Warning: Permanently added '[localhost]:36398' (ED25519) to the list of known hosts.
2025/12/29 03:33:59 parsed 1 programs
syzkaller login: [ 110.012229][ T5325] cgroup: Unknown subsys name 'net'
[ 110.097880][ T5325] cgroup: Unknown subsys name 'cpuset'
[ 110.104036][ T5325] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 111.952318][ T5325] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 117.916048][ T5349] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 118.685178][ T10] cfg80211: failed to load regulatory.db
[ 120.032137][ T81] ODEBUG: Out of memory. ODEBUG disabled
[ 121.262511][ T3080] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.280321][ T3080] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.796324][ T3080] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.799732][ T3080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.991170][ T5350] chnl_net:caif_netlink_parms(): no params data found
[ 122.118928][ T4681] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 122.123537][ T4681] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 122.126982][ T4681] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 122.164744][ T4681] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 122.169933][ T4681] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 122.975137][ T5350] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.979104][ T5350] bridge0: port 1(bridge_slave_0) entered disabled state
[ 122.982621][ T5350] bridge_slave_0: entered allmulticast mode
[ 123.006044][ T5350] bridge_slave_0: entered promiscuous mode
[ 123.068833][ T5350] bridge0: port 2(bridge_slave_1) entered blocking state
[ 123.071938][ T5350] bridge0: port 2(bridge_slave_1) entered disabled state
[ 123.084594][ T5350] bridge_slave_1: entered allmulticast mode
[ 123.095026][ T5350] bridge_slave_1: entered promiscuous mode
[ 123.251615][ T5350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 123.318576][ T5350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 123.489605][ T5350] team0: Port device team_slave_0 added
[ 123.535864][ T5350] team0: Port device team_slave_1 added
[ 123.782410][ T5350] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 123.802795][ T5350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 123.834469][ T5350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 123.897611][ T5350] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 123.914319][ T5350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 123.942982][ T5350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 124.062167][ T5350] hsr_slave_0: entered promiscuous mode
[ 124.075397][ T5350] hsr_slave_1: entered promiscuous mode
[ 124.228427][ T46] Bluetooth: hci0: command tx timeout
[ 124.428532][ T5350] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 124.449266][ T5350] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 124.455062][ T5350] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 124.470859][ T5350] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 124.589887][ T5350] 8021q: adding VLAN 0 to HW filter on device bond0
[ 124.618119][ T5350] 8021q: adding VLAN 0 to HW filter on device team0
[ 124.640336][ T622] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.644145][ T622] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 124.659429][ T622] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.662401][ T622] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 124.729508][ T5350] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 124.939496][ T5350] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 125.001171][ T5350] veth0_vlan: entered promiscuous mode
[ 125.018749][ T5350] veth1_vlan: entered promiscuous mode
[ 125.061930][ T5350] veth0_macvtap: entered promiscuous mode
[ 125.079783][ T5350] veth1_macvtap: entered promiscuous mode
[ 125.105032][ T5350] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 125.126515][ T5350] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 125.140951][ T622] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 125.158640][ T622] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 125.176812][ T622] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 125.180742][ T622] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/12/29 03:34:16 executed programs: 0
[ 125.593262][ T5413] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 125.598410][ T5413] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 125.602066][ T5413] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 125.605791][ T5413] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 125.609339][ T5413] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 125.640549][ T4681] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 125.663662][ T4681] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 125.674509][ T4681] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 125.679104][ T4681] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 125.682576][ T4681] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 125.752133][ T46] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 