[ 455.873155][T18770] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 456.059087][T18770] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 456.292796][T18770] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 456.340490][T18770] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 456.657432][T18770] 8021q: adding VLAN 0 to HW filter on device bond0
[ 456.689106][T18770] 8021q: adding VLAN 0 to HW filter on device team0
[ 456.712145][T12196] bridge0: port 1(bridge_slave_0) entered blocking state
[ 456.719731][T12196] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 456.749614][T12196] bridge0: port 2(bridge_slave_1) entered blocking state
[ 456.756987][T12196] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 457.380493][T18770] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 457.453372][T18770] veth0_vlan: entered promiscuous mode
[ 457.467822][T18770] veth1_vlan: entered promiscuous mode
[ 457.523277][T18770] veth0_macvtap: entered promiscuous mode
[ 457.566643][T18770] veth1_macvtap: entered promiscuous mode
[ 457.588968][T18770] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 457.625110][T18770] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 457.666462][T18770] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 457.713972][T18770] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 457.723297][T18770] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 457.774764][T18770] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 459.224107][T12161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 459.233109][T12161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 459.241396][T12225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 459.250810][T12225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
Warning: Permanently added '10.128.1.40' (ED25519) to the list of known hosts.
[ 459.451037][T18914] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[ 459.461243][T18914] team0: Device gre0 is of different type
[ 459.899355][T18919] chnl_net:caif_netlink_parms(): no params data found
[ 460.041995][T18919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 460.050779][T18919] bridge0: port 1(bridge_slave_0) entered disabled state
[ 460.058804][T18919] bridge_slave_0: entered allmulticast mode
[ 460.066419][T18919] bridge_slave_0: entered promiscuous mode
[ 460.076210][T18919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 460.083556][T18919] bridge0: port 2(bridge_slave_1) entered disabled state
[ 460.091477][T18919] bridge_slave_1: entered allmulticast mode
[ 460.098753][T18919] bridge_slave_1: entered promiscuous mode
[ 460.157799][T18919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 460.180909][T18919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 460.233523][T18919] team0: Port device team_slave_0 added
[ 460.249021][T18919] team0: Port device team_slave_1 added
[ 460.296796][T18919] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 460.307298][T18919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 460.376983][T18919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 460.407081][T18919] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 460.423888][T18919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 460.474042][T18919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 460.530995][T18919] hsr_slave_0: entered promiscuous mode
[ 460.547338][T18919] hsr_slave_1: entered promiscuous mode
[ 460.568257][T18919] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 460.584353][T18919] Cannot create hsr debugfs directory
[ 460.814855][T18919] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 462.797214][T18919] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 462.853357][T18919] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 462.928427][T18919] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 463.045966][T18919] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 463.057952][T18919] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 463.081244][T18919] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 463.090075][T18919] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 463.155462][T18919] 8021q: adding VLAN 0 to HW filter on device bond0
[ 463.178454][T18919] 8021q: adding VLAN 0 to HW filter on device team0
[ 463.189628][T12154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 463.197697][T12154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 463.224933][T12155] bridge0: port 2(bridge_slave_1) entered blocking state
[ 463.235322][T12155] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 463.281125][T18919] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 463.318769][T18919] veth0_vlan: entered promiscuous mode
[ 463.333420][T18919] veth1_vlan: entered promiscuous mode
[ 463.358988][T18919] veth0_macvtap: entered promiscuous mode
[ 463.369685][T18919] veth1_macvtap: entered promiscuous mode
[ 463.391653][T18919] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 463.406938][T18919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 463.418808][T18919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 463.431797][T18919] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 463.452873][T18919] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 463.464824][T18919] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 463.474706][T18919] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 463.483548][T18919] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 463.527293][T18968] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 463.539720][T18968] team0: Device tunl0 is of different type
