Warning: Permanently added '[localhost]:13620' (ED25519) to the list of known hosts.
2026/02/20 11:33:47 parsed 1 programs
syzkaller login: [ 90.333180][ T5307] cgroup: Unknown subsys name 'net'
[ 90.406788][ T5307] cgroup: Unknown subsys name 'cpuset'
[ 90.423449][ T5307] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 92.365952][ T5307] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 96.717964][ T5329] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 97.044829][ T921] cfg80211: failed to load regulatory.db
[ 97.657374][ T5363] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 97.664617][ T5363] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 97.668281][ T5363] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 97.672419][ T5363] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 97.675503][ T5363] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 99.585855][ T133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 99.589474][ T133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 99.812482][ T5363] Bluetooth: hci0: command tx timeout
[ 99.999688][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 100.048341][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 100.778741][ T5341] chnl_net:caif_netlink_parms(): no params data found
[ 101.076338][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.079490][ T5341] bridge0: port 1(bridge_slave_0) entered disabled state
[ 101.093101][ T5341] bridge_slave_0: entered allmulticast mode
[ 101.105496][ T5341] bridge_slave_0: entered promiscuous mode
[ 101.128842][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.153284][ T5341] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.158716][ T5341] bridge_slave_1: entered allmulticast mode
[ 101.202610][ T5341] bridge_slave_1: entered promiscuous mode
[ 101.264826][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 101.284120][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 101.329330][ T5341] team0: Port device team_slave_0 added
[ 101.343639][ T5341] team0: Port device team_slave_1 added
[ 101.388053][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 101.397399][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 101.421834][ T5341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 101.437028][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 101.440234][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 101.471790][ T5341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 101.563427][ T5341] hsr_slave_0: entered promiscuous mode
[ 101.566210][ T5341] hsr_slave_1: entered promiscuous mode
[ 101.804839][ T5341] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 101.818897][ T5341] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 101.826510][ T5341] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 101.833214][ T5341] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 101.914909][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.930498][ T5341] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.940059][ T1054] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.943358][ T1054] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.964138][ T1054] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.967145][ T1054] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.000405][ T5341] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 102.154503][ T5341] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 102.190748][ T5341] veth0_vlan: entered promiscuous mode
[ 102.200034][ T5341] veth1_vlan: entered promiscuous mode
[ 102.228032][ T5341] veth0_macvtap: entered promiscuous mode
[ 102.235067][ T5341] veth1_macvtap: entered promiscuous mode
[ 102.248857][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.259669][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.272373][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.284560][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.288309][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.303048][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/02/20 11:34:02 executed programs: 0
[ 102.536279][ T5363] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 102.543398][ T5363] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 102.547094][ T5363] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 102.550442][ T5363] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 102.555065][ T5363] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 102.753911][ T5441] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 102.758946][ T5443] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 102.765736][ T5443] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 102.769594][ T5443] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 102.774259][ T5443] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 102.778306][ T5443] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 102.782619][ T5443] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 102.793918][ T4662] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 102.798151][ T4662] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 102.804328][ T4662] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 102.808091][ T4662] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 102.812153][ T5446] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 102.822093][ T5447] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 102.826842][ T5446] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 102.831092][ T5446] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 102.834458][ T5447] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 102.837800][ T5446] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 102.851043][ T4662] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 102.857806][ T4662] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 102.866931][ T4662] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 103.117342][ T4662] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 103.121155][ T4662] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 103.125230][ T4662] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 103.146816][ T4662] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 103.151306][ T4662] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 104.576586][ T5429] chnl_net:caif_netlink_parms(): no params data found
