Warning: Permanently added '[localhost]:24657' (ED25519) to the list of known hosts.
2025/07/15 04:44:44 ignoring optional flag "sandboxArg"="0"
2025/07/15 04:44:45 parsed 1 programs
[  137.945301][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  137.948537][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  138.686516][ T5762] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  142.082514][ T4690] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  142.089832][ T4690] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  142.097414][ T4690] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  142.104298][ T4690] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  142.109813][ T4690] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  147.713962][ T5800] chnl_net:caif_netlink_parms(): no params data found
[  148.811841][ T5800] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.815391][ T5800] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.819164][ T5800] bridge_slave_0: entered allmulticast mode
[  148.852915][ T5800] bridge_slave_0: entered promiscuous mode
[  148.910259][ T5800] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.917779][ T5800] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.921151][ T5800] bridge_slave_1: entered allmulticast mode
[  148.933112][ T5800] bridge_slave_1: entered promiscuous mode
[  149.053453][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  149.150323][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.394337][ T5800] team0: Port device team_slave_0 added
[  149.736472][ T5800] team0: Port device team_slave_1 added
[  149.962202][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.966181][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.018947][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.027177][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.062212][ T5800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.122592][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.125737][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.166645][ T5800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.192654][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.212644][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.609904][ T5800] hsr_slave_0: entered promiscuous mode
[  150.625245][ T5800] hsr_slave_1: entered promiscuous mode
[  151.108969][ T5800] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  151.128623][ T5800] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  151.153748][ T5800] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  151.201824][ T5800] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  151.405517][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.443888][ T5800] 8021q: adding VLAN 0 to HW filter on device team0
[  151.465086][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.468986][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.486403][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.489783][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.837351][ T5800] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.915864][ T5800] veth0_vlan: entered promiscuous mode
[  151.937658][ T5800] veth1_vlan: entered promiscuous mode
[  151.995080][ T5800] veth0_macvtap: entered promiscuous mode
[  152.004447][ T5800] veth1_macvtap: entered promiscuous mode
[  152.036050][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_0
[  152.057252][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.079520][ T5800] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.092193][ T5800] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.096049][ T5800] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.099995][ T5800] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/07/15 04:45:04 executed programs: 0
[  152.465328][ T5379] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  152.470633][ T5379] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  152.486395][ T5379] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  152.490577][ T5379] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  152.495190][ T5379] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  152.543437][ T5800] syz-executor (5800) used greatest stack depth: 16712 bytes left
[  152.550639][   T45] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  152.563762][   T45] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  152.576514][   T45] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  152.585113][   T45] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  152.589970][   T45] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  152.710684][ T4690] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  152.722548][ T4690] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  152.726504][ T4690] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  152.742904][ T4690] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  152.746706][ T4690] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  152.800030][ T4690] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  152.829095][ T4690] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  152.879158][ T5891] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  152.887457][ T5891] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  152.900146][ T5891] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  152.909645][ T5891] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  152.914407][ T5891] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  152.920992][ T5891] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  152.925031][ T5891] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  152.930079][ T5891] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  152.935433][ T5891] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  152.939464][ T5891] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  152.945504][ T5894] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  152.949189][ T5891] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  152.953195][ T5894] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  154.174772][ T1132] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.592269][ T5895] Bluetooth: hci0: command tx timeout
[  154.654392][ T1132] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.662472][ T5895] Bluetooth: hci1: command tx timeout
[  154.689568][ T5879] chnl_net:caif_netlink_parms(): no params data found
[  154.915337][ T5895] Bluetooth: hci2: command tx timeout
[  155.063206][ T5895] Bluetooth: hci5: command tx timeout
[  155.066418][ T5895] Bluetooth: hci3: command tx timeout
[  155.069339][ T5895] Bluetooth: hci4: command tx timeout
[  155.085944][ T1132] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.170542][ T1132] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.450230][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.455543][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.458823][ T5879] bridge_slave_0: entered allmulticast mode
[  155.475510][ T5879] bridge_slave_0: entered promiscuous mode
[  155.557729][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.561401][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.582522][ T5879] bridge_slave_1: entered allmulticast mode
[  155.586843][ T5879] bridge_slave_1: entered promiscuous mode
[  155.866091][ T1132] bridge_slave_1: left allmulticast mode
[  155.868770][ T1132] bridge_slave_1: left promiscuous mode
[  155.871353][ T1132] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.915408][ T1132] bridge_slave_0: left allmulticast mode
[  155.918017][ T1132] bridge_slave_0: left promiscuous mode
[  155.920916][ T1132] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.455513][ T1132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.461422][ T1132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.469136][ T1132] bond0 (unregistering): Released all slaves
[  156.521253][ T5879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.538936][ T5885] chnl_net:caif_netlink_parms(): no params data found
[  156.620259][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.665383][ T5895] Bluetooth: hci0: command tx timeout
[  156.743330][ T5895] Bluetooth: hci1: command tx timeout
[  156.922420][ T5879] team0: Port device team_slave_0 added
[  156.986107][ T5895] Bluetooth: hci2: command tx timeout
[  157.106994][ T5879] team0: Port device team_slave_1 added
[  157.141998][ T5895] Bluetooth: hci4: command tx timeout
[  157.144491][ T5895] Bluetooth: hci3: command tx timeout
[  157.147199][ T5895] Bluetooth: hci5: command tx timeout
[  157.208909][ T1132] hsr_slave_0: left promiscuous mode
[  157.213608][ T1132] hsr_slave_1: left promiscuous mode
[  157.225532][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  157.228821][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_0
[  157.245794][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  157.249178][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_1
[  157.274570][ T1132] veth1_macvtap: left promiscuous mode
[  157.277102][ T1132] veth0_macvtap: left promiscuous mode
[  157.279637][ T1132] veth1_vlan: left promiscuous mode
[  157.291771][ T1132] veth0_vlan: left promiscuous mode
[  157.858078][ T1132] team0 (unregistering): Port device team_slave_1 removed
[  157.884990][ T1132] team0 (unregistering): Port device team_slave_0 removed
[  158.249040][ T5888] chnl_net:caif_netlink_parms(): no params data found
[  158.269564][ T5884] chnl_net:caif_netlink_parms(): no params data found
[  158.401204][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.411790][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.449254][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.493969][ T5885] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.497524][ T5885] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.501395][ T5885] bridge_slave_0: entered allmulticast mode
[  158.508526][ T5885] bridge_slave_0: entered promiscuous mode
[  158.513682][ T5885] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.516935][ T5885] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.520199][ T5885] bridge_slave_1: entered allmulticast mode
[  158.527684][ T5885] bridge_slave_1: entered promiscuous mode
[  158.542724][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.545974][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.581927][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.591342][ T5875] chnl_net:caif_netlink_parms(): no params data found