[ 463.559393][T18969] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 463.570040][T18969] team0: Device gre0 is of different type
[ 463.581856][T18970] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 463.594514][T18970] team0: Device gretap0 is up. Set it down before adding it as a team port
[ 463.608946][T18971] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 463.632577][T18971] team0: Device erspan0 is up. Set it down before adding it as a team port
[ 463.658049][T18972] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 463.667532][T18972] team0: Device ip_vti0 is of different type
[ 463.678569][T18973] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 463.688296][T18973] team0: Device ip6_vti0 is of different type
[ 463.710071][ T137] hsr_slave_0: left promiscuous mode
[ 463.717930][ T137] hsr_slave_1: left promiscuous mode
[ 463.724928][ T137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 463.732481][ T137] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 463.743079][ T137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 463.751099][ T137] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 463.761195][ T137] bridge_slave_1: left allmulticast mode
[ 463.767319][ T137] bridge_slave_1: left promiscuous mode
[ 463.773151][ T137] bridge0: port 2(bridge_slave_1) entered disabled state
[ 463.783627][ T137] bridge_slave_0: left allmulticast mode
[ 463.789834][ T137] bridge_slave_0: left promiscuous mode
[ 463.797037][ T137] bridge0: port 1(bridge_slave_0) entered disabled state
[ 463.810049][ T137] veth1_macvtap: left promiscuous mode
[ 463.817238][ T137] veth0_macvtap: left promiscuous mode
[ 463.822962][ T137] veth1_vlan: left promiscuous mode
[ 463.828791][ T137] veth0_vlan: left promiscuous mode
[ 463.978744][ T137] team0 (unregistering): Port device team_slave_1 removed
[ 463.997536][ T137] team0 (unregistering): Port device team_slave_0 removed
[ 464.011820][ T137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 464.026887][ T137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 464.078380][ T137] bond0 (unregistering): Released all slaves
[ 464.118719][T18974] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.131846][T18974] team0: Device sit0 is of different type
[ 464.145354][T18975] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.162541][T18975] team0: Device ip6tnl0 is of different type
[ 464.181342][T18976] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.190785][T18976] team0: Device ip6gre0 is of different type
[ 464.205167][T18977] team0: Device syz_tun is up. Set it down before adding it as a team port
[ 464.221080][T18978] team0: Device ip6gretap0 is up. Set it down before adding it as a team port
[ 464.252334][T18979] team0: Device bridge0 is up. Set it down before adding it as a team port
[ 464.270590][T18980] team0: Device vcan0 is of different type
[ 464.286024][T18981] team0: Device bond0 is up. Set it down before adding it as a team port
[ 464.311276][T18982] team0: Cannot enslave team device to itself
[ 464.329339][T18983] team0: Device dummy0 is up. Set it down before adding it as a team port
[ 464.351523][T18984] team0: Device nlmon0 is of different type
[ 464.362970][T18985] team0: Device caif0 is of different type
[ 464.378369][T18986] team0: Device batadv0 is up. Set it down before adding it as a team port
[ 464.395204][T18987] team0: Device vxcan0 is of different type
[ 464.416328][T18988] team0: Device vxcan1 is of different type
[ 464.433718][T18989] team0: Device veth0 is up. Set it down before adding it as a team port
[ 464.455037][T18990] team0: Device veth1 is up. Set it down before adding it as a team port
[ 464.471792][T18991] validate_nla: 14 callbacks suppressed
[ 464.471812][T18991] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.490194][T18991] team0: Device wg0 is of different type
[ 464.502183][T18992] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.512861][T18992] team0: Device wg1 is of different type
[ 464.527033][T18993] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.536636][T18993] team0: Device wg2 is of different type
[ 464.550498][T18994] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.565456][T18994] team0: Device veth0_to_bridge is up. Set it down before adding it as a team port
[ 464.591169][T18995] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.608150][T18995] bridge_slave_0: left allmulticast mode
[ 464.614097][T18995] bridge_slave_0: left promiscuous mode
[ 464.620091][T18995] bridge0: port 1(bridge_slave_0) entered disabled state
[ 464.630729][T18995] team0: Device bridge_slave_0 is up. Set it down before adding it as a team port
[ 464.650000][T18996] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.664176][T18996] team0: Device veth1_to_bridge is up. Set it down before adding it as a team port
[ 464.682344][T18997] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.691850][T18997] bridge_slave_1: left allmulticast mode
[ 464.698443][T18997] bridge_slave_1: left promiscuous mode
[ 464.704972][T18997] bridge0: port 2(bridge_slave_1) entered disabled state
[ 464.716144][T18997] team0: Device bridge_slave_1 is up. Set it down before adding it as a team port
[ 464.734735][T18998] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.749546][T18998] team0: Device veth0_to_bond is up. Set it down before adding it as a team port
[ 464.765851][T18999] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.777579][T18999] bond0: (slave bond_slave_0): Releasing backup interface
[ 464.799745][T18999] team0: Port device bond_slave_0 added
[ 464.815014][T19000] netlink: 'syz-executor408': attribute type 1 has an invalid length.