125.756687][ T46] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 125.759950][ T46] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 125.763608][ T46] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 125.768536][ T46] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 125.782808][ T4681] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 125.787671][ T4681] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 125.790947][ T4681] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 125.829093][ T4681] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 125.832666][ T4681] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 125.884670][ T5471] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 125.888522][ T5471] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 125.892781][ T5471] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 125.896262][ T5471] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 125.899526][ T5471] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 125.902501][ T5471] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 125.906561][ T5471] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 125.910967][ T5471] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 125.915653][ T5471] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 125.918924][ T5471] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 127.122090][ T5450] chnl_net:caif_netlink_parms(): no params data found
[ 127.518241][ T3080] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 127.746985][ T4681] Bluetooth: hci1: command tx timeout
[ 127.750186][ T46] Bluetooth: hci2: command tx timeout
[ 127.804554][ T5450] bridge0: port 1(bridge_slave_0) entered blocking state
[ 127.807717][ T5450] bridge0: port 1(bridge_slave_0) entered disabled state
[ 127.811192][ T5450] bridge_slave_0: entered allmulticast mode
[ 127.826740][ T5450] bridge_slave_0: entered promiscuous mode
[ 127.867899][ T5450] bridge0: port 2(bridge_slave_1) entered blocking state
[ 127.871239][ T5450] bridge0: port 2(bridge_slave_1) entered disabled state
[ 127.874832][ T5450] bridge_slave_1: entered allmulticast mode
[ 127.884801][ T5450] bridge_slave_1: entered promiscuous mode
[ 127.985089][ T5413] Bluetooth: hci3: command tx timeout
[ 127.988522][ T5471] Bluetooth: hci6: command tx timeout
[ 127.991780][ T4681] Bluetooth: hci5: command tx timeout
[ 127.995694][ T46] Bluetooth: hci4: command tx timeout
[ 128.001989][ T5450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 128.020345][ T5450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 128.166081][ T5450] team0: Port device team_slave_0 added
[ 128.196860][ T5450] team0: Port device team_slave_1 added
[ 128.307651][ T5450] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 128.310752][ T5450] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 128.346500][ T5450] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 128.386703][ T5450] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 128.389505][ T5450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 128.404232][ T5450] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 128.457038][ T3080] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 128.489436][ T5460] chnl_net:caif_netlink_parms(): no params data found
[ 128.500669][ T5459] chnl_net:caif_netlink_parms(): no params data found
[ 128.602091][ T3080] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 128.656124][ T5450] hsr_slave_0: entered promiscuous mode
[ 128.665012][ T5450] hsr_slave_1: entered promiscuous mode
[ 128.668502][ T5450] debugfs: 'hsr0' already exists in 'hsr'
[ 128.670963][ T5450] Cannot create hsr debugfs directory
[ 128.773810][ T3080] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 128.793165][ T5461] chnl_net:caif_netlink_parms(): no params data found
[ 128.817185][ T5452] chnl_net:caif_netlink_parms(): no params data found
[ 128.850034][ T5453] chnl_net:caif_netlink_parms(): no params data found
[ 129.000517][ T5460] bridge0: port 1(bridge_slave_0) entered blocking state
[ 129.004689][ T5460] bridge0: port 1(bridge_slave_0) entered disabled state
[ 129.007987][ T5460] bridge_slave_0: entered allmulticast mode
[ 129.011510][ T5460] bridge_slave_0: entered promiscuous mode
[ 129.032227][ T5459] bridge0: port 1(bridge_slave_0) entered blocking state
[ 129.035845][ T5459] bridge0: port 1(bridge_slave_0) entered disabled state
[ 129.039003][ T5459] bridge_slave_0: entered allmulticast mode
[ 129.042752][ T5459] bridge_slave_0: entered promiscuous mode
[ 129.112855][ T5460] bridge0: port 2(bridge_slave_1) entered blocking state
[ 129.124774][ T5460] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.128070][ T5460] bridge_slave_1: entered allmulticast mode
[ 129.135329][ T5460] bridge_slave_1: entered promiscuous mode
[ 129.216602][ T5459] bridge0: port 2(bridge_slave_1) entered blocking state
[ 129.219739][ T5459] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.222741][ T5459] bridge_slave_1: entered allmulticast mode
[ 129.238428][ T5459] bridge_slave_1: entered promiscuous mode