[  158.741679][ T5894] Bluetooth: hci0: command tx timeout
[  158.757928][ T5886] chnl_net:caif_netlink_parms(): no params data found
[  158.823918][ T5894] Bluetooth: hci1: command tx timeout
[  158.887782][ T5885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  158.957574][ T5879] hsr_slave_0: entered promiscuous mode
[  158.960990][ T5879] hsr_slave_1: entered promiscuous mode
[  158.998336][ T5885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.064840][ T5894] Bluetooth: hci2: command tx timeout
[  159.199189][ T5885] team0: Port device team_slave_0 added
[  159.212943][ T5884] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.216584][ T5884] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.220061][ T5884] bridge_slave_0: entered allmulticast mode
[  159.225859][ T5894] Bluetooth: hci5: command tx timeout
[  159.228295][ T5894] Bluetooth: hci3: command tx timeout
[  159.230821][ T5894] Bluetooth: hci4: command tx timeout
[  159.246977][ T5884] bridge_slave_0: entered promiscuous mode
[  159.313168][ T5885] team0: Port device team_slave_1 added
[  159.340346][ T5884] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.351414][ T5884] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.356006][ T5884] bridge_slave_1: entered allmulticast mode
[  159.360532][ T5884] bridge_slave_1: entered promiscuous mode
[  159.417624][ T5888] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.421067][ T5888] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.427963][ T5888] bridge_slave_0: entered allmulticast mode
[  159.432365][ T5888] bridge_slave_0: entered promiscuous mode
[  159.489490][ T5888] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.493454][ T5888] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.496848][ T5888] bridge_slave_1: entered allmulticast mode
[  159.500864][ T5888] bridge_slave_1: entered promiscuous mode
[  159.507576][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.511018][ T5875] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.515673][ T5875] bridge_slave_0: entered allmulticast mode
[  159.519779][ T5875] bridge_slave_0: entered promiscuous mode
[  159.545734][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_0
[  159.548888][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.561052][ T5885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.575035][ T5884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.598540][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.604486][ T5875] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.607878][ T5875] bridge_slave_1: entered allmulticast mode
[  159.616491][ T5875] bridge_slave_1: entered promiscuous mode
[  159.629472][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.635854][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.648045][ T5885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.662313][ T5884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.744809][ T5888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.770204][ T5886] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.784557][ T5886] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.788470][ T5886] bridge_slave_0: entered allmulticast mode
[  159.803590][ T5886] bridge_slave_0: entered promiscuous mode
[  159.850683][ T5888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.900404][ T5884] team0: Port device team_slave_0 added
[  159.917139][ T5884] team0: Port device team_slave_1 added
[  159.923362][ T5875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.956363][ T5886] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.959706][ T5886] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.969562][ T5886] bridge_slave_1: entered allmulticast mode
[  159.981424][ T5886] bridge_slave_1: entered promiscuous mode
[  160.054973][ T5888] team0: Port device team_slave_0 added
[  160.079512][ T5875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  160.156184][ T5885] hsr_slave_0: entered promiscuous mode
[  160.159422][ T5885] hsr_slave_1: entered promiscuous mode
[  160.173179][ T5885] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  160.176883][ T5885] Cannot create hsr debugfs directory
[  160.196740][ T5888] team0: Port device team_slave_1 added
[  160.255077][ T5886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  160.315483][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.318814][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.338310][ T5884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.349616][ T5875] team0: Port device team_slave_0 added
[  160.445761][ T5886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  160.483649][ T5888] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.486757][ T5888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.503946][ T5888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.510210][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.517270][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.530448][ T5884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.540099][ T5875] team0: Port device team_slave_1 added
