Warning: Permanently added '10.128.1.67' (ED25519) to the list of known hosts.
1970/01/01 00:00:31 parsed 1 programs
[   32.155828][ T4326] cgroup: Unknown subsys name 'net'
[   32.375916][ T4326] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   32.638676][ T4326] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   36.126178][ T4358] chnl_net:caif_netlink_parms(): no params data found
[   36.143324][ T4358] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.144872][ T4358] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.146495][ T4358] device bridge_slave_0 entered promiscuous mode
[   36.149998][ T4358] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.151082][ T4358] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.152473][ T4358] device bridge_slave_1 entered promiscuous mode
[   36.159341][ T4358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.161597][ T4358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.169267][ T4358] team0: Port device team_slave_0 added
[   36.170880][ T4358] team0: Port device team_slave_1 added
[   36.176970][ T4358] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.177984][ T4358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.181682][ T4358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.184337][ T4358] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.185403][ T4358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.189293][ T4358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.244493][ T4358] device hsr_slave_0 entered promiscuous mode
[   36.283674][ T4358] device hsr_slave_1 entered promiscuous mode
[   36.367683][ T4358] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   36.395676][ T4358] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   36.435445][ T4358] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   36.484973][ T4358] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   36.533660][ T4358] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.534803][ T4358] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.536090][ T4358] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.537287][ T4358] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.553358][ T4358] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.557109][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   36.559592][  T268] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.561467][  T268] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.563108][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   36.567658][ T4358] 8021q: adding VLAN 0 to HW filter on device team0
[   36.570658][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   36.572066][  T268] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.573205][  T268] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.621536][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   36.623224][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.624444][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.626281][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   36.627752][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   36.630841][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   36.636177][ T4358] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   36.637760][ T4358] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   36.642456][ T1600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   36.644301][ T1600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   36.645773][ T1600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   36.690001][ T4358] 8021q: adding VLAN 0 to HW filter on device batadv0
[   36.694870][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   36.696182][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   36.700236][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   36.706601][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   36.708251][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   36.709806][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   36.712561][ T4358] device veth0_vlan entered promiscuous mode
[   36.718010][ T4358] device veth1_vlan entered promiscuous mode
[   36.724868][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   36.726249][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   36.727668][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.729945][ T4358] device veth0_macvtap entered promiscuous mode
[   36.732014][ T4358] device veth1_macvtap entered promiscuous mode
[   36.736474][ T4358] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.737660][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.739770][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   36.742802][ T4358] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.745066][ T4358] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.746493][ T4358] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.747823][ T4358] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.749110][ T4358] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.751639][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   37.222313][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   37.225825][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   37.228089][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   37.233327][   T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   37.235525][   T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   37.237180][ T1600] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   37.384408][ T4412] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   37.385892][ T4412] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   37.387388][ T4412] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   37.388925][ T4412] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   37.390656][ T4412] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   37.391931][ T4412] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
1970/01/01 00:00:37 executed programs: 0
[   37.654781][   T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   37.656412][   T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   37.657769][   T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   37.659220][   T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   37.660659][   T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   37.662010][   T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   37.717126][ T4423] chnl_net:caif_netlink_parms(): no params data found
[   37.736293][ T4423] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.737472][ T4423] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.738948][ T4423] device bridge_slave_0 entered promiscuous mode
[   37.740963][ T4423] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.742059][ T4423] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.743608][ T4423] device bridge_slave_1 entered promiscuous mode
[   37.750192][ T4423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.752425][ T4423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.760027][ T4423] team0: Port device team_slave_0 added
[   37.761764][ T4423] team0: Port device team_slave_1 added
