ T5946] hsr_slave_1: entered promiscuous mode
[ 82.045406][ T5946] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 82.053219][ T5946] Cannot create hsr debugfs directory
[ 82.080913][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.091276][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.123898][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.157169][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 82.181599][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 82.193980][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 82.204236][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.211191][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.237617][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.298094][ T5947] team0: Port device team_slave_0 added
[ 82.365495][ T5947] team0: Port device team_slave_1 added
[ 82.394178][ T5949] hsr_slave_0: entered promiscuous mode
[ 82.400488][ T5949] hsr_slave_1: entered promiscuous mode
[ 82.407187][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 82.415172][ T5949] Cannot create hsr debugfs directory
[ 82.430476][ T5954] team0: Port device team_slave_0 added
[ 82.477588][ T5954] team0: Port device team_slave_1 added
[ 82.524553][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.531545][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.558913][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.574573][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.582000][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.612818][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.639107][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.646297][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.672409][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.685206][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.692160][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.719336][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.774759][ T5951] Bluetooth: hci2: command tx timeout
[ 82.774803][ T5890] Bluetooth: hci1: command tx timeout
[ 82.780292][ T5960] Bluetooth: hci0: command tx timeout
[ 82.791942][ T5955] Bluetooth: hci3: command tx timeout
[ 82.841217][ T5947] hsr_slave_0: entered promiscuous mode
[ 82.847945][ T5947] hsr_slave_1: entered promiscuous mode
[ 82.855406][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 82.862966][ T5947] Cannot create hsr debugfs directory
[ 82.885954][ T5954] hsr_slave_0: entered promiscuous mode
[ 82.892029][ T5954] hsr_slave_1: entered promiscuous mode
[ 82.898133][ T5954] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 82.905744][ T5954] Cannot create hsr debugfs directory
[ 83.527341][ T1149] bridge_slave_1: left allmulticast mode
[ 83.533145][ T1149] bridge_slave_1: left promiscuous mode
[ 83.539890][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.556371][ T1149] bridge_slave_0: left allmulticast mode
[ 83.562007][ T1149] bridge_slave_0: left promiscuous mode
[ 83.568437][ T1149] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.792209][ T1149] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 83.803126][ T1149] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 83.814704][ T1149] bond0 (unregistering): Released all slaves
[ 83.883533][ T1149] hsr_slave_0: left promiscuous mode
[ 83.895941][ T1149] hsr_slave_1: left promiscuous mode
[ 83.901961][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 83.915316][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 83.929447][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 83.938229][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 83.971492][ T1149] veth1_macvtap: left promiscuous mode
[ 83.980361][ T1149] veth0_macvtap: left promiscuous mode
[ 83.990294][ T1149] veth1_vlan: left promiscuous mode
[ 83.998468][ T1149] veth0_vlan: left promiscuous mode
[ 84.377383][ T1149] team0 (unregistering): Port device team_slave_1 removed
[ 84.410080][ T1149] team0 (unregistering): Port device team_slave_0 removed
[ 84.860340][ T5955] Bluetooth: hci3: command tx timeout
[ 84.866208][ T5955] Bluetooth: hci0: command tx timeout
[ 84.871639][ T5955] Bluetooth: hci2: command tx timeout
[ 84.877302][ T5960] Bluetooth: hci1: command tx timeout
[ 84.901183][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 84.916484][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 84.933227][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 84.954212][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 85.041244][ T5954] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 85.074257][ T5954] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 85.106595][ T5954] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 85.237866][ T5954] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 85.331635][ T5947] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 85.388076][ T5947] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 85.461617][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.489308][ T5947] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 85.503527][ T5947] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 85.586911][ T5946] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 85.611840][ T5946] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 85.638400][ T5946] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 85.650877][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[ 85.689095][ T5946] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 85.708573][ T4276] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.715706][ T4276] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.764959][ T70] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.772023][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.871787][ T5949] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 85.909966][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.921114][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.962270][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[ 85.986844][ T5947] 8021q: adding VLAN 0 to HW filter on device team0