[  160.650133][ T5888] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.655313][ T5888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.669826][ T5888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.821962][ T5895] Bluetooth: hci0: command tx timeout
[  160.903307][ T5895] Bluetooth: hci1: command tx timeout
[  160.919815][ T5886] team0: Port device team_slave_0 added
[  160.954949][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.958099][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.976212][ T5875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.996078][ T5886] team0: Port device team_slave_1 added
[  161.015684][ T5884] hsr_slave_0: entered promiscuous mode
[  161.022373][ T5884] hsr_slave_1: entered promiscuous mode
[  161.025279][ T5884] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.029190][ T5884] Cannot create hsr debugfs directory
[  161.035636][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.038841][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.055503][ T5875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.082869][ T5888] hsr_slave_0: entered promiscuous mode
[  161.086206][ T5888] hsr_slave_1: entered promiscuous mode
[  161.089273][ T5888] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.095723][ T5888] Cannot create hsr debugfs directory
[  161.141645][ T5895] Bluetooth: hci2: command tx timeout
[  161.229334][ T5886] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.233681][ T5886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.249190][ T5886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.304377][ T5895] Bluetooth: hci4: command tx timeout
[  161.307021][ T5895] Bluetooth: hci3: command tx timeout
[  161.309511][ T5895] Bluetooth: hci5: command tx timeout
[  161.316457][ T5886] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.319622][ T5886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.335056][ T5886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.364162][ T5875] hsr_slave_0: entered promiscuous mode
[  161.367739][ T5875] hsr_slave_1: entered promiscuous mode
[  161.371087][ T5875] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.378910][ T5875] Cannot create hsr debugfs directory
[  161.776718][ T5886] hsr_slave_0: entered promiscuous mode
[  161.780124][ T5886] hsr_slave_1: entered promiscuous mode
[  161.805351][ T5886] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.808813][ T5886] Cannot create hsr debugfs directory
[  161.839136][ T5879] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  161.948435][ T5879] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  162.034140][ T5879] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  162.132999][ T5879] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  162.518871][ T5885] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  162.548351][ T5885] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  162.749504][ T5885] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  162.781125][ T5885] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  163.098924][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.328758][ T5879] 8021q: adding VLAN 0 to HW filter on device team0
[  163.373209][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.376532][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.453156][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.456391][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.549892][ T5885] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.600923][ T5879] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  163.631113][ T5885] 8021q: adding VLAN 0 to HW filter on device team0
[  163.650924][ T5888] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  163.717546][ T3020] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.720872][ T3020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.765464][ T3020] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.768779][ T3020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.793589][ T5888] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  163.913004][ T5888] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  163.999107][ T5888] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  164.021356][ T5884] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  164.072826][ T5884] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  164.138218][ T5884] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  164.167307][ T5884] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  164.180938][ T5885] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  164.386143][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.561403][ T5875] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  164.577589][ T5875] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  164.666997][ T5875] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  164.734947][ T5875] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  164.809039][ T5879] veth0_vlan: entered promiscuous mode
[  164.869558][ T5886] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  164.913736][ T5879] veth1_vlan: entered promiscuous mode