[ 104.615836][ T4662] Bluetooth: hci0: command tx timeout
[ 104.666212][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.879309][ T5429] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.882418][ T5429] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.884871][ T5429] bridge_slave_0: entered allmulticast mode
[ 104.887753][ T5429] bridge_slave_0: entered promiscuous mode
[ 104.932020][ T4662] Bluetooth: hci2: command tx timeout
[ 104.934994][ T4662] Bluetooth: hci1: command tx timeout
[ 104.937881][ T4662] Bluetooth: hci4: command tx timeout
[ 104.940567][ T4662] Bluetooth: hci3: command tx timeout
[ 104.962547][ T5429] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.965584][ T5429] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.968606][ T5429] bridge_slave_1: entered allmulticast mode
[ 104.974023][ T5429] bridge_slave_1: entered promiscuous mode
[ 105.000891][ T5434] chnl_net:caif_netlink_parms(): no params data found
[ 105.062608][ T5429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 105.101962][ T5429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 105.242394][ T5436] chnl_net:caif_netlink_parms(): no params data found
[ 105.252909][ T4662] Bluetooth: hci5: command tx timeout
[ 105.257216][ T5438] chnl_net:caif_netlink_parms(): no params data found
[ 105.274118][ T5429] team0: Port device team_slave_0 added
[ 105.303694][ T5429] team0: Port device team_slave_1 added
[ 105.314856][ T5437] chnl_net:caif_netlink_parms(): no params data found
[ 105.431268][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 105.434201][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 105.445069][ T5429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 105.449851][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.453332][ T5434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.456451][ T5434] bridge_slave_0: entered allmulticast mode
[ 105.460895][ T5434] bridge_slave_0: entered promiscuous mode
[ 105.496000][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 105.499015][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 105.510787][ T5429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 105.516411][ T5434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.519701][ T5434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.523719][ T5434] bridge_slave_1: entered allmulticast mode
[ 105.527810][ T5434] bridge_slave_1: entered promiscuous mode
[ 105.680546][ T5445] chnl_net:caif_netlink_parms(): no params data found
[ 105.687223][ T5436] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.689900][ T5436] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.694408][ T5436] bridge_slave_0: entered allmulticast mode
[ 105.698110][ T5436] bridge_slave_0: entered promiscuous mode
[ 105.725615][ T5434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 105.753314][ T5436] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.756446][ T5436] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.759361][ T5436] bridge_slave_1: entered allmulticast mode
[ 105.764049][ T5436] bridge_slave_1: entered promiscuous mode
[ 105.790067][ T5434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 105.794865][ T5438] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.798006][ T5438] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.801070][ T5438] bridge_slave_0: entered allmulticast mode
[ 105.805420][ T5438] bridge_slave_0: entered promiscuous mode
[ 105.837770][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 105.847715][ T5437] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.850882][ T5437] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.856873][ T5437] bridge_slave_0: entered allmulticast mode
[ 105.860756][ T5437] bridge_slave_0: entered promiscuous mode
[ 105.868912][ T5437] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.872613][ T5437] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.875700][ T5437] bridge_slave_1: entered allmulticast mode
[ 105.879495][ T5437] bridge_slave_1: entered promiscuous mode
[ 105.888388][ T5429] hsr_slave_0: entered promiscuous mode
[ 105.891347][ T5429] hsr_slave_1: entered promiscuous mode
[ 105.896924][ T5429] debugfs: 'hsr0' already exists in 'hsr'
[ 105.899245][ T5429] Cannot create hsr debugfs directory
[ 105.911216][ T5438] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.914503][ T5438] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.917439][ T5438] bridge_slave_1: entered allmulticast mode
[ 105.921070][ T5438] bridge_slave_1: entered promiscuous mode
[ 105.954497][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 105.995712][ T5434] team0: Port device team_slave_0 added
[ 106.015220][ T5436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.029375][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 106.063258][ T5434] team0: Port device team_slave_1 added
[ 106.079083][ T5436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.096779][ T5437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.143226][ T5438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.157326][ T5437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.190942][ T5436] team0: Port device team_slave_0 added
[ 106.215175][ T5438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.240184][ T5436] team0: Port device team_slave_1 added
[ 106.255965][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 106.259340][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 106.272522][ T5434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 106.343967][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 106.347122][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 106.359647][ T5434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 106.393273][ T5445] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.396379][ T5445] bridge0: port 1(bridge_slave_0) entered disabled state
[ 106.399436][ T5445] bridge_slave_0: entered allmulticast mode
[ 106.405876][ T5445] bridge_slave_0: entered promiscuous mode
[ 106.426108][ T5437] team0: Port device team_slave_0 added
[ 106.464850][ T5438] team0: Port device team_slave_0 added
