syzkaller login: [ 97.059510][ T9] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:13899' (ED25519) to the list of known hosts.
2026/02/27 21:38:47 parsed 1 programs
[ 120.545789][ T5326] cgroup: Unknown subsys name 'net'
[ 120.589425][ T5326] cgroup: Unknown subsys name 'cpuset'
[ 120.598082][ T5326] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 122.291490][ T5326] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 128.442037][ T5346] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 130.982832][ T5373] syz-executor (5373) used greatest stack depth: 18248 bytes left
[ 131.484603][ T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 131.492185][ T5396] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 131.496338][ T5396] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 131.500406][ T5396] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 131.503846][ T5396] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 132.376304][ T5345] chnl_net:caif_netlink_parms(): no params data found
[ 133.543798][ T1079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 133.553608][ T1079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 133.562862][ T5345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.577537][ T5345] bridge0: port 1(bridge_slave_0) entered disabled state
[ 133.580854][ T5345] bridge_slave_0: entered allmulticast mode
[ 133.608023][ T5345] bridge_slave_0: entered promiscuous mode
[ 133.628632][ T5345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.631744][ T5345] bridge0: port 2(bridge_slave_1) entered disabled state
[ 133.634960][ T5345] bridge_slave_1: entered allmulticast mode
[ 133.647563][ T5345] bridge_slave_1: entered promiscuous mode
[ 133.852546][ T5345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 133.944122][ T5345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 134.018530][ T1079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 134.035695][ T1079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 134.147709][ T5345] team0: Port device team_slave_0 added
[ 134.170083][ T5345] team0: Port device team_slave_1 added
[ 134.479730][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 134.482716][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 134.535180][ T5345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 134.556296][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 134.559244][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 134.619475][ T5345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 134.743470][ T5345] hsr_slave_0: entered promiscuous mode
[ 134.756295][ T5345] hsr_slave_1: entered promiscuous mode
[ 135.080136][ T5345] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 135.089887][ T5345] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 135.096055][ T5345] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 135.101963][ T5345] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 135.176662][ T5345] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.192254][ T5345] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.200941][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.204253][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.215134][ T1041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.218431][ T1041] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.413208][ T5345] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 135.471505][ T5345] veth0_vlan: entered promiscuous mode
[ 135.484824][ T5345] veth1_vlan: entered promiscuous mode
[ 135.518428][ T5345] veth0_macvtap: entered promiscuous mode
[ 135.526778][ T5345] veth1_macvtap: entered promiscuous mode
[ 135.541421][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 135.552603][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 135.569810][ T1041] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.581563][ T1041] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.598362][ T1041] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 135.624872][ T1041] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/02/27 21:39:05 executed programs: 0
[ 136.108245][ T4665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 136.112567][ T4665] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 136.119732][ T4665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 136.158867][ T5455] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 136.164583][ T5455] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 136.169706][ T5455] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 136.174669][ T5455] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 136.179583][ T5455] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 136.185679][ T5455] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 136.204813][ T4665] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 136.212126][ T5458] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 136.217768][ T5458] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 136.221871][ T5458] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 136.226905][ T5458] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 136.231044][ T5458] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 136.237627][ T45] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 136.250473][ T45] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 136.253639][ T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 136.285910][ T45] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 136.290983][ T45] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 136.416743][ T5455] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 136.424874][ T5458] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 136.431357][ T5458] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 136.436512][ T5458] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 136.441327][ T5396] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 136.446952][ T5396] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 136.450661][ T5458] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 136.453909][ T5396] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 136.457788][ T5458] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 136.462375][ T5458] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 136.888296][ T1041] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 137.230458][ T1041] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 137.919499][ T5447] chnl_net:caif_netlink_parms(): no params data found
[ 137.982414][ T1041] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 138.248380][ T5458] Bluetooth: hci1: command tx timeout
[ 138.326164][ T5458] Bluetooth: hci0: command tx timeout
[ 138.329162][ T5458] Bluetooth: hci2: command tx timeout
[ 138.408418][ T45] Bluetooth: hci3: command tx timeout
[ 138.429094][ T5447] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.432162][ T5447] bridge0: port 1(bridge_slave_0) entered disabled state
[ 138.437108][ T5447] bridge_slave_0: entered allmulticast mode
[ 138.445868][ T5447] bridge_slave_0: entered promiscuous mode
[ 138.463698][ T5447] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.467026][ T5447] bridge0: port 2(bridge_slave_1) entered disabled state
[ 138.470214][ T5447] bridge_slave_1: entered allmulticast mode
[ 138.486131][ T5458] Bluetooth: hci5: command tx timeout
[ 138.489063][ T5458] Bluetooth: hci4: command tx timeout
[ 138.494991][ T5447] bridge_slave_1: entered promiscuous mode
[ 138.567093][ T1041] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 138.658177][ T5447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 138.797893][ T5447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 138.844179][ T5465] chnl_net:caif_netlink_parms(): no params data found
[ 138.970515][ T5447] team0: Port device team_slave_0 added
[ 139.071308][ T5447] team0: Port device team_slave_1 added
[ 139.196612][ T5453] chnl_net:caif_netlink_parms(): no params data found
[ 139.247640][ T5449] chnl_net:caif_netlink_parms(): no params data found
[ 139.255670][ T5463] chnl_net:caif_netlink_parms(): no params data found
[ 139.290397][ T5447] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 139.293395][ T5447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 139.327673][ T5447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 139.387645][ T5447] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 139.390547][ T5447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 139.409681][ T5447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 139.429012][ T5451] chnl_net:caif_netlink_parms(): no params data found
[ 139.525067][ T5465] bridge0: port 1(bridge_slave_0) entered blocking state
[ 139.529449][ T5465] bridge0: port 1(bridge_slave_0) entered disabled state
[ 139.532827][ T5465] bridge_slave_0: entered allmulticast mode
[ 139.537079][ T5465] bridge_slave_0: entered promiscuous mode
[ 139.622362][ T5465] bridge0: port 2(bridge_slave_1) entered blocking state
[ 139.626584][ T5465] bridge0: port 2(bridge_slave_1) entered disabled state
[ 139.630077][ T5465] bridge_slave_1: entered allmulticast mode
[ 139.641553][ T5465] bridge_slave_1: entered promiscuous mode
[ 139.710225][ T1041] bridge_slave_1: left allmulticast mode
[ 139.712829][ T1041] bridge_slave_1: left promiscuous mode
[ 139.722923][ T1041] bridge0: port 2(bridge_slave_1) entered disabled state
[ 139.739084][ T1041] bridge_slave_0: left allmulticast mode
[ 139.741387][ T1041] bridge_slave_0: left promiscuous mode
[ 139.743733][ T1041] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.004520][ T1041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 140.010989][ T1041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 140.017354][ T1041] bond0 (unregistering): Released all slaves
[ 140.101385][ T5447] hsr_slave_0: entered promiscuous mode
[ 140.104483][ T5447] hsr_slave_1: entered promiscuous mode
[ 140.107821][ T5447] debugfs: 'hsr0' already exists in 'hsr'
[ 140.110554][ T5447] Cannot create hsr debugfs directory
[ 140.147839][ T1041] hsr_slave_0: left promiscuous mode
[ 140.150663][ T1041] hsr_slave_1: left promiscuous mode
[ 140.153587][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 140.158101][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 140.161953][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 140.164966][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 140.174537][ T1041] veth1_macvtap: left promiscuous mode
[ 140.177592][ T1041] veth0_macvtap: left promiscuous mode
[ 140.179996][ T1041] veth1_vlan: left promiscuous mode
[ 140.182210][ T1041] veth0_vlan: left promiscuous mode
[ 140.326478][ T5458] Bluetooth: hci1: command tx timeout
[ 140.393420][ T1041] team0 (unregistering): Port device team_slave_1 removed
