Warning: Permanently added '[localhost]:32172' (ED25519) to the list of known hosts.
syzkaller login: [ 97.214277][ T9] cfg80211: failed to load regulatory.db
2026/03/04 16:15:21 parsed 1 programs
[ 102.101210][ T5306] cgroup: Unknown subsys name 'net'
[ 102.147444][ T5306] cgroup: Unknown subsys name 'cpuset'
[ 102.152408][ T5306] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 104.105976][ T5306] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 111.401570][ T5325] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 117.898695][ T5326] chnl_net:caif_netlink_parms(): no params data found
[ 118.295848][ T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 118.300527][ T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 118.306282][ T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 118.310680][ T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 118.315023][ T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 119.444634][ T5326] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.448375][ T5326] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.451581][ T5326] bridge_slave_0: entered allmulticast mode
[ 119.513870][ T5326] bridge_slave_0: entered promiscuous mode
[ 119.605874][ T5326] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.609208][ T5326] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.612646][ T5326] bridge_slave_1: entered allmulticast mode
[ 119.668878][ T5326] bridge_slave_1: entered promiscuous mode
[ 120.119908][ T5326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 120.260557][ T5326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 120.404675][ T4662] Bluetooth: hci0: command tx timeout
[ 120.422099][ T5326] team0: Port device team_slave_0 added
[ 120.460312][ T5326] team0: Port device team_slave_1 added
[ 120.593891][ T5326] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 120.596840][ T5326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 120.634226][ T5326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 120.666698][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.671198][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.698058][ T5326] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 120.702106][ T5326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 120.762063][ T5326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 121.105266][ T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.109697][ T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.117917][ T5326] hsr_slave_0: entered promiscuous mode
[ 121.136037][ T5326] hsr_slave_1: entered promiscuous mode
[ 121.740566][ T5326] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 121.789511][ T5326] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 121.821602][ T5326] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 121.843050][ T5326] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 122.097342][ T5326] 8021q: adding VLAN 0 to HW filter on device bond0
[ 122.142486][ T5326] 8021q: adding VLAN 0 to HW filter on device team0
[ 122.160353][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.165148][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 122.214382][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.217700][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 122.483627][ T4662] Bluetooth: hci0: command tx timeout
[ 122.828920][ T5326] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 122.944170][ T5326] veth0_vlan: entered promiscuous mode
[ 122.975761][ T5326] veth1_vlan: entered promiscuous mode
[ 123.056901][ T5326] veth0_macvtap: entered promiscuous mode
[ 123.073189][ T5326] veth1_macvtap: entered promiscuous mode
[ 123.109513][ T5326] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 123.136145][ T5326] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 123.159926][ T1038] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.167659][ T1038] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.171421][ T1038] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.213350][ T1038] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/03/04 16:15:45 executed programs: 0
[ 123.804183][ T5438] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 123.814492][ T5438] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 123.824035][ T5381] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 123.827875][ T5381] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 123.833203][ T5381] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 123.838115][ T5381] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 123.847704][ T5381] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 123.851880][ T5381] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 123.867122][ T5381] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 123.872276][ T5442] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 123.876899][ T5439] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 123.896652][ T5439] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 123.901170][ T5439] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 123.907703][ T5439] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 123.917893][ T5439] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 123.921806][ T5439] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 123.930308][ T5439] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 123.935179][ T5439] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 123.944843][ T5439] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 123.951024][ T5439] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 123.978403][ T5439] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 123.994115][ T5439] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 124.007382][ T5439] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 124.018042][ T5439] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 124.022092][ T5439] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 124.108726][ T5442] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 124.116183][ T5442] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 124.125696][ T5442] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 124.143855][ T5442] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 124.154496][ T5442] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 125.910582][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.927654][ T5442] Bluetooth: hci2: command tx timeout