[ 129.376726][ T5460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 129.437673][ T5459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 129.498100][ T5460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 129.524812][ T5459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 129.531452][ T5453] bridge0: port 1(bridge_slave_0) entered blocking state
[ 129.534039][ T5453] bridge0: port 1(bridge_slave_0) entered disabled state
[ 129.537397][ T5453] bridge_slave_0: entered allmulticast mode
[ 129.557164][ T5453] bridge_slave_0: entered promiscuous mode
[ 129.565162][ T5461] bridge0: port 1(bridge_slave_0) entered blocking state
[ 129.568270][ T5461] bridge0: port 1(bridge_slave_0) entered disabled state
[ 129.571389][ T5461] bridge_slave_0: entered allmulticast mode
[ 129.596054][ T5461] bridge_slave_0: entered promiscuous mode
[ 129.600141][ T5452] bridge0: port 1(bridge_slave_0) entered blocking state
[ 129.603389][ T5452] bridge0: port 1(bridge_slave_0) entered disabled state
[ 129.614587][ T5452] bridge_slave_0: entered allmulticast mode
[ 129.624888][ T5452] bridge_slave_0: entered promiscuous mode
[ 129.660995][ T5453] bridge0: port 2(bridge_slave_1) entered blocking state
[ 129.670028][ T5453] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.673364][ T5453] bridge_slave_1: entered allmulticast mode
[ 129.677960][ T5453] bridge_slave_1: entered promiscuous mode
[ 129.681603][ T5461] bridge0: port 2(bridge_slave_1) entered blocking state
[ 129.685058][ T5461] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.688237][ T5461] bridge_slave_1: entered allmulticast mode
[ 129.692668][ T5461] bridge_slave_1: entered promiscuous mode
[ 129.697073][ T5452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 129.700518][ T5452] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.703710][ T5452] bridge_slave_1: entered allmulticast mode
[ 129.708227][ T5452] bridge_slave_1: entered promiscuous mode
[ 129.819919][ T5460] team0: Port device team_slave_0 added
[ 129.824878][ T4681] Bluetooth: hci1: command tx timeout
[ 129.827348][ T46] Bluetooth: hci2: command tx timeout
[ 129.840153][ T5459] team0: Port device team_slave_0 added
[ 129.875984][ T3080] bridge_slave_1: left allmulticast mode
[ 129.879093][ T3080] bridge_slave_1: left promiscuous mode
[ 129.882200][ T3080] bridge0: port 2(bridge_slave_1) entered disabled state
[ 129.909189][ T3080] bridge_slave_0: left allmulticast mode
[ 129.911740][ T3080] bridge_slave_0: left promiscuous mode
[ 129.915425][ T3080] bridge0: port 1(bridge_slave_0) entered disabled state
[ 130.065097][ T5413] Bluetooth: hci3: command tx timeout
[ 130.067557][ T5471] Bluetooth: hci6: command tx timeout
[ 130.069998][ T46] Bluetooth: hci4: command tx timeout
[ 130.072396][ T4681] Bluetooth: hci5: command tx timeout
[ 130.354945][ T3080] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 130.360676][ T3080] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 130.366796][ T3080] bond0 (unregistering): Released all slaves
[ 130.430453][ T5460] team0: Port device team_slave_1 added
[ 130.438279][ T5459] team0: Port device team_slave_1 added
[ 130.442198][ T5453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 130.482298][ T5461] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 130.506557][ T5452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 130.521126][ T3080] hsr_slave_0: left promiscuous mode
[ 130.529411][ T3080] hsr_slave_1: left promiscuous mode
[ 130.536540][ T3080] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 130.539846][ T3080] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 130.551221][ T3080] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 130.558454][ T3080] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 130.589633][ T3080] veth1_macvtap: left promiscuous mode
[ 130.592522][ T3080] veth0_macvtap: left promiscuous mode
[ 130.605668][ T3080] veth1_vlan: left promiscuous mode
[ 130.608216][ T3080] veth0_vlan: left promiscuous mode
[ 130.935622][ T3080] team0 (unregistering): Port device team_slave_1 removed
[ 130.959886][ T3080] team0 (unregistering): Port device team_slave_0 removed
[ 131.221014][ T5453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.229322][ T5461] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.238274][ T5452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.254034][ T5459] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.257677][ T5459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.294533][ T5459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.366055][ T5459] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.369149][ T5459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.389560][ T5459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.403776][ T5460] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.408305][ T5460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.419419][ T5460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.486382][ T5460] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.489359][ T5460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.506057][ T5460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.512622][ T5453] team0: Port device team_slave_0 added
