Warning: Permanently added '[localhost]:63428' (ED25519) to the list of known hosts.
2025/06/02 18:15:37 ignoring optional flag "sandboxArg"="0"
2025/06/02 18:15:38 parsed 1 programs
[  126.076567][ T5729] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  129.613208][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.618917][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.756893][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.776100][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.949413][ T4672] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  130.966145][ T4672] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  130.970592][ T4672] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  130.974929][ T4672] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  130.979008][ T4672] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  133.014781][ T4672] Bluetooth: hci0: command tx timeout
[  135.094034][ T4672] Bluetooth: hci0: command tx timeout
[  136.864415][ T5783] chnl_net:caif_netlink_parms(): no params data found
[  137.123087][ T5783] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.132362][ T5783] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.152935][ T5783] bridge_slave_0: entered allmulticast mode
[  137.158329][ T5783] bridge_slave_0: entered promiscuous mode
[  137.173981][ T4672] Bluetooth: hci0: command tx timeout
[  137.185282][ T5783] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.188289][ T5783] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.191352][ T5783] bridge_slave_1: entered allmulticast mode
[  137.215570][ T5783] bridge_slave_1: entered promiscuous mode
[  137.291075][ T5783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.312665][ T5783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.387972][ T5783] team0: Port device team_slave_0 added
[  137.398783][ T5783] team0: Port device team_slave_1 added
[  137.478130][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.481141][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.511984][ T5783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.542577][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.545928][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.578064][ T5783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.655801][ T5783] hsr_slave_0: entered promiscuous mode
[  137.659133][ T5783] hsr_slave_1: entered promiscuous mode
[  137.904249][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  137.907161][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[  137.977952][ T5783] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  137.994727][ T5783] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  138.096448][ T5783] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  138.127266][ T5783] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  138.258408][ T5783] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.294541][ T5783] 8021q: adding VLAN 0 to HW filter on device team0
[  138.305275][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.308446][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.328056][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.331077][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.680993][ T5783] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.747420][ T5783] veth0_vlan: entered promiscuous mode
[  138.770447][ T5783] veth1_vlan: entered promiscuous mode
[  138.817670][ T5783] veth0_macvtap: entered promiscuous mode
[  138.835079][ T5783] veth1_macvtap: entered promiscuous mode
[  138.860409][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.878981][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.897296][ T5783] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.901142][ T5783] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.914714][ T5783] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.918567][ T5783] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/06/02 18:15:55 executed programs: 0
[  139.250441][ T5796] syz-executor (5796) used greatest stack depth: 19464 bytes left
[  139.255125][ T4672] Bluetooth: hci0: command tx timeout
[  139.328083][ T5336] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  139.337741][ T5336] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  139.341488][ T5336] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  139.385939][ T5336] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  139.429320][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  139.433042][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  139.436868][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  139.444976][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  139.448555][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  139.452328][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  139.455764][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  139.462868][ T4672] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  139.468224][ T4672] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  139.478165][ T4672] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  139.489890][ T4672] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  139.674459][ T5336] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  139.678883][ T5336] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  139.682656][ T5336] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  139.692533][ T5336] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  139.696696][ T5336] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  139.741344][ T5848] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  139.763997][ T5848] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  139.785033][ T5848] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  139.799031][ T5846] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  139.802477][ T5846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  139.807521][ T5846] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  139.822312][ T5846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  139.830686][ T5846] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  139.894132][ T5846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  139.924339][ T5846] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  140.650159][ T5786] syz-executor (5786) used greatest stack depth: 19336 bytes left