[ 140.406128][ T5458] Bluetooth: hci2: command tx timeout
[ 140.409027][ T5455] Bluetooth: hci0: command tx timeout
[ 140.413928][ T1041] team0 (unregistering): Port device team_slave_0 removed
[ 140.488496][ T5458] Bluetooth: hci3: command tx timeout
[ 140.566456][ T5458] Bluetooth: hci4: command tx timeout
[ 140.568903][ T5458] Bluetooth: hci5: command tx timeout
[ 140.619977][ T5465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 140.701262][ T5453] bridge0: port 1(bridge_slave_0) entered blocking state
[ 140.704532][ T5453] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.710329][ T5453] bridge_slave_0: entered allmulticast mode
[ 140.714227][ T5453] bridge_slave_0: entered promiscuous mode
[ 140.720242][ T5465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 140.744230][ T5449] bridge0: port 1(bridge_slave_0) entered blocking state
[ 140.747816][ T5449] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.751085][ T5449] bridge_slave_0: entered allmulticast mode
[ 140.754487][ T5449] bridge_slave_0: entered promiscuous mode
[ 140.764914][ T5463] bridge0: port 1(bridge_slave_0) entered blocking state
[ 140.772330][ T5463] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.780190][ T5463] bridge_slave_0: entered allmulticast mode
[ 140.784258][ T5463] bridge_slave_0: entered promiscuous mode
[ 140.789692][ T5453] bridge0: port 2(bridge_slave_1) entered blocking state
[ 140.792984][ T5453] bridge0: port 2(bridge_slave_1) entered disabled state
[ 140.805779][ T5453] bridge_slave_1: entered allmulticast mode
[ 140.816386][ T5453] bridge_slave_1: entered promiscuous mode
[ 140.862161][ T5451] bridge0: port 1(bridge_slave_0) entered blocking state
[ 140.865244][ T5451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.877597][ T5451] bridge_slave_0: entered allmulticast mode
[ 140.885762][ T5451] bridge_slave_0: entered promiscuous mode
[ 140.897476][ T5451] bridge0: port 2(bridge_slave_1) entered blocking state
[ 140.900761][ T5451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 140.903941][ T5451] bridge_slave_1: entered allmulticast mode
[ 140.922475][ T5451] bridge_slave_1: entered promiscuous mode
[ 140.947043][ T5449] bridge0: port 2(bridge_slave_1) entered blocking state
[ 140.955999][ T5449] bridge0: port 2(bridge_slave_1) entered disabled state
[ 140.958985][ T5449] bridge_slave_1: entered allmulticast mode
[ 140.976776][ T5449] bridge_slave_1: entered promiscuous mode
[ 141.002432][ T5463] bridge0: port 2(bridge_slave_1) entered blocking state
[ 141.011326][ T5463] bridge0: port 2(bridge_slave_1) entered disabled state
[ 141.014743][ T5463] bridge_slave_1: entered allmulticast mode
[ 141.048764][ T5463] bridge_slave_1: entered promiscuous mode
[ 141.108659][ T5465] team0: Port device team_slave_0 added
[ 141.178265][ T5449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 141.208663][ T5453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 141.214709][ T5465] team0: Port device team_slave_1 added
[ 141.264759][ T5449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 141.283044][ T5453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 141.312615][ T5451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 141.344060][ T5463] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 141.363472][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 141.367759][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 141.379653][ T5465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 141.387562][ T5451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 141.412569][ T5463] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 141.428378][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 141.431565][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 141.455601][ T5465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 141.568620][ T5449] team0: Port device team_slave_0 added
[ 141.592705][ T5453] team0: Port device team_slave_0 added
[ 141.619568][ T5451] team0: Port device team_slave_0 added
[ 141.628331][ T5449] team0: Port device team_slave_1 added
[ 141.691914][ T5453] team0: Port device team_slave_1 added
[ 141.696129][ T5451] team0: Port device team_slave_1 added
[ 142.020861][ T5463] team0: Port device team_slave_0 added
[ 142.061292][ T5465] hsr_slave_0: entered promiscuous mode
[ 142.069489][ T5465] hsr_slave_1: entered promiscuous mode
[ 142.101917][ T5449] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 142.104803][ T5449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.129008][ T5449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 142.159631][ T5463] team0: Port device team_slave_1 added
[ 142.204742][ T5449] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 142.212216][ T5449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.230508][ T5449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 142.236638][ T5451] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 142.239362][ T5451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.250387][ T5451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 142.264363][ T5453] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 142.268188][ T5453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.279396][ T5453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 142.324396][ T5451] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 142.329515][ T5451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.340746][ T5451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 142.355119][ T5453] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 142.358696][ T5453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.370087][ T5453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 142.407394][ T5455] Bluetooth: hci1: command tx timeout