[ 125.930457][ T5442] Bluetooth: hci3: command tx timeout
[ 126.004150][ T5442] Bluetooth: hci4: command tx timeout
[ 126.007176][ T5442] Bluetooth: hci1: command tx timeout
[ 126.125701][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.165839][ T5439] Bluetooth: hci5: command tx timeout
[ 126.245474][ T5439] Bluetooth: hci6: command tx timeout
[ 126.458474][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.605371][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.788687][ T5432] chnl_net:caif_netlink_parms(): no params data found
[ 127.609143][ T12] bridge_slave_1: left allmulticast mode
[ 127.611935][ T12] bridge_slave_1: left promiscuous mode
[ 127.635577][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 127.656889][ T12] bridge_slave_0: left allmulticast mode
[ 127.659634][ T12] bridge_slave_0: left promiscuous mode
[ 127.662470][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 128.004009][ T5439] Bluetooth: hci3: command tx timeout
[ 128.006747][ T5439] Bluetooth: hci2: command tx timeout
[ 128.086144][ T5442] Bluetooth: hci1: command tx timeout
[ 128.088506][ T5442] Bluetooth: hci4: command tx timeout
[ 128.182494][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 128.195772][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 128.205160][ T12] bond0 (unregistering): Released all slaves
[ 128.248241][ T5439] Bluetooth: hci5: command tx timeout
[ 128.326585][ T5439] Bluetooth: hci6: command tx timeout
[ 128.404755][ T5446] chnl_net:caif_netlink_parms(): no params data found
[ 128.413965][ T5432] bridge0: port 1(bridge_slave_0) entered blocking state
[ 128.417598][ T5432] bridge0: port 1(bridge_slave_0) entered disabled state
[ 128.421353][ T5432] bridge_slave_0: entered allmulticast mode
[ 128.437026][ T5432] bridge_slave_0: entered promiscuous mode
[ 128.581058][ T5430] chnl_net:caif_netlink_parms(): no params data found
[ 128.621213][ T5432] bridge0: port 2(bridge_slave_1) entered blocking state
[ 128.624622][ T5432] bridge0: port 2(bridge_slave_1) entered disabled state
[ 128.627847][ T5432] bridge_slave_1: entered allmulticast mode
[ 128.631944][ T5432] bridge_slave_1: entered promiscuous mode
[ 128.662939][ T5435] chnl_net:caif_netlink_parms(): no params data found
[ 129.025204][ T5433] chnl_net:caif_netlink_parms(): no params data found
[ 129.130270][ T5432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 129.166003][ T5432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 129.270298][ T5429] chnl_net:caif_netlink_parms(): no params data found
[ 129.334186][ T12] hsr_slave_0: left promiscuous mode
[ 129.354052][ T12] hsr_slave_1: left promiscuous mode
[ 129.357210][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 129.360346][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 129.374567][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 129.378240][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 129.431269][ T12] veth1_macvtap: left promiscuous mode
[ 129.444094][ T12] veth0_macvtap: left promiscuous mode
[ 129.448350][ T12] veth1_vlan: left promiscuous mode
[ 129.451272][ T12] veth0_vlan: left promiscuous mode
[ 129.848164][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 129.872292][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 130.104431][ T5439] Bluetooth: hci2: command tx timeout
[ 130.106811][ T5439] Bluetooth: hci3: command tx timeout
[ 130.163755][ T5442] Bluetooth: hci4: command tx timeout
[ 130.166576][ T5442] Bluetooth: hci1: command tx timeout
[ 130.196365][ T5446] bridge0: port 1(bridge_slave_0) entered blocking state
[ 130.199454][ T5446] bridge0: port 1(bridge_slave_0) entered disabled state
[ 130.202372][ T5446] bridge_slave_0: entered allmulticast mode
[ 130.223707][ T5446] bridge_slave_0: entered promiscuous mode
[ 130.228654][ T5446] bridge0: port 2(bridge_slave_1) entered blocking state
[ 130.231794][ T5446] bridge0: port 2(bridge_slave_1) entered disabled state
[ 130.244248][ T5446] bridge_slave_1: entered allmulticast mode
[ 130.248398][ T5446] bridge_slave_1: entered promiscuous mode
[ 130.263929][ T5432] team0: Port device team_slave_0 added
[ 130.323881][ T5439] Bluetooth: hci5: command tx timeout
[ 130.403655][ T5439] Bluetooth: hci6: command tx timeout
[ 130.424098][ T5432] team0: Port device team_slave_1 added
[ 130.427770][ T5430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 130.430871][ T5430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 130.460852][ T5430] bridge_slave_0: entered allmulticast mode
[ 130.465388][ T5430] bridge_slave_0: entered promiscuous mode
[ 130.519953][ T5446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 130.546678][ T5446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 130.582851][ T5430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 130.589887][ T5430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 130.601079][ T5430] bridge_slave_1: entered allmulticast mode
[ 130.605105][ T5430] bridge_slave_1: entered promiscuous mode
[ 130.608746][ T5435] bridge0: port 1(bridge_slave_0) entered blocking state
[ 130.611626][ T5435] bridge0: port 1(bridge_slave_0) entered disabled state
[ 130.615809][ T5435] bridge_slave_0: entered allmulticast mode
[ 130.619670][ T5435] bridge_slave_0: entered promiscuous mode
[ 130.687294][ T5435] bridge0: port 2(bridge_slave_1) entered blocking state
[ 130.690571][ T5435] bridge0: port 2(bridge_slave_1) entered disabled state
[ 130.696692][ T5435] bridge_slave_1: entered allmulticast mode
[ 130.712135][ T5435] bridge_slave_1: entered promiscuous mode
[ 130.755638][ T5433] bridge0: port 1(bridge_slave_0) entered blocking state
[ 130.758514][ T5433] bridge0: port 1(bridge_slave_0) entered disabled state
[ 130.761894][ T5433] bridge_slave_0: entered allmulticast mode
[ 130.785688][ T5433] bridge_slave_0: entered promiscuous mode
[ 130.832892][ T5446] team0: Port device team_slave_0 added