[ 86.009771][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.016928][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.032154][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.039319][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.057941][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.080230][ T3567] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.087380][ T3567] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.096894][ T3567] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.104012][ T3567] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.141482][ T5946] 8021q: adding VLAN 0 to HW filter on device team0
[ 86.169775][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.202669][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.209811][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.220904][ T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.228001][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.365425][ T5949] veth0_vlan: entered promiscuous mode
[ 86.387945][ T5949] veth1_vlan: entered promiscuous mode
[ 86.441389][ T5949] veth0_macvtap: entered promiscuous mode
[ 86.481376][ T5949] veth1_macvtap: entered promiscuous mode
[ 86.527927][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 86.568283][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.587061][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 86.601658][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.610894][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.620739][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.629574][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.665929][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.700351][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.787221][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.795121][ T5954] veth0_vlan: entered promiscuous mode
[ 86.811570][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.826556][ T5947] veth0_vlan: entered promiscuous mode
[ 86.861756][ T5954] veth1_vlan: entered promiscuous mode
[ 86.871251][ T3567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.879592][ T3567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.882476][ T5947] veth1_vlan: entered promiscuous mode
[ 86.926427][ T5946] veth0_vlan: entered promiscuous mode
[ 86.934023][ T5960] Bluetooth: hci1: command tx timeout
[ 86.934397][ T5890] Bluetooth: hci0: command tx timeout
[ 86.939424][ T5960] Bluetooth: hci3: command tx timeout
[ 86.950363][ T5955] Bluetooth: hci2: command tx timeout
2025/03/06 15:14:30 executed programs: 8
[ 86.988194][ T5946] veth1_vlan: entered promiscuous mode
[ 87.017837][ T5954] veth0_macvtap: entered promiscuous mode
[ 87.049690][ T5954] veth1_macvtap: entered promiscuous mode
[ 87.067685][ T5947] veth0_macvtap: entered promiscuous mode
[ 87.076779][ T5947] veth1_macvtap: entered promiscuous mode
[ 87.133122][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 87.144184][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.157188][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 87.168762][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 87.181280][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.192290][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 87.203042][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.220960][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 87.256020][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 87.284390][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.307741][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 87.316562][ T5946] veth0_macvtap: entered promiscuous mode
[ 87.332904][ T5946] veth1_macvtap: entered promiscuous mode
[ 87.350325][ T5954] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.362276][ T5954] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.372323][ T5954] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.381226][ T5954] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.392712][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 87.405704][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.417038][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 87.428021][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.439219][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 87.459948][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 87.472337][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.482771][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 87.496363][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.506638][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 87.517358][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.529028][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 87.558799][ T5947] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.568534][ T5947] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.577647][ T5947] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.593371][ T5947] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.635998][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 87.653365][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.670371][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 87.680863][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.693684][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 87.708920][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 87.719878][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 87.752095][ T5946] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.762937][ T5946] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.776643][ T5946] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.786893][ T5946] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.808203][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 87.840918][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 87.901125][ T3567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 87.909411][ T3567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 87.938913][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 87.955676][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.023588][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.043553][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.079871][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.093130][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.216494][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.229405][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.560406][ T6072] FAULT_INJECTION: forcing a failure.