[  140.840110][ T5785] syz-executor (5785) used greatest stack depth: 17976 bytes left
[  141.495897][ T5848] Bluetooth: hci3: command tx timeout
[  141.498845][ T5848] Bluetooth: hci1: command tx timeout
[  141.527165][ T1042] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.576108][ T5846] Bluetooth: hci2: command tx timeout
[  141.735782][ T5846] Bluetooth: hci4: command tx timeout
[  141.865285][ T5839] chnl_net:caif_netlink_parms(): no params data found
[  141.906361][ T1042] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.975100][ T5846] Bluetooth: hci5: command tx timeout
[  141.978213][ T5846] Bluetooth: hci6: command tx timeout
[  142.106736][ T1042] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.195134][ T1042] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.500998][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.508063][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.511043][ T5839] bridge_slave_0: entered allmulticast mode
[  142.526091][ T5839] bridge_slave_0: entered promiscuous mode
[  142.540042][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.543195][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.554148][ T5839] bridge_slave_1: entered allmulticast mode
[  142.565279][ T5839] bridge_slave_1: entered promiscuous mode
[  142.939744][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.956498][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.960907][ T1042] bridge_slave_1: left allmulticast mode
[  142.963260][ T1042] bridge_slave_1: left promiscuous mode
[  142.976540][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.985751][ T1042] bridge_slave_0: left allmulticast mode
[  142.988095][ T1042] bridge_slave_0: left promiscuous mode
[  142.990274][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.575844][ T5848] Bluetooth: hci1: command tx timeout
[  143.578213][ T5848] Bluetooth: hci3: command tx timeout
[  143.600906][ T1042] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  143.606908][ T1042] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  143.611718][ T1042] bond0 (unregistering): Released all slaves
[  143.649058][ T5853] chnl_net:caif_netlink_parms(): no params data found
[  143.656394][ T5846] Bluetooth: hci2: command tx timeout
[  143.733326][ T5838] chnl_net:caif_netlink_parms(): no params data found
[  143.814549][ T5846] Bluetooth: hci4: command tx timeout
[  143.892977][ T1042] hsr_slave_0: left promiscuous mode
[  143.901811][ T1042] hsr_slave_1: left promiscuous mode
[  143.916084][ T1042] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.919879][ T1042] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.946177][ T1042] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.949475][ T1042] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.984994][ T1042] veth1_macvtap: left promiscuous mode
[  143.987403][ T1042] veth0_macvtap: left promiscuous mode
[  143.989855][ T1042] veth1_vlan: left promiscuous mode
[  143.992115][ T1042] veth0_vlan: left promiscuous mode
[  144.054204][ T5846] Bluetooth: hci6: command tx timeout
[  144.056509][ T5846] Bluetooth: hci5: command tx timeout
[  144.490540][ T1042] team0 (unregistering): Port device team_slave_1 removed
[  144.521095][ T1042] team0 (unregistering): Port device team_slave_0 removed
[  144.786990][ T5839] team0: Port device team_slave_0 added
[  144.793503][ T5847] chnl_net:caif_netlink_parms(): no params data found
[  144.860479][ T5839] team0: Port device team_slave_1 added
[  144.900011][ T5840] chnl_net:caif_netlink_parms(): no params data found
[  145.141727][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.147698][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.184149][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.259961][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.263378][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.302920][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.407052][ T5851] chnl_net:caif_netlink_parms(): no params data found
[  145.552001][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.560769][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.564404][ T5847] bridge_slave_0: entered allmulticast mode
[  145.568275][ T5847] bridge_slave_0: entered promiscuous mode
[  145.609251][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.612490][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.621031][ T5853] bridge_slave_0: entered allmulticast mode
[  145.626040][ T5853] bridge_slave_0: entered promiscuous mode
[  145.656754][ T5848] Bluetooth: hci3: command tx timeout
[  145.659211][ T5848] Bluetooth: hci1: command tx timeout
[  145.674182][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.677375][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.680558][ T5847] bridge_slave_1: entered allmulticast mode
