[ 72.799349][ T46] device veth1_macvtap left promiscuous mode [ 72.806317][ T46] device veth0_macvtap left promiscuous mode [ 72.812827][ T46] device veth1_vlan left promiscuous mode [ 72.819534][ T46] device veth0_vlan left promiscuous mode [ 73.070124][ T46] team0 (unregistering): Port device team_slave_1 removed [ 73.089599][ T46] team0 (unregistering): Port device team_slave_0 removed [ 73.106124][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 73.123143][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 73.218571][ T46] bond0 (unregistering): Released all slaves [ 81.447739][ T766] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts. 2023/01/13 12:27:18 ignoring optional flag "sandboxArg"="0" 2023/01/13 12:27:18 parsed 1 programs 2023/01/13 12:27:18 executed programs: 0 [ 92.541348][ T4393] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.549736][ T4393] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.557820][ T4393] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.567418][ T4393] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.575080][ T4393] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 92.582565][ T4393] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.688856][ T5542] chnl_net:caif_netlink_parms(): no params data found [ 92.730712][ T5542] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.738480][ T5542] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.747074][ T5542] device bridge_slave_0 entered promiscuous mode [ 92.755236][ T5542] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.762783][ T5542] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.770722][ T5542] device bridge_slave_1 entered promiscuous mode [ 92.792565][ T5542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.803651][ T5542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.827319][ T5542] team0: Port device team_slave_0 added [ 92.835088][ T5542] team0: Port device team_slave_1 added [ 92.852952][ T5542] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.860024][ T5542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.886071][ T5542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.898524][ T5542] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.906338][ T5542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.932568][ T5542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.962331][ T5542] device hsr_slave_0 entered promiscuous mode [ 92.969529][ T5542] device hsr_slave_1 entered promiscuous mode [ 93.603017][ T5542] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.613471][ T5542] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.624054][ T5542] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.634989][ T5542] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.663569][ T5542] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.671022][ T5542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.678512][ T5542] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.685703][ T5542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.699012][ T22] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.710325][ T22] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.781565][ T5542] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.800009][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 93.809380][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 93.822826][ T5542] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.834784][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 93.844857][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 93.856064][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.863206][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.889527][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 93.900466][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 93.910973][ T5563] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.918345][ T5563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.926815][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 93.936569][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 93.948545][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 93.969020][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 93.978551][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 93.988568][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 93.998873][ T5563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 94.012904][ T5542] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 94.029863][ T5542] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 94.041180][ T5090] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 94.051097][ T5090] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 94.299972][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 94.309959][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 94.325230][ T5542] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.353368][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 94.363772][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 94.389534][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 94.399724][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 94.413619][ T5542] device veth0_vlan entered promiscuous mode [ 94.424026][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 94.434109][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 94.449947][ T5542] device veth1_vlan entered promiscuous mode [ 94.479909][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 94.490922][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 94.500631][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 94.512268][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 94.525240][ T5542] device veth0_macvtap entered promiscuous mode [ 94.541537][ T5542] device veth1_macvtap entered promiscuous mode [ 94.563442][ T5542] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.573967][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 94.584224][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 94.594986][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 94.604490][ T766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 94.619896][ T5542] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.631397][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 94.641562][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 94.646943][ T4393] Bluetooth: hci0: command 0x0409 tx timeout [ 94.654706][ T5542] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.667060][ T5542] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.676999][ T5542] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.686418][ T5542] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.764462][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.776920][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.811237][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 94.829903][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.838720][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.850633][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 95.304719][ T5597] VFS: Close: file count is 0 [ 95.312919][ T5602] ------------[ cut here ]------------ [ 95.319363][ T5598] ------------[ cut here ]------------ [ 95.325096][ T5598] refcount_t: addition on 0; use-after-free. [ 95.331590][ T5598] WARNING: CPU: 0 PID: 5598 at lib/refcount.c:25 refcount_warn_saturate+0x17c/0x1f0 [ 95.341549][ T5598] Modules linked in: [ 95.345474][ T5598] CPU: 0 PID: 5598 Comm: syz-executor.0 Not tainted 6.2.0-rc3-next-20230112-syzkaller-dirty #0 [ 95.356011][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 95.366418][ T5598] RIP: 0010:refcount_warn_saturate+0x17c/0x1f0 [ 95.372595][ T5598] Code: 0a 31 ff 89 de e8 d4 13 78 fd 84 db 0f 85 2e ff ff ff e8 57 17 78 fd 48 c7 c7 60 87 a6 8a c6 05 60 d0 54 0a 01 e8 98 a7 b2 05 <0f> 0b e9 0f ff ff ff e8 38 17 78 fd 0f b6 1d 4a d0 54 0a 31 ff 89 [ 95.392251][ T5598] RSP: 0018:ffffc90005befb68 EFLAGS: 00010286 [ 95.398435][ T5598] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.406522][ T5598] RDX: ffff88807d2f57c0 RSI: ffffffff8166972c RDI: fffff52000b7df5f [ 95.414674][ T5598] RBP: ffff88807d2f3aa8 R08: 0000000000000005 R09: 0000000000000000 [ 95.422670][ T5598] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880764ee300 [ 95.430768][ T5598] R13: ffff88807d2f3fa8 R14: 0000000000000000 R15: ffff88807d2f3aa8 [ 95.438767][ T5598] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 95.447816][ T5598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.454407][ T5598] CR2: 0000000021000000 CR3: 000000007673f000 CR4: 00000000003506f0 [ 95.462496][ T5598] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 95.470495][ T5598] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 95.478603][ T5598] Call Trace: [ 95.481885][ T5598] [ 95.484818][ T5598] mm_update_next_owner+0x585/0x7b0 [ 95.490120][ T5598] do_exit+0x9a4/0x2a90 [ 95.494399][ T5598] ? find_held_lock+0x2d/0x110 [ 95.499212][ T5598] ? get_signal+0x8a0/0x24f0 [ 95.503814][ T5598] ? mm_update_next_owner+0x7b0/0x7b0 [ 95.509333][ T5598] do_group_exit+0xd4/0x2a0 [ 95.514056][ T5598] get_signal+0x225f/0x24f0 [ 95.518834][ T5598] ? __schedule+0x25d8/0x5a70 [ 95.523665][ T5598] ? vfs_write+0x49e/0xe10 [ 95.528313][ T5598] ? exit_signals+0x910/0x910 [ 95.533025][ T5598] ? do_futex+0x132/0x360 [ 95.537677][ T5598] ? __ia32_sys_get_robust_list+0x400/0x400 [ 95.543710][ T5598] arch_do_signal_or_restart+0x79/0x5c0 [ 95.549520][ T5598] ? get_sigframe_size+0x10/0x10 [ 95.554570][ T5598] ? __x64_sys_futex+0x1ca/0x4d0 [ 95.559566][ T5598] ? do_futex+0x360/0x360 [ 95.563925][ T5598] exit_to_user_mode_prepare+0x11f/0x240 [ 95.569612][ T5598] syscall_exit_to_user_mode+0x1d/0x50 [ 95.575114][ T5598] do_syscall_64+0x46/0xb0 [ 95.579772][ T5598] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 95.585769][ T5598] RIP: 0033:0x7f9d6f48c0c9 [ 95.590202][ T5598] Code: Unable to access opcode bytes at 0x7f9d6f48c09f. [ 95.597522][ T5598] RSP: 002b:00007f9d70279218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 95.606072][ T5598] RAX: fffffffffffffe00 RBX: 00007f9d6f5abf88 RCX: 00007f9d6f48c0c9 [ 95.614226][ T5598] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9d6f5abf88 [ 95.622233][ T5598] RBP: 00007f9d6f5abf80 R08: 0000000000000000 R09: 0000000000000000 [ 95.630340][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9d6f5abf8c [ 95.638350][ T5598] R13: 00007ffd0405f78f R14: 00007f9d70279300 R15: 0000000000022000 [ 95.646382][ T5598] [ 95.649410][ T5598] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 95.656687][ T5598] CPU: 0 PID: 5598 Comm: syz-executor.0 Not tainted 6.2.0-rc3-next-20230112-syzkaller-dirty #0 [ 95.667114][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 95.677196][ T5598] Call Trace: [ 95.680480][ T5598] [ 95.683413][ T5598] dump_stack_lvl+0xd1/0x138 [ 95.688016][ T5598] panic+0x2cc/0x626 [ 95.691934][ T5598] ? panic_print_sys_info.part.0+0x112/0x112 [ 95.697947][ T5598] ? refcount_warn_saturate+0x17c/0x1f0 [ 95.703652][ T5598] check_panic_on_warn.cold+0x19/0x35 [ 95.709168][ T5598] __warn+0xf2/0x1a0 [ 95.713081][ T5598] ? refcount_warn_saturate+0x17c/0x1f0 [ 95.719115][ T5598] report_bug+0x1c0/0x210 [ 95.723590][ T5598] handle_bug+0x3c/0x70 [ 95.727901][ T5598] exc_invalid_op+0x18/0x50 [ 95.732644][ T5598] asm_exc_invalid_op+0x1a/0x20 [ 95.737571][ T5598] RIP: 0010:refcount_warn_saturate+0x17c/0x1f0 [ 95.743777][ T5598] Code: 0a 31 ff 89 de e8 d4 13 78 fd 84 db 0f 85 2e ff ff ff e8 57 17 78 fd 48 c7 c7 60 87 a6 8a c6 05 60 d0 54 0a 01 e8 98 a7 b2 05 <0f> 0b e9 0f ff ff ff e8 38 17 78 fd 0f b6 1d 4a d0 54 0a 31 ff 89 [ 95.763769][ T5598] RSP: 0018:ffffc90005befb68 EFLAGS: 00010286 [ 95.770318][ T5598] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.778477][ T5598] RDX: ffff88807d2f57c0 RSI: ffffffff8166972c RDI: fffff52000b7df5f [ 95.786629][ T5598] RBP: ffff88807d2f3aa8 R08: 0000000000000005 R09: 0000000000000000 [ 95.794781][ T5598] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880764ee300 [ 95.802754][ T5598] R13: ffff88807d2f3fa8 R14: 0000000000000000 R15: ffff88807d2f3aa8 [ 95.810742][ T5598] ? vprintk+0x8c/0xa0 [ 95.814855][ T5598] ? refcount_warn_saturate+0x17c/0x1f0 [ 95.820415][ T5598] mm_update_next_owner+0x585/0x7b0 [ 95.825642][ T5598] do_exit+0x9a4/0x2a90 [ 95.830355][ T5598] ? find_held_lock+0x2d/0x110 [ 95.835163][ T5598] ? get_signal+0x8a0/0x24f0 [ 95.839796][ T5598] ? mm_update_next_owner+0x7b0/0x7b0 [ 95.845318][ T5598] do_group_exit+0xd4/0x2a0 [ 95.849944][ T5598] get_signal+0x225f/0x24f0 [ 95.854547][ T5598] ? __schedule+0x25d8/0x5a70 [ 95.859237][ T5598] ? vfs_write+0x49e/0xe10 [ 95.863669][ T5598] ? exit_signals+0x910/0x910 [ 95.868356][ T5598] ? do_futex+0x132/0x360 [ 95.872700][ T5598] ? __ia32_sys_get_robust_list+0x400/0x400 [ 95.878710][ T5598] arch_do_signal_or_restart+0x79/0x5c0 [ 95.884268][ T5598] ? get_sigframe_size+0x10/0x10 [ 95.889225][ T5598] ? __x64_sys_futex+0x1ca/0x4d0 [ 95.894179][ T5598] ? do_futex+0x360/0x360 [ 95.898539][ T5598] exit_to_user_mode_prepare+0x11f/0x240 [ 95.904711][ T5598] syscall_exit_to_user_mode+0x1d/0x50 [ 95.910198][ T5598] do_syscall_64+0x46/0xb0 [ 95.914633][ T5598] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 95.920547][ T5598] RIP: 0033:0x7f9d6f48c0c9 [ 95.924967][ T5598] Code: Unable to access opcode bytes at 0x7f9d6f48c09f. [ 95.931999][ T5598] RSP: 002b:00007f9d70279218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 95.940464][ T5598] RAX: fffffffffffffe00 RBX: 00007f9d6f5abf88 RCX: 00007f9d6f48c0c9 [ 95.948703][ T5598] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9d6f5abf88 [ 95.956677][ T5598] RBP: 00007f9d6f5abf80 R08: 0000000000000000 R09: 0000000000000000 [ 95.964741][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9d6f5abf8c [ 95.973096][ T5598] R13: 00007ffd0405f78f R14: 00007f9d70279300 R15: 0000000000022000 [ 95.981118][ T5598] [ 97.089940][ T5598] Shutting down cpus with NMI [ 97.094928][ T5598] Kernel Offset: disabled [ 97.099648][ T5598] Rebooting in 86400 seconds..