[   37.767604][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.768646][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.772292][ T4423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.779349][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.780407][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.784724][ T4423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.834414][ T4423] device hsr_slave_0 entered promiscuous mode
[   37.873842][ T4423] device hsr_slave_1 entered promiscuous mode
[   37.913557][ T4423] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   37.914802][ T4423] Cannot create hsr debugfs directory
[   38.084804][ T4423] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.693754][   T47] Bluetooth: hci0: command 0x0409 tx timeout
[   40.414883][ T4423] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.773946][   T47] Bluetooth: hci0: command 0x041b tx timeout
[   42.324269][ T4423] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.445889][ T4423] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.736752][ T4423] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   42.865215][ T4423] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   42.975650][ T4423] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   43.014786][ T4423] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   43.135661][ T4423] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.138920][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.140393][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.142801][ T4423] 8021q: adding VLAN 0 to HW filter on device team0
[   43.177033][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   43.178611][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.180166][  T268] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.181313][  T268] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.182807][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   43.185578][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   43.187104][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.188574][  T268] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.189660][  T268] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.192005][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   43.195140][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   43.198405][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   43.200167][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   43.201653][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   43.204745][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   43.206139][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   43.208734][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   43.210070][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.212549][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   43.215111][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.217281][ T4423] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   43.559459][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   43.560757][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   43.565048][ T4423] 8021q: adding VLAN 0 to HW filter on device batadv0
[   43.570065][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   43.571652][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.577081][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   43.579088][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.580669][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.582038][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.584960][ T4423] device veth0_vlan entered promiscuous mode
[   43.588757][ T4423] device veth1_vlan entered promiscuous mode
[   43.624753][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   43.626226][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   43.627742][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   43.629235][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.630921][ T4423] device veth0_macvtap entered promiscuous mode
[   43.633346][ T4423] device veth1_macvtap entered promiscuous mode
[   43.637386][ T4423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   43.639069][ T4423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   43.641062][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_0
[   43.642237][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   43.644053][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   43.645370][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   43.646789][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.649488][ T4423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   43.651060][ T4423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   43.652986][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_1
[   43.654463][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   43.656063][  T268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.658529][ T4423] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   43.659906][ T4423] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   43.661324][ T4423] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   43.662727][ T4423] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   43.853495][   T47] Bluetooth: hci0: command 0x040f tx timeout
[   44.031596][ T1600] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.032922][ T1600] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.038691][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.039316][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   44.040026][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.042830][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:00:44 executed programs: 2
[   44.166570][ T4458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   44.168603][  T252] device hsr_slave_0 left promiscuous mode
[   44.203871][  T252] device hsr_slave_1 left promiscuous mode
[   44.283568][  T252] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   44.284879][  T252] batman_adv: batadv0: Removing interface: batadv_slave_0
[   44.286500][  T252] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.287727][  T252] batman_adv: batadv0: Removing interface: batadv_slave_1
[   44.289083][  T252] device bridge_slave_1 left promiscuous mode
[   44.290426][  T252] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.334214][  T252] device bridge_slave_0 left promiscuous mode
[   44.335304][  T252] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.483742][  T252] device veth1_macvtap left promiscuous mode
[   44.484819][  T252] device veth0_macvtap left promiscuous mode
[   44.485834][  T252] device veth1_vlan left promiscuous mode
[   44.486797][  T252] device veth0_vlan left promiscuous mode
[   45.933559][   T47] Bluetooth: hci0: command 0x0419 tx timeout
[   46.225479][  T252] team0 (unregistering): Port device team_slave_1 removed
[   46.404505][  T252] team0 (unregistering): Port device team_slave_0 removed
[   46.563939][  T252] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   46.763842][  T252] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   49.364398][  T252] bond0 (unregistering): Released all slaves
[   49.607874][ T4437] wlan1: authenticate with 08:02:11:00:00:00
[   49.609068][ T4437] wlan1: No basic rates, using min rate instead
[   49.610699][ T4437] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[   49.617866][ T4458] 
[   49.618270][ T4458] ====================================
[   49.619128][ T4458] WARNING: syz.0.17/4458 still has locks held!
