Warning: Permanently added '[localhost]:4109' (ED25519) to the list of known hosts.
2025/08/31 18:39:17 parsed 1 programs
[  138.259962][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  138.263044][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  140.410630][ T5650] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  150.577392][ T5662] chnl_net:caif_netlink_parms(): no params data found
[  150.988747][ T5410] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  150.994043][ T5410] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  150.999114][ T5410] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  151.003331][ T5410] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  151.007764][ T5410] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  151.592648][ T5662] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.611014][ T5662] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.614337][ T5662] bridge_slave_0: entered allmulticast mode
[  151.638520][ T5662] bridge_slave_0: entered promiscuous mode
[  151.658075][ T5662] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.661532][ T5662] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.665080][ T5662] bridge_slave_1: entered allmulticast mode
[  151.699696][ T5662] bridge_slave_1: entered promiscuous mode
[  151.883555][   T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.911721][   T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.073164][ T5662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.108680][ T5662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.172740][   T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.207120][   T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.291391][ T5662] team0: Port device team_slave_0 added
[  152.449521][ T5662] team0: Port device team_slave_1 added
[  152.552226][ T5662] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.582717][ T5662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.621635][ T5662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.655476][ T5662] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.673753][ T5662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.736590][ T5662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.869346][ T5662] hsr_slave_0: entered promiscuous mode
[  152.896916][ T5662] hsr_slave_1: entered promiscuous mode
[  153.056663][ T5410] Bluetooth: hci0: command tx timeout
[  154.103254][ T5662] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  154.139491][ T5662] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  154.157711][ T5662] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  154.198893][ T5662] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  154.453806][ T5662] 8021q: adding VLAN 0 to HW filter on device bond0
[  154.519599][ T5662] 8021q: adding VLAN 0 to HW filter on device team0
[  154.558804][ T3059] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.562907][ T3059] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.598630][ T3059] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.601907][ T3059] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.694823][ T5662] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  155.137432][ T5410] Bluetooth: hci0: command tx timeout
[  155.230240][ T5662] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.900478][ T5662] veth0_vlan: entered promiscuous mode
[  155.948112][ T5662] veth1_vlan: entered promiscuous mode
[  156.045872][ T5662] veth0_macvtap: entered promiscuous mode
[  156.061435][ T5662] veth1_macvtap: entered promiscuous mode
[  156.129174][ T5662] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.160981][ T5662] batman_adv: batadv0: Interface activated: batadv_slave_1
[  156.198363][   T38] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.207939][   T38] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.211673][   T38] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.215640][   T38] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/08/31 18:39:37 executed programs: 0
[  156.767753][ T4709] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  156.814296][   T45] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  156.821182][   T45] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  156.825637][   T45] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  156.830694][   T45] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  156.834692][ T5799] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  156.847460][ T5799] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  156.853388][ T5799] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  156.866518][ T5799] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  156.870804][   T45] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  156.929924][ T5662] syz-executor (5662) used greatest stack depth: 17208 bytes left
[  156.962811][   T45] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  156.998108][   T45] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  157.002817][ T5799] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  157.010959][   T45] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  157.036574][   T45] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  157.099400][ T4709] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  157.107230][ T4709] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  157.112957][ T5410] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  157.118256][ T5410] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  157.122198][ T4709] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  157.127399][ T4709] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  157.130794][ T5410] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  157.135840][ T5410] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  157.176604][ T5410] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  157.232293][ T5410] Bluetooth: hci0: command tx timeout