[ 131.517762][ T5461] team0: Port device team_slave_0 added
[ 131.522083][ T5452] team0: Port device team_slave_0 added
[ 131.541596][ T5453] team0: Port device team_slave_1 added
[ 131.545864][ T5461] team0: Port device team_slave_1 added
[ 131.567986][ T5452] team0: Port device team_slave_1 added
[ 131.641334][ T5459] hsr_slave_0: entered promiscuous mode
[ 131.644868][ T5459] hsr_slave_1: entered promiscuous mode
[ 131.657506][ T5453] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.660576][ T5453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.673143][ T5453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.678996][ T5461] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.682004][ T5461] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.697928][ T5461] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.713659][ T5452] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.718146][ T5452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.729987][ T5452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.735189][ T5453] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.737770][ T5453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.751626][ T5453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.756947][ T5450] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 131.764630][ T5461] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.767625][ T5461] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.778259][ T5461] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.790462][ T5460] hsr_slave_0: entered promiscuous mode
[ 131.800534][ T5460] hsr_slave_1: entered promiscuous mode
[ 131.805917][ T5460] debugfs: 'hsr0' already exists in 'hsr'
[ 131.808482][ T5460] Cannot create hsr debugfs directory
[ 131.811547][ T5452] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.815067][ T5452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.826992][ T5452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.837407][ T5450] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 131.868372][ T5450] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 131.896995][ T5450] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 131.904369][ T46] Bluetooth: hci1: command tx timeout
[ 131.906810][ T4681] Bluetooth: hci2: command tx timeout
[ 132.145154][ T5413] Bluetooth: hci3: command tx timeout
[ 132.147858][ T4681] Bluetooth: hci5: command tx timeout
[ 132.150340][ T5471] Bluetooth: hci6: command tx timeout
[ 132.152823][ T46] Bluetooth: hci4: command tx timeout
[ 132.160863][ T5452] hsr_slave_0: entered promiscuous mode
[ 132.177613][ T5452] hsr_slave_1: entered promiscuous mode
[ 132.180681][ T5452] debugfs: 'hsr0' already exists in 'hsr'
[ 132.183165][ T5452] Cannot create hsr debugfs directory
[ 132.199981][ T5453] hsr_slave_0: entered promiscuous mode
[ 132.213493][ T5453] hsr_slave_1: entered promiscuous mode
[ 132.226388][ T5453] debugfs: 'hsr0' already exists in 'hsr'
[ 132.229006][ T5453] Cannot create hsr debugfs directory
[ 132.263046][ T5461] hsr_slave_0: entered promiscuous mode
[ 132.272916][ T5461] hsr_slave_1: entered promiscuous mode
[ 132.284321][ T5461] debugfs: 'hsr0' already exists in 'hsr'
[ 132.286838][ T5461] Cannot create hsr debugfs directory
[ 132.999607][ T5459] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 133.018216][ T5459] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 133.044749][ T5459] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 133.068386][ T5459] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 133.081013][ T5450] 8021q: adding VLAN 0 to HW filter on device bond0
[ 133.158019][ T5450] 8021q: adding VLAN 0 to HW filter on device team0
[ 133.215023][ T66] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.218055][ T66] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 133.222363][ T66] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.225625][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 133.463655][ T5452] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 133.522728][ T5452] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 133.539089][ T5452] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 133.593342][ T5452] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 133.691128][ T5453] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 133.736163][ T5453] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 133.775117][ T5453] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 133.837601][ T5453] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 133.884799][ T5459] 8021q: adding VLAN 0 to HW filter on device bond0
[ 133.916571][ T5461] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 133.956449][ T5450] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 133.967509][ T5461] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 133.986389][ T5471] Bluetooth: hci1: command tx timeout
[ 133.988817][ T46] Bluetooth: hci2: command tx timeout