[  145.694557][ T5847] bridge_slave_1: entered promiscuous mode
[  145.699161][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.702246][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.709323][ T5838] bridge_slave_0: entered allmulticast mode
[  145.713317][ T5838] bridge_slave_0: entered promiscuous mode
[  145.718193][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.721341][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.730116][ T5853] bridge_slave_1: entered allmulticast mode
[  145.734710][ T5846] Bluetooth: hci2: command tx timeout
[  145.737845][ T5853] bridge_slave_1: entered promiscuous mode
[  145.741376][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.747514][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.750756][ T5840] bridge_slave_0: entered allmulticast mode
[  145.755432][ T5840] bridge_slave_0: entered promiscuous mode
[  145.772146][ T5839] hsr_slave_0: entered promiscuous mode
[  145.775811][ T5839] hsr_slave_1: entered promiscuous mode
[  145.791241][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.794602][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.797954][ T5838] bridge_slave_1: entered allmulticast mode
[  145.802121][ T5838] bridge_slave_1: entered promiscuous mode
[  145.822405][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.828879][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.832219][ T5840] bridge_slave_1: entered allmulticast mode
[  145.839078][ T5840] bridge_slave_1: entered promiscuous mode
[  145.893947][ T5846] Bluetooth: hci4: command tx timeout
[  145.962825][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  145.986355][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  145.992692][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.040640][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.078705][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.095779][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.115609][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.134681][ T5846] Bluetooth: hci5: command tx timeout
[  146.137211][ T5846] Bluetooth: hci6: command tx timeout
[  146.220696][ T5847] team0: Port device team_slave_0 added
[  146.225255][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.264037][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.267213][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.270652][ T5851] bridge_slave_0: entered allmulticast mode
[  146.285545][ T5851] bridge_slave_0: entered promiscuous mode
[  146.306700][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.309920][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.313068][ T5851] bridge_slave_1: entered allmulticast mode
[  146.326643][ T5851] bridge_slave_1: entered promiscuous mode
[  146.361435][ T5847] team0: Port device team_slave_1 added
[  146.413588][ T5838] team0: Port device team_slave_0 added
[  146.482083][ T5853] team0: Port device team_slave_0 added
[  146.490965][ T5853] team0: Port device team_slave_1 added
[  146.517482][ T5838] team0: Port device team_slave_1 added
[  146.523488][ T5840] team0: Port device team_slave_0 added
[  146.540195][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.557205][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.597359][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.600707][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.626815][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.657615][ T5840] team0: Port device team_slave_1 added
[  146.691387][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.709635][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.728845][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.773218][ T5851] team0: Port device team_slave_0 added
[  146.778588][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.781668][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.797064][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.810844][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.818044][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.830211][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.862560][ T5851] team0: Port device team_slave_1 added
[  146.878796][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.881734][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.893405][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.903669][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.907315][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.921389][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.931524][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.938176][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.951070][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.012029][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.018994][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.032452][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.042320][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.050206][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.078158][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.138015][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.141034][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.175194][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.243057][ T5847] hsr_slave_0: entered promiscuous mode
[  147.255990][ T5847] hsr_slave_1: entered promiscuous mode
[  147.259035][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.262323][ T5847] Cannot create hsr debugfs directory