[  157.237694][ T4709] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  157.315709][ T4709] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  157.362933][ T4709] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  157.386692][ T4709] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  157.406040][ T5806] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  157.421437][ T5806] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  159.165194][ T5410] Bluetooth: hci3: command tx timeout
[  159.169429][ T5410] Bluetooth: hci1: command tx timeout
[  159.172826][ T5410] Bluetooth: hci2: command tx timeout
[  159.474448][   T31] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.532486][ T5794] chnl_net:caif_netlink_parms(): no params data found
[  159.647613][   T45] Bluetooth: hci6: command tx timeout
[  159.651035][   T45] Bluetooth: hci5: command tx timeout
[  159.654368][   T45] Bluetooth: hci4: command tx timeout
[  159.975617][   T31] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.181436][   T31] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.369292][   T31] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.549799][ T5794] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.553966][ T5794] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.560456][ T5794] bridge_slave_0: entered allmulticast mode
[  160.578256][ T5794] bridge_slave_0: entered promiscuous mode
[  160.658764][ T5794] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.662081][ T5794] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.665732][ T5794] bridge_slave_1: entered allmulticast mode
[  160.687956][ T5794] bridge_slave_1: entered promiscuous mode
[  160.934035][ T5794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  160.950247][ T5794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.218572][ T5410] Bluetooth: hci2: command tx timeout
[  161.221023][ T5410] Bluetooth: hci1: command tx timeout
[  161.223637][ T5410] Bluetooth: hci3: command tx timeout
[  161.433370][ T5792] chnl_net:caif_netlink_parms(): no params data found
[  161.473725][   T31] bridge_slave_1: left allmulticast mode
[  161.478347][   T31] bridge_slave_1: left promiscuous mode
[  161.481157][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.489580][   T31] bridge_slave_0: left allmulticast mode
[  161.492181][   T31] bridge_slave_0: left promiscuous mode
[  161.494828][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.699115][ T5410] Bluetooth: hci4: command tx timeout
[  161.702465][ T5806] Bluetooth: hci5: command tx timeout
[  161.704964][ T5806] Bluetooth: hci6: command tx timeout
[  162.111251][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  162.118184][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  162.123443][   T31] bond0 (unregistering): Released all slaves
[  162.203670][ T5794] team0: Port device team_slave_0 added
[  162.261895][ T5794] team0: Port device team_slave_1 added
[  163.003003][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.022765][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.078335][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.113278][ T5802] chnl_net:caif_netlink_parms(): no params data found
[  163.252604][ T5807] chnl_net:caif_netlink_parms(): no params data found
[  163.280627][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.284378][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.301076][ T5410] Bluetooth: hci3: command tx timeout
[  163.303738][ T5410] Bluetooth: hci1: command tx timeout
[  163.307706][ T5806] Bluetooth: hci2: command tx timeout
[  163.326438][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  163.352823][ T5800] chnl_net:caif_netlink_parms(): no params data found
[  163.432224][ T5812] chnl_net:caif_netlink_parms(): no params data found
[  163.499924][   T31] hsr_slave_0: left promiscuous mode
[  163.502669][   T31] hsr_slave_1: left promiscuous mode
[  163.516998][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.520394][   T31] batman_adv: batadv0: Removing interface: batadv_slave_0
[  163.527396][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  163.531099][   T31] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.569336][   T31] veth1_macvtap: left promiscuous mode
[  163.572010][   T31] veth0_macvtap: left promiscuous mode
[  163.575472][   T31] veth1_vlan: left promiscuous mode
[  163.607078][   T31] veth0_vlan: left promiscuous mode
[  163.777309][ T5410] Bluetooth: hci4: command tx timeout
[  163.780833][ T5410] Bluetooth: hci6: command tx timeout
[  163.783587][ T5410] Bluetooth: hci5: command tx timeout
[  164.189071][   T31] team0 (unregistering): Port device team_slave_1 removed
[  164.213493][   T31] team0 (unregistering): Port device team_slave_0 removed
[  164.605998][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.622920][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.626275][ T5792] bridge_slave_0: entered allmulticast mode
[  164.630753][ T5792] bridge_slave_0: entered promiscuous mode