[ 88.560406][ T6072] name failslab, interval 1, probability 0, space 0, times 1
[ 88.586089][ T6072] CPU: 1 UID: 0 PID: 6072 Comm: syz.2.36 Not tainted 6.14.0-rc5-syzkaller-00039-g848e07631744 #0
[ 88.586118][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 88.586134][ T6072] Call Trace:
[ 88.586141][ T6072]
[ 88.586153][ T6072] dump_stack_lvl+0x16c/0x1f0
[ 88.586192][ T6072] should_fail_ex+0x50a/0x650
[ 88.586226][ T6072] ? fs_reclaim_acquire+0xae/0x150
[ 88.586257][ T6072] ? vidtv_psi_sdt_service_init+0x51/0x200
[ 88.586286][ T6072] should_failslab+0xc2/0x120
[ 88.586309][ T6072] __kmalloc_cache_noprof+0x68/0x410
[ 88.586349][ T6072] vidtv_psi_sdt_service_init+0x51/0x200
[ 88.586382][ T6072] vidtv_channel_si_init+0x5f2/0x1a90
[ 88.586427][ T6072] vidtv_mux_init+0x526/0xbe0
[ 88.586463][ T6072] vidtv_start_feed+0x334/0x4c0
[ 88.586488][ T6072] ? __pfx_vidtv_start_feed+0x10/0x10
[ 88.586515][ T6072] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10
[ 88.586551][ T6072] ? dvb_dmxdev_feed_restart.isra.0+0x25a/0x530
[ 88.586591][ T6072] dmx_section_feed_start_filtering+0x3a5/0x660
[ 88.586630][ T6072] ? _raw_spin_unlock_irq+0x23/0x50
[ 88.586660][ T6072] dvb_dmxdev_feed_restart.isra.0+0x457/0x530
[ 88.586702][ T6072] dvb_dmxdev_filter_stop+0x2b4/0x3a0
[ 88.586739][ T6072] dvb_demux_release+0x92/0x550
[ 88.586769][ T6072] ? evm_file_release+0xd0/0x200
[ 88.586803][ T6072] ? __pfx_dvb_demux_release+0x10/0x10
[ 88.586833][ T6072] __fput+0x3ff/0xb70
[ 88.586865][ T6072] task_work_run+0x14e/0x250
[ 88.586904][ T6072] ? __pfx_task_work_run+0x10/0x10
[ 88.586934][ T6072] ? do_raw_spin_unlock+0x172/0x230
[ 88.586964][ T6072] do_exit+0xad8/0x2d70
[ 88.586987][ T6072] ? do_group_exit+0x1c3/0x2a0
[ 88.587012][ T6072] ? __pfx_lock_release+0x10/0x10
[ 88.587043][ T6072] ? do_raw_spin_lock+0x12d/0x2c0
[ 88.587065][ T6072] ? __pfx_do_exit+0x10/0x10
[ 88.587087][ T6072] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 88.587119][ T6072] do_group_exit+0xd3/0x2a0
[ 88.587146][ T6072] __x64_sys_exit_group+0x3e/0x50
[ 88.587171][ T6072] x64_sys_call+0x151f/0x1720
[ 88.587195][ T6072] do_syscall_64+0xcd/0x250
[ 88.587227][ T6072] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.587257][ T6072] RIP: 0033:0x7f4643f8d169
[ 88.587275][ T6072] Code: Unable to access opcode bytes at 0x7f4643f8d13f.
[ 88.587284][ T6072] RSP: 002b:00007ffc71ebc228 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 88.587305][ T6072] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4643f8d169
[ 88.587320][ T6072] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 88.587333][ T6072] RBP: 00007ffc71ebc28c R08: 0000000b71ebc31f R09: 00000000000927c0