[  147.462864][ T5840] hsr_slave_0: entered promiscuous mode
[  147.470156][ T5840] hsr_slave_1: entered promiscuous mode
[  147.484065][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.487499][ T5840] Cannot create hsr debugfs directory
[  147.540057][ T5853] hsr_slave_0: entered promiscuous mode
[  147.543248][ T5853] hsr_slave_1: entered promiscuous mode
[  147.546968][ T5853] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.550368][ T5853] Cannot create hsr debugfs directory
[  147.729388][ T5838] hsr_slave_0: entered promiscuous mode
[  147.732823][ T5838] hsr_slave_1: entered promiscuous mode
[  147.735864][ T5848] Bluetooth: hci1: command tx timeout
[  147.738228][ T5848] Bluetooth: hci3: command tx timeout
[  147.746510][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.749816][ T5838] Cannot create hsr debugfs directory
[  147.815286][ T5846] Bluetooth: hci2: command tx timeout
[  147.919936][ T5851] hsr_slave_0: entered promiscuous mode
[  147.923071][ T5851] hsr_slave_1: entered promiscuous mode
[  147.928852][ T5851] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.932116][ T5851] Cannot create hsr debugfs directory
[  147.974532][ T5846] Bluetooth: hci4: command tx timeout
[  148.214989][ T5846] Bluetooth: hci6: command tx timeout
[  148.217389][ T5846] Bluetooth: hci5: command tx timeout
[  148.752307][ T5839] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  148.790844][ T5839] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  148.870052][ T5839] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  148.949460][ T5839] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  149.233250][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.269116][ T5847] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  149.292786][ T5847] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  149.320412][ T5847] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  149.337119][ T5847] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  149.400336][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[  149.458240][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.461273][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.475749][ T1039] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.478543][ T1039] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.560475][ T5840] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  149.621049][ T5840] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  149.640745][ T5840] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  149.692957][ T5840] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  149.821796][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.885763][ T5853] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  149.992075][ T5853] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  150.002591][ T5853] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  150.026637][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[  150.102634][ T5853] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  150.234856][   T38] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.238009][   T38] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.242520][   T38] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.245491][   T38] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.350262][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.522294][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.657532][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[  150.746475][   T38] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.749785][   T38] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.765825][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  150.802495][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.820582][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.823825][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.848465][ T5839] veth0_vlan: entered promiscuous mode
[  150.901591][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  150.921249][ T5839] veth1_vlan: entered promiscuous mode
[  150.963696][ T5853] 8021q: adding VLAN 0 to HW filter on device team0
[  150.969873][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  151.027241][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.040497][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  151.062119][ T3044] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.065271][ T3044] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.111364][ T3044] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.114450][ T3044] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.147669][ T5851] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  151.199389][ T5851] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  151.213402][ T5839] veth0_macvtap: entered promiscuous mode
[  151.232099][ T5851] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  151.284429][ T5851] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  151.305664][ T5839] veth1_macvtap: entered promiscuous mode
[  151.375493][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.467673][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.472997][ T5839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.499459][ T5839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.503294][ T5839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.508192][ T5839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.522947][ T5847] veth0_vlan: entered promiscuous mode
[  151.715115][ T5847] veth1_vlan: entered promiscuous mode
