[ 46.908734][ T693] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.930105][ T693] device veth1_macvtap left promiscuous mode [ 46.937837][ T693] device veth0_macvtap left promiscuous mode [ 46.944960][ T693] device veth1_vlan left promiscuous mode [ 46.950934][ T693] device veth0_vlan left promiscuous mode [ 47.159278][ T693] team0 (unregistering): Port device team_slave_1 removed [ 47.171016][ T693] team0 (unregistering): Port device team_slave_0 removed [ 47.182355][ T693] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 47.196643][ T693] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 47.242003][ T693] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.1.89' (ECDSA) to the list of known hosts. 2022/05/13 23:18:29 parsed 1 programs 2022/05/13 23:18:29 executed programs: 0 [ 58.697996][ T3923] cgroup: Unknown subsys name 'net' [ 58.709142][ T3923] cgroup: Unknown subsys name 'rlimit' [ 59.826937][ T46] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.835054][ T46] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.842593][ T46] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.850757][ T46] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.858544][ T46] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.865862][ T46] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.930008][ T3936] chnl_net:caif_netlink_parms(): no params data found [ 59.982023][ T3936] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.989300][ T3936] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.997606][ T3936] device bridge_slave_0 entered promiscuous mode [ 60.006896][ T3936] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.014298][ T3936] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.022202][ T3936] device bridge_slave_1 entered promiscuous mode [ 60.046244][ T3936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.057495][ T3936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.084279][ T3936] team0: Port device team_slave_0 added [ 60.091907][ T3936] team0: Port device team_slave_1 added [ 60.115674][ T3936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.123226][ T3936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.149403][ T3936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.162381][ T3936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.169569][ T3936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.196004][ T3936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.227785][ T3936] device hsr_slave_0 entered promiscuous mode [ 60.234670][ T3936] device hsr_slave_1 entered promiscuous mode [ 60.314507][ T3936] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.321848][ T3936] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.329236][ T3936] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.336395][ T3936] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.387752][ T3936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.400922][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.410011][ T3615] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.418178][ T3615] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.427363][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 60.440610][ T3936] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.453923][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.464067][ T3615] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.471141][ T3615] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.500061][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.509804][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.516938][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.526302][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.535004][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.543758][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.555921][ T3936] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.570367][ T3936] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 60.579526][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.587965][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.610046][ T3936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.620312][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 60.629002][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 60.811536][ T3936] device veth0_vlan entered promiscuous mode [ 60.818499][ T141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.827377][ T141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.836582][ T141] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.844446][ T141] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.856618][ T3936] device veth1_vlan entered promiscuous mode [ 60.871850][ T3936] device veth0_macvtap entered promiscuous mode [ 60.879410][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 60.888058][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 60.896450][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.906292][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.917012][ T3936] device veth1_macvtap entered promiscuous mode [ 60.930154][ T3936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.937640][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.946687][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.957796][ T3936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.965905][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.974910][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.020655][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.035627][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.047290][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.059238][ T91] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.067641][ T91] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.077638][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.108941][ T4073] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 61.906345][ T3615] Bluetooth: hci0: command 0x0409 tx timeout 2022/05/13 23:18:34 executed programs: 30 [ 63.983520][ T3615] Bluetooth: hci0: command 0x041b tx timeout [ 65.985734][ T1224] ieee802154 phy0 wpan0: encryption failed: -22 [ 65.992228][ T1224] ieee802154 phy1 wpan1: encryption failed: -22 [ 66.063353][ T141] Bluetooth: hci0: command 0x040f tx timeout [ 68.143978][ T141] Bluetooth: hci0: command 0x0419 tx timeout 2022/05/13 23:18:39 executed programs: 85 [ 71.114640][ T144] cfg80211: failed to load regulatory.db 2022/05/13 23:18:44 executed programs: 137 2022/05/13 23:18:49 executed programs: 187 2022/05/13 23:18:54 executed programs: 242 2022/05/13 23:18:59 executed programs: 294 2022/05/13 23:19:04 executed programs: 348 2022/05/13 23:19:09 executed programs: 400 2022/05/13 23:19:14 executed programs: 451 2022/05/13 23:19:19 executed programs: 505 2022/05/13 23:19:24 executed programs: 560 2022/05/13 23:19:29 executed programs: 612 2022/05/13 23:19:35 executed programs: 664 [ 127.434060][ T1224] ieee802154 phy0 wpan0: encryption failed: -22 [ 127.440426][ T1224] ieee802154 phy1 wpan1: encryption failed: -22 2022/05/13 23:19:40 executed programs: 719 2022/05/13 23:19:45 executed programs: 766 2022/05/13 23:19:50 executed programs: 820 2022/05/13 23:19:55 executed programs: 871 2022/05/13 23:20:00 executed programs: 923 2022/05/13 23:20:05 executed programs: 977 [ 158.392941][ T8133] page:ffffea0000534200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14d08 [ 158.403879][ T8133] head:ffffea0000534200 order:3 compound_mapcount:0 compound_pincount:0 [ 158.412409][ T8133] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 158.420665][ T8133] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff88800fc42140 [ 158.429637][ T8133] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 158.438251][ T8133] page dumped because: VM_BUG_ON_FOLIO(folio_test_slab(folio)) [ 158.445999][ T8133] page_owner tracks the page as allocated [ 158.451887][ T8133] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3608, tgid 3608 (syz-executor.0), ts 39116797219, free_ts 32015975817 [ 158.473578][ T8133] get_page_from_freelist+0x178d/0x3dc0 [ 158.479113][ T8133] __alloc_pages+0x1b2/0x500 [ 158.483847][ T8133] allocate_slab+0x26c/0x3c0 [ 158.488438][ T8133] ___slab_alloc+0x8e1/0xf20 [ 158.493057][ T8133] __slab_alloc.constprop.0+0x4d/0xa0 [ 158.498508][ T8133] __kmalloc_track_caller+0x2e7/0x320 [ 158.503921][ T8133] kmemdup+0x1a/0x40 [ 158.507802][ T8133] __addrconf_sysctl_register+0x8e/0x3b0 [ 158.513560][ T8133] addrconf_sysctl_register+0xf6/0x180 [ 158.519108][ T8133] ipv6_add_dev+0x8dc/0x10f0 [ 158.523742][ T8133] addrconf_notify+0x5b7/0x15a0 [ 158.528580][ T8133] notifier_call_chain+0x94/0x170 [ 158.533630][ T8133] register_netdevice+0xd6f/0x1400 [ 158.538727][ T8133] __tun_chr_ioctl+0x215e/0x3810 [ 158.543798][ T8133] __x64_sys_ioctl+0x11f/0x190 [ 158.548636][ T8133] do_syscall_64+0x35/0x80 [ 158.553173][ T8133] page last free stack trace: [ 158.557830][ T8133] free_pcp_prepare+0x549/0xd20 [ 158.562902][ T8133] free_unref_page+0x19/0x6a0 [ 158.567567][ T8133] __unfreeze_partials+0x17c/0x1a0 [ 158.572816][ T8133] qlist_free_all+0x6a/0x170 [ 158.577578][ T8133] kasan_quarantine_reduce+0x180/0x200 [ 158.583071][ T8133] __kasan_slab_alloc+0xa2/0xc0 [ 158.587907][ T8133] kmem_cache_alloc+0x204/0x3b0 [ 158.592971][ T8133] getname_flags.part.0+0x4a/0x440 [ 158.598155][ T8133] vfs_fstatat+0x35/0x70 [ 158.602549][ T8133] __do_sys_newfstatat+0x72/0xd0 [ 158.607599][ T8133] do_syscall_64+0x35/0x80 [ 158.612017][ T8133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.617972][ T8133] ------------[ cut here ]------------ [ 158.623713][ T8133] kernel BUG at include/linux/memcontrol.h:472! [ 158.629956][ T8133] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 158.635990][ T8133] CPU: 0 PID: 8133 Comm: syz-executor.0 Not tainted 5.18.0-rc6-syzkaller #0 [ 158.644790][ T8133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 158.654904][ T8133] RIP: 0010:workingset_activation+0x455/0x550 [ 158.660967][ T8133] Code: df 48 c1 e8 03 80 3c 10 00 0f 85 ec 00 00 00 48 8b 05 4f 8a 0b 0b e9 64 fd ff ff 48 c7 c6 a0 23 f6 88 48 89 ef e8 fb 00 00 00 <0f> 0b 0f 0b e9 4f fc ff ff 48 c7 c6 00 26 f6 88 48 89 ef e8 e3 00 [ 158.680542][ T8133] RSP: 0018:ffffc9000455f770 EFLAGS: 00010282 [ 158.686761][ T8133] RAX: 0000000000000000 RBX: ffffea0000534200 RCX: 0000000000000000 [ 158.694703][ T8133] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88801113420a [ 158.702643][ T8133] RBP: ffffea0000534200 R08: 0000000000000029 R09: ffffc9000455f317 [ 158.710588][ T8133] R10: fffff520008abe62 R11: 0000000000000001 R12: 0000000000000000 [ 158.718538][ T8133] R13: ffff8880b9e34d00 R14: 0000000000000003 R15: ffff8880b9e34d30 [ 158.726670][ T8133] FS: 0000555556f27400(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 158.735746][ T8133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.742389][ T8133] CR2: 0000000000200000 CR3: 0000000023b62000 CR4: 00000000003526f0 [ 158.750431][ T8133] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 158.758867][ T8133] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 158.766821][ T8133] Call Trace: [ 158.770346][ T8133] [ 158.773264][ T8133] folio_mark_accessed+0x494/0xb60 [ 158.778380][ T8133] __handle_changed_spte+0x765/0x1010 [ 158.783738][ T8133] ? tdp_mmu_init_child_sp+0x480/0x480 [ 158.789170][ T8133] ? mark_lock.part.0+0xee/0x19a0 [ 158.794351][ T8133] __handle_changed_spte+0x755/0x1010 [ 158.799780][ T8133] ? tdp_mmu_init_child_sp+0x480/0x480 [ 158.805211][ T8133] __tdp_mmu_set_spte+0x14a/0x780 [ 158.810203][ T8133] ? tdp_iter_next+0x4df/0x690 [ 158.815279][ T8133] ? __handle_changed_spte+0x1010/0x1010 [ 158.820966][ T8133] ? spte_to_child_pt+0x40/0x40 [ 158.825872][ T8133] __tdp_mmu_zap_root+0x532/0x5a0 [ 158.830864][ T8133] ? clear_dirty_pt_masked+0x350/0x350 [ 158.836289][ T8133] ? lock_release+0x720/0x720 [ 158.841075][ T8133] ? tdp_mmu_zap_root_work+0x70/0x70 [ 158.846500][ T8133] ? lock_release+0x720/0x720 [ 158.851154][ T8133] tdp_mmu_zap_root+0xe2/0x240 [ 158.855975][ T8133] kvm_tdp_mmu_zap_all+0xe0/0x120 [ 158.860987][ T8133] kvm_mmu_zap_all+0x1e8/0x240 [ 158.865916][ T8133] ? kvm_mmu_slot_leaf_clear_dirty+0x3f0/0x3f0 [ 158.872131][ T8133] ? lock_release+0x720/0x720 [ 158.876864][ T8133] ? lock_downgrade+0x6e0/0x6e0 [ 158.881770][ T8133] kvm_mmu_notifier_release+0x4e/0x90 [ 158.887198][ T8133] ? kvm_mmu_notifier_invalidate_range+0xb0/0xb0 [ 158.893604][ T8133] mmu_notifier_unregister+0xfe/0x330 [ 158.898946][ T8133] kvm_put_kvm+0x395/0xaa0 [ 158.903393][ T8133] kvm_vcpu_release+0x49/0x70 [ 158.908233][ T8133] __fput+0x1f5/0x8c0 [ 158.912197][ T8133] task_work_run+0xc0/0x160 [ 158.916774][ T8133] exit_to_user_mode_prepare+0x23c/0x250 [ 158.922546][ T8133] syscall_exit_to_user_mode+0x19/0x60 [ 158.928240][ T8133] do_syscall_64+0x42/0x80 [ 158.932638][ T8133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.938500][ T8133] RIP: 0033:0x7fd50943bc8b [ 158.943146][ T8133] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 158.962722][ T8133] RSP: 002b:00007ffd92bbeb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 158.971103][ T8133] RAX: 0000000000000000 RBX: 0000000000000009 RCX: 00007fd50943bc8b [ 158.979161][ T8133] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000008 [ 158.987288][ T8133] RBP: 00007fd50959d960 R08: 0000000000000000 R09: 00007fd5095a06f0 [ 158.995403][ T8133] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000026d9e [ 159.003345][ T8133] R13: 00007ffd92bbec70 R14: 00007ffd92bbec90 R15: 0000000000000032 [ 159.011407][ T8133] [ 159.014404][ T8133] Modules linked in: [ 159.018329][ T8133] ---[ end trace 0000000000000000 ]--- [ 159.023965][ T8133] RIP: 0010:workingset_activation+0x455/0x550 [ 159.030117][ T8133] Code: df 48 c1 e8 03 80 3c 10 00 0f 85 ec 00 00 00 48 8b 05 4f 8a 0b 0b e9 64 fd ff ff 48 c7 c6 a0 23 f6 88 48 89 ef e8 fb 00 00 00 <0f> 0b 0f 0b e9 4f fc ff ff 48 c7 c6 00 26 f6 88 48 89 ef e8 e3 00 [ 159.049857][ T8133] RSP: 0018:ffffc9000455f770 EFLAGS: 00010282 [ 159.055931][ T8133] RAX: 0000000000000000 RBX: ffffea0000534200 RCX: 0000000000000000 [ 159.063914][ T8133] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88801113420a [ 159.071953][ T8133] RBP: ffffea0000534200 R08: 0000000000000029 R09: ffffc9000455f317 [ 159.079930][ T8133] R10: fffff520008abe62 R11: 0000000000000001 R12: 0000000000000000 [ 159.088038][ T8133] R13: ffff8880b9e34d00 R14: 0000000000000003 R15: ffff8880b9e34d30 [ 159.096112][ T8133] FS: 0000555556f27400(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 159.105453][ T8133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.112017][ T8133] CR2: 0000000000200000 CR3: 0000000023b62000 CR4: 00000000003526f0 [ 159.120002][ T8133] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 159.128410][ T8133] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 159.136430][ T8133] Kernel panic - not syncing: Fatal exception [ 159.142885][ T8133] Kernel Offset: disabled [ 159.147195][ T8133] Rebooting in 86400 seconds..