[ 134.017123][ T5461] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 134.080511][ T5461] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 134.142568][ T5459] 8021q: adding VLAN 0 to HW filter on device team0
[ 134.166940][ T2682] bridge0: port 1(bridge_slave_0) entered blocking state
[ 134.170050][ T2682] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 134.197990][ T5460] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 134.220631][ T2682] bridge0: port 2(bridge_slave_1) entered blocking state
[ 134.223972][ T2682] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 134.228943][ T5413] Bluetooth: hci3: command tx timeout
[ 134.231581][ T46] Bluetooth: hci4: command tx timeout
[ 134.234011][ T5471] Bluetooth: hci6: command tx timeout
[ 134.239539][ T4681] Bluetooth: hci5: command tx timeout
[ 134.259619][ T5460] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 134.290411][ T5460] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 134.318782][ T5460] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 134.543568][ T5452] 8021q: adding VLAN 0 to HW filter on device bond0
[ 134.572905][ T5450] veth0_vlan: entered promiscuous mode
[ 134.676793][ T5452] 8021q: adding VLAN 0 to HW filter on device team0
[ 134.706783][ T5450] veth1_vlan: entered promiscuous mode
[ 134.766207][ T2594] bridge0: port 1(bridge_slave_0) entered blocking state
[ 134.769344][ T2594] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 134.887024][ T5461] 8021q: adding VLAN 0 to HW filter on device bond0
[ 134.928721][ T4260] bridge0: port 2(bridge_slave_1) entered blocking state
[ 134.931810][ T4260] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.002688][ T5453] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.017101][ T5461] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.033879][ T5450] veth0_macvtap: entered promiscuous mode
[ 135.079023][ T2594] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.082092][ T2594] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.115357][ T5450] veth1_macvtap: entered promiscuous mode
[ 135.162106][ T5460] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.185701][ T5453] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.191367][ T2594] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.194697][ T2594] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.224732][ T5459] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 135.295637][ T2594] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.298742][ T2594] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.351501][ T5450] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 135.400818][ T2594] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.403711][ T2594] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.419872][ T5450] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 135.427391][ T5460] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.509585][ T2682] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.518040][ T5461] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 135.522441][ T5461] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 135.569411][ T622] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.572581][ T622] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.587525][ T2682] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.614737][ T2682] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.646206][ T2682] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.657627][ T622] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.660695][ T622] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.991581][ T5460] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 136.016815][ T5460] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 136.130223][ T2594] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 136.133636][ T2594] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 136.215376][ T5452] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 136.278744][ T622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 136.281957][ T622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 136.381755][ T5459] veth0_vlan: entered promiscuous mode
2025/12/29 03:34:27 executed programs: 12
[ 136.511733][ T5452] veth0_vlan: entered promiscuous mode
[ 136.528520][ T5461] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 136.570694][ T5459] veth1_vlan: entered promiscuous mode
[ 136.672606][ T5452] veth1_vlan: entered promiscuous mode
[ 136.710401][ T5453] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 136.803974][ T5460] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 136.897142][ T5459] veth0_macvtap: entered promiscuous mode
[ 136.902220][ T5459] veth1_macvtap: entered promiscuous mode
[ 137.095582][ T5452] veth0_macvtap: entered promiscuous mode
[ 137.121269][ T5452] veth1_macvtap: entered promiscuous mode
[ 137.191226][ T5459] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 137.261601][ T5459] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 137.296540][ T622] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.301714][ T5453] veth0_vlan: entered promiscuous mode