[ 464.831134][T19000] team0: Device veth1_to_bond is up. Set it down before adding it as a team port
[ 464.850520][T19001] bond0: (slave bond_slave_1): Releasing backup interface
[ 464.878142][T19001] team0: Port device bond_slave_1 added
[ 464.899366][T19002] team0: Device veth0_to_team is up. Set it down before adding it as a team port
[ 464.930989][T19004] team0: Device veth1_to_team is up. Set it down before adding it as a team port
[ 464.960769][T19006] team0: Device veth0_to_batadv is up. Set it down before adding it as a team port
[ 464.985085][T19007] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[ 464.996396][T19007] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 465.010190][T19007] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 465.018471][T19007] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 465.028397][T19007] team0: Device batadv_slave_0 is up. Set it down before adding it as a team port
[ 465.051779][T19008] team0: Device veth1_to_batadv is up. Set it down before adding it as a team port
[ 465.075020][T19009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[ 465.086294][T19009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 465.098549][T19009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 465.106927][T19009] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 465.117106][T19009] team0: Device batadv_slave_1 is up. Set it down before adding it as a team port
[ 465.134810][T19010] team0: Device xfrm0 is of different type
[ 465.152248][T19011] team0: Device veth0_to_hsr is up. Set it down before adding it as a team port
[ 465.170358][T19012] team0: Device hsr_slave_0 is up. Set it down before adding it as a team port
[ 465.191535][T19013] team0: Device veth1_to_hsr is up. Set it down before adding it as a team port
[ 465.227570][T19014] team0: Device hsr_slave_1 is up. Set it down before adding it as a team port
[ 465.259012][T19015] team0: Device hsr0 is up. Set it down before adding it as a team port
[ 465.276903][T19016] team0: Device veth1_virt_wifi is up. Set it down before adding it as a team port
[ 465.299680][T19017] team0: Device veth0_virt_wifi is up. Set it down before adding it as a team port
[ 465.323320][T19018] team0: Device virt_wifi0 failed to register rx_handler
[ 465.357365][T19019] team0: Device veth1_vlan is up. Set it down before adding it as a team port
[ 465.377999][T19020] team0: Device veth0_vlan is up. Set it down before adding it as a team port
[ 465.401269][T19021] team0: Device vlan0 is up. Set it down before adding it as a team port
[ 465.422423][T19022] team0: Device vlan1 is up. Set it down before adding it as a team port
[ 465.442596][T19023] team0: Device macvlan0 is up. Set it down before adding it as a team port
[ 465.465617][T19024] team0: Device macvlan1 is up. Set it down before adding it as a team port
[ 465.546749][T19025] team0: Device ipvlan0 failed to register rx_handler
[ 465.640677][T19026] team0: Device ipvlan1 failed to register rx_handler
[ 465.674690][T19027] team0: Device veth1_macvtap is up. Set it down before adding it as a team port
[ 465.689508][T19028] team0: Device veth0_macvtap is up. Set it down before adding it as a team port