[ 106.473727][ T5445] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.477102][ T5445] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.480361][ T5445] bridge_slave_1: entered allmulticast mode
[ 106.485188][ T5445] bridge_slave_1: entered promiscuous mode
[ 106.503814][ T5437] team0: Port device team_slave_1 added
[ 106.507357][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 106.510149][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 106.521298][ T5436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 106.538524][ T5438] team0: Port device team_slave_1 added
[ 106.567163][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 106.570325][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 106.581782][ T5436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 106.606516][ T13] bridge_slave_1: left allmulticast mode
[ 106.609050][ T13] bridge_slave_1: left promiscuous mode
[ 106.618092][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.625625][ T13] bridge_slave_0: left allmulticast mode
[ 106.628166][ T13] bridge_slave_0: left promiscuous mode
[ 106.630769][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 106.694178][ T4662] Bluetooth: hci0: command tx timeout
[ 106.877329][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 106.883194][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 106.887084][ T13] bond0 (unregistering): Released all slaves
[ 107.012247][ T4662] Bluetooth: hci3: command tx timeout
[ 107.014485][ T4662] Bluetooth: hci4: command tx timeout
[ 107.017085][ T4662] Bluetooth: hci1: command tx timeout
[ 107.019533][ T4662] Bluetooth: hci2: command tx timeout
[ 107.043548][ T5445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 107.052608][ T5437] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 107.056495][ T5437] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 107.099055][ T5437] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 107.142107][ T5437] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 107.145039][ T5437] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 107.192421][ T5437] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 107.232207][ T5434] hsr_slave_0: entered promiscuous mode
[ 107.242674][ T5434] hsr_slave_1: entered promiscuous mode
[ 107.254592][ T5434] debugfs: 'hsr0' already exists in 'hsr'
[ 107.258578][ T5434] Cannot create hsr debugfs directory
[ 107.279759][ T13] hsr_slave_0: left promiscuous mode
[ 107.292502][ T13] hsr_slave_1: left promiscuous mode
[ 107.295435][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 107.298648][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 107.313879][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 107.317263][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 107.333819][ T4662] Bluetooth: hci5: command tx timeout
[ 107.352431][ T13] veth1_macvtap: left promiscuous mode
[ 107.355039][ T13] veth0_macvtap: left promiscuous mode
[ 107.357604][ T13] veth1_vlan: left promiscuous mode
[ 107.360107][ T13] veth0_vlan: left promiscuous mode
[ 107.628332][ T13] team0 (unregistering): Port device team_slave_1 removed
[ 107.642313][ T13] team0 (unregistering): Port device team_slave_0 removed
[ 107.776482][ T5438] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 107.779466][ T5438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 107.797469][ T5438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 107.804475][ T5445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 107.880613][ T5436] hsr_slave_0: entered promiscuous mode
[ 107.891332][ T5436] hsr_slave_1: entered promiscuous mode
[ 107.915529][ T5438] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 107.918635][ T5438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 107.930314][ T5438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 108.025336][ T5437] hsr_slave_0: entered promiscuous mode
[ 108.028049][ T5437] hsr_slave_1: entered promiscuous mode
[ 108.031214][ T5437] debugfs: 'hsr0' already exists in 'hsr'
[ 108.033917][ T5437] Cannot create hsr debugfs directory
[ 108.044590][ T5445] team0: Port device team_slave_0 added
[ 108.167213][ T5445] team0: Port device team_slave_1 added
[ 108.366318][ T5438] hsr_slave_0: entered promiscuous mode
[ 108.378970][ T5438] hsr_slave_1: entered promiscuous mode
[ 108.393444][ T5438] debugfs: 'hsr0' already exists in 'hsr'
[ 108.395794][ T5438] Cannot create hsr debugfs directory
[ 108.432041][ T5445] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 108.435097][ T5445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 108.465436][ T5445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 108.528202][ T5445] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 108.531188][ T5445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 108.555608][ T5445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 108.595038][ T5429] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 108.619441][ T5429] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 108.694514][ T5429] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 108.749754][ T5429] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 108.772248][ T4662] Bluetooth: hci0: command tx timeout
[ 108.778983][ T5445] hsr_slave_0: entered promiscuous mode
[ 108.782980][ T5445] hsr_slave_1: entered promiscuous mode
[ 108.785780][ T5445] debugfs: 'hsr0' already exists in 'hsr'
[ 108.788157][ T5445] Cannot create hsr debugfs directory
[ 109.092911][ T4662] Bluetooth: hci2: command tx timeout
[ 109.095057][ T4662] Bluetooth: hci1: command tx timeout
[ 109.097100][ T4662] Bluetooth: hci4: command tx timeout
[ 109.099031][ T4662] Bluetooth: hci3: command tx timeout
[ 109.411879][ T5363] Bluetooth: hci5: command tx timeout
[ 109.415003][ T5434] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 109.445812][ T5429] 8021q: adding VLAN 0 to HW filter on device bond0
[ 109.463142][ T5434] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 109.469196][ T5434] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 109.505570][ T5434] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 109.586785][ T5429] 8021q: adding VLAN 0 to HW filter on device team0