[  151.761354][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.843252][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.997351][ T5847] veth0_macvtap: entered promiscuous mode
[  152.082995][ T1035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.090469][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[  152.095913][ T5847] veth1_macvtap: entered promiscuous mode
[  152.117834][ T1035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.152882][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.176978][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.180162][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.220459][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[  152.243676][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[  152.282430][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.285831][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.293275][ T5840] veth0_vlan: entered promiscuous mode
[  152.307406][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.326795][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0
[  152.338495][ T5840] veth1_vlan: entered promiscuous mode
[  152.359130][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.362303][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.388491][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.398346][ T5847] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.402173][ T5847] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.411851][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.427135][ T5847] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.430777][ T5847] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.486058][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.489843][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
2025/06/02 18:16:09 executed programs: 12
[  152.611511][ T5840] veth0_macvtap: entered promiscuous mode
[  152.647478][ T5838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  152.713183][ T5851] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  152.781725][ T5851] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  152.791890][ T5840] veth1_macvtap: entered promiscuous mode
[  153.095662][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.189021][   T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.192381][   T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.198740][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.286472][ T5840] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.291109][ T5840] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.377058][ T5840] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.381000][ T5840] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.742372][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.766688][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.057569][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.061004][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.066913][ T5853] veth0_vlan: entered promiscuous mode
[  154.211671][ T5853] veth1_vlan: entered promiscuous mode
[  154.292322][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.437285][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.532523][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.555035][ T5853] veth0_macvtap: entered promiscuous mode
[  154.582618][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.701659][ T5853] veth1_macvtap: entered promiscuous mode
[  154.752826][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.916447][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.921745][ T5853] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.003369][ T5853] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.043916][ T5853] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.047757][ T5853] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.212050][ T5838] veth0_vlan: entered promiscuous mode
[  155.432539][ T5838] veth1_vlan: entered promiscuous mode
[  155.829953][ T5838] veth0_macvtap: entered promiscuous mode
[  156.059859][ T5838] veth1_macvtap: entered promiscuous mode
[  156.212731][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.310113][ T5851] veth0_vlan: entered promiscuous mode
[  156.416761][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  156.422138][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.511260][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.550022][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.590259][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.618501][   T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.621963][   T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.791495][ T5851] veth1_vlan: entered promiscuous mode
[  157.039871][ T3044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.075685][ T3044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.343310][ T5851] veth0_macvtap: entered promiscuous mode
[  157.453450][ T1035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.500439][ T1035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.586625][ T5851] veth1_macvtap: entered promiscuous mode
2025/06/02 18:16:14 executed programs: 86