[ 130.844751][ T5432] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 130.847670][ T5432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 130.892469][ T5432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 130.943390][ T5433] bridge0: port 2(bridge_slave_1) entered blocking state
[ 130.957364][ T5433] bridge0: port 2(bridge_slave_1) entered disabled state
[ 130.960534][ T5433] bridge_slave_1: entered allmulticast mode
[ 130.977794][ T5433] bridge_slave_1: entered promiscuous mode
[ 131.025600][ T5446] team0: Port device team_slave_1 added
[ 131.055023][ T5429] bridge0: port 1(bridge_slave_0) entered blocking state
[ 131.058113][ T5429] bridge0: port 1(bridge_slave_0) entered disabled state
[ 131.061366][ T5429] bridge_slave_0: entered allmulticast mode
[ 131.076252][ T5429] bridge_slave_0: entered promiscuous mode
[ 131.090943][ T5432] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.093817][ T5432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.111195][ T5432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.122059][ T5430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 131.136947][ T5435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 131.163301][ T5429] bridge0: port 2(bridge_slave_1) entered blocking state
[ 131.167030][ T5429] bridge0: port 2(bridge_slave_1) entered disabled state
[ 131.170611][ T5429] bridge_slave_1: entered allmulticast mode
[ 131.175466][ T5429] bridge_slave_1: entered promiscuous mode
[ 131.222788][ T5430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.230679][ T5435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.238640][ T5433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 131.307651][ T5433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.319846][ T5446] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.322819][ T5446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.337142][ T5446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.390862][ T5435] team0: Port device team_slave_0 added
[ 131.396021][ T5435] team0: Port device team_slave_1 added
[ 131.410347][ T5446] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.413807][ T5446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.425943][ T5446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.436980][ T5429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 131.455792][ T5432] hsr_slave_0: entered promiscuous mode
[ 131.464920][ T5432] hsr_slave_1: entered promiscuous mode
[ 131.470405][ T5430] team0: Port device team_slave_0 added
[ 131.517017][ T5429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.543342][ T5430] team0: Port device team_slave_1 added
[ 131.578190][ T5435] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.581285][ T5435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.608888][ T5435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.625003][ T5435] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.628352][ T5435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.663851][ T5435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.670337][ T5433] team0: Port device team_slave_0 added
[ 131.775890][ T5433] team0: Port device team_slave_1 added
[ 131.811040][ T5429] team0: Port device team_slave_0 added
[ 131.837406][ T5429] team0: Port device team_slave_1 added
[ 131.855932][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.859894][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.890223][ T5430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.952989][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.964375][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 131.981920][ T5430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.991434][ T5446] hsr_slave_0: entered promiscuous mode
[ 131.996849][ T5446] hsr_slave_1: entered promiscuous mode
[ 131.999954][ T5446] debugfs: 'hsr0' already exists in 'hsr'
[ 132.002558][ T5446] Cannot create hsr debugfs directory
[ 132.019491][ T5433] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 132.022317][ T5433] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 132.033241][ T5433] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 132.075088][ T5433] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 132.077595][ T5433] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 132.095982][ T5433] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 132.107871][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 132.111813][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 132.124885][ T5429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 132.136838][ T5435] hsr_slave_0: entered promiscuous mode
[ 132.141141][ T5435] hsr_slave_1: entered promiscuous mode
[ 132.144724][ T5435] debugfs: 'hsr0' already exists in 'hsr'
[ 132.147240][ T5435] Cannot create hsr debugfs directory
[ 132.165181][ T5439] Bluetooth: hci3: command tx timeout
[ 132.167945][ T5439] Bluetooth: hci2: command tx timeout
[ 132.193757][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 132.197279][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 132.210037][ T5429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 132.247299][ T5442] Bluetooth: hci1: command tx timeout
[ 132.249851][ T5442] Bluetooth: hci4: command tx timeout
[ 132.365455][ T5430] hsr_slave_0: entered promiscuous mode
[ 132.368880][ T5430] hsr_slave_1: entered promiscuous mode
[ 132.374963][ T5430] debugfs: 'hsr0' already exists in 'hsr'
[ 132.377569][ T5430] Cannot create hsr debugfs directory
[ 132.404023][ T5439] Bluetooth: hci5: command tx timeout
[ 132.484227][ T5439] Bluetooth: hci6: command tx timeout
[ 132.615713][ T5429] hsr_slave_0: entered promiscuous mode
[ 132.626155][ T5429] hsr_slave_1: entered promiscuous mode
[ 132.634199][ T5429] debugfs: 'hsr0' already exists in 'hsr'
[ 132.637116][ T5429] Cannot create hsr debugfs directory
[ 132.675174][ T5433] hsr_slave_0: entered promiscuous mode
[ 132.678320][ T5433] hsr_slave_1: entered promiscuous mode
[ 132.681204][ T5433] debugfs: 'hsr0' already exists in 'hsr'
[ 132.699706][ T5433] Cannot create hsr debugfs directory