[ 137.327887][ T5452] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 137.363775][ T622] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.406320][ T622] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.420266][ T622] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.447063][ T5452] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 137.502928][ T5453] veth1_vlan: entered promiscuous mode
[ 137.521434][ T5460] veth0_vlan: entered promiscuous mode
[ 137.537480][ T3484] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.593809][ T3484] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.620184][ T3484] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.637772][ T5460] veth1_vlan: entered promiscuous mode
[ 137.666524][ T3484] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.742921][ T3484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 137.775039][ T3484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.866051][ T5453] veth0_macvtap: entered promiscuous mode
[ 137.926174][ T5461] veth0_vlan: entered promiscuous mode
[ 137.958005][ T3484] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 137.963982][ T5453] veth1_macvtap: entered promiscuous mode
[ 137.973371][ T3484] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.980031][ T5460] veth0_macvtap: entered promiscuous mode
[ 138.040624][ T5460] veth1_macvtap: entered promiscuous mode
[ 138.049067][ T3311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 138.052216][ T3311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 138.093260][ T5461] veth1_vlan: entered promiscuous mode
[ 138.277155][ T5453] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 138.299153][ T5460] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 138.307563][ T4524] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 138.310697][ T4524] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 138.352553][ T5460] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 138.396602][ T5453] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 138.477875][ T4524] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.523511][ T4524] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.570457][ T4524] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.614499][ T4524] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.619358][ T5461] veth0_macvtap: entered promiscuous mode
[ 138.672259][ T4524] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.702514][ T4524] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.737015][ T5461] veth1_macvtap: entered promiscuous mode
[ 138.762407][ T4524] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.822627][ T4524] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.041534][ T5461] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 139.196403][ T2957] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.199737][ T2957] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.206769][ T5461] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 139.301104][ T3080] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.354219][ T3080] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.367608][ T622] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.397102][ T3080] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.402238][ T622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.447791][ T3080] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.490904][ T622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.518122][ T622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.595460][ T622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.647131][ T622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.908075][ T622] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.942002][ T622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 140.140023][ T2957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 140.163671][ T2957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/12/29 03:34:32 executed programs: 99
2025/12/29 03:34:37 executed programs: 252
2025/12/29 03:34:42 executed programs: 423
[ 154.482169][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 154.489922][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
2025/12/29 03:34:47 executed programs: 601
[ 160.989317][ T7191] ==================================================================
[ 160.994037][ T7191] BUG: KASAN: slab-use-after-free in vsnprintf+0x38b/0xee0
[ 160.998208][ T7191] Write of size 1 at addr ffff888042136c11 by task syz.4.761/7191
[ 161.002604][ T7191]
[ 161.003707][ T7191] CPU: 0 UID: 0 PID: 7191 Comm: syz.4.761 Not tainted syzkaller #0 PREEMPT(full)
[ 161.003747][ T7191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 161.003755][ T7191] Call Trace:
[ 161.003764][ T7191]
[ 161.003770][ T7191] dump_stack_lvl+0xe8/0x150
[ 161.003792][ T7191] print_report+0xca/0x240
[ 161.003804][ T7191] ? vsnprintf+0x38b/0xee0
[ 161.003817][ T7191] kasan_report+0x118/0x150
[ 161.004765][ T7191] ? vsnprintf+0x38b/0xee0
[ 161.004782][ T7191] kasan_check_range+0x2b0/0x2c0
[ 161.004794][ T7191] ? vsnprintf+0x38b/0xee0
[ 161.004806][ T7191] __asan_memcpy+0x40/0x70
[ 161.004821][ T7191] vsnprintf+0x38b/0xee0