[  164.701888][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.705846][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.726154][ T5792] bridge_slave_1: entered allmulticast mode
[  164.731091][ T5792] bridge_slave_1: entered promiscuous mode
[  164.809327][ T5794] hsr_slave_0: entered promiscuous mode
[  164.812731][ T5794] hsr_slave_1: entered promiscuous mode
[  164.964976][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.005905][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.377275][ T5806] Bluetooth: hci1: command tx timeout
[  165.379922][ T5806] Bluetooth: hci3: command tx timeout
[  165.382864][ T5806] Bluetooth: hci2: command tx timeout
[  165.490402][ T5807] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.493853][ T5807] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.502165][ T5807] bridge_slave_0: entered allmulticast mode
[  165.521555][ T5807] bridge_slave_0: entered promiscuous mode
[  165.590091][ T5792] team0: Port device team_slave_0 added
[  165.593012][ T5802] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.596277][ T5802] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.615967][ T5802] bridge_slave_0: entered allmulticast mode
[  165.645059][ T5802] bridge_slave_0: entered promiscuous mode
[  165.652739][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.656090][ T5812] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.676798][ T5812] bridge_slave_0: entered allmulticast mode
[  165.681529][ T5812] bridge_slave_0: entered promiscuous mode
[  165.686748][ T5807] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.690099][ T5807] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.693507][ T5807] bridge_slave_1: entered allmulticast mode
[  165.721510][ T5807] bridge_slave_1: entered promiscuous mode
[  165.767503][ T5800] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.770997][ T5800] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.775017][ T5800] bridge_slave_0: entered allmulticast mode
[  165.801472][ T5800] bridge_slave_0: entered promiscuous mode
[  165.828285][ T5800] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.831631][ T5800] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.835268][ T5800] bridge_slave_1: entered allmulticast mode
[  165.859560][ T5410] Bluetooth: hci5: command tx timeout
[  165.862143][ T5410] Bluetooth: hci6: command tx timeout
[  165.864596][ T5410] Bluetooth: hci4: command tx timeout
[  165.878063][ T5800] bridge_slave_1: entered promiscuous mode
[  165.908759][ T5792] team0: Port device team_slave_1 added
[  165.917751][ T5802] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.921048][ T5802] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.924355][ T5802] bridge_slave_1: entered allmulticast mode
[  165.963966][ T5802] bridge_slave_1: entered promiscuous mode
[  165.999205][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.002332][ T5812] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.005892][ T5812] bridge_slave_1: entered allmulticast mode
[  166.038938][ T5812] bridge_slave_1: entered promiscuous mode
[  166.178603][ T5807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.239434][ T5812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.252415][ T5807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.293253][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.312051][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.351405][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.354583][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.378306][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.411490][ T5802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.419450][ T5812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.490669][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.493829][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.539598][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.553276][ T5802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.622759][ T5807] team0: Port device team_slave_0 added
[  166.729923][ T5812] team0: Port device team_slave_0 added
[  166.734834][ T5812] team0: Port device team_slave_1 added
[  166.750418][ T5807] team0: Port device team_slave_1 added
[  166.754709][ T5800] team0: Port device team_slave_0 added
[  166.808553][ T5802] team0: Port device team_slave_0 added
[  166.884962][ T5800] team0: Port device team_slave_1 added
[  166.911456][ T5802] team0: Port device team_slave_1 added
[  166.914776][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.918917][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.933348][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.023510][ T5792] hsr_slave_0: entered promiscuous mode
[  167.035826][ T5792] hsr_slave_1: entered promiscuous mode
[  167.039283][ T5792] debugfs: 'hsr0' already exists in 'hsr'
[  167.041884][ T5792] Cannot create hsr debugfs directory