[ 88.587347][ T6072] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 88.587360][ T6072] R13: 00000000000927c0 R14: 0000000000015914 R15: 00007ffc71ebc2e0
[ 88.587393][ T6072]
[ 88.588476][ T6072] ==================================================================
[ 88.864610][ T6072] BUG: KASAN: slab-use-after-free in vidtv_mux_init+0xac2/0xbe0
[ 88.872247][ T6072] Read of size 8 at addr ffff888075599d8c by task syz.2.36/6072
[ 88.879871][ T6072]
[ 88.882180][ T6072] CPU: 1 UID: 0 PID: 6072 Comm: syz.2.36 Not tainted 6.14.0-rc5-syzkaller-00039-g848e07631744 #0
[ 88.882201][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 88.882212][ T6072] Call Trace:
[ 88.882218][ T6072]
[ 88.882225][ T6072] dump_stack_lvl+0x116/0x1f0
[ 88.882251][ T6072] print_report+0xc3/0x670
[ 88.882268][ T6072] ? __virt_addr_valid+0x5e/0x590
[ 88.882287][ T6072] ? __phys_addr+0xc6/0x150
[ 88.882306][ T6072] kasan_report+0xd9/0x110
[ 88.882322][ T6072] ? vidtv_mux_init+0xac2/0xbe0
[ 88.882347][ T6072] ? vidtv_mux_init+0xac2/0xbe0
[ 88.882375][ T6072] vidtv_mux_init+0xac2/0xbe0
[ 88.882401][ T6072] vidtv_start_feed+0x334/0x4c0
[ 88.882420][ T6072] ? __pfx_vidtv_start_feed+0x10/0x10
[ 88.882440][ T6072] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10
[ 88.882464][ T6072] ? dvb_dmxdev_feed_restart.isra.0+0x25a/0x530
[ 88.882493][ T6072] dmx_section_feed_start_filtering+0x3a5/0x660
[ 88.882523][ T6072] ? _raw_spin_unlock_irq+0x23/0x50
[ 88.882544][ T6072] dvb_dmxdev_feed_restart.isra.0+0x457/0x530
[ 88.882571][ T6072] dvb_dmxdev_filter_stop+0x2b4/0x3a0
[ 88.882597][ T6072] dvb_demux_release+0x92/0x550
[ 88.882621][ T6072] ? evm_file_release+0xd0/0x200
[ 88.882648][ T6072] ? __pfx_dvb_demux_release+0x10/0x10
[ 88.882671][ T6072] __fput+0x3ff/0xb70
[ 88.882692][ T6072] task_work_run+0x14e/0x250
[ 88.882716][ T6072] ? __pfx_task_work_run+0x10/0x10
[ 88.882739][ T6072] ? do_raw_spin_unlock+0x172/0x230
[ 88.882759][ T6072] do_exit+0xad8/0x2d70
[ 88.882778][ T6072] ? do_group_exit+0x1c3/0x2a0
[ 88.882797][ T6072] ? __pfx_lock_release+0x10/0x10
[ 88.882821][ T6072] ? do_raw_spin_lock+0x12d/0x2c0
[ 88.882843][ T6072] ? __pfx_do_exit+0x10/0x10
[ 88.882860][ T6072] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 88.882880][ T6072] do_group_exit+0xd3/0x2a0
[ 88.882900][ T6072] __x64_sys_exit_group+0x3e/0x50
[ 88.882920][ T6072] x64_sys_call+0x151f/0x1720
[ 88.882940][ T6072] do_syscall_64+0xcd/0x250
[ 88.882964][ T6072] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.882989][ T6072] RIP: 0033:0x7f4643f8d169
[ 88.883003][ T6072] Code: Unable to access opcode bytes at 0x7f4643f8d13f.