[   49.620022][ T4458] syzkaller #0 Not tainted
[   49.620734][ T4458] ------------------------------------
[   49.621593][ T4458] 1 lock held by syz.0.17/4458:
[   49.622315][ T4458]  #0: ffff0000d6edab18 (&local->mtx){+.+.}-{3:3}, at: ieee80211_change_mac+0x630/0xe54
[   49.625476][ T4458] 
[   49.625476][ T4458] stack backtrace:
[   49.626342][ T4458] CPU: 0 PID: 4458 Comm: syz.0.17 Not tainted syzkaller #0
[   49.627468][ T4458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[   49.628940][ T4458] Call trace:
[   49.629467][ T4458]  dump_backtrace+0x1c8/0x1f4
[   49.629958][ T4460] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   49.630170][ T4458]  show_stack+0x2c/0x3c
[   49.632333][ T4458]  __dump_stack+0x30/0x40
[   49.633015][ T4458]  dump_stack_lvl+0xf8/0x160
[   49.633678][ T4458]  dump_stack+0x1c/0x5c
[   49.634260][ T4458]  print_held_locks_bug+0xb8/0xfc
[   49.635034][ T4458]  debug_check_no_locks_held+0x5c/0x74
[   49.635872][ T4458]  do_exit+0x1110/0x19a8
[   49.636516][ T4458]  do_group_exit+0x194/0x22c
[   49.637224][ T4458]  get_signal+0x11d0/0x1310
[   49.637925][ T4458]  do_notify_resume+0x34c/0x2b28
[   49.638677][ T4458]  el0_svc+0x98/0x138
[   49.639308][ T4458]  el0t_64_sync_handler+0x84/0xf0
[   49.640040][ T4458]  el0t_64_sync+0x18c/0x190
1970/01/01 00:00:49 executed programs: 3
[   49.723496][  T268] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[   49.833518][  T268] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[   49.943482][   T11] wlan1: authentication with 08:02:11:00:00:00 timed out
[   49.945050][   T11] ==================================================================
[   49.946297][   T11] BUG: KASAN: use-after-free in mutex_optimistic_spin+0x378/0x3f4
[   49.947449][   T11] Read of size 4 at addr ffff0000ce7fd374 by task kworker/u4:1/11
[   49.948604][   T11] 
[   49.948940][   T11] CPU: 0 PID: 11 Comm: kworker/u4:1 Not tainted syzkaller #0
[   49.950056][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[   49.951566][   T11] Workqueue: phy6 ieee80211_iface_work
[   49.952426][   T11] Call trace:
[   49.952904][   T11]  dump_backtrace+0x1c8/0x1f4
[   49.953591][   T11]  show_stack+0x2c/0x3c
[   49.954217][   T11]  __dump_stack+0x30/0x40
[   49.954860][   T11]  dump_stack_lvl+0xf8/0x160
[   49.955568][   T11]  print_address_description+0x88/0x218
[   49.956462][   T11]  print_report+0x50/0x68
[   49.957137][   T11]  kasan_report+0xa8/0x100
[   49.957842][   T11]  __asan_report_load4_noabort+0x2c/0x38
[   49.958759][   T11]  mutex_optimistic_spin+0x378/0x3f4
[   49.959590][   T11]  __mutex_lock_common+0x1bc/0x1f38
[   49.960365][   T11]  mutex_lock_nested+0x38/0x44
[   49.961082][   T11]  ieee80211_destroy_auth_data+0x158/0x274
[   49.961938][   T11]  ieee80211_sta_work+0xc54/0x28cc
[   49.962784][   T11]  ieee80211_iface_work+0x984/0xa34
[   49.963591][   T11]  process_one_work+0x7f4/0x13a8
[   49.964378][   T11]  worker_thread+0x8c8/0xfbc
[   49.965066][   T11]  kthread+0x250/0x2d8
[   49.965740][   T11]  ret_from_fork+0x10/0x20
[   49.966409][   T11] 
[   49.966764][   T11] Allocated by task 4423:
[   49.967409][   T11]  kasan_set_track+0x4c/0x80
[   49.968091][   T11]  kasan_save_alloc_info+0x28/0x34
[   49.968907][   T11]  __kasan_slab_alloc+0x70/0x88
[   49.969639][   T11]  slab_post_alloc_hook+0x74/0x43c
[   49.970469][   T11]  kmem_cache_alloc_node+0x258/0x34c
[   49.971215][   T11]  dup_task_struct+0x74/0x764
[   49.971950][   T11]  copy_process+0x4c8/0x3670
[   49.972651][   T11]  kernel_clone+0x1d8/0x8fc
[   49.973343][   T11]  __arm64_sys_clone+0x140/0x19c
[   49.974096][   T11]  invoke_syscall+0x98/0x2bc
[   49.974794][   T11]  el0_svc_common+0x138/0x258
[   49.975522][   T11]  do_el0_svc+0x58/0x13c
[   49.976137][   T11]  el0_svc+0x58/0x138
[   49.976802][   T11]  el0t_64_sync_handler+0x84/0xf0
[   49.977554][   T11]  el0t_64_sync+0x18c/0x190
[   49.978282][   T11] 
[   49.978657][   T11] Freed by task 15:
[   49.979234][   T11]  kasan_set_track+0x4c/0x80