[  167.060787][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.063884][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.080596][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.086638][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.089673][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.104366][ T5807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.156045][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.163511][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.175867][ T5807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.224133][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.239069][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.263992][ T5800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.282221][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.285273][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.317521][ T5800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.376082][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.394488][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.431470][ T5802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.439208][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.442294][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.490949][ T5802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.710377][ T5807] hsr_slave_0: entered promiscuous mode
[  167.714539][ T5807] hsr_slave_1: entered promiscuous mode
[  167.721987][ T5807] debugfs: 'hsr0' already exists in 'hsr'
[  167.724530][ T5807] Cannot create hsr debugfs directory
[  167.791378][ T5812] hsr_slave_0: entered promiscuous mode
[  167.794963][ T5812] hsr_slave_1: entered promiscuous mode
[  167.803092][ T5812] debugfs: 'hsr0' already exists in 'hsr'
[  167.805611][ T5812] Cannot create hsr debugfs directory
[  167.843975][ T5800] hsr_slave_0: entered promiscuous mode
[  167.847728][ T5800] hsr_slave_1: entered promiscuous mode
[  167.852119][ T5800] debugfs: 'hsr0' already exists in 'hsr'
[  167.854923][ T5800] Cannot create hsr debugfs directory
[  168.002402][ T5802] hsr_slave_0: entered promiscuous mode
[  168.029801][ T5802] hsr_slave_1: entered promiscuous mode
[  168.046130][ T5802] debugfs: 'hsr0' already exists in 'hsr'
[  168.054568][ T5802] Cannot create hsr debugfs directory
[  168.655809][ T5794] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  168.769381][ T5794] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  168.783660][ T5794] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  168.878325][ T5794] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  169.151672][ T5792] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  169.200750][ T5792] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  169.219145][ T5792] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  169.278203][ T5792] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  169.654385][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.775232][ T5794] 8021q: adding VLAN 0 to HW filter on device team0
[  169.804740][ T5800] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  169.834459][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.889706][ T5800] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  169.904342][ T5800] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  169.931868][ T5800] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  169.952007][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.956684][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.982446][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.985928][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.055524][ T5792] 8021q: adding VLAN 0 to HW filter on device team0
[  170.109261][ T4064] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.112592][ T4064] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.194636][ T4064] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.198010][ T4064] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.321688][ T5812] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  170.402457][ T5812] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  170.423814][ T5812] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  170.533772][ T5812] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  170.614595][ T5792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.833172][ T5802] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  170.920323][ T5802] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  171.004617][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.101394][ T5802] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  171.173270][ T5802] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  171.354221][ T5800] 8021q: adding VLAN 0 to HW filter on device team0
[  171.398605][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.419420][ T5807] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  171.527866][ T5807] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  171.535941][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.539735][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.578836][ T1036] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.582238][ T1036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.650694][ T5807] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  171.686212][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.757921][ T5807] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  171.844706][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.027145][ T5812] 8021q: adding VLAN 0 to HW filter on device team0
[  172.047251][ T5802] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.092964][ T5794] veth0_vlan: entered promiscuous mode
[  172.166201][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.170064][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.227326][ T1036] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.230628][ T1036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.358831][ T5794] veth1_vlan: entered promiscuous mode
[  172.451030][ T5792] veth0_vlan: entered promiscuous mode
[  172.492218][ T5802] 8021q: adding VLAN 0 to HW filter on device team0