[  164.929384][ T5885] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.936352][ T5886] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  164.980067][ T5888] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.987280][ T5886] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  165.016451][ T5884] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.036350][ T5886] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  165.068133][ T5888] 8021q: adding VLAN 0 to HW filter on device team0
[  165.154834][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.158083][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.167867][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.171105][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.210854][ T5884] 8021q: adding VLAN 0 to HW filter on device team0
[  165.309897][ T5879] veth0_macvtap: entered promiscuous mode
[  165.338749][ T5888] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  165.358612][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.362804][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.393836][ T5885] veth0_vlan: entered promiscuous mode
[  165.408718][ T5879] veth1_macvtap: entered promiscuous mode
[  165.469439][ T5875] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.518486][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0
[  165.554321][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.557693][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.588977][ T5885] veth1_vlan: entered promiscuous mode
[  165.635106][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1
[  165.641276][ T5879] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.649850][ T5879] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.656872][ T5879] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.660923][ T5879] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.716929][ T5875] 8021q: adding VLAN 0 to HW filter on device team0
[  165.819795][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.823233][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.846919][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.850249][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.936101][ T5885] veth0_macvtap: entered promiscuous mode
[  165.981361][ T5875] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  166.011295][ T5885] veth1_macvtap: entered promiscuous mode
[  166.041199][ T5886] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.168051][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_0
[  166.270039][ T5886] 8021q: adding VLAN 0 to HW filter on device team0
[  166.313288][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_1
[  166.325946][ T5888] 8021q: adding VLAN 0 to HW filter on device batadv0
[  166.384374][ T5885] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  166.388205][ T5885] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  166.408787][ T5885] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  166.441745][ T5885] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  166.594222][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.597386][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.637492][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.641210][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.814553][ T5884] 8021q: adding VLAN 0 to HW filter on device batadv0
[  166.833281][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  166.837244][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.061293][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.106721][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.117857][ T5875] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.128237][ T5884] veth0_vlan: entered promiscuous mode
[  167.207922][ T5884] veth1_vlan: entered promiscuous mode
[  167.299053][ T3020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.335905][ T3020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.387863][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.422241][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.509200][ T5884] veth0_macvtap: entered promiscuous mode
2025/07/15 04:45:19 executed programs: 12
[  167.628163][ T5884] veth1_macvtap: entered promiscuous mode
[  167.689995][ T5875] veth0_vlan: entered promiscuous mode
[  167.807466][ T5875] veth1_vlan: entered promiscuous mode
[  167.845373][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.882908][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.910022][ T5886] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.017563][ T5884] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.049681][ T5884] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.094336][ T5884] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.098296][ T5884] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.147389][ T5888] veth0_vlan: entered promiscuous mode
[  168.179243][ T5875] veth0_macvtap: entered promiscuous mode
[  168.356422][ T5875] veth1_macvtap: entered promiscuous mode
[  168.416003][ T5888] veth1_vlan: entered promiscuous mode
[  168.645624][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.753288][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.830491][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.854194][ T5888] veth0_macvtap: entered promiscuous mode