[ 465.706119][T19029] team0: Device macvtap0 is up. Set it down before adding it as a team port
[ 465.723540][T19030] team0: Device macsec0 is up. Set it down before adding it as a team port
[ 465.742314][T19031] team0: Device geneve0 is up. Set it down before adding it as a team port
[ 465.759446][T19032] team0: Device geneve1 is up. Set it down before adding it as a team port
[ 465.780085][T19033] team0: Device netdevsim0 is up. Set it down before adding it as a team port
[ 465.798695][T19034] team0: Device netdevsim1 is up. Set it down before adding it as a team port
[ 465.817001][T19035] team0: Device netdevsim2 is up. Set it down before adding it as a team port
[ 465.836330][T19036] team0: Device netdevsim3 is up. Set it down before adding it as a team port
[ 465.907739][T19043] team0: Device macsec7 is already an upper device of the team interface
[ 466.147553][T19067] 8021q: adding VLAN 0 to HW filter on device bond1
[ 466.155306][T19067] ==================================================================
[ 466.163713][T19067] BUG: KASAN: slab-use-after-free in team_device_event+0xa3b/0xad0
[ 466.172383][T19067] Read of size 8 at addr ffff888055dd5b88 by task syz-executor408/19067
[ 466.180746][T19067]
[ 466.183072][T19067] CPU: 0 PID: 19067 Comm: syz-executor408 Not tainted 6.5.0-syzkaller-04043-gf8fdd54ee6a1-dirty #0
[ 466.194022][T19067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 466.204398][T19067] Call Trace:
[ 466.208382][T19067]
[ 466.211312][T19067] dump_stack_lvl+0xd9/0x1b0
[ 466.215932][T19067] print_report+0xc4/0x620
[ 466.220398][T19067] ? __virt_addr_valid+0x5e/0x2d0
[ 466.225579][T19067] ? __phys_addr+0xc6/0x140
[ 466.230187][T19067] kasan_report+0xda/0x110
[ 466.234758][T19067] ? team_device_event+0xa3b/0xad0
[ 466.240182][T19067] ? team_device_event+0xa3b/0xad0
[ 466.245678][T19067] team_device_event+0xa3b/0xad0
[ 466.250919][T19067] notifier_call_chain+0xb6/0x3b0
[ 466.256352][T19067] ? team_add_slave+0x2560/0x2560
[ 466.261718][T19067] call_netdevice_notifiers_info+0xb9/0x130
[ 466.268050][T19067] dev_disable_lro+0x224/0x3e0
[ 466.272981][T19067] ? netdev_change_features+0xb0/0xb0
[ 466.278543][T19067] ? vlan_vids_add_by_dev+0x20e/0x350
[ 466.284236][T19067] team_add_slave+0x1c53/0x2560
[ 466.289383][T19067] ? team_netpoll_setup+0x350/0x350
[ 466.294689][T19067] ? mark_lock+0x105/0x1950
[ 466.299309][T19067] ? team_netpoll_setup+0x350/0x350
[ 466.304529][T19067] do_set_master+0x1bc/0x220
[ 466.309309][T19067] do_setlink+0xa07/0x3fa0
[ 466.314179][T19067] ? is_bpf_text_address+0x79/0x1a0
[ 466.319522][T19067] ? rtnl_bridge_getlink+0x8c0/0x8c0
[ 466.325349][T19067] ? unwind_next_frame+0xe41/0x2020
[ 466.330759][T19067] ? __module_address+0x55/0x3b0
[ 466.335717][T19067] ? bpf_ksym_find+0x124/0x1b0
[ 466.340859][T19067] ? write_profile+0x450/0x450
[ 466.345870][T19067] ? is_bpf_text_address+0x9b/0x1a0
[ 466.351146][T19067] ? kernel_text_address+0x85/0xf0
[ 466.356360][T19067] ? __kernel_text_address+0xd/0x30
[ 466.361976][T19067] ? unwind_get_return_address+0x55/0xa0
[ 466.367750][T19067] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 466.375128][T19067] ? __nla_validate_parse+0x64f/0x25d0
[ 466.380849][T19067] ? nla_get_range_signed+0x370/0x370