[ 133.328617][ T5432] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 133.400473][ T5432] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 133.471524][ T5432] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 133.506959][ T5432] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 133.610199][ T5446] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 133.619585][ T5446] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 133.639525][ T5446] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 133.663291][ T5446] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 133.762629][ T5435] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 133.783328][ T5435] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 133.824726][ T5435] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 133.864706][ T5435] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 133.959996][ T5432] 8021q: adding VLAN 0 to HW filter on device bond0
[ 133.971721][ T5430] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 133.995327][ T5430] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 134.036820][ T5430] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 134.075617][ T5430] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 134.116277][ T5432] 8021q: adding VLAN 0 to HW filter on device team0
[ 134.173247][ T131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 134.177091][ T131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 134.285200][ T131] bridge0: port 2(bridge_slave_1) entered blocking state
[ 134.288291][ T131] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 134.319625][ T5433] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 134.346705][ T5433] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 134.372739][ T5446] 8021q: adding VLAN 0 to HW filter on device bond0
[ 134.486308][ T5433] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 134.588441][ T5433] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 134.687698][ T5446] 8021q: adding VLAN 0 to HW filter on device team0
[ 134.807678][ T131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 134.810921][ T131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 134.934053][ T1049] bridge0: port 2(bridge_slave_1) entered blocking state
[ 134.937952][ T1049] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.072432][ T5435] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.132804][ T5446] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 135.207361][ T5430] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.270326][ T5435] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.417630][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.421335][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.446601][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.449819][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.467813][ T5430] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.490063][ T5429] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 135.516561][ T5429] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 135.548822][ T1049] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.552575][ T1049] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.658694][ T5429] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 135.677201][ T5429] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 135.706122][ T1049] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.709402][ T1049] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 135.797510][ T5432] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 135.864601][ T5446] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 135.890722][ T5433] 8021q: adding VLAN 0 to HW filter on device bond0
[ 136.052890][ T5430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 136.112078][ T5433] 8021q: adding VLAN 0 to HW filter on device team0
[ 136.244894][ T131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 136.247895][ T131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 136.253147][ T131] bridge0: port 2(bridge_slave_1) entered blocking state
[ 136.256792][ T131] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 136.488780][ T5432] veth0_vlan: entered promiscuous mode
[ 136.558273][ T5432] veth1_vlan: entered promiscuous mode
[ 136.675702][ T5429] 8021q: adding VLAN 0 to HW filter on device bond0
[ 136.834711][ T5432] veth0_macvtap: entered promiscuous mode
[ 136.840652][ T5429] 8021q: adding VLAN 0 to HW filter on device team0
[ 136.870889][ T5432] veth1_macvtap: entered promiscuous mode
[ 136.948795][ T30] bridge0: port 1(bridge_slave_0) entered blocking state
[ 136.951983][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 136.994771][ T30] bridge0: port 2(bridge_slave_1) entered blocking state
[ 136.998271][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 137.072661][ T5435] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 137.178813][ T5430] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 137.191796][ T5429] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 137.234207][ T5429] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 137.287936][ T5432] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 137.416858][ T5432] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 137.497066][ T5446] veth0_vlan: entered promiscuous mode
[ 137.520637][ T5446] veth1_vlan: entered promiscuous mode
[ 137.562674][ T131] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.603064][ T131] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.686865][ T131] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.706290][ T5430] veth0_vlan: entered promiscuous mode
[ 137.816443][ T131] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.849046][ T5430] veth1_vlan: entered promiscuous mode
[ 137.880194][ T5446] veth0_macvtap: entered promiscuous mode
[ 137.979356][ T5433] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 138.001584][ T5446] veth1_macvtap: entered promiscuous mode
[ 138.147842][ T5446] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 138.163383][ T5429] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 138.259720][ T5430] veth0_macvtap: entered promiscuous mode