[ 142.464890][ T5463] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 142.475480][ T5463] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.495601][ T5455] Bluetooth: hci2: command tx timeout
[ 142.497725][ T5455] Bluetooth: hci0: command tx timeout
[ 142.505538][ T5463] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 142.568345][ T5458] Bluetooth: hci3: command tx timeout
[ 142.616773][ T5463] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 142.620345][ T5463] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.645609][ T5455] Bluetooth: hci4: command tx timeout
[ 142.648105][ T5458] Bluetooth: hci5: command tx timeout
[ 142.657477][ T5463] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 142.772857][ T5449] hsr_slave_0: entered promiscuous mode
[ 142.786503][ T5449] hsr_slave_1: entered promiscuous mode
[ 142.789762][ T5449] debugfs: 'hsr0' already exists in 'hsr'
[ 142.792262][ T5449] Cannot create hsr debugfs directory
[ 142.823750][ T5451] hsr_slave_0: entered promiscuous mode
[ 142.827361][ T5451] hsr_slave_1: entered promiscuous mode
[ 142.830307][ T5451] debugfs: 'hsr0' already exists in 'hsr'
[ 142.832831][ T5451] Cannot create hsr debugfs directory
[ 142.853679][ T5447] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 142.901541][ T5453] hsr_slave_0: entered promiscuous mode
[ 142.905291][ T5453] hsr_slave_1: entered promiscuous mode
[ 142.909437][ T5453] debugfs: 'hsr0' already exists in 'hsr'
[ 142.912039][ T5453] Cannot create hsr debugfs directory
[ 142.916450][ T5447] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 142.995886][ T5447] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 143.076946][ T5447] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 143.136779][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 143.139712][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 143.152646][ T5463] hsr_slave_0: entered promiscuous mode
[ 143.156547][ T5463] hsr_slave_1: entered promiscuous mode
[ 143.159641][ T5463] debugfs: 'hsr0' already exists in 'hsr'
[ 143.162215][ T5463] Cannot create hsr debugfs directory
[ 143.770161][ T5465] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 143.781885][ T5465] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 143.892329][ T5465] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 143.910766][ T5465] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 144.151524][ T5447] 8021q: adding VLAN 0 to HW filter on device bond0
[ 144.221413][ T5447] 8021q: adding VLAN 0 to HW filter on device team0
[ 144.251182][ T52] bridge0: port 1(bridge_slave_0) entered blocking state
[ 144.254336][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 144.313092][ T52] bridge0: port 2(bridge_slave_1) entered blocking state
[ 144.316470][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 144.385304][ T5449] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 144.432218][ T5447] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 144.459350][ T5447] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 144.484234][ T5449] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 144.488177][ T5458] Bluetooth: hci1: command tx timeout
[ 144.537965][ T5465] 8021q: adding VLAN 0 to HW filter on device bond0
[ 144.568209][ T5449] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 144.571556][ T5458] Bluetooth: hci0: command tx timeout
[ 144.573828][ T5458] Bluetooth: hci2: command tx timeout
[ 144.620850][ T5449] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 144.648443][ T5458] Bluetooth: hci3: command tx timeout
[ 144.652715][ T5465] 8021q: adding VLAN 0 to HW filter on device team0
[ 144.716761][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state
[ 144.719815][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 144.724190][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state
[ 144.727767][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 144.733809][ T5458] Bluetooth: hci5: command tx timeout
[ 144.738035][ T5455] Bluetooth: hci4: command tx timeout
[ 144.828824][ T5451] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 144.950475][ T5451] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 144.958766][ T5451] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 145.027793][ T5451] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 145.044584][ T5465] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 145.065228][ T5465] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 145.181350][ T5447] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 145.322468][ T5453] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 145.341719][ T5453] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 145.400492][ T5449] 8021q: adding VLAN 0 to HW filter on device bond0
[ 145.417609][ T5453] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 145.429473][ T5453] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 145.664200][ T5447] veth0_vlan: entered promiscuous mode
