[   72.799349][   T46] device veth1_macvtap left promiscuous mode
[   72.806317][   T46] device veth0_macvtap left promiscuous mode
[   72.812827][   T46] device veth1_vlan left promiscuous mode
[   72.819534][   T46] device veth0_vlan left promiscuous mode
[   73.070124][   T46] team0 (unregistering): Port device team_slave_1 removed
[   73.089599][   T46] team0 (unregistering): Port device team_slave_0 removed
[   73.106124][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   73.123143][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   73.218571][   T46] bond0 (unregistering): Released all slaves
[   81.447739][  T766] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts.
2023/01/13 12:27:18 ignoring optional flag "sandboxArg"="0"
2023/01/13 12:27:18 parsed 1 programs
2023/01/13 12:27:18 executed programs: 0
[   92.541348][ T4393] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.549736][ T4393] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.557820][ T4393] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.567418][ T4393] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.575080][ T4393] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   92.582565][ T4393] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   92.688856][ T5542] chnl_net:caif_netlink_parms(): no params data found
[   92.730712][ T5542] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.738480][ T5542] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.747074][ T5542] device bridge_slave_0 entered promiscuous mode
[   92.755236][ T5542] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.762783][ T5542] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.770722][ T5542] device bridge_slave_1 entered promiscuous mode
[   92.792565][ T5542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.803651][ T5542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.827319][ T5542] team0: Port device team_slave_0 added
[   92.835088][ T5542] team0: Port device team_slave_1 added
[   92.852952][ T5542] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.860024][ T5542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.886071][ T5542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.898524][ T5542] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.906338][ T5542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.932568][ T5542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.962331][ T5542] device hsr_slave_0 entered promiscuous mode
[   92.969529][ T5542] device hsr_slave_1 entered promiscuous mode
[   93.603017][ T5542] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.613471][ T5542] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.624054][ T5542] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.634989][ T5542] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.663569][ T5542] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.671022][ T5542] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.678512][ T5542] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.685703][ T5542] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.699012][   T22] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.710325][   T22] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.781565][ T5542] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.800009][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   93.809380][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   93.822826][ T5542] 8021q: adding VLAN 0 to HW filter on device team0
[   93.834784][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   93.844857][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   93.856064][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.863206][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.889527][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   93.900466][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   93.910973][ T5563] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.918345][ T5563] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.926815][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   93.936569][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   93.948545][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   93.969020][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   93.978551][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   93.988568][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   93.998873][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   94.012904][ T5542] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   94.029863][ T5542] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   94.041180][ T5090] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   94.051097][ T5090] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   94.299972][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   94.309959][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   94.325230][ T5542] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.353368][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   94.363772][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.389534][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   94.399724][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   94.413619][ T5542] device veth0_vlan entered promiscuous mode
[   94.424026][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   94.434109][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   94.449947][ T5542] device veth1_vlan entered promiscuous mode
[   94.479909][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   94.490922][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   94.500631][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   94.512268][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.525240][ T5542] device veth0_macvtap entered promiscuous mode
[   94.541537][ T5542] device veth1_macvtap entered promiscuous mode
[   94.563442][ T5542] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.573967][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   94.584224][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   94.594986][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   94.604490][  T766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.619896][ T5542] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.631397][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   94.641562][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.646943][ T4393] Bluetooth: hci0: command 0x0409 tx timeout
[   94.654706][ T5542] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.667060][ T5542] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.676999][ T5542] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.686418][ T5542] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.764462][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.776920][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.811237][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   94.829903][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.838720][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.850633][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   95.304719][ T5597] VFS: Close: file count is 0
[   95.312919][ T5602] ------------[ cut here ]------------
[   95.319363][ T5598] ------------[ cut here ]------------
[   95.325096][ T5598] refcount_t: addition on 0; use-after-free.