[ 88.883011][ T6072] RSP: 002b:00007ffc71ebc228 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 88.883029][ T6072] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4643f8d169
[ 88.883041][ T6072] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 88.883052][ T6072] RBP: 00007ffc71ebc28c R08: 0000000b71ebc31f R09: 00000000000927c0
[ 88.883063][ T6072] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 88.883074][ T6072] R13: 00000000000927c0 R14: 0000000000015914 R15: 00007ffc71ebc2e0
[ 88.883092][ T6072]
[ 88.883098][ T6072]
[ 89.144984][ T6072] Allocated by task 6072:
[ 89.149302][ T6072] kasan_save_stack+0x33/0x60
[ 89.153983][ T6072] kasan_save_track+0x14/0x30
[ 89.158658][ T6072] __kasan_kmalloc+0xaa/0xb0
[ 89.163244][ T6072] vidtv_psi_pat_table_init+0x46/0x2c0
[ 89.168698][ T6072] vidtv_channel_si_init+0x67/0x1a90
[ 89.173981][ T6072] vidtv_mux_init+0x526/0xbe0
[ 89.178654][ T6072] vidtv_start_feed+0x334/0x4c0
[ 89.183496][ T6072] dmx_section_feed_start_filtering+0x3a5/0x660
[ 89.189734][ T6072] dvb_dmxdev_feed_restart.isra.0+0x457/0x530
[ 89.195800][ T6072] dvb_dmxdev_filter_stop+0x2b4/0x3a0
[ 89.201173][ T6072] dvb_demux_release+0x92/0x550
[ 89.206020][ T6072] __fput+0x3ff/0xb70
[ 89.210010][ T6072] task_work_run+0x14e/0x250
[ 89.214605][ T6072] do_exit+0xad8/0x2d70
[ 89.218756][ T6072] do_group_exit+0xd3/0x2a0
[ 89.223249][ T6072] __x64_sys_exit_group+0x3e/0x50
[ 89.228264][ T6072] x64_sys_call+0x151f/0x1720
[ 89.232932][ T6072] do_syscall_64+0xcd/0x250
[ 89.237435][ T6072] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.243328][ T6072]
[ 89.245641][ T6072] Freed by task 6072:
[ 89.249609][ T6072] kasan_save_stack+0x33/0x60
[ 89.254287][ T6072] kasan_save_track+0x14/0x30
[ 89.258962][ T6072] kasan_save_free_info+0x3b/0x60
[ 89.263984][ T6072] __kasan_slab_free+0x51/0x70
[ 89.268752][ T6072] kfree+0x2c4/0x4d0
[ 89.272646][ T6072] vidtv_channel_si_init+0x34a/0x1a90
[ 89.278019][ T6072] vidtv_mux_init+0x526/0xbe0
[ 89.282693][ T6072] vidtv_start_feed+0x334/0x4c0
[ 89.287536][ T6072] dmx_section_feed_start_filtering+0x3a5/0x660
[ 89.293782][ T6072] dvb_dmxdev_feed_restart.isra.0+0x457/0x530
[ 89.299877][ T6072] dvb_dmxdev_filter_stop+0x2b4/0x3a0
[ 89.305244][ T6072] dvb_demux_release+0x92/0x550
[ 89.310092][ T6072] __fput+0x3ff/0xb70
[ 89.314069][ T6072] task_work_run+0x14e/0x250
[ 89.318654][ T6072] do_exit+0xad8/0x2d70
[ 89.322799][ T6072] do_group_exit+0xd3/0x2a0
[ 89.327300][ T6072] __x64_sys_exit_group+0x3e/0x50
[ 89.332316][ T6072] x64_sys_call+0x151f/0x1720
[ 89.336991][ T6072] do_syscall_64+0xcd/0x250
[ 89.341494][ T6072] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.347386][ T6072]
[ 89.349696][ T6072] The buggy address belongs to the object at ffff888075599d80
[ 89.349696][ T6072] which belongs to the cache kmalloc-32 of size 32
[ 89.363562][ T6072] The buggy address is located 12 bytes inside of
[ 89.363562][ T6072] freed 32-byte region [ffff888075599d80, ffff888075599da0)
[ 89.377174][ T6072]
[ 89.379484][ T6072] The buggy address belongs to the physical page:
[ 89.385887][ T6072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x75599