[  172.591831][ T5812] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  172.708807][ T5792] veth1_vlan: entered promiscuous mode
[  172.743257][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.747105][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.768358][ T1036] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.771937][ T1036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.893745][ T5800] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.975238][ T5792] veth0_macvtap: entered promiscuous mode
[  173.033379][ T5794] veth0_macvtap: entered promiscuous mode
[  173.099127][ T5792] veth1_macvtap: entered promiscuous mode
[  173.129550][ T5794] veth1_macvtap: entered promiscuous mode
[  173.194455][ T5807] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.344975][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.382481][ T5807] 8021q: adding VLAN 0 to HW filter on device team0
[  173.423489][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.464218][ T5800] veth0_vlan: entered promiscuous mode
[  173.497527][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.562189][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.629918][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.653890][ T3059] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.657963][ T3059] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.775514][ T5800] veth1_vlan: entered promiscuous mode
[  173.830131][ T3059] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.833532][ T3059] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.880427][   T31] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.984414][   T31] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.000588][   T31] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.004438][   T31] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.108409][ T5802] 8021q: adding VLAN 0 to HW filter on device batadv0
[  174.111833][   T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.203455][   T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.220648][   T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.224738][   T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.348063][ T5800] veth0_macvtap: entered promiscuous mode
[  174.444594][ T5800] veth1_macvtap: entered promiscuous mode
[  174.535897][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.621845][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.625406][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.714374][ T5802] veth0_vlan: entered promiscuous mode
[  174.784366][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.827223][ T1044] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.833016][ T1044] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.918224][ T4064] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.922260][ T4064] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.929832][ T5812] veth0_vlan: entered promiscuous mode
[  174.992854][ T1044] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.003426][ T1044] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.041892][ T5812] veth1_vlan: entered promiscuous mode
[  175.119695][ T5802] veth1_vlan: entered promiscuous mode
[  175.125393][   T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.159649][   T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.303812][ T5802] veth0_macvtap: entered promiscuous mode
[  175.367831][ T1044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.372406][ T1044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.471465][ T5807] 8021q: adding VLAN 0 to HW filter on device batadv0
2025/08/31 18:39:56 executed programs: 12
[  175.528843][ T6068] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  175.544168][ T5802] veth1_macvtap: entered promiscuous mode
[  175.552356][ T6068] netlink: 'syz.1.18': attribute type 10 has an invalid length.
[  175.625027][ T6072] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  175.668585][ T6072] netlink: 'syz.0.17': attribute type 10 has an invalid length.
[  175.675343][ T1036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.703128][ T1036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.755565][ T6068] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  175.912144][ T6072] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  175.954230][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.078458][ T5812] veth0_macvtap: entered promiscuous mode
[  176.104497][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.119608][ T1044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.141213][ T1044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.145528][ T5812] veth1_macvtap: entered promiscuous mode
[  176.211916][ T1049] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.274230][ T1049] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.297889][ T1049] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.301659][ T1049] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.345563][ T6086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  176.380036][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.386843][ T6086] netlink: 'syz.2.19': attribute type 10 has an invalid length.
[  176.505486][ T6091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  176.534379][ T6091] netlink: 'syz.1.23': attribute type 10 has an invalid length.
[  176.570171][ T6086] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  176.612993][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.671137][ T6098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  176.704708][ T6098] netlink: 'syz.0.24': attribute type 10 has an invalid length.