[  168.861294][ T5888] veth1_macvtap: entered promiscuous mode
[  168.871159][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.934863][ T6080] loop0: detected capacity change from 0 to 32768
[  168.959081][ T5875] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.006653][ T5875] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.010809][ T5875] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.055450][ T5875] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.282894][ T5888] batman_adv: batadv0: Interface activated: batadv_slave_0
[  169.420597][ T5888] batman_adv: batadv0: Interface activated: batadv_slave_1
[  169.590194][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.615897][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.656996][ T5888] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.661052][ T5888] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.723784][ T5888] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.754633][ T5888] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.988721][ T5886] veth0_vlan: entered promiscuous mode
[  170.196989][ T5886] veth1_vlan: entered promiscuous mode
[  170.236501][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.240066][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.711896][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.715434][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.733923][ T6097] loop0: detected capacity change from 0 to 32768
[  170.879710][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.941973][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.029502][ T5886] veth0_macvtap: entered promiscuous mode
[  171.088053][ T5886] veth1_macvtap: entered promiscuous mode
[  171.180778][ T5886] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.290633][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.324636][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.390570][ T5886] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.514255][ T5886] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.518257][ T5886] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.631605][ T5886] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.651806][ T5886] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.566488][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.570310][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/15 04:45:24 executed programs: 21
[  172.863287][ T6110] loop0: detected capacity change from 0 to 32768
[  172.998861][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.041272][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.132730][ T6126] loop0: detected capacity change from 0 to 32768
[  177.071251][ T6143] loop0: detected capacity change from 0 to 32768
2025/07/15 04:45:30 executed programs: 34
[  179.267502][ T6159] loop0: detected capacity change from 0 to 32768
[  181.199751][ T6177] loop0: detected capacity change from 0 to 32768
[  183.216260][ T6192] loop0: detected capacity change from 0 to 32768
2025/07/15 04:45:35 executed programs: 47
[  185.160289][ T6211] loop0: detected capacity change from 0 to 32768
[  187.117842][ T6227] loop0: detected capacity change from 0 to 32768
[  189.169546][ T6243] loop0: detected capacity change from 0 to 32768
2025/07/15 04:45:41 executed programs: 60
[  191.145330][ T6260] loop0: detected capacity change from 0 to 32768
[  193.105790][ T6278] loop0: detected capacity change from 0 to 32768
2025/07/15 04:45:46 executed programs: 74
[  194.994062][ T6296] loop0: detected capacity change from 0 to 32768
[  196.946969][ T6312] loop0: detected capacity change from 0 to 32768
[  198.799750][ T6328] loop0: detected capacity change from 0 to 32768
[  199.390797][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  199.393934][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
2025/07/15 04:45:51 executed programs: 87
[  200.719590][ T6343] loop0: detected capacity change from 0 to 32768
[  202.712733][ T6361] loop0: detected capacity change from 0 to 32768
[  204.741282][ T6377] loop0: detected capacity change from 0 to 32768
2025/07/15 04:45:56 executed programs: 100
[  206.749292][ T6395] loop0: detected capacity change from 0 to 32768
[  208.638738][ T6410] loop0: detected capacity change from 0 to 32768
[  210.775790][ T6429] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:02 executed programs: 113
[  212.800607][ T6448] loop0: detected capacity change from 0 to 32768
[  214.764034][ T6460] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:07 executed programs: 127
[  216.897420][ T6479] loop0: detected capacity change from 0 to 32768
[  218.967970][ T6494] loop0: detected capacity change from 0 to 32768
[  221.077857][ T6511] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:12 executed programs: 138
[  222.989592][ T6528] loop0: detected capacity change from 0 to 32768
[  225.036176][ T6545] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:18 executed programs: 151
[  226.979673][ T6562] loop0: detected capacity change from 0 to 32768
[  228.981209][ T6579] loop0: detected capacity change from 0 to 32768