[  157.711645][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.824495][   T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.837835][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.869779][   T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.956378][ T5851] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.960153][ T5851] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.042075][ T5851] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.083883][ T5851] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.778834][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.782235][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.048036][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.052181][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/06/02 18:16:19 executed programs: 236
2025/06/02 18:16:24 executed programs: 415
2025/06/02 18:16:29 executed programs: 601
2025/06/02 18:16:34 executed programs: 786
2025/06/02 18:16:39 executed programs: 975
2025/06/02 18:16:44 executed programs: 1176
2025/06/02 18:16:49 executed programs: 1381
2025/06/02 18:16:54 executed programs: 1591
[  199.338007][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  199.340771][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
2025/06/02 18:16:59 executed programs: 1795
2025/06/02 18:17:04 executed programs: 2003
2025/06/02 18:17:09 executed programs: 2210
2025/06/02 18:17:14 executed programs: 2413
2025/06/02 18:17:19 executed programs: 2623
2025/06/02 18:17:24 executed programs: 2851
2025/06/02 18:17:29 executed programs: 3091
2025/06/02 18:17:34 executed programs: 3325
[  241.828662][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  241.848490][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  241.852355][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  241.856886][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  241.864865][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  241.968316][T13316] Bluetooth: MGMT ver 1.23
[  241.997082][ T5846] ==================================================================
[  242.000554][ T5846] BUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.004457][ T5846] Read of size 8 at addr ffff8880115a3aa0 by task kworker/u5:4/5846
[  242.008668][ T5846] 
[  242.009722][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: kworker/u5:4 Not tainted 6.15.0-syzkaller-gcd2e103d57e5-dirty #0 PREEMPT(full) 
[  242.009732][ T5846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.009738][ T5846] Workqueue: hci0 hci_cmd_sync_work
[  242.009752][ T5846] Call Trace:
[  242.009757][ T5846]  <TASK>
[  242.009761][ T5846]  dump_stack_lvl+0x189/0x250
[  242.009773][ T5846]  ? __virt_addr_valid+0x1c8/0x5c0
[  242.009785][ T5846]  ? rcu_is_watching+0x15/0xb0
[  242.009808][ T5846]  ? __kasan_check_byte+0x12/0x40
[  242.009875][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  242.009887][ T5846]  ? rcu_is_watching+0x15/0xb0
[  242.009898][ T5846]  ? lock_release+0x4b/0x3e0
[  242.009911][ T5846]  ? __virt_addr_valid+0x1c8/0x5c0
[  242.009924][ T5846]  ? __virt_addr_valid+0x4a5/0x5c0
[  242.009937][ T5846]  print_report+0xd2/0x2b0
[  242.009950][ T5846]  ? mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.009962][ T5846]  kasan_report+0x118/0x150
[  242.009976][ T5846]  ? mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.009989][ T5846]  mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.010004][ T5846]  ? __pfx_mgmt_remove_adv_monitor_complete+0x10/0x10
[  242.010019][ T5846]  ? __pfx_mgmt_remove_adv_monitor_complete+0x10/0x10
[  242.010033][ T5846]  hci_cmd_sync_work+0x261/0x3a0
[  242.010045][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  242.010057][ T5846]  process_scheduled_works+0xade/0x17b0
[  242.010074][ T5846]  ? __pfx_process_scheduled_works+0x10/0x10
[  242.010090][ T5846]  worker_thread+0x8a0/0xda0
[  242.010105][ T5846]  kthread+0x711/0x8a0
[  242.010115][ T5846]  ? __pfx_worker_thread+0x10/0x10
[  242.010126][ T5846]  ? __pfx_kthread+0x10/0x10
[  242.010162][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  242.010205][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  242.010216][ T5846]  ? __pfx_kthread+0x10/0x10
[  242.010225][ T5846]  ret_from_fork+0x3fc/0x770
[  242.010236][ T5846]  ? __pfx_ret_from_fork+0x10/0x10
[  242.010249][ T5846]  ? __pfx_kthread+0x10/0x10
[  242.010258][ T5846]  ret_from_fork_asm+0x1a/0x30
[  242.010271][ T5846]  </TASK>
[  242.010274][ T5846] 
[  242.098615][ T5846] Allocated by task 13316:
[  242.100572][ T5846]  kasan_save_track+0x3e/0x80
[  242.102554][ T5846]  __kasan_kmalloc+0x93/0xb0
[  242.104606][ T5846]  __kmalloc_cache_noprof+0x230/0x3d0
[  242.107041][ T5846]  mgmt_pending_new+0x65/0x1e0
[  242.109109][ T5846]  mgmt_pending_add+0x35/0x140
[  242.111237][ T5846]  remove_adv_monitor+0x103/0x1b0
[  242.113394][ T5846]  hci_mgmt_cmd+0x9c9/0xef0
[  242.115382][ T5846]  hci_sock_sendmsg+0x6ca/0xef0
[  242.117524][ T5846]  __sock_sendmsg+0x219/0x270
[  242.119614][ T5846]  sock_write_iter+0x258/0x330
[  242.121730][ T5846]  vfs_write+0x54b/0xa90
[  242.123579][ T5846]  ksys_write+0x145/0x250
[  242.125432][ T5846]  do_syscall_64+0xfa/0x3b0
[  242.127451][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.129963][ T5846] 
[  242.131056][ T5846] Freed by task 13322:
[  242.132737][ T5846]  kasan_save_track+0x3e/0x80
[  242.134752][ T5846]  kasan_save_free_info+0x46/0x50
[  242.137120][ T5846]  __kasan_slab_free+0x62/0x70
[  242.139179][ T5846]  kfree+0x18e/0x440
[  242.141071][ T5846]  mgmt_pending_foreach+0x30d/0x380
[  242.143287][ T5846]  mgmt_index_removed+0x112/0x2f0
[  242.145476][ T5846]  hci_sock_bind+0xbe9/0x1000
[  242.147519][ T5846]  __sys_bind+0x2c6/0x3e0
[  242.149733][ T5846]  __x64_sys_bind+0x7a/0x90
[  242.152415][ T5846]  do_syscall_64+0xfa/0x3b0
[  242.154475][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.157063][ T5846] 