[ 145.678717][ T5463] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 145.705094][ T5449] 8021q: adding VLAN 0 to HW filter on device team0
[ 145.719551][ T5447] veth1_vlan: entered promiscuous mode
[ 145.758866][ T5463] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 145.768794][ T5451] 8021q: adding VLAN 0 to HW filter on device bond0
[ 145.774126][ T5465] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 145.788620][ T52] bridge0: port 1(bridge_slave_0) entered blocking state
[ 145.791761][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 145.808715][ T52] bridge0: port 2(bridge_slave_1) entered blocking state
[ 145.811672][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 145.871484][ T5463] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 145.929663][ T5451] 8021q: adding VLAN 0 to HW filter on device team0
[ 145.945674][ T5463] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 146.023592][ T52] bridge0: port 1(bridge_slave_0) entered blocking state
[ 146.026559][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 146.054073][ T5449] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 146.084112][ T5449] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 146.182974][ T52] bridge0: port 2(bridge_slave_1) entered blocking state
[ 146.186223][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 146.237787][ T5453] 8021q: adding VLAN 0 to HW filter on device bond0
[ 146.315367][ T5447] veth0_macvtap: entered promiscuous mode
[ 146.353277][ T5453] 8021q: adding VLAN 0 to HW filter on device team0
[ 146.437455][ T5447] veth1_macvtap: entered promiscuous mode
[ 146.531749][ T3083] bridge0: port 1(bridge_slave_0) entered blocking state
[ 146.534671][ T3083] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 146.562168][ T3083] bridge0: port 2(bridge_slave_1) entered blocking state
[ 146.566224][ T3083] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 146.684881][ T5447] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 146.693023][ T5451] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 146.788420][ T5447] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 146.848454][ T1105] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.865799][ T1105] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.869812][ T1105] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.873759][ T1105] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.922021][ T5453] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 147.018781][ T5449] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 147.027640][ T5465] veth0_vlan: entered promiscuous mode
[ 147.090759][ T5465] veth1_vlan: entered promiscuous mode
[ 147.120974][ T5463] 8021q: adding VLAN 0 to HW filter on device bond0
[ 147.328469][ T5463] 8021q: adding VLAN 0 to HW filter on device team0
[ 147.358459][ T5449] veth0_vlan: entered promiscuous mode
[ 147.372352][ T5465] veth0_macvtap: entered promiscuous mode
[ 147.422160][ T5449] veth1_vlan: entered promiscuous mode
[ 147.439126][ T5465] veth1_macvtap: entered promiscuous mode
[ 147.449941][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 147.453054][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 147.512794][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 147.517969][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state
[ 147.521123][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 147.558510][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 147.562028][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 147.588773][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 147.604351][ T5449] veth0_macvtap: entered promiscuous mode
[ 147.623130][ T5451] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 147.630221][ T1105] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 147.633901][ T1105] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 147.650926][ T5453] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 147.667508][ T1105] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 147.672314][ T1105] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 147.684259][ T5449] veth1_macvtap: entered promiscuous mode
[ 147.704804][ T3083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 147.709651][ T3083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/27 21:39:17 executed programs: 12
[ 147.974755][ T5449] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 148.058185][ T5449] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 148.123443][ T5451] veth0_vlan: entered promiscuous mode
[ 148.171871][ T5453] veth0_vlan: entered promiscuous mode
[ 148.201348][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 148.283354][ T1046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 148.291725][ T1046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 148.323674][ T5453] veth1_vlan: entered promiscuous mode
[ 148.333004][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 148.348490][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 148.352486][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 148.418452][ T5451] veth1_vlan: entered promiscuous mode
[ 148.592246][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 148.603872][ T5463] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 148.608964][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 148.669385][ T5453] veth0_macvtap: entered promiscuous mode
[ 148.768767][ T5453] veth1_macvtap: entered promiscuous mode