[ 466.386788][T19067] ? stack_trace_save+0x96/0xd0
[ 466.391845][T19067] ? filter_irq_stacks+0x90/0x90
[ 466.397025][T19067] ? __stack_depot_save+0x39/0x510
[ 466.402898][T19067] ? __nla_parse+0x40/0x50
[ 466.407918][T19067] __rtnl_newlink+0xc1d/0x1940
[ 466.413178][T19067] ? rtnl_link_unregister+0x260/0x260
[ 466.420086][T19067] rtnl_newlink+0x67/0xa0
[ 466.424799][T19067] ? __rtnl_newlink+0x1940/0x1940
[ 466.429981][T19067] rtnetlink_rcv_msg+0x439/0xd30
[ 466.435071][T19067] ? rtnl_getlink+0xb40/0xb40
[ 466.440574][T19067] ? find_held_lock+0x2d/0x110
[ 466.445538][T19067] ? rcu_preempt_deferred_qs_irqrestore+0x684/0xdb0
[ 466.453050][T19067] ? reacquire_held_locks+0x4b0/0x4b0
[ 466.459536][T19067] netlink_rcv_skb+0x16b/0x440
[ 466.464524][T19067] ? rtnl_getlink+0xb40/0xb40
[ 466.469416][T19067] ? netlink_ack+0x1370/0x1370
[ 466.474218][T19067] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 466.480483][T19067] ? __rcu_read_unlock+0x2ad/0x570
[ 466.485973][T19067] ? netlink_deliver_tap+0x1b1/0xd10
[ 466.491587][T19067] netlink_unicast+0x536/0x810
[ 466.496743][T19067] ? netlink_attachskb+0x870/0x870
[ 466.501968][T19067] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 466.508499][T19067] ? __phys_addr_symbol+0x30/0x70
[ 466.513628][T19067] ? __check_object_size+0x323/0x740
[ 466.518936][T19067] netlink_sendmsg+0x93c/0xe40
[ 466.524006][T19067] ? netlink_unicast+0x810/0x810
[ 466.529073][T19067] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 466.534479][T19067] ? netlink_unicast+0x810/0x810
[ 466.539526][T19067] sock_sendmsg+0xd9/0x180
[ 466.544198][T19067] ____sys_sendmsg+0x6ac/0x940
[ 466.548994][T19067] ? copy_msghdr_from_user+0x10b/0x160
[ 466.554559][T19067] ? kernel_sendmsg+0x50/0x50
[ 466.559258][T19067] ___sys_sendmsg+0x135/0x1d0
[ 466.564129][T19067] ? do_recvmmsg+0x740/0x740
[ 466.568875][T19067] ? reacquire_held_locks+0x4b0/0x4b0
[ 466.574493][T19067] ? __might_fault+0x156/0x190
[ 466.579322][T19067] ? __fget_light+0x1fc/0x260
[ 466.584115][T19067] __sys_sendmsg+0x117/0x1e0
[ 466.588738][T19067] ? __sys_sendmsg_sock+0x30/0x30
[ 466.593878][T19067] ? syscall_enter_from_user_mode+0x26/0x80
[ 466.600412][T19067] do_syscall_64+0x38/0xb0
[ 466.604865][T19067] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 466.610781][T19067] RIP: 0033:0x7f1732fde5d9
[ 466.615219][T19067] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 466.635542][T19067] RSP: 002b:00007fff2a8f2868 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 466.644503][T19067] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1732fde5d9
[ 466.652945][T19067] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[ 466.661118][T19067] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[ 466.669557][T19067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 466.677551][T19067] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 466.685727][T19067]
[ 466.689022][T19067]
[ 466.691344][T19067] Allocated by task 18103:
[ 466.695844][T19067] kasan_save_stack+0x33/0x50
[ 466.700648][T19067] kasan_set_track+0x25/0x30
[ 466.705697][T19067] __kasan_kmalloc+0xa2/0xb0
[ 466.710512][T19067] __kmalloc_node_track_caller+0x5e/0x100
[ 466.716712][T19067] kstrdup+0x3c/0x70
[ 466.720800][T19067] kstrdup_const+0x5f/0x70