[ 109.600028][ T5436] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 109.674298][ T5436] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 109.706318][ T42] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.709729][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 109.724149][ T42] bridge0: port 2(bridge_slave_1) entered blocking state
[ 109.727423][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 109.749993][ T5436] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 109.776167][ T5436] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 109.880201][ T5437] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 109.925862][ T5437] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 109.934325][ T5437] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 109.988696][ T5437] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 110.154218][ T5438] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 110.200893][ T5434] 8021q: adding VLAN 0 to HW filter on device bond0
[ 110.230640][ T5438] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 110.246780][ T5438] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 110.373114][ T5438] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 110.423809][ T5434] 8021q: adding VLAN 0 to HW filter on device team0
[ 110.487004][ T5436] 8021q: adding VLAN 0 to HW filter on device bond0
[ 110.511217][ T1054] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.514274][ T1054] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 110.539418][ T5445] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 110.563554][ T5429] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 110.580569][ T5436] 8021q: adding VLAN 0 to HW filter on device team0
[ 110.634700][ T5445] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 110.640339][ T5445] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 110.655058][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.658262][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 110.725579][ T5445] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 110.739612][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.742814][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 110.765828][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.768857][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 110.854080][ T5363] Bluetooth: hci0: command tx timeout
[ 110.867616][ T5436] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 110.874081][ T5436] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 110.954916][ T5437] 8021q: adding VLAN 0 to HW filter on device bond0
[ 110.966040][ T5438] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.025343][ T5429] veth0_vlan: entered promiscuous mode
[ 111.041354][ T5438] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.077759][ T5437] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.113874][ T5429] veth1_vlan: entered promiscuous mode
[ 111.148236][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.151441][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.172539][ T5363] Bluetooth: hci3: command tx timeout
[ 111.174928][ T5363] Bluetooth: hci4: command tx timeout
[ 111.178936][ T5363] Bluetooth: hci1: command tx timeout
[ 111.181357][ T5363] Bluetooth: hci2: command tx timeout
[ 111.185004][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.188174][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.250062][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.253336][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.275259][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.278100][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.359106][ T5437] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 111.444259][ T5436] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 111.495529][ T4662] Bluetooth: hci5: command tx timeout
[ 111.499229][ T5429] veth0_macvtap: entered promiscuous mode
[ 111.521102][ T5429] veth1_macvtap: entered promiscuous mode
[ 111.547869][ T5445] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.645442][ T5434] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 111.667259][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 111.688298][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 111.693299][ T5445] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.834386][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.837613][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.873147][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.876300][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.896688][ T70] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.907828][ T5436] veth0_vlan: entered promiscuous mode
[ 111.951270][ T70] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.978327][ T70] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.023765][ T70] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.031618][ T5437] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 112.039927][ T5436] veth1_vlan: entered promiscuous mode
[ 112.193375][ T5436] veth0_macvtap: entered promiscuous mode
[ 112.221553][ T5436] veth1_macvtap: entered promiscuous mode
[ 112.233562][ T5434] veth0_vlan: entered promiscuous mode
[ 112.246991][ T5438] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 112.265177][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.268691][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.290269][ T5434] veth1_vlan: entered promiscuous mode
[ 112.320915][ T5437] veth0_vlan: entered promiscuous mode
[ 112.400703][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 112.462739][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 112.485414][ T5437] veth1_vlan: entered promiscuous mode
[ 112.513243][ T5434] veth0_macvtap: entered promiscuous mode
[ 112.524344][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.533695][ T1100] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.538233][ T1100] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.551955][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.589277][ T5434] veth1_macvtap: entered promiscuous mode
[ 112.621179][ T1100] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.632765][ T1100] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.733550][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 112.738883][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_1