[ 148.798268][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 148.801403][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 148.841742][ T5451] veth0_macvtap: entered promiscuous mode
[ 148.914340][ T5451] veth1_macvtap: entered promiscuous mode
[ 149.010721][ T5453] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 149.042943][ T1079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 149.078643][ T1079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 149.084143][ T5453] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 149.187900][ T5451] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 149.225545][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.229835][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.233583][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.340837][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.359236][ T5451] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 149.389934][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.415868][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.419520][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.423132][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.839843][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 149.849464][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 149.943518][ T5463] veth0_vlan: entered promiscuous mode
[ 150.008964][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 150.012422][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 150.024792][ T5463] veth1_vlan: entered promiscuous mode
[ 150.144232][ T1079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 150.168154][ T1079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 150.281274][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 150.308062][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 150.394296][ T5463] veth0_macvtap: entered promiscuous mode
[ 150.441830][ T5463] veth1_macvtap: entered promiscuous mode
[ 150.545156][ T5463] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 150.587637][ T5463] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 150.594422][ T1041] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.620719][ T1041] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.624439][ T1041] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.697059][ T1041] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.172609][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.194825][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 151.451514][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.485125][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/27 21:39:22 executed programs: 110
2026/02/27 21:39:27 executed programs: 266
2026/02/27 21:39:32 executed programs: 435
2026/02/27 21:39:37 executed programs: 603
2026/02/27 21:39:42 executed programs: 777
2026/02/27 21:39:47 executed programs: 949
2026/02/27 21:39:52 executed programs: 1123
[ 184.403416][ T6834] ==================================================================
[ 184.406914][ T6834] BUG: KASAN: slab-use-after-free in bpf_trace_run9+0x13b/0x8c0
[ 184.410358][ T6834] Read of size 8 at addr ffff888059509818 by task syz.0.1175/6834
[ 184.414703][ T6834]
[ 184.416020][ T6834] CPU: 0 UID: 0 PID: 6834 Comm: syz.0.1175 Not tainted syzkaller #0 PREEMPT(full)
[ 184.416063][ T6834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 184.416071][ T6834] Call Trace:
[ 184.416217][ T6834]
[ 184.416224][ T6834] dump_stack_lvl+0xe8/0x150
[ 184.416246][ T6834] print_report+0xba/0x230
[ 184.416300][ T6834] ? bpf_trace_run9+0x13b/0x8c0
[ 184.416316][ T6834] kasan_report+0x117/0x150
[ 184.416329][ T6834] ? bpf_trace_run9+0x13b/0x8c0
[ 184.416346][ T6834] bpf_trace_run9+0x13b/0x8c0
[ 184.416363][ T6834] ? bpf_trace_run9+0x250/0x8c0
[ 184.416379][ T6834] ? __pfx_bpf_trace_run9+0x10/0x10
[ 184.416394][ T6834] ? virtio_transport_alloc_skb+0xf4/0x1180
[ 184.416487][ T6834] ? vsock_connect+0xaf5/0xd60
[ 184.416501][ T6834] ? __sys_connect+0x312/0x450
[ 184.416537][ T6834] __bpf_trace_virtio_transport_alloc_pkt+0x3a5/0x410
[ 184.416553][ T6834] ? __pfx___bpf_trace_virtio_transport_alloc_pkt+0x10/0x10
[ 184.416569][ T6834] ? kmem_cache_alloc_node_noprof+0x3ce/0x690
[ 184.416588][ T6834] ? __pfx___bpf_trace_virtio_transport_alloc_pkt+0x10/0x10
[ 184.416600][ T6834] __traceiter_virtio_transport_alloc_pkt+0xc1/0x120
[ 184.416614][ T6834] virtio_transport_alloc_skb+0x1108/0x1180
[ 184.416632][ T6834] ? __pfx_virtio_transport_alloc_skb+0x10/0x10
[ 184.416649][ T6834] virtio_transport_send_pkt_info+0x570/0xff0
[ 184.416662][ T6834] ? lockdep_hardirqs_on+0x7a/0x110
[ 184.416683][ T6834] virtio_transport_connect+0xf5/0x150
[ 184.416695][ T6834] ? __pfx_virtio_transport_connect+0x10/0x10
[ 184.416709][ T6834] ? __pfx_vsock_auto_bind+0x10/0x10
[ 184.416726][ T6834] vsock_connect+0xaf5/0xd60
[ 184.416741][ T6834] ? aa_sk_perm+0x6d5/0x900
[ 184.416846][ T6834] ? __pfx_vsock_connect+0x10/0x10
[ 184.416860][ T6834] ? __pfx_aa_sk_perm+0x10/0x10
[ 184.416876][ T6834] ? __pfx_autoremove_wake_function+0x10/0x10
[ 184.416904][ T6834] ? hook_socket_connect+0x107/0x190
[ 184.416915][ T6834] ? bpf_lsm_socket_connect+0x9/0x20
[ 184.416938][ T6834] __sys_connect+0x312/0x450
[ 184.416951][ T6834] ? __pfx___sys_connect+0x10/0x10
[ 184.416968][ T6834] __x64_sys_connect+0x7a/0x90
[ 184.416980][ T6834] do_syscall_64+0x14d/0xf80