[   95.331590][ T5598] WARNING: CPU: 0 PID: 5598 at lib/refcount.c:25 refcount_warn_saturate+0x17c/0x1f0
[   95.341549][ T5598] Modules linked in:
[   95.345474][ T5598] CPU: 0 PID: 5598 Comm: syz-executor.0 Not tainted 6.2.0-rc3-next-20230112-syzkaller-dirty #0
[   95.356011][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   95.366418][ T5598] RIP: 0010:refcount_warn_saturate+0x17c/0x1f0
[   95.372595][ T5598] Code: 0a 31 ff 89 de e8 d4 13 78 fd 84 db 0f 85 2e ff ff ff e8 57 17 78 fd 48 c7 c7 60 87 a6 8a c6 05 60 d0 54 0a 01 e8 98 a7 b2 05 <0f> 0b e9 0f ff ff ff e8 38 17 78 fd 0f b6 1d 4a d0 54 0a 31 ff 89
[   95.392251][ T5598] RSP: 0018:ffffc90005befb68 EFLAGS: 00010286
[   95.398435][ T5598] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   95.406522][ T5598] RDX: ffff88807d2f57c0 RSI: ffffffff8166972c RDI: fffff52000b7df5f
[   95.414674][ T5598] RBP: ffff88807d2f3aa8 R08: 0000000000000005 R09: 0000000000000000
[   95.422670][ T5598] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880764ee300
[   95.430768][ T5598] R13: ffff88807d2f3fa8 R14: 0000000000000000 R15: ffff88807d2f3aa8
[   95.438767][ T5598] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   95.447816][ T5598] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   95.454407][ T5598] CR2: 0000000021000000 CR3: 000000007673f000 CR4: 00000000003506f0
[   95.462496][ T5598] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   95.470495][ T5598] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   95.478603][ T5598] Call Trace:
[   95.481885][ T5598]  <TASK>
[   95.484818][ T5598]  mm_update_next_owner+0x585/0x7b0
[   95.490120][ T5598]  do_exit+0x9a4/0x2a90
[   95.494399][ T5598]  ? find_held_lock+0x2d/0x110
[   95.499212][ T5598]  ? get_signal+0x8a0/0x24f0
[   95.503814][ T5598]  ? mm_update_next_owner+0x7b0/0x7b0
[   95.509333][ T5598]  do_group_exit+0xd4/0x2a0
[   95.514056][ T5598]  get_signal+0x225f/0x24f0
[   95.518834][ T5598]  ? __schedule+0x25d8/0x5a70
[   95.523665][ T5598]  ? vfs_write+0x49e/0xe10
[   95.528313][ T5598]  ? exit_signals+0x910/0x910
[   95.533025][ T5598]  ? do_futex+0x132/0x360
[   95.537677][ T5598]  ? __ia32_sys_get_robust_list+0x400/0x400
[   95.543710][ T5598]  arch_do_signal_or_restart+0x79/0x5c0
[   95.549520][ T5598]  ? get_sigframe_size+0x10/0x10
[   95.554570][ T5598]  ? __x64_sys_futex+0x1ca/0x4d0
[   95.559566][ T5598]  ? do_futex+0x360/0x360
[   95.563925][ T5598]  exit_to_user_mode_prepare+0x11f/0x240
[   95.569612][ T5598]  syscall_exit_to_user_mode+0x1d/0x50
[   95.575114][ T5598]  do_syscall_64+0x46/0xb0
[   95.579772][ T5598]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   95.585769][ T5598] RIP: 0033:0x7f9d6f48c0c9
[   95.590202][ T5598] Code: Unable to access opcode bytes at 0x7f9d6f48c09f.
[   95.597522][ T5598] RSP: 002b:00007f9d70279218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   95.606072][ T5598] RAX: fffffffffffffe00 RBX: 00007f9d6f5abf88 RCX: 00007f9d6f48c0c9
[   95.614226][ T5598] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9d6f5abf88
[   95.622233][ T5598] RBP: 00007f9d6f5abf80 R08: 0000000000000000 R09: 0000000000000000
[   95.630340][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9d6f5abf8c
[   95.638350][ T5598] R13: 00007ffd0405f78f R14: 00007f9d70279300 R15: 0000000000022000
[   95.646382][ T5598]  </TASK>
[   95.649410][ T5598] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   95.656687][ T5598] CPU: 0 PID: 5598 Comm: syz-executor.0 Not tainted 6.2.0-rc3-next-20230112-syzkaller-dirty #0