[ 89.394641][ T6072] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.401740][ T6072] page_type: f5(slab)
[ 89.405713][ T6072] raw: 00fff00000000000 ffff88801b041780 dead000000000122 0000000000000000
[ 89.414286][ T6072] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[ 89.422853][ T6072] page dumped because: kasan: bad access detected
[ 89.429255][ T6072] page_owner tracks the page as allocated
[ 89.434956][ T6072] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6074, tgid 6074 (syz.1.37), ts 88540334567, free_ts 88452191647
[ 89.453879][ T6072] post_alloc_hook+0x181/0x1b0
[ 89.458647][ T6072] get_page_from_freelist+0xfce/0x2f80
[ 89.464103][ T6072] __alloc_frozen_pages_noprof+0x221/0x2470
[ 89.469997][ T6072] alloc_pages_mpol+0x1fc/0x540
[ 89.474839][ T6072] new_slab+0x23d/0x330
[ 89.478992][ T6072] ___slab_alloc+0xc5d/0x1720
[ 89.483667][ T6072] __slab_alloc.constprop.0+0x56/0xb0
[ 89.489038][ T6072] __kmalloc_cache_noprof+0xfa/0x410
[ 89.494320][ T6072] vidtv_psi_eit_event_init+0xe1/0x3f0
[ 89.499779][ T6072] vidtv_channel_s302m_init+0x491/0x970
[ 89.505326][ T6072] vidtv_channels_init+0x4c/0xb0
[ 89.510258][ T6072] vidtv_mux_init+0x9c8/0xbe0
[ 89.514931][ T6072] vidtv_start_feed+0x334/0x4c0
[ 89.519774][ T6072] dmx_section_feed_start_filtering+0x3a5/0x660
[ 89.526019][ T6072] dvb_dmxdev_filter_start+0x782/0xe10
[ 89.531477][ T6072] dvb_demux_do_ioctl+0x1034/0x1360
[ 89.536675][ T6072] page last free pid 6071 tgid 6071 stack trace:
[ 89.542989][ T6072] free_frozen_pages+0x6db/0xfb0
[ 89.547929][ T6072] vfree+0x174/0x950
[ 89.551819][ T6072] vidtv_s302m_encoder_destroy+0x114/0x1e0
[ 89.557623][ T6072] vidtv_channels_destroy+0x135/0x200
[ 89.562992][ T6072] vidtv_mux_destroy+0x66/0x100
[ 89.567933][ T6072] vidtv_stop_feed+0x19c/0x2c0
[ 89.572686][ T6072] dmx_section_feed_stop_filtering+0x90/0x160
[ 89.578751][ T6072] dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270
[ 89.584560][ T6072] dvb_dmxdev_filter_stop+0x22a/0x3a0
[ 89.589928][ T6072] dvb_demux_release+0x92/0x550
[ 89.594779][ T6072] __fput+0x3ff/0xb70
[ 89.598749][ T6072] task_work_run+0x14e/0x250
[ 89.603337][ T6072] do_exit+0xad8/0x2d70
[ 89.607484][ T6072] do_group_exit+0xd3/0x2a0
[ 89.611980][ T6072] __x64_sys_exit_group+0x3e/0x50
[ 89.616996][ T6072] x64_sys_call+0x151f/0x1720
[ 89.621670][ T6072]
[ 89.623981][ T6072] Memory state around the buggy address:
[ 89.629594][ T6072] ffff888075599c80: 00 00 05 fc fc fc fc fc 00 00 02 fc fc fc fc fc
[ 89.637642][ T6072] ffff888075599d00: 00 00 00 00 fc fc fc fc 00 00 00 04 fc fc fc fc
[ 89.645696][ T6072] >ffff888075599d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 89.653745][ T6072] ^
[ 89.658069][ T6072] ffff888075599e00: 00 00 00 fc fc fc fc fc 00 00 00 00 fc fc fc fc
[ 89.666119][ T6072] ffff888075599e80: 00 00 00 00 fc fc fc fc 00 00 00 fc fc fc fc fc
[ 89.674166][ T6072] ==================================================================
[ 89.721567][ T5960] Bluetooth: hci0: command tx timeout
[ 89.722303][ T5955] Bluetooth: hci1: command tx timeout
[ 89.727938][ T5890] Bluetooth: hci3: command tx timeout
[ 89.734633][ T5955] Bluetooth: hci2: command tx timeout