[  230.965137][ T6594] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:23 executed programs: 164
[  233.068126][ T6611] loop0: detected capacity change from 0 to 32768
[  235.249194][ T6628] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:28 executed programs: 176
[  237.479353][ T6646] loop0: detected capacity change from 0 to 32768
[  239.830232][ T6665] loop0: detected capacity change from 0 to 32768
[  241.640879][ T6683] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:34 executed programs: 189
[  243.495605][ T6693] loop0: detected capacity change from 0 to 32768
[  245.196918][ T6703] loop0: detected capacity change from 0 to 32768
[  247.288444][ T6717] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:39 executed programs: 204
[  249.031096][ T6727] loop0: detected capacity change from 0 to 32768
[  250.874490][ T6737] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:44 executed programs: 217
[  252.898753][ T6750] loop0: detected capacity change from 0 to 32768
[  255.255041][ T6764] loop0: detected capacity change from 0 to 32768
[  257.168221][ T6776] loop0: detected capacity change from 0 to 32768
2025/07/15 04:46:49 executed programs: 231
[  259.158855][ T6784] loop0: detected capacity change from 0 to 32768
[  260.826119][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  260.829129][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  261.059298][ T6794] loop0: detected capacity change from 0 to 32768
[  262.927017][ T6802] loop0: detected capacity change from 0 to 32768
[  262.932673][ T6055] ==================================================================
[  262.936286][ T6055] BUG: KASAN: slab-use-after-free in hci_uart_write_work+0x31b/0x580
[  262.939977][ T6055] Read of size 8 at addr ffff888054b5ed58 by task kworker/0:7/6055
[  262.945051][ T6055] 
[  262.946228][ T6055] CPU: 0 UID: 0 PID: 6055 Comm: kworker/0:7 Not tainted 6.16.0-rc6-syzkaller-g155a3c003e55-dirty #0 PREEMPT(full) 
[  262.946245][ T6055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.946253][ T6055] Workqueue: events hci_uart_write_work
[  262.946274][ T6055] Call Trace:
[  262.946282][ T6055]  <TASK>
[  262.946288][ T6055]  dump_stack_lvl+0x189/0x250
[  262.946304][ T6055]  ? __virt_addr_valid+0x1c8/0x5c0
[  262.946320][ T6055]  ? rcu_is_watching+0x15/0xb0
[  262.946374][ T6055]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.946383][ T6055]  ? rcu_is_watching+0x15/0xb0
[  262.946391][ T6055]  ? lock_release+0x4b/0x3e0
[  262.946399][ T6055]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  262.946442][ T6055]  ? __virt_addr_valid+0x1c8/0x5c0
[  262.946457][ T6055]  ? __virt_addr_valid+0x4a5/0x5c0
[  262.946481][ T6055]  print_report+0xca/0x230
[  262.946491][ T6055]  ? hci_uart_write_work+0x31b/0x580
[  262.946503][ T6055]  kasan_report+0x118/0x150
[  262.946517][ T6055]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  262.946533][ T6055]  ? hci_uart_write_work+0x31b/0x580
[  262.946547][ T6055]  ? __pfx_pty_write+0x10/0x10
[  262.946559][ T6055]  hci_uart_write_work+0x31b/0x580
[  262.946574][ T6055]  ? process_scheduled_works+0x9ef/0x17b0
[  262.946588][ T6055]  process_scheduled_works+0xae1/0x17b0
[  262.946606][ T6055]  ? __pfx_process_scheduled_works+0x10/0x10
[  262.946623][ T6055]  worker_thread+0x8a0/0xda0
[  262.946637][ T6055]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  262.946655][ T6055]  ? __kthread_parkme+0x7b/0x200
[  262.946671][ T6055]  kthread+0x70e/0x8a0
[  262.946686][ T6055]  ? __pfx_worker_thread+0x10/0x10
[  262.946699][ T6055]  ? __pfx_kthread+0x10/0x10
[  262.946714][ T6055]  ? _raw_spin_unlock_irq+0x23/0x50
[  262.946729][ T6055]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.946778][ T6055]  ? __pfx_kthread+0x10/0x10
[  262.946796][ T6055]  ret_from_fork+0x3fc/0x770
[  262.946810][ T6055]  ? __pfx_ret_from_fork+0x10/0x10
[  262.946823][ T6055]  ? __pfx_kthread+0x10/0x10
[  262.946840][ T6055]  ret_from_fork_asm+0x1a/0x30
[  262.946859][ T6055]  </TASK>
[  262.946863][ T6055] 
[  263.039714][ T6055] Allocated by task 6055:
[  263.041725][ T6055]  kasan_save_track+0x3e/0x80
[  263.043963][ T6055]  __kasan_slab_alloc+0x6c/0x80
[  263.046180][ T6055]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  263.048850][ T6055]  __alloc_skb+0x112/0x2d0
[  263.050810][ T6055]  h5_prepare_pkt+0x184/0x530
[  263.052936][ T6055]  h5_dequeue+0x197/0x790
[  263.054841][ T6055]  hci_uart_write_work+0x29a/0x580
[  263.057233][ T6055]  process_scheduled_works+0xae1/0x17b0
[  263.059917][ T6055]  worker_thread+0x8a0/0xda0
[  263.062119][ T6055]  kthread+0x70e/0x8a0
[  263.064115][ T6055]  ret_from_fork+0x3fc/0x770
[  263.066185][ T6055]  ret_from_fork_asm+0x1a/0x30
[  263.068306][ T6055] 
[  263.069444][ T6055] The buggy address belongs to the object at ffff888054b5ec80
[  263.069444][ T6055]  which belongs to the cache skbuff_head_cache of size 240
[  263.075286][ T6055] The buggy address is located 216 bytes inside of
[  263.075286][ T6055]  freed 240-byte region [ffff888054b5ec80, ffff888054b5ed70)
[  263.081465][ T6055] 
[  263.082581][ T6055] The buggy address belongs to the physical page:
[  263.085493][ T6055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888054b5e140 pfn:0x54b5e