[ 466.725578][T19067] kvasprintf_const+0x10b/0x190
[ 466.730508][T19067] kobject_set_name_vargs+0x5a/0x130
[ 466.735818][T19067] dev_set_name+0xc8/0x100
[ 466.740760][T19067] netdev_register_kobject+0xc1/0x3f0
[ 466.746540][T19067] register_netdevice+0xbcb/0x1490
[ 466.752188][T19067] macsec_newlink+0x4ca/0x1a30
[ 466.757199][T19067] __rtnl_newlink+0x1177/0x1940
[ 466.762077][T19067] rtnl_newlink+0x67/0xa0
[ 466.766713][T19067] rtnetlink_rcv_msg+0x439/0xd30
[ 466.771673][T19067] netlink_rcv_skb+0x16b/0x440
[ 466.776638][T19067] netlink_unicast+0x536/0x810
[ 466.781506][T19067] netlink_sendmsg+0x93c/0xe40
[ 466.786542][T19067] sock_sendmsg+0xd9/0x180
[ 466.790984][T19067] ____sys_sendmsg+0x6ac/0x940
[ 466.795968][T19067] ___sys_sendmsg+0x135/0x1d0
[ 466.801210][T19067] __sys_sendmsg+0x117/0x1e0
[ 466.806093][T19067] do_syscall_64+0x38/0xb0
[ 466.810895][T19067] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 466.817025][T19067]
[ 466.819545][T19067] The buggy address belongs to the object at ffff888055dd5b80
[ 466.819545][T19067] which belongs to the cache kmalloc-16 of size 16
[ 466.834753][T19067] The buggy address is located 8 bytes inside of
[ 466.834753][T19067] freed 16-byte region [ffff888055dd5b80, ffff888055dd5b90)
[ 466.848667][T19067]
[ 466.851528][T19067] The buggy address belongs to the physical page:
[ 466.858287][T19067] page:ffffea0001577540 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55dd5
[ 466.868967][T19067] anon flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 466.877216][T19067] page_type: 0xffffffff()
[ 466.881659][T19067] raw: 00fff00000000200 ffff8880128413c0 0000000000000000 dead000000000001
[ 466.890429][T19067] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[ 466.899483][T19067] page dumped because: kasan: bad access detected
[ 466.907048][T19067] page_owner tracks the page as allocated
[ 466.913321][T19067] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 5390, tgid 5390 (syz-executor.0), ts 134688220071, free_ts 134681893991
[ 466.934379][T19067] post_alloc_hook+0x2d2/0x350
[ 466.939789][T19067] get_page_from_freelist+0x10a9/0x31e0
[ 466.946059][T19067] __alloc_pages+0x1d0/0x4a0
[ 466.951035][T19067] allocate_slab+0xa1/0x380
[ 466.956079][T19067] ___slab_alloc+0x8bc/0x1570
[ 466.961639][T19067] __slab_alloc.constprop.0+0x56/0xa0
[ 466.967568][T19067] __kmem_cache_alloc_node+0x137/0x350
[ 466.973323][T19067] __kmalloc_node+0x4f/0x100
[ 466.978376][T19067] kvmalloc_node+0x99/0x1a0
[ 466.983199][T19067] xt_replace_table+0x1ea/0x940
[ 466.988868][T19067] __do_replace+0x1d5/0x9c0
[ 466.993650][T19067] do_ip6t_set_ctl+0x93a/0xbd0
[ 466.998776][T19067] nf_setsockopt+0x87/0xe0
[ 467.003269][T19067] ipv6_setsockopt+0x12b/0x190
[ 467.008262][T19067] tcp_setsockopt+0x9d/0x100
[ 467.012882][T19067] __sys_setsockopt+0x2cd/0x5b0
[ 467.018364][T19067] page last free stack trace:
[ 467.023131][T19067] free_unref_page_prepare+0x508/0xb90
[ 467.028617][T19067] free_unref_page_list+0xe6/0xb30
[ 467.034109][T19067] release_pages+0x32a/0x14e0
[ 467.039172][T19067] tlb_batch_pages_flush+0x9a/0x190
[ 467.044756][T19067] tlb_finish_mmu+0x14b/0x7e0
[ 467.050439][T19067] exit_mmap+0x2db/0x960
[ 467.054721][T19067] __mmput+0x12a/0x4d0