[ 161.004839][ T7191] snprintf+0xda/0x120
[ 161.004853][ T7191] ? __pfx_snprintf+0x10/0x10
[ 161.004865][ T7191] ? fd_install+0x95/0x3d0
[ 161.004875][ T7191] ? fd_install+0x95/0x3d0
[ 161.004884][ T7191] ? fd_install+0x307/0x3d0
[ 161.004894][ T7191] media_request_alloc+0x319/0x5b0
[ 161.005713][ T7191] media_device_request_alloc+0x98/0xd0
[ 161.005722][ T7191] media_device_ioctl+0x278/0x430
[ 161.005735][ T7191] ? do_futex+0x395/0x420
[ 161.005745][ T7191] ? __pfx_media_device_ioctl+0x10/0x10
[ 161.005763][ T7191] ? __fget_files+0x3a0/0x420
[ 161.005773][ T7191] ? __fget_files+0x2a/0x420
[ 161.005782][ T7191] ? __pfx_media_device_ioctl+0x10/0x10
[ 161.005795][ T7191] ? media_ioctl+0xfe/0x120
[ 161.005803][ T7191] ? __pfx_media_ioctl+0x10/0x10
[ 161.005811][ T7191] __se_sys_ioctl+0xfc/0x170
[ 161.005824][ T7191] do_syscall_64+0xec/0xf80
[ 161.005834][ T7191] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 161.005844][ T7191] ? trace_irq_disable+0x37/0x100
[ 161.005858][ T7191] ? clear_bhb_loop+0x60/0xb0
[ 161.005868][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 161.005878][ T7191] RIP: 0033:0x7f801458f7c9
[ 161.005890][ T7191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 161.005899][ T7191] RSP: 002b:00007f801547d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 161.005913][ T7191] RAX: ffffffffffffffda RBX: 00007f80147e5fa0 RCX: 00007f801458f7c9
[ 161.005920][ T7191] RDX: 0000000000000000 RSI: 0000000080047c05 RDI: 0000000000000003
[ 161.005926][ T7191] RBP: 00007f8014613f91 R08: 0000000000000000 R09: 0000000000000000
[ 161.005933][ T7191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 161.005939][ T7191] R13: 00007f80147e6038 R14: 00007f80147e5fa0 R15: 00007ffd838327f8
[ 161.005949][ T7191]
[ 161.005953][ T7191]
[ 161.118630][ T7191] Allocated by task 7191:
[ 161.120524][ T7191] kasan_save_track+0x3e/0x80
[ 161.122518][ T7191] __kasan_kmalloc+0x93/0xb0
[ 161.124582][ T7191] __kmalloc_cache_noprof+0x3e2/0x700
[ 161.126857][ T7191] media_request_alloc+0xe4/0x5b0
[ 161.129055][ T7191] media_device_request_alloc+0x98/0xd0
[ 161.131438][ T7191] media_device_ioctl+0x278/0x430
[ 161.133660][ T7191] __se_sys_ioctl+0xfc/0x170
[ 161.135418][ T7191] do_syscall_64+0xec/0xf80
[ 161.137445][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 161.140313][ T7191]
[ 161.141481][ T7191] Freed by task 7194:
[ 161.143067][ T7191] kasan_save_track+0x3e/0x80
[ 161.144873][ T7191] kasan_save_free_info+0x46/0x50
[ 161.146699][ T7191] __kasan_slab_free+0x5c/0x80
[ 161.148773][ T7191] kfree+0x1c0/0x660
[ 161.150435][ T7191] media_request_close+0x38/0x50
[ 161.152600][ T7191] __fput+0x44c/0xa70
[ 161.154331][ T7191] task_work_run+0x1d4/0x260
[ 161.156388][ T7191] exit_to_user_mode_loop+0xef/0x4e0
[ 161.158584][ T7191] do_syscall_64+0x2b7/0xf80
[ 161.160592][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 161.163333][ T7191]
[ 161.164419][ T7191] The buggy address belongs to the object at ffff888042136c00
[ 161.164419][ T7191] which belongs to the cache kmalloc-256 of size 256
[ 161.170366][ T7191] The buggy address is located 17 bytes inside of
[ 161.170366][ T7191] freed 256-byte region [ffff888042136c00, ffff888042136d00)
[ 161.176024][ T7191]
[ 161.177017][ T7191] The buggy address belongs to the physical page:
[ 161.179793][ T7191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x42136
[ 161.183662][ T7191] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 161.186720][ T7191] page_type: f5(slab)
[ 161.188544][ T7191] raw: 04fff00000000000 ffff88801a441b40 ffffea000105e940 dead000000000008
[ 161.192269][ T7191] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 161.196049][ T7191] page dumped because: kasan: bad access detected
[ 161.198648][ T7191] page_owner tracks the page as allocated
[ 161.200952][ T7191] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6435, tgid 6433 (syz.5.390), ts 150606964609, free_ts 150605503050
[ 161.209622][ T7191] post_alloc_hook+0x234/0x290
[ 161.211652][ T7191] get_page_from_freelist+0x24e0/0x2580
[ 161.214002][ T7191] __alloc_frozen_pages_noprof+0x181/0x370
[ 161.216844][ T7191] alloc_pages_mpol+0x232/0x4a0
[ 161.219031][ T7191] allocate_slab+0x86/0x3b0
[ 161.221286][ T7191] ___slab_alloc+0xe53/0x1820
[ 161.223806][ T7191] __slab_alloc+0x65/0x100
[ 161.226152][ T7191] __kmalloc_cache_noprof+0x41e/0x700
[ 161.228708][ T7191] media_request_alloc+0xe4/0x5b0
[ 161.230886][ T7191] media_device_request_alloc+0x98/0xd0
[ 161.233329][ T7191] media_device_ioctl+0x278/0x430
[ 161.235632][ T7191] __se_sys_ioctl+0xfc/0x170
[ 161.237631][ T7191] do_syscall_64+0xec/0xf80
[ 161.239641][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 161.242159][ T7191] page last free pid 5325 tgid 5325 stack trace:
[ 161.244635][ T7191] __free_frozen_pages+0xbc8/0xd30
[ 161.246666][ T7191] tlb_remove_table_rcu+0x85/0x100
[ 161.248608][ T7191] rcu_core+0xc8e/0x1720
[ 161.250246][ T7191] handle_softirqs+0x22b/0x7c0
[ 161.252139][ T7191] do_softirq+0x76/0xd0
[ 161.253850][ T7191] __local_bh_enable_ip+0xf8/0x130
[ 161.255908][ T7191] tcp_sendmsg+0x21/0x50