[  263.089958][ T6055] flags: 0x4fff00000000200(workingset|node=1|zone=1|lastcpupid=0x7ff)
[  263.093825][ T6055] page_type: f5(slab)
[  263.095661][ T6055] raw: 04fff00000000200 ffff8880304efb40 ffffea0001253bd0 ffffea00016134d0
[  263.099633][ T6055] raw: ffff888054b5e140 00000000000c000a 00000000f5000000 0000000000000000
[  263.103614][ T6055] page dumped because: kasan: bad access detected
[  263.106645][ T6055] page_owner tracks the page as allocated
[  263.109228][ T6055] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 3020, tgid 3020 (kworker/u4:11), ts 227043981111, free_ts 226252562525
[  263.117802][ T6055]  post_alloc_hook+0x240/0x2a0
[  263.120074][ T6055]  get_page_from_freelist+0x21e4/0x22c0
[  263.122626][ T6055]  __alloc_frozen_pages_noprof+0x181/0x370
[  263.125233][ T6055]  alloc_pages_mpol+0x232/0x4a0
[  263.127450][ T6055]  allocate_slab+0x8a/0x3b0
[  263.129582][ T6055]  ___slab_alloc+0xbfc/0x1480
[  263.131828][ T6055]  kmem_cache_alloc_node_noprof+0x280/0x3c0
[  263.134766][ T6055]  __alloc_skb+0x112/0x2d0
[  263.137025][ T6055]  nsim_dev_trap_report_work+0x29a/0xb80
[  263.139593][ T6055]  process_scheduled_works+0xae1/0x17b0
[  263.142061][ T6055]  worker_thread+0x8a0/0xda0
[  263.144176][ T6055]  kthread+0x70e/0x8a0
[  263.146110][ T6055]  ret_from_fork+0x3fc/0x770
[  263.148763][ T6055]  ret_from_fork_asm+0x1a/0x30
[  263.151786][ T6055] page last free pid 15 tgid 15 stack trace:
[  263.155133][ T6055]  __free_frozen_pages+0xc71/0xe70
[  263.158020][ T6055]  __tlb_remove_table+0x2d2/0x3b0
[  263.160830][ T6055]  tlb_remove_table_rcu+0x85/0x100
[  263.163732][ T6055]  rcu_core+0xca8/0x1710
[  263.165924][ T6055]  handle_softirqs+0x286/0x870
[  263.168384][ T6055]  run_ksoftirqd+0x9b/0x100
[  263.170427][ T6055]  smpboot_thread_fn+0x53f/0xa60
[  263.172675][ T6055]  kthread+0x70e/0x8a0
[  263.174563][ T6055]  ret_from_fork+0x3fc/0x770
[  263.176607][ T6055]  ret_from_fork_asm+0x1a/0x30
[  263.178792][ T6055] 
[  263.179879][ T6055] Memory state around the buggy address:
[  263.182247][ T6055]  ffff888054b5ec00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  263.186060][ T6055]  ffff888054b5ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  263.190279][ T6055] >ffff888054b5ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  263.193847][ T6055]                                                     ^
[  263.196852][ T6055]  ffff888054b5ed80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  263.200565][ T6055]  ffff888054b5ee00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  263.204225][ T6055] ==================================================================
2025/07/15 04:46:55 executed programs: 242
[  265.168129][ T6812] loop0: detected capacity change from 0 to 32768
[  265.312440][ T6055] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  265.315717][ T6055] CPU: 0 UID: 0 PID: 6055 Comm: kworker/0:7 Not tainted 6.16.0-rc6-syzkaller-g155a3c003e55-dirty #0 PREEMPT(full) 
[  265.321884][ T6055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  265.327204][ T6055] Workqueue: events hci_uart_write_work
[  265.330037][ T6055] Call Trace:
[  265.331670][ T6055]  <TASK>
[  265.333068][ T6055]  dump_stack_lvl+0x99/0x250
[  265.335134][ T6055]  ? __asan_memcpy+0x40/0x70
[  265.337119][ T6055]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.339239][ T6055]  ? __pfx__printk+0x10/0x10
[  265.341372][ T6055]  panic+0x2db/0x790
[  265.343350][ T6055]  ? __pfx_preempt_schedule+0x10/0x10
[  265.346138][ T6055]  ? __pfx_panic+0x10/0x10
[  265.348441][ T6055]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  265.351349][ T6055]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  265.354202][ T6055]  ? hci_uart_write_work+0x31b/0x580
[  265.356612][ T6055]  check_panic_on_warn+0x89/0xb0
[  265.358859][ T6055]  ? hci_uart_write_work+0x31b/0x580
[  265.361340][ T6055]  end_report+0x78/0x160
[  265.363309][ T6055]  kasan_report+0x129/0x150
[  265.365438][ T6055]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  265.368103][ T6055]  ? hci_uart_write_work+0x31b/0x580
[  265.370614][ T6055]  ? __pfx_pty_write+0x10/0x10
[  265.372944][ T6055]  hci_uart_write_work+0x31b/0x580
[  265.375518][ T6055]  ? process_scheduled_works+0x9ef/0x17b0
[  265.378355][ T6055]  process_scheduled_works+0xae1/0x17b0
[  265.380859][ T6055]  ? __pfx_process_scheduled_works+0x10/0x10
[  265.383568][ T6055]  worker_thread+0x8a0/0xda0
[  265.385720][ T6055]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  265.388661][ T6055]  ? __kthread_parkme+0x7b/0x200
[  265.390883][ T6055]  kthread+0x70e/0x8a0
[  265.392820][ T6055]  ? __pfx_worker_thread+0x10/0x10
[  265.395118][ T6055]  ? __pfx_kthread+0x10/0x10
[  265.397319][ T6055]  ? _raw_spin_unlock_irq+0x23/0x50
[  265.400034][ T6055]  ? lockdep_hardirqs_on+0x9c/0x150
[  265.402573][ T6055]  ? __pfx_kthread+0x10/0x10
[  265.404630][ T6055]  ret_from_fork+0x3fc/0x770
[  265.406704][ T6055]  ? __pfx_ret_from_fork+0x10/0x10
[  265.409132][ T6055]  ? __pfx_kthread+0x10/0x10
[  265.411195][ T6055]  ret_from_fork_asm+0x1a/0x30
[  265.413367][ T6055]  </TASK>
[  265.415230][ T6055] Kernel Offset: disabled
[  265.417381][ T6055] Rebooting in 86400 seconds..