[  176.741242][ T6093] wlan1: No basic rates, using min rate instead
[  176.782530][ T6093] wlan1: authenticate with aa:09:b7:99:c0:d7 (local address=aa:aa:aa:aa:aa:17)
[  176.801911][ T6093] wlan1: send auth to aa:09:b7:99:c0:d7 (try 1/3)
[  176.846108][ T3059] wlan1: send auth to aa:09:b7:99:c0:d7 (try 2/3)
[  176.863747][ T3059] wlan1: send auth to aa:09:b7:99:c0:d7 (try 3/3)
[  176.882537][ T6086] bond0: entered promiscuous mode
[  176.887611][ T3059] wlan1: authentication with aa:09:b7:99:c0:d7 timed out
[  176.895941][ T6086] bond_slave_0: entered promiscuous mode
[  176.907046][ T3059] ==================================================================
[  176.910775][ T3059] BUG: KASAN: slab-use-after-free in _raw_spin_lock+0x2e/0x40
[  176.914322][ T3059] Read of size 1 at addr ffff8880426e6538 by task kworker/u4:11/3059
[  176.918849][ T3059] 
[  176.919976][ T3059] CPU: 0 UID: 0 PID: 3059 Comm: kworker/u4:11 Not tainted syzkaller #0 PREEMPT(full) 
[  176.919992][ T3059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.920000][ T3059] Workqueue: events_unbound cfg80211_wiphy_work
[  176.920062][ T3059] Call Trace:
[  176.920070][ T3059]  <TASK>
[  176.920076][ T3059]  dump_stack_lvl+0x189/0x250
[  176.920090][ T3059]  ? __virt_addr_valid+0x1c8/0x5c0
[  176.920104][ T3059]  ? rcu_is_watching+0x15/0xb0
[  176.920140][ T3059]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.920151][ T3059]  ? rcu_is_watching+0x15/0xb0
[  176.920160][ T3059]  ? lock_release+0x4b/0x3e0
[  176.920178][ T3059]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  176.920191][ T3059]  ? __virt_addr_valid+0x1c8/0x5c0
[  176.920203][ T3059]  ? __virt_addr_valid+0x4a5/0x5c0
[  176.920216][ T3059]  print_report+0xca/0x240
[  176.920226][ T3059]  ? _raw_spin_lock+0x2e/0x40
[  176.920238][ T3059]  kasan_report+0x118/0x150
[  176.920252][ T3059]  ? _raw_spin_lock+0x2e/0x40
[  176.920267][ T3059]  ? lockref_get+0x15/0x60
[  176.920284][ T3059]  __kasan_check_byte+0x2a/0x40
[  176.920297][ T3059]  lock_acquire+0x8d/0x360
[  176.920313][ T3059]  ? do_raw_spin_lock+0x121/0x290
[  176.920329][ T3059]  _raw_spin_lock+0x2e/0x40
[  176.920341][ T3059]  ? lockref_get+0x15/0x60
[  176.920353][ T3059]  lockref_get+0x15/0x60
[  176.920366][ T3059]  __simple_recursive_removal+0x33/0x510
[  176.920376][ T3059]  ? mntput+0x65/0xc0
[  176.920386][ T3059]  ? __pfx_remove_one+0x10/0x10
[  176.920401][ T3059]  debugfs_remove+0x5b/0x70
[  176.920415][ T3059]  ieee80211_sta_debugfs_remove+0x40/0x70
[  176.920428][ T3059]  __sta_info_destroy_part2+0x352/0x450
[  176.920444][ T3059]  sta_info_destroy_addr+0xf5/0x140
[  176.920458][ T3059]  ieee80211_destroy_auth_data+0x12d/0x260
[  176.920468][ T3059]  ieee80211_sta_work+0x11cf/0x3600
[  176.920478][ T3059]  ? kasan_save_track+0x3e/0x80
[  176.920486][ T3059]  ? __kasan_slab_free+0x5b/0x80
[  176.920496][ T3059]  ? kmem_cache_free+0x18f/0x400
[  176.920507][ T3059]  ? ieee80211_iface_work+0xb30/0x12d0
[  176.920519][ T3059]  ? cfg80211_wiphy_work+0x2bb/0x470
[  176.920532][ T3059]  ? process_scheduled_works+0xae1/0x17b0
[  176.920542][ T3059]  ? worker_thread+0x8a0/0xda0
[  176.920551][ T3059]  ? kthread+0x70e/0x8a0
[  176.920561][ T3059]  ? ret_from_fork+0x3fc/0x770
[  176.920570][ T3059]  ? ret_from_fork_asm+0x1a/0x30
[  176.920585][ T3059]  ? __lock_acquire+0xab9/0xd20
[  176.920598][ T3059]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  176.920609][ T3059]  ? do_raw_spin_lock+0x121/0x290
[  176.920622][ T3059]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  176.920635][ T3059]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.920648][ T3059]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  176.920659][ T3059]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  176.920671][ T3059]  ? kcov_remote_stop+0x17e/0x6d0
[  176.920684][ T3059]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.920697][ T3059]  ? skb_dequeue+0x10e/0x150
[  176.920708][ T3059]  ? ieee80211_iface_work+0xfbd/0x12d0
[  176.920721][ T3059]  ? ieee80211_iface_work+0x11d6/0x12d0
[  176.920736][ T3059]  cfg80211_wiphy_work+0x2bb/0x470
[  176.920752][ T3059]  ? process_scheduled_works+0x9ef/0x17b0
[  176.920763][ T3059]  process_scheduled_works+0xae1/0x17b0
[  176.920782][ T3059]  ? __pfx_process_scheduled_works+0x10/0x10
[  176.920797][ T3059]  worker_thread+0x8a0/0xda0
[  176.920808][ T3059]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  176.920825][ T3059]  ? __kthread_parkme+0x7b/0x200
[  176.920839][ T3059]  kthread+0x70e/0x8a0
[  176.920853][ T3059]  ? __pfx_worker_thread+0x10/0x10
[  176.920864][ T3059]  ? __pfx_kthread+0x10/0x10
[  176.920878][ T3059]  ? _raw_spin_unlock_irq+0x23/0x50
[  176.920891][ T3059]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.920905][ T3059]  ? __pfx_kthread+0x10/0x10
[  176.920919][ T3059]  ret_from_fork+0x3fc/0x770
[  176.920932][ T3059]  ? __pfx_ret_from_fork+0x10/0x10
[  176.920944][ T3059]  ? __pfx_kthread+0x10/0x10
[  176.920956][ T3059]  ret_from_fork_asm+0x1a/0x30
[  176.920984][ T3059]  </TASK>
[  176.920988][ T3059] 
[  177.105463][ T3059] Allocated by task 6093:
[  177.107401][ T3059]  kasan_save_track+0x3e/0x80
[  177.109525][ T3059]  __kasan_slab_alloc+0x6c/0x80
[  177.111685][ T3059]  kmem_cache_alloc_lru_noprof+0x1c6/0x3d0
[  177.114312][ T3059]  __d_alloc+0x36/0x7a0
[  177.116322][ T3059]  d_alloc_parallel+0xe5/0x15e0
[  177.118663][ T3059]  __lookup_slow+0x116/0x3d0