[ 184.416996][ T6834] ? trace_irq_disable+0x3b/0x150
[ 184.417011][ T6834] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 184.417023][ T6834] ? clear_bhb_loop+0x40/0x90
[ 184.417035][ T6834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 184.417047][ T6834] RIP: 0033:0x7f67ca59c799
[ 184.417059][ T6834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 184.417069][ T6834] RSP: 002b:00007ffe9e810ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 184.417094][ T6834] RAX: ffffffffffffffda RBX: 00007f67ca815fa0 RCX: 00007f67ca59c799
[ 184.417102][ T6834] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003
[ 184.417109][ T6834] RBP: 00007f67ca632bd9 R08: 0000000000000000 R09: 0000000000000000
[ 184.417116][ T6834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 184.417123][ T6834] R13: 00007f67ca815fac R14: 00007f67ca815fa0 R15: 00007f67ca815fa0
[ 184.417136][ T6834]
[ 184.417140][ T6834]
[ 184.551933][ T6834] Allocated by task 6831:
[ 184.553825][ T6834] kasan_save_track+0x3e/0x80
[ 184.555976][ T6834] __kasan_kmalloc+0x93/0xb0
[ 184.558082][ T6834] __kmalloc_cache_noprof+0x31c/0x660
[ 184.560597][ T6834] bpf_raw_tp_link_attach+0x278/0x700
[ 184.563001][ T6834] bpf_raw_tracepoint_open+0x1b2/0x220
[ 184.565416][ T6834] __sys_bpf+0x846/0x950
[ 184.567299][ T6834] __x64_sys_bpf+0x7c/0x90
[ 184.569335][ T6834] do_syscall_64+0x14d/0xf80
[ 184.571452][ T6834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 184.574096][ T6834]
[ 184.575095][ T6834] Freed by task 52:
[ 184.576669][ T6834] kasan_save_track+0x3e/0x80
[ 184.578745][ T6834] kasan_save_free_info+0x46/0x50
[ 184.580954][ T6834] __kasan_slab_free+0x5c/0x80
[ 184.583225][ T6834] kfree+0x1c1/0x630
[ 184.584948][ T6834] rcu_core+0x7cd/0x1070
[ 184.586766][ T6834] handle_softirqs+0x22a/0x870
[ 184.588853][ T6834] do_softirq+0x76/0xd0
[ 184.590600][ T6834] __local_bh_enable_ip+0xf8/0x130
[ 184.592713][ T6834] __alloc_skb+0x1aa/0x7d0
[ 184.594663][ T6834] nsim_dev_trap_report_work+0x29a/0xb80
[ 184.597188][ T6834] process_scheduled_works+0xb02/0x1830
[ 184.599645][ T6834] worker_thread+0xa50/0xfc0
[ 184.601547][ T6834] kthread+0x388/0x470
[ 184.603329][ T6834] ret_from_fork+0x51e/0xb90
[ 184.605385][ T6834] ret_from_fork_asm+0x1a/0x30
[ 184.607423][ T6834]
[ 184.608489][ T6834] Last potentially related work creation:
[ 184.610823][ T6834] kasan_save_stack+0x3e/0x60
[ 184.612759][ T6834] kasan_record_aux_stack+0xbd/0xd0
[ 184.614960][ T6834] call_rcu+0xee/0x890
[ 184.616657][ T6834] bpf_link_release+0x6b/0x80
[ 184.618756][ T6834] __fput+0x44f/0xa70
[ 184.620524][ T6834] task_work_run+0x1d9/0x270
[ 184.622512][ T6834] do_exit+0x69b/0x2320
[ 184.624412][ T6834] do_group_exit+0x21b/0x2d0
[ 184.626496][ T6834] __x64_sys_exit_group+0x3f/0x40
[ 184.628752][ T6834] x64_sys_call+0x221a/0x2240
[ 184.630726][ T6834] do_syscall_64+0x14d/0xf80
[ 184.632951][ T6834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 184.635410][ T6834]
[ 184.636477][ T6834] The buggy address belongs to the object at ffff888059509800
[ 184.636477][ T6834] which belongs to the cache kmalloc-192 of size 192
[ 184.641981][ T6834] The buggy address is located 24 bytes inside of
[ 184.641981][ T6834] freed 192-byte region [ffff888059509800, ffff8880595098c0)
[ 184.647799][ T6834]
[ 184.648890][ T6834] The buggy address belongs to the physical page:
[ 184.651647][ T6834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x59509
[ 184.655392][ T6834] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 184.658317][ T6834] page_type: f5(slab)
[ 184.660050][ T6834] raw: 04fff00000000000 ffff88801ac413c0 dead000000000100 dead000000000122
[ 184.663666][ T6834] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 184.667090][ T6834] page dumped because: kasan: bad access detected
[ 184.669690][ T6834] page_owner tracks the page as allocated
[ 184.672346][ T6834] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5391, tgid 5391 (syz-executor), ts 131924342589, free_ts 131896427669
[ 184.681160][ T6834] post_alloc_hook+0x231/0x280
[ 184.683281][ T6834] get_page_from_freelist+0x24dc/0x2580
[ 184.685732][ T6834] __alloc_frozen_pages_noprof+0x18d/0x380
[ 184.688399][ T6834] allocate_slab+0x77/0x660
[ 184.690395][ T6834] refill_objects+0x331/0x3c0
[ 184.692476][ T6834] __pcs_replace_empty_main+0x2b9/0x620
[ 184.694991][ T6834] __kmalloc_noprof+0x474/0x760
[ 184.696987][ T6834] ops_init+0x7b/0x5c0
[ 184.698779][ T6834] setup_net+0x118/0x340
[ 184.700531][ T6834] copy_net_ns+0x50e/0x730
[ 184.702491][ T6834] create_new_namespaces+0x3e7/0x6a0
[ 184.704781][ T6834] unshare_nsproxy_namespaces+0x11a/0x160
[ 184.707234][ T6834] ksys_unshare+0x51d/0x930
[ 184.709131][ T6834] __x64_sys_unshare+0x38/0x50
[ 184.711085][ T6834] do_syscall_64+0x14d/0xf80
[ 184.713199][ T6834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 184.715802][ T6834] page last free pid 3 tgid 3 stack trace:
[ 184.717952][ T6834] __free_frozen_pages+0xc2b/0xdb0
[ 184.720225][ T6834] tlb_remove_table_rcu+0x85/0x100
[ 184.722486][ T6834] rcu_core+0x7cd/0x1070
[ 184.724310][ T6834] handle_softirqs+0x22a/0x870
[ 184.726336][ T6834] __irq_exit_rcu+0x5f/0x150
[ 184.728339][ T6834] irq_exit_rcu+0x9/0x30
[ 184.730224][ T6834] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 184.732714][ T6834] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 184.735311][ T6834]