2026/02/20 11:34:12 executed programs: 12
[ 112.799411][ T5437] veth0_macvtap: entered promiscuous mode
[ 112.836553][ T5437] veth1_macvtap: entered promiscuous mode
[ 112.918170][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.938386][ T5437] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 112.969267][ T5445] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 112.991193][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.021782][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.025385][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.194502][ T5437] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 113.262865][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.267405][ T133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.270428][ T133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.336853][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.366986][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.370702][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.497937][ T5438] veth0_vlan: entered promiscuous mode
[ 113.616508][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.624028][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.648356][ T5438] veth1_vlan: entered promiscuous mode
[ 113.845933][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.849204][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.008644][ T5438] veth0_macvtap: entered promiscuous mode
[ 114.066425][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.069555][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.140559][ T5438] veth1_macvtap: entered promiscuous mode
[ 114.300979][ T5438] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 114.365375][ T5445] veth0_vlan: entered promiscuous mode
[ 114.435327][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.461330][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.491382][ T5438] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 114.529089][ T5445] veth1_vlan: entered promiscuous mode
[ 114.578166][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.618109][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.648056][ T1054] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.662350][ T1054] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.666113][ T1054] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.743433][ T1054] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.826217][ T5445] veth0_macvtap: entered promiscuous mode
[ 114.885071][ T5445] veth1_macvtap: entered promiscuous mode
[ 115.045751][ T5445] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 115.101413][ T5445] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 115.168944][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.174845][ T1100] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.194529][ T1100] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.200334][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.432154][ T1100] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.477463][ T1100] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 115.656647][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.672552][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.748580][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.778563][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.945183][ T133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.958341][ T133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/20 11:34:17 executed programs: 145
2026/02/20 11:34:22 executed programs: 418
[ 124.144986][ T5307] ==================================================================
[ 124.148416][ T5307] BUG: KASAN: slab-use-after-free in bpf_trace_run2+0xb1/0x840
[ 124.151717][ T5307] Read of size 8 at addr ffff888053465b18 by task syz-executor/5307
[ 124.156211][ T5307]
[ 124.157301][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)
[ 124.157315][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 124.157323][ T5307] Call Trace:
[ 124.157352][ T5307]
[ 124.157358][ T5307] dump_stack_lvl+0xe8/0x150
[ 124.157379][ T5307] print_report+0xba/0x230
[ 124.157393][ T5307] ? bpf_trace_run2+0xb1/0x840
[ 124.157409][ T5307] kasan_report+0x117/0x150
[ 124.157422][ T5307] ? bpf_trace_run2+0xb1/0x840
[ 124.157438][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.157450][ T5307] bpf_trace_run2+0xb1/0x840
[ 124.157465][ T5307] ? kick_process+0xeb/0x160
[ 124.157477][ T5307] ? bpf_trace_run2+0x1c9/0x840
[ 124.157491][ T5307] ? __pfx_bpf_trace_run2+0x10/0x10
[ 124.157505][ T5307] ? do_raw_spin_lock+0x12b/0x2f0
[ 124.157516][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.157528][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.157538][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.157549][ T5307] __traceiter_kfree+0x2e/0x50
[ 124.157561][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.157572][ T5307] kfree+0x5b2/0x630
[ 124.157588][ T5307] futex_hash_free+0x65/0xb0
[ 124.157600][ T5307] __mmput+0x38d/0x430
[ 124.157614][ T5307] exit_mm+0x168/0x220
[ 124.157625][ T5307] do_exit+0x62e/0x2320
[ 124.157636][ T5307] ? sock_write_iter+0x360/0x550
[ 124.157890][ T5307] ? __asan_memcpy+0x40/0x70
[ 124.157903][ T5307] ? sock_write_iter+0x360/0x550
[ 124.157917][ T5307] ? __pfx_do_exit+0x10/0x10
[ 124.157928][ T5307] ? do_raw_spin_lock+0x12b/0x2f0
[ 124.157941][ T5307] do_group_exit+0x21b/0x2d0
[ 124.157950][ T5307] ? _raw_spin_unlock_irq+0x23/0x50
[ 124.158052][ T5307] get_signal+0x1284/0x1330
[ 124.158072][ T5307] arch_do_signal_or_restart+0xbc/0x830
[ 124.158086][ T5307] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 124.158100][ T5307] ? ksys_write+0x1fc/0x270
[ 124.158116][ T5307] exit_to_user_mode_loop+0x86/0x480
[ 124.158129][ T5307] ? rcu_is_watching+0x15/0xb0
[ 124.158144][ T5307] do_syscall_64+0x32d/0xf80
[ 124.158159][ T5307] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.158170][ T5307] ? clear_bhb_loop+0x40/0x90
[ 124.158182][ T5307] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.158194][ T5307] RIP: 0033:0x7fc4bbd57817
[ 124.158204][ T5307] Code: Unable to access opcode bytes at 0x7fc4bbd577ed.