[ 467.058826][T19067] mmput+0x62/0x70
[ 467.063364][T19067] do_exit+0x9b4/0x2a20
[ 467.068520][T19067] do_group_exit+0xd4/0x2a0
[ 467.073051][T19067] get_signal+0x23ea/0x2770
[ 467.077740][T19067] arch_do_signal_or_restart+0x89/0x5f0
[ 467.083538][T19067] exit_to_user_mode_prepare+0x11f/0x240
[ 467.089357][T19067] syscall_exit_to_user_mode+0x1d/0x60
[ 467.095255][T19067] do_syscall_64+0x44/0xb0
[ 467.099716][T19067] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 467.105800][T19067]
[ 467.108301][T19067] Memory state around the buggy address:
[ 467.114017][T19067] ffff888055dd5a80: fa fb fc fc fa fb fc fc 00 00 fc fc fb fb fc fc
[ 467.122194][T19067] ffff888055dd5b00: fb fb fc fc 00 04 fc fc fb fb fc fc 00 00 fc fc
[ 467.130494][T19067] >ffff888055dd5b80: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 467.138754][T19067] ^
[ 467.143346][T19067] ffff888055dd5c00: fb fb fc fc fb fb fc fc fb fb fc fc fa fb fc fc
[ 467.152639][T19067] ffff888055dd5c80: fa fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[ 467.160994][T19067] ==================================================================
[ 467.184444][T19067] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 467.191891][T19067] CPU: 0 PID: 19067 Comm: syz-executor408 Not tainted 6.5.0-syzkaller-04043-gf8fdd54ee6a1-dirty #0
[ 467.203232][T19067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 467.213430][T19067] Call Trace:
[ 467.216990][T19067]
[ 467.220205][T19067] dump_stack_lvl+0xd9/0x1b0
[ 467.225355][T19067] panic+0x6a4/0x750
[ 467.229522][T19067] ? panic_smp_self_stop+0xa0/0xa0
[ 467.235089][T19067] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 467.241932][T19067] ? preempt_schedule_thunk+0x1a/0x30
[ 467.247439][T19067] ? preempt_schedule_common+0x45/0xc0
[ 467.253178][T19067] check_panic_on_warn+0xab/0xb0
[ 467.258564][T19067] end_report+0x108/0x150
[ 467.263383][T19067] kasan_report+0xea/0x110
[ 467.268536][T19067] ? team_device_event+0xa3b/0xad0
[ 467.273750][T19067] ? team_device_event+0xa3b/0xad0
[ 467.278995][T19067] team_device_event+0xa3b/0xad0
[ 467.284062][T19067] notifier_call_chain+0xb6/0x3b0
[ 467.289577][T19067] ? team_add_slave+0x2560/0x2560
[ 467.294712][T19067] call_netdevice_notifiers_info+0xb9/0x130
[ 467.300614][T19067] dev_disable_lro+0x224/0x3e0
[ 467.305384][T19067] ? netdev_change_features+0xb0/0xb0
[ 467.310943][T19067] ? vlan_vids_add_by_dev+0x20e/0x350
[ 467.316436][T19067] team_add_slave+0x1c53/0x2560
[ 467.321406][T19067] ? team_netpoll_setup+0x350/0x350
[ 467.326699][T19067] ? mark_lock+0x105/0x1950
[ 467.331210][T19067] ? team_netpoll_setup+0x350/0x350
[ 467.336418][T19067] do_set_master+0x1bc/0x220
[ 467.341008][T19067] do_setlink+0xa07/0x3fa0
[ 467.345519][T19067] ? is_bpf_text_address+0x79/0x1a0
[ 467.351015][T19067] ? rtnl_bridge_getlink+0x8c0/0x8c0
[ 467.356591][T19067] ? unwind_next_frame+0xe41/0x2020
[ 467.362336][T19067] ? __module_address+0x55/0x3b0
[ 467.367292][T19067] ? bpf_ksym_find+0x124/0x1b0
[ 467.372535][T19067] ? write_profile+0x450/0x450
[ 467.377592][T19067] ? is_bpf_text_address+0x9b/0x1a0
[ 467.383968][T19067] ? kernel_text_address+0x85/0xf0
[ 467.389734][T19067] ? __kernel_text_address+0xd/0x30