[ 89.762700][ T6072] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 89.769929][ T6072] CPU: 1 UID: 0 PID: 6072 Comm: syz.2.36 Not tainted 6.14.0-rc5-syzkaller-00039-g848e07631744 #0
[ 89.780444][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 89.790499][ T6072] Call Trace:
[ 89.793775][ T6072]
[ 89.796706][ T6072] dump_stack_lvl+0x3d/0x1f0
[ 89.801283][ T6072] panic+0x71d/0x800
[ 89.805164][ T6072] ? __pfx_panic+0x10/0x10
[ 89.809563][ T6072] ? irqentry_exit+0x3b/0x90
[ 89.814152][ T6072] ? lockdep_hardirqs_on+0x7c/0x110
[ 89.819358][ T6072] ? preempt_schedule_thunk+0x1a/0x30
[ 89.824729][ T6072] ? preempt_schedule_common+0x44/0xc0
[ 89.830213][ T6072] ? check_panic_on_warn+0x1f/0xb0
[ 89.835342][ T6072] check_panic_on_warn+0xab/0xb0
[ 89.840294][ T6072] end_report+0x117/0x180
[ 89.844633][ T6072] kasan_report+0xe9/0x110
[ 89.849058][ T6072] ? vidtv_mux_init+0xac2/0xbe0
[ 89.853931][ T6072] ? vidtv_mux_init+0xac2/0xbe0
[ 89.858805][ T6072] vidtv_mux_init+0xac2/0xbe0
[ 89.863494][ T6072] vidtv_start_feed+0x334/0x4c0
[ 89.868334][ T6072] ? __pfx_vidtv_start_feed+0x10/0x10
[ 89.873696][ T6072] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10
[ 89.880288][ T6072] ? dvb_dmxdev_feed_restart.isra.0+0x25a/0x530
[ 89.886517][ T6072] dmx_section_feed_start_filtering+0x3a5/0x660
[ 89.892748][ T6072] ? _raw_spin_unlock_irq+0x23/0x50
[ 89.897931][ T6072] dvb_dmxdev_feed_restart.isra.0+0x457/0x530
[ 89.903999][ T6072] dvb_dmxdev_filter_stop+0x2b4/0x3a0
[ 89.909384][ T6072] dvb_demux_release+0x92/0x550
[ 89.914229][ T6072] ? evm_file_release+0xd0/0x200
[ 89.919173][ T6072] ? __pfx_dvb_demux_release+0x10/0x10
[ 89.924619][ T6072] __fput+0x3ff/0xb70
[ 89.928583][ T6072] task_work_run+0x14e/0x250
[ 89.933155][ T6072] ? __pfx_task_work_run+0x10/0x10
[ 89.938258][ T6072] ? do_raw_spin_unlock+0x172/0x230
[ 89.943446][ T6072] do_exit+0xad8/0x2d70
[ 89.947590][ T6072] ? do_group_exit+0x1c3/0x2a0
[ 89.952343][ T6072] ? __pfx_lock_release+0x10/0x10
[ 89.957361][ T6072] ? do_raw_spin_lock+0x12d/0x2c0
[ 89.962368][ T6072] ? __pfx_do_exit+0x10/0x10
[ 89.966943][ T6072] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 89.972296][ T6072] do_group_exit+0xd3/0x2a0
[ 89.976782][ T6072] __x64_sys_exit_group+0x3e/0x50
[ 89.981800][ T6072] x64_sys_call+0x151f/0x1720
[ 89.986466][ T6072] do_syscall_64+0xcd/0x250
[ 89.990956][ T6072] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.996841][ T6072] RIP: 0033:0x7f4643f8d169
[ 90.001240][ T6072] Code: Unable to access opcode bytes at 0x7f4643f8d13f.
[ 90.008236][ T6072] RSP: 002b:00007ffc71ebc228 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 90.016646][ T6072] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4643f8d169
[ 90.024625][ T6072] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 90.032578][ T6072] RBP: 00007ffc71ebc28c R08: 0000000b71ebc31f R09: 00000000000927c0
[ 90.040532][ T6072] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 90.048499][ T6072] R13: 00000000000927c0 R14: 0000000000015914 R15: 00007ffc71ebc2e0
[ 90.056494][ T6072]
[ 90.059751][ T6072] Kernel Offset: disabled
[ 90.064063][ T6072] Rebooting in 86400 seconds..