[ 124.158210][ T5307] RSP: 002b:00007ffe1f8e8350 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 124.158223][ T5307] RAX: 00000000000000b0 RBX: 0000555576290500 RCX: 00007fc4bbd57817
[ 124.158230][ T5307] RDX: 00000000000000b0 RSI: 00007fc4b863ff50 RDI: 0000000000000003
[ 124.158237][ T5307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 124.158250][ T5307] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000000b0
[ 124.158257][ T5307] R13: 00005555762a51c0 R14: 00007ffe1f8e88f0 R15: 00007fc4b863ff50
[ 124.158269][ T5307]
[ 124.158273][ T5307]
[ 124.277624][ T5307] Allocated by task 6102:
[ 124.279498][ T5307] kasan_save_track+0x3e/0x80
[ 124.281532][ T5307] __kasan_kmalloc+0x93/0xb0
[ 124.283580][ T5307] __kmalloc_cache_noprof+0x31c/0x660
[ 124.285958][ T5307] bpf_raw_tp_link_attach+0x278/0x700
[ 124.288386][ T5307] bpf_raw_tracepoint_open+0x1b2/0x220
[ 124.290743][ T5307] __sys_bpf+0x846/0x950
[ 124.292651][ T5307] __x64_sys_bpf+0x7c/0x90
[ 124.294573][ T5307] do_syscall_64+0x14d/0xf80
[ 124.296626][ T5307] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.299259][ T5307]
[ 124.300323][ T5307] Freed by task 1100:
[ 124.302069][ T5307] kasan_save_track+0x3e/0x80
[ 124.304109][ T5307] kasan_save_free_info+0x46/0x50
[ 124.306345][ T5307] __kasan_slab_free+0x5c/0x80
[ 124.308518][ T5307] kfree+0x1c1/0x630
[ 124.310341][ T5307] rcu_core+0x7cd/0x1070
[ 124.312232][ T5307] handle_softirqs+0x22a/0x870
[ 124.314263][ T5307] do_softirq+0x76/0xd0
[ 124.316079][ T5307] __local_bh_enable_ip+0xf8/0x130
[ 124.318382][ T5307] batadv_iv_ogm_queue_add+0x73e/0xd30
[ 124.320830][ T5307] batadv_iv_ogm_schedule+0x874/0xf50
[ 124.323210][ T5307] batadv_iv_send_outstanding_bat_ogm_packet+0x6c8/0x7e0
[ 124.326332][ T5307] process_scheduled_works+0xb02/0x1830
[ 124.328578][ T5307] worker_thread+0xa50/0xfc0
[ 124.330462][ T5307] kthread+0x388/0x470
[ 124.332138][ T5307] ret_from_fork+0x51e/0xb90
[ 124.334005][ T5307] ret_from_fork_asm+0x1a/0x30
[ 124.335957][ T5307]
[ 124.336950][ T5307] Last potentially related work creation:
[ 124.339275][ T5307] kasan_save_stack+0x3e/0x60
[ 124.341185][ T5307] kasan_record_aux_stack+0xbd/0xd0
[ 124.343474][ T5307] call_rcu+0xee/0x890
[ 124.345261][ T5307] bpf_link_release+0x6b/0x80
[ 124.347382][ T5307] __fput+0x44f/0xa70
[ 124.349189][ T5307] task_work_run+0x1d9/0x270
[ 124.351581][ T5307] exit_to_user_mode_loop+0xed/0x480
[ 124.354143][ T5307] do_syscall_64+0x32d/0xf80
[ 124.356232][ T5307] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.358785][ T5307]
[ 124.359876][ T5307] The buggy address belongs to the object at ffff888053465b00
[ 124.359876][ T5307] which belongs to the cache kmalloc-192 of size 192
[ 124.365563][ T5307] The buggy address is located 24 bytes inside of
[ 124.365563][ T5307] freed 192-byte region [ffff888053465b00, ffff888053465bc0)
[ 124.371477][ T5307]
[ 124.372531][ T5307] The buggy address belongs to the physical page:
[ 124.375428][ T5307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53465
[ 124.380266][ T5307] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 124.383598][ T5307] page_type: f5(slab)
[ 124.385407][ T5307] raw: 04fff00000000000 ffff88801a8413c0 dead000000000100 dead000000000122
[ 124.388876][ T5307] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 124.392514][ T5307] page dumped because: kasan: bad access detected
[ 124.395754][ T5307] page_owner tracks the page as allocated