[ 467.395960][T19067] ? unwind_get_return_address+0x55/0xa0
[ 467.402132][T19067] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 467.408973][T19067] ? __nla_validate_parse+0x64f/0x25d0
[ 467.414754][T19067] ? nla_get_range_signed+0x370/0x370
[ 467.420759][T19067] ? stack_trace_save+0x96/0xd0
[ 467.425800][T19067] ? filter_irq_stacks+0x90/0x90
[ 467.430945][T19067] ? __stack_depot_save+0x39/0x510
[ 467.436376][T19067] ? __nla_parse+0x40/0x50
[ 467.441113][T19067] __rtnl_newlink+0xc1d/0x1940
[ 467.445937][T19067] ? rtnl_link_unregister+0x260/0x260
[ 467.451538][T19067] rtnl_newlink+0x67/0xa0
[ 467.456245][T19067] ? __rtnl_newlink+0x1940/0x1940
[ 467.461376][T19067] rtnetlink_rcv_msg+0x439/0xd30
[ 467.466342][T19067] ? rtnl_getlink+0xb40/0xb40
[ 467.471032][T19067] ? find_held_lock+0x2d/0x110
[ 467.475901][T19067] ? rcu_preempt_deferred_qs_irqrestore+0x684/0xdb0
[ 467.482675][T19067] ? reacquire_held_locks+0x4b0/0x4b0
[ 467.488072][T19067] netlink_rcv_skb+0x16b/0x440
[ 467.492852][T19067] ? rtnl_getlink+0xb40/0xb40
[ 467.497539][T19067] ? netlink_ack+0x1370/0x1370
[ 467.502408][T19067] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 467.508419][T19067] ? __rcu_read_unlock+0x2ad/0x570
[ 467.513905][T19067] ? netlink_deliver_tap+0x1b1/0xd10
[ 467.519353][T19067] netlink_unicast+0x536/0x810
[ 467.524332][T19067] ? netlink_attachskb+0x870/0x870
[ 467.529497][T19067] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 467.535521][T19067] ? __phys_addr_symbol+0x30/0x70
[ 467.540756][T19067] ? __check_object_size+0x323/0x740
[ 467.546309][T19067] netlink_sendmsg+0x93c/0xe40
[ 467.551181][T19067] ? netlink_unicast+0x810/0x810
[ 467.556131][T19067] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 467.561443][T19067] ? netlink_unicast+0x810/0x810
[ 467.566398][T19067] sock_sendmsg+0xd9/0x180
[ 467.571074][T19067] ____sys_sendmsg+0x6ac/0x940
[ 467.575840][T19067] ? copy_msghdr_from_user+0x10b/0x160
[ 467.581307][T19067] ? kernel_sendmsg+0x50/0x50
[ 467.586163][T19067] ___sys_sendmsg+0x135/0x1d0
[ 467.590945][T19067] ? do_recvmmsg+0x740/0x740
[ 467.595811][T19067] ? reacquire_held_locks+0x4b0/0x4b0
[ 467.601763][T19067] ? __might_fault+0x156/0x190
[ 467.606571][T19067] ? __fget_light+0x1fc/0x260
[ 467.611430][T19067] __sys_sendmsg+0x117/0x1e0
[ 467.616052][T19067] ? __sys_sendmsg_sock+0x30/0x30
[ 467.621095][T19067] ? syscall_enter_from_user_mode+0x26/0x80
[ 467.627091][T19067] do_syscall_64+0x38/0xb0
[ 467.631524][T19067] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 467.637435][T19067] RIP: 0033:0x7f1732fde5d9
[ 467.641844][T19067] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 467.662421][T19067] RSP: 002b:00007fff2a8f2868 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 467.671185][T19067] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1732fde5d9
[ 467.679623][T19067] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[ 467.687790][T19067] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[ 467.695851][T19067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 467.704014][T19067] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 467.712044][T19067]
[ 467.715533][T19067] Kernel Offset: disabled
[ 467.720048][T19067] Rebooting in 86400 seconds..