[   49.979946][   T11]  kasan_save_free_info+0x3c/0x60
[   49.980756][   T11]  ____kasan_slab_free+0x148/0x1b0
[   49.981517][   T11]  __kasan_slab_free+0x18/0x28
[   49.982238][   T11]  slab_free_freelist_hook+0x16c/0x1ec
[   49.983058][   T11]  kmem_cache_free+0x11c/0x324
[   49.983817][   T11]  free_task+0xe8/0x14c
[   49.984433][   T11]  __put_task_struct+0x178/0x210
[   49.985181][   T11]  delayed_put_task_struct+0x134/0x3a8
[   49.986051][   T11]  rcu_core+0x81c/0x18ac
[   49.986630][   T11]  rcu_core_si+0x10/0x1c
[   49.987243][   T11]  handle_softirqs+0x318/0xc6c
[   49.987987][   T11]  run_ksoftirqd+0x7c/0x2b0
[   49.988740][   T11]  smpboot_thread_fn+0x4b0/0x964
[   49.989526][   T11]  kthread+0x250/0x2d8
[   49.990086][   T11]  ret_from_fork+0x10/0x20
[   49.990772][   T11] 
[   49.991102][   T11] Last potentially related work creation:
[   49.991980][   T11]  kasan_save_stack+0x40/0x70
[   49.992694][   T11]  __kasan_record_aux_stack+0xc0/0xdc
[   49.993532][   T11]  kasan_record_aux_stack_noalloc+0x14/0x20
[   49.994379][   T11]  call_rcu+0x100/0x954
[   49.995046][   T11]  put_task_struct_rcu_user+0x68/0xcc
[   49.995882][   T11]  finish_task_switch+0x578/0x620
[   49.996684][   T11]  __schedule+0xde0/0x1b18
[   49.997373][   T11]  schedule+0xc4/0x170
[   49.998026][   T11]  worker_thread+0xcb0/0xfbc
[   49.998730][   T11]  kthread+0x250/0x2d8
[   49.999340][   T11]  ret_from_fork+0x10/0x20
[   50.000071][   T11] 
[   50.000440][   T11] Second to last potentially related work creation:
[   50.001450][   T11]  kasan_save_stack+0x40/0x70
[   50.002166][   T11]  __kasan_record_aux_stack+0xc0/0xdc
[   50.003015][   T11]  kasan_record_aux_stack_noalloc+0x14/0x20
[   50.003873][   T11]  call_rcu+0x100/0x954
[   50.004448][   T11]  release_task+0x13c0/0x14a8
[   50.005114][   T11]  wait_consider_task+0x1484/0x2638
[   50.005908][   T11]  do_wait+0x30c/0xb10
[   50.006561][   T11]  kernel_wait4+0x1d0/0x2f0
[   50.007202][   T11]  __arm64_sys_wait4+0x11c/0x2a0
[   50.007954][   T11]  invoke_syscall+0x98/0x2bc
[   50.008669][   T11]  el0_svc_common+0x138/0x258
[   50.009392][   T11]  do_el0_svc+0x58/0x13c
[   50.010064][   T11]  el0_svc+0x58/0x138
[   50.010697][   T11]  el0t_64_sync_handler+0x84/0xf0
[   50.011429][   T11]  el0t_64_sync+0x18c/0x190
[   50.012090][   T11] 
[   50.012411][   T11] The buggy address belongs to the object at ffff0000ce7fd340
[   50.012411][   T11]  which belongs to the cache task_struct of size 6848
[   50.014593][   T11] The buggy address is located 52 bytes inside of
[   50.014593][   T11]  6848-byte region [ffff0000ce7fd340, ffff0000ce7fee00)
[   50.016562][   T11] 
[   50.016926][   T11] The buggy address belongs to the physical page:
[   50.017899][   T11] page:00000000d364534c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10e7f8
[   50.019568][   T11] head:00000000d364534c order:3 compound_mapcount:0 compound_pincount:0
[   50.020849][   T11] memcg:ffff0000cb3ece01
[   50.021518][   T11] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   50.022709][   T11] raw: 05ffc00000010200 fffffc0003445000 dead000000000003 ffff0000c03daf00
[   50.024025][   T11] raw: 0000000000000000 0000000080040004 00000001ffffffff ffff0000cb3ece01
[   50.025257][   T11] page dumped because: kasan: bad access detected
[   50.026209][   T11] 
[   50.026550][   T11] Memory state around the buggy address:
[   50.027398][   T11]  ffff0000ce7fd200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   50.028574][   T11]  ffff0000ce7fd280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.029808][   T11] >ffff0000ce7fd300: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   50.031037][   T11]                                                              ^
[   50.032196][   T11]  ffff0000ce7fd380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   50.033415][   T11]  ffff0000ce7fd400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   50.034698][   T11] ==================================================================