[ 124.398919][ T5307] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5436, tgid 5436 (syz-executor), ts 104947827691, free_ts 103695571452
[ 124.407894][ T5307] post_alloc_hook+0x231/0x280
[ 124.410082][ T5307] get_page_from_freelist+0x24dc/0x2580
[ 124.412589][ T5307] __alloc_frozen_pages_noprof+0x18d/0x380
[ 124.415175][ T5307] allocate_slab+0x77/0x660
[ 124.417090][ T5307] refill_objects+0x331/0x3c0
[ 124.419203][ T5307] __pcs_replace_empty_main+0x2b9/0x620
[ 124.421609][ T5307] __kmalloc_node_track_caller_noprof+0x572/0x7b0
[ 124.424304][ T5307] kmemdup_noprof+0x2b/0x70
[ 124.426409][ T5307] neigh_parms_alloc+0x87/0x510
[ 124.428472][ T5307] ipv6_add_dev+0x40d/0x13a0
[ 124.430343][ T5307] addrconf_notify+0x771/0x1050
[ 124.432377][ T5307] notifier_call_chain+0x1be/0x400
[ 124.434607][ T5307] register_netdevice+0x173a/0x1cf0
[ 124.437209][ T5307] ip6gre_newlink_common+0x403/0x5b0
[ 124.439493][ T5307] ip6gre_newlink+0x228/0x350
[ 124.441467][ T5307] rtnl_newlink_create+0x329/0xb70
[ 124.443481][ T5307] page last free pid 5378 tgid 5378 stack trace:
[ 124.446076][ T5307] __free_frozen_pages+0xc2b/0xdb0
[ 124.448589][ T5307] vfree+0x25a/0x400
[ 124.450429][ T5307] kcov_close+0x28/0x50
[ 124.452377][ T5307] __fput+0x44f/0xa70
[ 124.454080][ T5307] task_work_run+0x1d9/0x270
[ 124.455965][ T5307] do_exit+0x69b/0x2320
[ 124.457801][ T5307] do_group_exit+0x21b/0x2d0
[ 124.459803][ T5307] get_signal+0x1284/0x1330
[ 124.461786][ T5307] arch_do_signal_or_restart+0xbc/0x830
[ 124.464161][ T5307] exit_to_user_mode_loop+0x86/0x480
[ 124.466257][ T5307] do_syscall_64+0x32d/0xf80
[ 124.468241][ T5307] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.471161][ T5307]
[ 124.472629][ T5307] Memory state around the buggy address:
[ 124.475932][ T5307] ffff888053465a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 124.479537][ T5307] ffff888053465a80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 124.483108][ T5307] >ffff888053465b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.486569][ T5307] ^
[ 124.488653][ T5307] ffff888053465b80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 124.492101][ T5307] ffff888053465c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.495692][ T5307] ==================================================================
[ 124.521600][ T5307] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 124.524866][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)
[ 124.529072][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 124.533420][ T5307] Call Trace:
[ 124.534890][ T5307]
[ 124.536239][ T5307] vpanic+0x56c/0xa60
[ 124.538021][ T5307] ? __pfx_vpanic+0x10/0x10
[ 124.540095][ T5307] panic+0xc5/0xd0
[ 124.541820][ T5307] ? __pfx_panic+0x10/0x10
[ 124.543878][ T5307] ? preempt_schedule_thunk+0x16/0x30
[ 124.546267][ T5307] ? bpf_trace_run2+0xb1/0x840
[ 124.548421][ T5307] ? preempt_schedule_thunk+0x16/0x30
[ 124.550848][ T5307] ? bpf_trace_run2+0xb1/0x840
[ 124.552712][ T5307] check_panic_on_warn+0x89/0xb0
[ 124.554712][ T5307] ? bpf_trace_run2+0xb1/0x840
[ 124.556732][ T5307] end_report+0x73/0x180
[ 124.558602][ T5307] ? bpf_trace_run2+0xb1/0x840
[ 124.560811][ T5307] kasan_report+0x128/0x150
[ 124.562901][ T5307] ? bpf_trace_run2+0xb1/0x840
[ 124.565088][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.567301][ T5307] bpf_trace_run2+0xb1/0x840
[ 124.569398][ T5307] ? kick_process+0xeb/0x160