[  177.121034][ T3059]  simple_start_creating+0xfd/0x1e0
[  177.123706][ T3059]  start_creating+0x10f/0x180
[  177.125871][ T3059]  debugfs_create_dir+0x28/0x420
[  177.128058][ T3059]  ieee80211_sta_debugfs_add+0x12c/0x850
[  177.130620][ T3059]  sta_info_insert_rcu+0xfac/0x1940
[  177.132882][ T3059]  sta_info_insert+0x16/0xc0
[  177.135029][ T3059]  ieee80211_prep_connection+0xfce/0x13f0
[  177.137712][ T3059]  ieee80211_mgd_auth+0xee3/0x1770
[  177.139913][ T3059]  cfg80211_mlme_auth+0x62f/0x9c0
[  177.142362][ T3059]  cfg80211_conn_do_work+0x501/0xd10
[  177.144930][ T3059]  cfg80211_connect+0x1862/0x21a0
[  177.147517][ T3059]  nl80211_connect+0x17bc/0x1cd0
[  177.150293][ T3059]  genl_family_rcv_msg_doit+0x212/0x300
[  177.153246][ T3059]  genl_rcv_msg+0x60e/0x790
[  177.155519][ T3059]  netlink_rcv_skb+0x205/0x470
[  177.157713][ T3059]  genl_rcv+0x28/0x40
[  177.159457][ T3059]  netlink_unicast+0x82f/0x9e0
[  177.161563][ T3059]  netlink_sendmsg+0x805/0xb30
[  177.163680][ T3059]  __sock_sendmsg+0x219/0x270
[  177.165792][ T3059]  ____sys_sendmsg+0x505/0x830
[  177.167948][ T3059]  ___sys_sendmsg+0x21f/0x2a0
[  177.170077][ T3059]  __x64_sys_sendmsg+0x19b/0x260
[  177.172542][ T3059]  do_syscall_64+0xfa/0x3b0
[  177.174747][ T3059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.177669][ T3059] 
[  177.178970][ T3059] Freed by task 15:
[  177.180944][ T3059]  kasan_save_track+0x3e/0x80
[  177.183126][ T3059]  kasan_save_free_info+0x46/0x50
[  177.185387][ T3059]  __kasan_slab_free+0x5b/0x80
[  177.187574][ T3059]  kmem_cache_free+0x18f/0x400
[  177.189789][ T3059]  rcu_core+0xcab/0x1770
[  177.191658][ T3059]  handle_softirqs+0x283/0x870
[  177.193851][ T3059]  run_ksoftirqd+0x9b/0x100
[  177.196244][ T3059]  smpboot_thread_fn+0x53f/0xa60
[  177.198962][ T3059]  kthread+0x70e/0x8a0
[  177.201199][ T3059]  ret_from_fork+0x3fc/0x770
[  177.203402][ T3059]  ret_from_fork_asm+0x1a/0x30
[  177.205593][ T3059] 
[  177.206677][ T3059] Last potentially related work creation:
[  177.209130][ T3059]  kasan_save_stack+0x3e/0x60
[  177.211148][ T3059]  kasan_record_aux_stack+0xbd/0xd0
[  177.213446][ T3059]  call_rcu+0x157/0x9c0
[  177.215271][ T3059]  __dentry_kill+0x4d2/0x660
[  177.217345][ T3059]  dput+0x19f/0x2b0
[  177.219082][ T3059]  find_next_child+0x1e5/0x250
[  177.221222][ T3059]  __simple_recursive_removal+0x10b/0x510
[  177.223816][ T3059]  debugfs_remove+0x5b/0x70
[  177.225831][ T3059]  ieee80211_debugfs_recreate_netdev+0xbf/0x1460
[  177.228736][ T3059]  drv_remove_interface+0x1fa/0x590
[  177.231075][ T3059]  ieee80211_change_mac+0x912/0x12d0
[  177.233364][ T3059]  netif_set_mac_address+0x2f9/0x4c0
[  177.235679][ T3059]  dev_set_mac_address+0x12b/0x260
[  177.237928][ T3059]  bond_set_mac_address+0x26c/0x7b0
[  177.240195][ T3059]  netif_set_mac_address+0x2f9/0x4c0
[  177.242691][ T3059]  do_setlink+0x88c/0x41c0
[  177.244904][ T3059]  rtnl_newlink+0x160b/0x1c70
[  177.247589][ T3059]  rtnetlink_rcv_msg+0x7cc/0xb70
[  177.250117][ T3059]  netlink_rcv_skb+0x205/0x470
[  177.252223][ T3059]  netlink_unicast+0x82f/0x9e0
[  177.254346][ T3059]  netlink_sendmsg+0x805/0xb30
[  177.256460][ T3059]  __sock_sendmsg+0x219/0x270
[  177.258681][ T3059]  ____sys_sendmsg+0x505/0x830
[  177.261296][ T3059]  ___sys_sendmsg+0x21f/0x2a0
[  177.263694][ T3059]  __x64_sys_sendmsg+0x19b/0x260
[  177.266060][ T3059]  do_syscall_64+0xfa/0x3b0
[  177.268112][ T3059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.270660][ T3059] 
[  177.271760][ T3059] The buggy address belongs to the object at ffff8880426e6468
[  177.271760][ T3059]  which belongs to the cache dentry of size 312
[  177.279680][ T3059] The buggy address is located 208 bytes inside of
[  177.279680][ T3059]  freed 312-byte region [ffff8880426e6468, ffff8880426e65a0)
[  177.285619][ T3059] 
[  177.286758][ T3059] The buggy address belongs to the physical page:
[  177.289851][ T3059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x426e6
[  177.294024][ T3059] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  177.297645][ T3059] memcg:ffff888059305b01
[  177.299476][ T3059] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  177.302862][ T3059] page_type: f5(slab)
[  177.304603][ T3059] raw: 04fff00000000040 ffff88801b6cc780 0000000000000000 dead000000000001
[  177.308466][ T3059] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888059305b01
[  177.312427][ T3059] head: 04fff00000000040 ffff88801b6cc780 0000000000000000 dead000000000001
[  177.317045][ T3059] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888059305b01
[  177.322029][ T3059] head: 04fff00000000001 ffffea000109b981 00000000ffffffff 00000000ffffffff
[  177.325794][ T3059] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  177.329813][ T3059] page dumped because: kasan: bad access detected
[  177.332787][ T3059] page_owner tracks the page as allocated
[  177.335724][ T3059] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4763, tgid 4763 (udevd), ts 38310862756, free_ts 0
[  177.345845][ T3059]  post_alloc_hook+0x240/0x2a0
[  177.348561][ T3059]  get_page_from_freelist+0x21e4/0x22c0
[  177.351795][ T3059]  __alloc_frozen_pages_noprof+0x181/0x370
[  177.354494][ T3059]  alloc_pages_mpol+0x232/0x4a0
[  177.356649][ T3059]  allocate_slab+0x8a/0x370
[  177.358753][ T3059]  ___slab_alloc+0xbeb/0x1410
[  177.361116][ T3059]  kmem_cache_alloc_lru_noprof+0x288/0x3d0
[  177.364435][ T3059]  __d_alloc+0x36/0x7a0
[  177.366947][ T3059]  d_alloc+0x4b/0x190
[  177.368822][ T3059]  lookup_one_qstr_excl+0xdc/0x360