[ 184.736384][ T6834] Memory state around the buggy address:
[ 184.738755][ T6834] ffff888059509700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 184.742063][ T6834] ffff888059509780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 184.745470][ T6834] >ffff888059509800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 184.748741][ T6834] ^
[ 184.750844][ T6834] ffff888059509880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 184.754420][ T6834] ffff888059509900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 184.757599][ T6834] ==================================================================
[ 184.814587][ T6834] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 184.817643][ T6834] CPU: 0 UID: 0 PID: 6834 Comm: syz.0.1175 Not tainted syzkaller #0 PREEMPT(full)
[ 184.821581][ T6834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 184.825628][ T6834] Call Trace:
[ 184.827076][ T6834]
[ 184.828326][ T6834] vpanic+0x56c/0xa60
[ 184.830028][ T6834] ? __pfx_vpanic+0x10/0x10
[ 184.831943][ T6834] panic+0xc5/0xd0
[ 184.833548][ T6834] ? __pfx_panic+0x10/0x10
[ 184.835443][ T6834] ? preempt_schedule_thunk+0x16/0x30
[ 184.837742][ T6834] ? bpf_trace_run9+0x13b/0x8c0
[ 184.840020][ T6834] ? preempt_schedule_thunk+0x16/0x30
[ 184.842339][ T6834] ? bpf_trace_run9+0x13b/0x8c0
[ 184.844490][ T6834] check_panic_on_warn+0x89/0xb0
[ 184.846706][ T6834] ? bpf_trace_run9+0x13b/0x8c0
[ 184.849327][ T6834] end_report+0x73/0x180
[ 184.851349][ T6834] ? bpf_trace_run9+0x13b/0x8c0
[ 184.853532][ T6834] kasan_report+0x128/0x150
[ 184.855570][ T6834] ? bpf_trace_run9+0x13b/0x8c0
[ 184.857670][ T6834] bpf_trace_run9+0x13b/0x8c0
[ 184.860084][ T6834] ? bpf_trace_run9+0x250/0x8c0
[ 184.862266][ T6834] ? __pfx_bpf_trace_run9+0x10/0x10
[ 184.864536][ T6834] ? virtio_transport_alloc_skb+0xf4/0x1180
[ 184.867028][ T6834] ? vsock_connect+0xaf5/0xd60
[ 184.869151][ T6834] ? __sys_connect+0x312/0x450
[ 184.871256][ T6834] __bpf_trace_virtio_transport_alloc_pkt+0x3a5/0x410
[ 184.874190][ T6834] ? __pfx___bpf_trace_virtio_transport_alloc_pkt+0x10/0x10
[ 184.877191][ T6834] ? kmem_cache_alloc_node_noprof+0x3ce/0x690
[ 184.879868][ T6834] ? __pfx___bpf_trace_virtio_transport_alloc_pkt+0x10/0x10
[ 184.882939][ T6834] __traceiter_virtio_transport_alloc_pkt+0xc1/0x120
[ 184.885836][ T6834] virtio_transport_alloc_skb+0x1108/0x1180
[ 184.888550][ T6834] ? __pfx_virtio_transport_alloc_skb+0x10/0x10
[ 184.891304][ T6834] virtio_transport_send_pkt_info+0x570/0xff0
[ 184.893970][ T6834] ? lockdep_hardirqs_on+0x7a/0x110
[ 184.896316][ T6834] virtio_transport_connect+0xf5/0x150
[ 184.898877][ T6834] ? __pfx_virtio_transport_connect+0x10/0x10
[ 184.901972][ T6834] ? __pfx_vsock_auto_bind+0x10/0x10
[ 184.904754][ T6834] vsock_connect+0xaf5/0xd60
[ 184.906844][ T6834] ? aa_sk_perm+0x6d5/0x900
[ 184.908693][ T6834] ? __pfx_vsock_connect+0x10/0x10
[ 184.910861][ T6834] ? __pfx_aa_sk_perm+0x10/0x10
[ 184.913029][ T6834] ? __pfx_autoremove_wake_function+0x10/0x10
[ 184.915703][ T6834] ? hook_socket_connect+0x107/0x190
[ 184.918051][ T6834] ? bpf_lsm_socket_connect+0x9/0x20
[ 184.920368][ T6834] __sys_connect+0x312/0x450
[ 184.922378][ T6834] ? __pfx___sys_connect+0x10/0x10
[ 184.924565][ T6834] __x64_sys_connect+0x7a/0x90
[ 184.926696][ T6834] do_syscall_64+0x14d/0xf80
[ 184.928751][ T6834] ? trace_irq_disable+0x3b/0x150
[ 184.930949][ T6834] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 184.933403][ T6834] ? clear_bhb_loop+0x40/0x90
[ 184.935391][ T6834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 184.937994][ T6834] RIP: 0033:0x7f67ca59c799
[ 184.939989][ T6834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 184.948141][ T6834] RSP: 002b:00007ffe9e810ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 184.951784][ T6834] RAX: ffffffffffffffda RBX: 00007f67ca815fa0 RCX: 00007f67ca59c799
[ 184.955820][ T6834] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003
[ 184.959604][ T6834] RBP: 00007f67ca632bd9 R08: 0000000000000000 R09: 0000000000000000
[ 184.962445][ T6834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 184.965818][ T6834] R13: 00007f67ca815fac R14: 00007f67ca815fa0 R15: 00007f67ca815fa0
[ 184.969267][ T6834]
[ 184.972631][ T6834] Kernel Offset: disabled
[ 184.974315][ T6834] Rebooting in 86400 seconds..
VM DIAGNOSIS:
21:39:54 Registers:
info registers vcpu 0
CPU#0
RAX=000000000000007a RBX=000000000000007a RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90006d9eed0
R8 =ffff888034cc0237 R9 =1ffff11006998046 R10=dffffc0000000000 R11=ffffffff854184f0
R12=dffffc0000000000 R13=ffffffff9a2bda62 R14=ffffffff9a5d5c60 R15=0000000000000000
RIP=ffffffff8541856c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555567d4b500 ffffffff 00c00000
GS =0000 ffff88808ca59000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffe9e811000 CR3=000000005099e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 327a79732f74656e 2f70756f7267637a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffec2b7ce56
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffec2b7ce56 00007ffec2b7ce5c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff48c8331bc
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff48c8331fc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff48c833360
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff48c8331ee
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000