[ 124.571562][ T5307] ? bpf_trace_run2+0x1c9/0x840
[ 124.573482][ T5307] ? __pfx_bpf_trace_run2+0x10/0x10
[ 124.575663][ T5307] ? do_raw_spin_lock+0x12b/0x2f0
[ 124.577969][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.580127][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.582273][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.584465][ T5307] __traceiter_kfree+0x2e/0x50
[ 124.586605][ T5307] ? futex_hash_free+0x65/0xb0
[ 124.588781][ T5307] kfree+0x5b2/0x630
[ 124.590582][ T5307] futex_hash_free+0x65/0xb0
[ 124.592727][ T5307] __mmput+0x38d/0x430
[ 124.594566][ T5307] exit_mm+0x168/0x220
[ 124.596483][ T5307] do_exit+0x62e/0x2320
[ 124.598484][ T5307] ? sock_write_iter+0x360/0x550
[ 124.600801][ T5307] ? __asan_memcpy+0x40/0x70
[ 124.602886][ T5307] ? sock_write_iter+0x360/0x550
[ 124.605227][ T5307] ? __pfx_do_exit+0x10/0x10
[ 124.607329][ T5307] ? do_raw_spin_lock+0x12b/0x2f0
[ 124.609574][ T5307] do_group_exit+0x21b/0x2d0
[ 124.611648][ T5307] ? _raw_spin_unlock_irq+0x23/0x50
[ 124.613876][ T5307] get_signal+0x1284/0x1330
[ 124.615823][ T5307] arch_do_signal_or_restart+0xbc/0x830
[ 124.618237][ T5307] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 124.621051][ T5307] ? ksys_write+0x1fc/0x270
[ 124.623029][ T5307] exit_to_user_mode_loop+0x86/0x480
[ 124.625292][ T5307] ? rcu_is_watching+0x15/0xb0
[ 124.627610][ T5307] do_syscall_64+0x32d/0xf80
[ 124.629689][ T5307] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.632338][ T5307] ? clear_bhb_loop+0x40/0x90
[ 124.634243][ T5307] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 124.636683][ T5307] RIP: 0033:0x7fc4bbd57817
[ 124.638466][ T5307] Code: Unable to access opcode bytes at 0x7fc4bbd577ed.
[ 124.641433][ T5307] RSP: 002b:00007ffe1f8e8350 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 124.645193][ T5307] RAX: 00000000000000b0 RBX: 0000555576290500 RCX: 00007fc4bbd57817
[ 124.648677][ T5307] RDX: 00000000000000b0 RSI: 00007fc4b863ff50 RDI: 0000000000000003
[ 124.652276][ T5307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 124.655700][ T5307] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000000b0
[ 124.659116][ T5307] R13: 00005555762a51c0 R14: 00007ffe1f8e88f0 R15: 00007fc4b863ff50
[ 124.662526][ T5307]
[ 124.664355][ T5307] Kernel Offset: disabled
[ 124.666312][ T5307] Rebooting in 86400 seconds..
VM DIAGNOSIS:
11:34:24 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000065 RBX=0000000000000065 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000e6d72b0
R8 =ffff888034d98237 R9 =1ffff110069b3046 R10=dffffc0000000000 R11=ffffffff85416ba0
R12=dffffc0000000000 R13=ffffffff9a2bba63 R14=ffffffff9a5d3c60 R15=0000000000000000
RIP=ffffffff85416c1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808ca5b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f57ac7e6158 CR3=000000000e54c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 327a79732f74656e 2f70756f7267637a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd5740a126
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd5740a126 00007ffd5740a12c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa05063319f
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa0506331df
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa050633343
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa0506331d1
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000