[   95.667114][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   95.677196][ T5598] Call Trace:
[   95.680480][ T5598]  <TASK>
[   95.683413][ T5598]  dump_stack_lvl+0xd1/0x138
[   95.688016][ T5598]  panic+0x2cc/0x626
[   95.691934][ T5598]  ? panic_print_sys_info.part.0+0x112/0x112
[   95.697947][ T5598]  ? refcount_warn_saturate+0x17c/0x1f0
[   95.703652][ T5598]  check_panic_on_warn.cold+0x19/0x35
[   95.709168][ T5598]  __warn+0xf2/0x1a0
[   95.713081][ T5598]  ? refcount_warn_saturate+0x17c/0x1f0
[   95.719115][ T5598]  report_bug+0x1c0/0x210
[   95.723590][ T5598]  handle_bug+0x3c/0x70
[   95.727901][ T5598]  exc_invalid_op+0x18/0x50
[   95.732644][ T5598]  asm_exc_invalid_op+0x1a/0x20
[   95.737571][ T5598] RIP: 0010:refcount_warn_saturate+0x17c/0x1f0
[   95.743777][ T5598] Code: 0a 31 ff 89 de e8 d4 13 78 fd 84 db 0f 85 2e ff ff ff e8 57 17 78 fd 48 c7 c7 60 87 a6 8a c6 05 60 d0 54 0a 01 e8 98 a7 b2 05 <0f> 0b e9 0f ff ff ff e8 38 17 78 fd 0f b6 1d 4a d0 54 0a 31 ff 89
[   95.763769][ T5598] RSP: 0018:ffffc90005befb68 EFLAGS: 00010286
[   95.770318][ T5598] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   95.778477][ T5598] RDX: ffff88807d2f57c0 RSI: ffffffff8166972c RDI: fffff52000b7df5f
[   95.786629][ T5598] RBP: ffff88807d2f3aa8 R08: 0000000000000005 R09: 0000000000000000
[   95.794781][ T5598] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880764ee300
[   95.802754][ T5598] R13: ffff88807d2f3fa8 R14: 0000000000000000 R15: ffff88807d2f3aa8
[   95.810742][ T5598]  ? vprintk+0x8c/0xa0
[   95.814855][ T5598]  ? refcount_warn_saturate+0x17c/0x1f0
[   95.820415][ T5598]  mm_update_next_owner+0x585/0x7b0
[   95.825642][ T5598]  do_exit+0x9a4/0x2a90
[   95.830355][ T5598]  ? find_held_lock+0x2d/0x110
[   95.835163][ T5598]  ? get_signal+0x8a0/0x24f0
[   95.839796][ T5598]  ? mm_update_next_owner+0x7b0/0x7b0
[   95.845318][ T5598]  do_group_exit+0xd4/0x2a0
[   95.849944][ T5598]  get_signal+0x225f/0x24f0
[   95.854547][ T5598]  ? __schedule+0x25d8/0x5a70
[   95.859237][ T5598]  ? vfs_write+0x49e/0xe10
[   95.863669][ T5598]  ? exit_signals+0x910/0x910
[   95.868356][ T5598]  ? do_futex+0x132/0x360
[   95.872700][ T5598]  ? __ia32_sys_get_robust_list+0x400/0x400
[   95.878710][ T5598]  arch_do_signal_or_restart+0x79/0x5c0
[   95.884268][ T5598]  ? get_sigframe_size+0x10/0x10
[   95.889225][ T5598]  ? __x64_sys_futex+0x1ca/0x4d0
[   95.894179][ T5598]  ? do_futex+0x360/0x360
[   95.898539][ T5598]  exit_to_user_mode_prepare+0x11f/0x240
[   95.904711][ T5598]  syscall_exit_to_user_mode+0x1d/0x50
[   95.910198][ T5598]  do_syscall_64+0x46/0xb0
[   95.914633][ T5598]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   95.920547][ T5598] RIP: 0033:0x7f9d6f48c0c9
[   95.924967][ T5598] Code: Unable to access opcode bytes at 0x7f9d6f48c09f.
[   95.931999][ T5598] RSP: 002b:00007f9d70279218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   95.940464][ T5598] RAX: fffffffffffffe00 RBX: 00007f9d6f5abf88 RCX: 00007f9d6f48c0c9
[   95.948703][ T5598] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9d6f5abf88
[   95.956677][ T5598] RBP: 00007f9d6f5abf80 R08: 0000000000000000 R09: 0000000000000000
[   95.964741][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9d6f5abf8c
[   95.973096][ T5598] R13: 00007ffd0405f78f R14: 00007f9d70279300 R15: 0000000000022000
[   95.981118][ T5598]  </TASK>
[   97.089940][ T5598] Shutting down cpus with NMI
[   97.094928][ T5598] Kernel Offset: disabled
[   97.099648][ T5598] Rebooting in 86400 seconds..