[ 161.257835][ T7191] __sock_sendmsg+0x19c/0x270
[ 161.259889][ T7191] sock_write_iter+0x279/0x360
[ 161.261990][ T7191] vfs_write+0x5c9/0xb30
[ 161.263899][ T7191] ksys_write+0x145/0x250
[ 161.265875][ T7191] do_syscall_64+0xec/0xf80
[ 161.267943][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 161.270530][ T7191]
[ 161.271618][ T7191] Memory state around the buggy address:
[ 161.274071][ T7191] ffff888042136b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 161.277537][ T7191] ffff888042136b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 161.281497][ T7191] >ffff888042136c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 161.284976][ T7191] ^
[ 161.286994][ T7191] ffff888042136c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 161.290515][ T7191] ffff888042136d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 161.293992][ T7191] ==================================================================
2025/12/29 03:34:52 executed programs: 773
[ 162.510897][ T7191] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 162.514074][ T7191] CPU: 0 UID: 0 PID: 7191 Comm: syz.4.761 Not tainted syzkaller #0 PREEMPT(full)
[ 162.518058][ T7191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 162.522471][ T7191] Call Trace:
[ 162.523940][ T7191]
[ 162.525297][ T7191] vpanic+0x1e0/0x670
[ 162.526953][ T7191] panic+0xb9/0xc0
[ 162.528587][ T7191] ? __pfx_panic+0x10/0x10
[ 162.530552][ T7191] ? preempt_schedule_thunk+0x16/0x30
[ 162.532791][ T7191] ? vsnprintf+0x38b/0xee0
[ 162.534887][ T7191] ? preempt_schedule_thunk+0x16/0x30
[ 162.537087][ T7191] ? vsnprintf+0x38b/0xee0
[ 162.539146][ T7191] check_panic_on_warn+0x89/0xb0
[ 162.541363][ T7191] ? vsnprintf+0x38b/0xee0
[ 162.543277][ T7191] end_report+0x6f/0x140
[ 162.545134][ T7191] kasan_report+0x129/0x150
[ 162.547216][ T7191] ? vsnprintf+0x38b/0xee0
[ 162.549231][ T7191] kasan_check_range+0x2b0/0x2c0
[ 162.551382][ T7191] ? vsnprintf+0x38b/0xee0
[ 162.553332][ T7191] __asan_memcpy+0x40/0x70
[ 162.555340][ T7191] vsnprintf+0x38b/0xee0
[ 162.557246][ T7191] snprintf+0xda/0x120
[ 162.559029][ T7191] ? __pfx_snprintf+0x10/0x10
[ 162.561139][ T7191] ? fd_install+0x95/0x3d0
[ 162.563054][ T7191] ? fd_install+0x95/0x3d0
[ 162.564963][ T7191] ? fd_install+0x307/0x3d0
[ 162.566906][ T7191] media_request_alloc+0x319/0x5b0
[ 162.569169][ T7191] media_device_request_alloc+0x98/0xd0
[ 162.571565][ T7191] media_device_ioctl+0x278/0x430
[ 162.573705][ T7191] ? do_futex+0x395/0x420
[ 162.575494][ T7191] ? __pfx_media_device_ioctl+0x10/0x10
[ 162.577891][ T7191] ? __fget_files+0x3a0/0x420
[ 162.579909][ T7191] ? __fget_files+0x2a/0x420
[ 162.581872][ T7191] ? __pfx_media_device_ioctl+0x10/0x10
[ 162.584198][ T7191] ? media_ioctl+0xfe/0x120
[ 162.586139][ T7191] ? __pfx_media_ioctl+0x10/0x10
[ 162.588349][ T7191] __se_sys_ioctl+0xfc/0x170
[ 162.590345][ T7191] do_syscall_64+0xec/0xf80
[ 162.592369][ T7191] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 162.594842][ T7191] ? trace_irq_disable+0x37/0x100
[ 162.596973][ T7191] ? clear_bhb_loop+0x60/0xb0
[ 162.598936][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 162.601511][ T7191] RIP: 0033:0x7f801458f7c9
[ 162.603467][ T7191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 162.611929][ T7191] RSP: 002b:00007f801547d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 162.615473][ T7191] RAX: ffffffffffffffda RBX: 00007f80147e5fa0 RCX: 00007f801458f7c9
[ 162.618896][ T7191] RDX: 0000000000000000 RSI: 0000000080047c05 RDI: 0000000000000003
[ 162.622413][ T7191] RBP: 00007f8014613f91 R08: 0000000000000000 R09: 0000000000000000
[ 162.625985][ T7191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 162.629386][ T7191] R13: 00007f80147e6038 R14: 00007f80147e5fa0 R15: 00007ffd838327f8
[ 162.632758][ T7191]
[ 162.634449][ T7191] Kernel Offset: disabled
[ 162.636418][ T7191] Rebooting in 86400 seconds..
VM DIAGNOSIS:
03:34:53 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000830f450
R8 =ffff888033d28237 R9 =1ffff110067a5046 R10=dffffc0000000000 R11=ffffffff851bb360
R12=dffffc0000000000 R13=ffffffff998fea05 R14=ffffffff99c136a0 R15=0000000000000000
RIP=ffffffff851bb3dc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f801547d6c0 ffffffff 00c00000
GS =0000 ffff88808d416000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000000c008a94000 CR3=000000003fd63000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8014615050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f801461505d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8014615057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f801461506b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80146150f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80146151cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80147ba4a8 00007f80147ba4a0 00007f80147ba498 00007f80147ba470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f801531d100 00007f80147ba460 00007f80147ba478 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f80147ba4b8 00007f80147ba4b0 00007f80147ba4a8 00007f80147ba4a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000