[  242.158180][ T5846] The buggy address belongs to the object at ffff8880115a3a80
[  242.158180][ T5846]  which belongs to the cache kmalloc-96 of size 96
[  242.164188][ T5846] The buggy address is located 32 bytes inside of
[  242.164188][ T5846]  freed 96-byte region [ffff8880115a3a80, ffff8880115a3ae0)
[  242.170156][ T5846] 
[  242.171149][ T5846] The buggy address belongs to the physical page:
[  242.173700][ T5846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x115a3
[  242.177550][ T5846] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  242.180752][ T5846] page_type: f5(slab)
[  242.182534][ T5846] raw: 00fff00000000000 ffff88801a441280 ffffea0000681b00 dead000000000003
[  242.186373][ T5846] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000
[  242.190064][ T5846] page dumped because: kasan: bad access detected
[  242.192835][ T5846] page_owner tracks the page as allocated
[  242.195220][ T5846] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5851, tgid 5851 (syz-executor), ts 158761816277, free_ts 158220175343
[  242.203551][ T5846]  post_alloc_hook+0x240/0x2a0
[  242.205618][ T5846]  get_page_from_freelist+0x21e4/0x22c0
[  242.208076][ T5846]  __alloc_pages_slowpath+0x2fe/0xce0
[  242.210424][ T5846]  __alloc_frozen_pages_noprof+0x319/0x370
[  242.212899][ T5846]  allocate_slab+0x65/0x3b0
[  242.214884][ T5846]  ___slab_alloc+0xbfc/0x1480
[  242.217183][ T5846]  __kmalloc_cache_node_noprof+0x29a/0x3d0
[  242.220267][ T5846]  __alloc_workqueue+0x6a4/0x1b70
[  242.222425][ T5846]  alloc_workqueue+0xd4/0x210
[  242.224479][ T5846]  ieee80211_register_hw+0x2c5f/0x4120
[  242.226949][ T5846]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  242.229428][ T5846]  hwsim_new_radio_nl+0xea4/0x1b10
[  242.231588][ T5846]  genl_family_rcv_msg_doit+0x215/0x300
[  242.233958][ T5846]  genl_rcv_msg+0x60e/0x790
[  242.235864][ T5846]  netlink_rcv_skb+0x205/0x470
[  242.237829][ T5846]  genl_rcv+0x28/0x40
[  242.239462][ T5846] page last free pid 5977 tgid 5977 stack trace:
[  242.242310][ T5846]  __free_frozen_pages+0xc71/0xe70
[  242.244417][ T5846]  vfree+0x25a/0x400
[  242.246087][ T5846]  delayed_vfree_work+0x55/0x80
[  242.248146][ T5846]  process_scheduled_works+0xade/0x17b0
[  242.250548][ T5846]  worker_thread+0x8a0/0xda0
[  242.252590][ T5846]  kthread+0x711/0x8a0
[  242.254275][ T5846]  ret_from_fork+0x3fc/0x770
[  242.256185][ T5846]  ret_from_fork_asm+0x1a/0x30
[  242.258387][ T5846] 
[  242.259468][ T5846] Memory state around the buggy address:
[  242.262118][ T5846]  ffff8880115a3980: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  242.265646][ T5846]  ffff8880115a3a00: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[  242.269040][ T5846] >ffff8880115a3a80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  242.272390][ T5846]                                ^
[  242.274669][ T5846]  ffff8880115a3b00: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[  242.278032][ T5846]  ffff8880115a3b80: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[  242.281476][ T5846] ==================================================================
[  242.319534][ T5846] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  242.322722][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: kworker/u5:4 Not tainted 6.15.0-syzkaller-gcd2e103d57e5-dirty #0 PREEMPT(full) 
[  242.327859][ T5846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.332363][ T5846] Workqueue: hci0 hci_cmd_sync_work
[  242.334598][ T5846] Call Trace:
[  242.336111][ T5846]  <TASK>
[  242.337355][ T5846]  dump_stack_lvl+0x99/0x250
[  242.339355][ T5846]  ? __asan_memcpy+0x40/0x70
[  242.341432][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  242.343694][ T5846]  ? __pfx__printk+0x10/0x10
[  242.345754][ T5846]  panic+0x2db/0x790
[  242.347517][ T5846]  ? __pfx_panic+0x10/0x10
[  242.349532][ T5846]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  242.352252][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  242.354963][ T5846]  ? print_memory_metadata+0x314/0x400
[  242.357352][ T5846]  ? mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.360121][ T5846]  check_panic_on_warn+0x89/0xb0
[  242.362354][ T5846]  ? mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.365112][ T5846]  end_report+0x78/0x160
[  242.366932][ T5846]  kasan_report+0x129/0x150
[  242.368962][ T5846]  ? mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.371692][ T5846]  mgmt_remove_adv_monitor_complete+0xe5/0x5a0
[  242.374392][ T5846]  ? __pfx_mgmt_remove_adv_monitor_complete+0x10/0x10
[  242.377076][ T5846]  ? __pfx_mgmt_remove_adv_monitor_complete+0x10/0x10
[  242.379952][ T5846]  hci_cmd_sync_work+0x261/0x3a0
[  242.382169][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  242.384646][ T5846]  process_scheduled_works+0xade/0x17b0
[  242.387016][ T5846]  ? __pfx_process_scheduled_works+0x10/0x10
[  242.389621][ T5846]  worker_thread+0x8a0/0xda0
[  242.391764][ T5846]  kthread+0x711/0x8a0
[  242.393556][ T5846]  ? __pfx_worker_thread+0x10/0x10
[  242.395791][ T5846]  ? __pfx_kthread+0x10/0x10
[  242.397850][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  242.400113][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  242.402401][ T5846]  ? __pfx_kthread+0x10/0x10
[  242.404367][ T5846]  ret_from_fork+0x3fc/0x770
[  242.406320][ T5846]  ? __pfx_ret_from_fork+0x10/0x10
[  242.408606][ T5846]  ? __pfx_kthread+0x10/0x10
[  242.410610][ T5846]  ret_from_fork_asm+0x1a/0x30
[  242.412609][ T5846]  </TASK>
[  242.414266][ T5846] Kernel Offset: disabled
[  242.416055][ T5846] Rebooting in 86400 seconds..