[  177.371190][ T3059]  do_renameat2+0x40e/0xa80
[  177.373284][ T3059]  __x64_sys_rename+0x82/0x90
[  177.375646][ T3059]  do_syscall_64+0xfa/0x3b0
[  177.378023][ T3059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.381635][ T3059] page_owner free stack trace missing
[  177.384665][ T3059] 
[  177.385874][ T3059] Memory state around the buggy address:
[  177.388489][ T3059]  ffff8880426e6400: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb
[  177.392091][ T3059]  ffff8880426e6480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  177.396283][ T3059] >ffff8880426e6500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  177.400698][ T3059]                                         ^
[  177.403396][ T3059]  ffff8880426e6580: fb fb fb fb fc fc fc fc fc fc fc fc 00 00 00 00
[  177.406896][ T3059]  ffff8880426e6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  177.410383][ T3059] ==================================================================
[  177.415757][ T3059] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  177.418943][ T3059] CPU: 0 UID: 0 PID: 3059 Comm: kworker/u4:11 Not tainted syzkaller #0 PREEMPT(full) 
[  177.423280][ T3059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  177.428386][ T3059] Workqueue: events_unbound cfg80211_wiphy_work
[  177.431353][ T3059] Call Trace:
[  177.432846][ T3059]  <TASK>
[  177.434206][ T3059]  dump_stack_lvl+0x99/0x250
[  177.436363][ T3059]  ? __asan_memcpy+0x40/0x70
[  177.438558][ T3059]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.440984][ T3059]  ? __pfx__printk+0x10/0x10
[  177.443214][ T3059]  vpanic+0x281/0x750
[  177.445243][ T3059]  ? __pfx_vpanic+0x10/0x10
[  177.447736][ T3059]  ? irqentry_exit+0x74/0x90
[  177.449797][ T3059]  panic+0xb9/0xc0
[  177.451660][ T3059]  ? __pfx_panic+0x10/0x10
[  177.453948][ T3059]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  177.458314][ T3059]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  177.461708][ T3059]  ? is_module_address+0x17/0xf0
[  177.463914][ T3059]  ? _raw_spin_lock+0x2e/0x40
[  177.466061][ T3059]  check_panic_on_warn+0x89/0xb0
[  177.468476][ T3059]  ? _raw_spin_lock+0x2e/0x40
[  177.470636][ T3059]  end_report+0x78/0x160
[  177.472732][ T3059]  kasan_report+0x129/0x150
[  177.475203][ T3059]  ? _raw_spin_lock+0x2e/0x40
[  177.477560][ T3059]  ? lockref_get+0x15/0x60
[  177.479842][ T3059]  __kasan_check_byte+0x2a/0x40
[  177.481955][ T3059]  lock_acquire+0x8d/0x360
[  177.484038][ T3059]  ? do_raw_spin_lock+0x121/0x290
[  177.486475][ T3059]  _raw_spin_lock+0x2e/0x40
[  177.488634][ T3059]  ? lockref_get+0x15/0x60
[  177.490850][ T3059]  lockref_get+0x15/0x60
[  177.493169][ T3059]  __simple_recursive_removal+0x33/0x510
[  177.496125][ T3059]  ? mntput+0x65/0xc0
[  177.497982][ T3059]  ? __pfx_remove_one+0x10/0x10
[  177.500232][ T3059]  debugfs_remove+0x5b/0x70
[  177.502316][ T3059]  ieee80211_sta_debugfs_remove+0x40/0x70
[  177.504869][ T3059]  __sta_info_destroy_part2+0x352/0x450
[  177.507604][ T3059]  sta_info_destroy_addr+0xf5/0x140
[  177.509965][ T3059]  ieee80211_destroy_auth_data+0x12d/0x260
[  177.512538][ T3059]  ieee80211_sta_work+0x11cf/0x3600
[  177.514971][ T3059]  ? kasan_save_track+0x3e/0x80
[  177.517515][ T3059]  ? __kasan_slab_free+0x5b/0x80
[  177.520313][ T3059]  ? kmem_cache_free+0x18f/0x400
[  177.522914][ T3059]  ? ieee80211_iface_work+0xb30/0x12d0
[  177.525271][ T3059]  ? cfg80211_wiphy_work+0x2bb/0x470
[  177.527693][ T3059]  ? process_scheduled_works+0xae1/0x17b0
[  177.530259][ T3059]  ? worker_thread+0x8a0/0xda0
[  177.532361][ T3059]  ? kthread+0x70e/0x8a0
[  177.534276][ T3059]  ? ret_from_fork+0x3fc/0x770
[  177.536371][ T3059]  ? ret_from_fork_asm+0x1a/0x30
[  177.538732][ T3059]  ? __lock_acquire+0xab9/0xd20
[  177.541103][ T3059]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  177.543734][ T3059]  ? do_raw_spin_lock+0x121/0x290
[  177.546157][ T3059]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  177.549099][ T3059]  ? lockdep_hardirqs_on+0x9c/0x150
[  177.551701][ T3059]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  177.554547][ T3059]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  177.557463][ T3059]  ? kcov_remote_stop+0x17e/0x6d0
[  177.559792][ T3059]  ? lockdep_hardirqs_on+0x9c/0x150
[  177.562650][ T3059]  ? skb_dequeue+0x10e/0x150
[  177.565015][ T3059]  ? ieee80211_iface_work+0xfbd/0x12d0
[  177.567903][ T3059]  ? ieee80211_iface_work+0x11d6/0x12d0
[  177.570559][ T3059]  cfg80211_wiphy_work+0x2bb/0x470
[  177.572717][ T3059]  ? process_scheduled_works+0x9ef/0x17b0
[  177.575198][ T3059]  process_scheduled_works+0xae1/0x17b0
[  177.577750][ T3059]  ? __pfx_process_scheduled_works+0x10/0x10
[  177.580505][ T3059]  worker_thread+0x8a0/0xda0
[  177.583003][ T3059]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  177.586855][ T3059]  ? __kthread_parkme+0x7b/0x200
[  177.589250][ T3059]  kthread+0x70e/0x8a0
[  177.591038][ T3059]  ? __pfx_worker_thread+0x10/0x10
[  177.593345][ T3059]  ? __pfx_kthread+0x10/0x10
[  177.595373][ T3059]  ? _raw_spin_unlock_irq+0x23/0x50
[  177.598355][ T3059]  ? lockdep_hardirqs_on+0x9c/0x150
[  177.601469][ T3059]  ? __pfx_kthread+0x10/0x10
[  177.603976][ T3059]  ret_from_fork+0x3fc/0x770
[  177.606153][ T3059]  ? __pfx_ret_from_fork+0x10/0x10
[  177.608486][ T3059]  ? __pfx_kthread+0x10/0x10
[  177.610562][ T3059]  ret_from_fork_asm+0x1a/0x30
[  177.612796][ T3059]  </TASK>
[  177.614584][ T3059] Kernel Offset: disabled
[  177.616527][ T3059] Rebooting in 86400 seconds..