[ 138.272148][ T5446] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 138.296064][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 138.299838][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 138.346031][ T5430] veth1_macvtap: entered promiscuous mode
[ 138.398263][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 138.447347][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.458213][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 138.526436][ T5435] veth0_vlan: entered promiscuous mode
[ 138.544021][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.552067][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.619809][ T5433] veth0_vlan: entered promiscuous mode
[ 138.648796][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.674897][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 138.679831][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 138.689605][ T5435] veth1_vlan: entered promiscuous mode
[ 138.706270][ T5429] veth0_vlan: entered promiscuous mode
[ 138.718089][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.788779][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 138.948456][ T5433] veth1_vlan: entered promiscuous mode
2026/03/04 16:16:00 executed programs: 12
[ 138.991242][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.003931][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.018705][ T5435] veth0_macvtap: entered promiscuous mode
[ 139.085319][ T5429] veth1_vlan: entered promiscuous mode
[ 139.121795][ T5435] veth1_macvtap: entered promiscuous mode
[ 139.178861][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.182713][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.428855][ T5429] veth0_macvtap: entered promiscuous mode
[ 139.475807][ T5433] veth0_macvtap: entered promiscuous mode
[ 139.482311][ T5433] veth1_macvtap: entered promiscuous mode
[ 139.628383][ T5435] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 139.642655][ T5429] veth1_macvtap: entered promiscuous mode
[ 139.692687][ T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.699367][ T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.726498][ T5433] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 139.783098][ T5435] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 139.815382][ T5433] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 139.890249][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 139.908847][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 139.930499][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 139.968364][ T1044] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.972482][ T1044] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.095391][ T1044] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.136299][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 140.196049][ T1044] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.297698][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 140.303229][ T1044] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.310012][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 140.327542][ T1044] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.331432][ T1044] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.507888][ T1044] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.622279][ T1044] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.768233][ T1044] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.800278][ T1044] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.844122][ T1049] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 140.847443][ T1049] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 140.924936][ T1044] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.992260][ T1044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 141.024282][ T1044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 141.178228][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 141.183187][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 141.354880][ T1049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 141.358811][ T1049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 141.583009][ T1049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 141.621319][ T1049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 141.825567][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 141.862078][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 143.302876][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 143.314017][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
2026/03/04 16:16:05 executed programs: 96
2026/03/04 16:16:10 executed programs: 290
2026/03/04 16:16:15 executed programs: 493
2026/03/04 16:16:20 executed programs: 696
2026/03/04 16:16:25 executed programs: 902
[ 166.772346][ T30] ==================================================================
[ 166.776147][ T30] BUG: KASAN: slab-use-after-free in bpf_trace_run2+0x2c4/0x840
[ 166.780039][ T30] Read of size 8 at addr ffff888059440880 by task kworker/u4:2/30
[ 166.785278][ T30]
[ 166.786665][ T30] CPU: 0 UID: 0 PID: 30 Comm: kworker/u4:2 Not tainted syzkaller #0 PREEMPT(full)
[ 166.786703][ T30] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 166.786715][ T30] Workqueue: bat_events batadv_mcast_mla_update
[ 166.786839][ T30] Call Trace:
[ 166.786865][ T30]
[ 166.786889][ T30] dump_stack_lvl+0xe8/0x150
[ 166.786913][ T30] print_report+0xba/0x230
[ 166.786931][ T30] ? bpf_trace_run2+0x2c4/0x840
[ 166.786950][ T30] kasan_report+0x117/0x150
[ 166.786967][ T30] ? bpf_trace_run2+0x2c4/0x840
[ 166.786986][ T30] bpf_trace_run2+0x2c4/0x840
[ 166.787004][ T30] ? bpf_trace_run2+0x1c9/0x840
[ 166.787020][ T30] ? __pfx_bpf_trace_run2+0x10/0x10
[ 166.787038][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 166.787051][ T30] ? kasan_quarantine_put+0xbb/0x1f0
[ 166.787068][ T30] ? lockdep_hardirqs_on+0x7a/0x110
[ 166.787088][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 166.787100][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 166.787114][ T30] kfree+0x5b2/0x630
[ 166.787131][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 166.787144][ T30] ? do_raw_spin_unlock+0x4d/0x210
[ 166.787175][ T30] batadv_mcast_mla_update+0x3380/0x3740
[ 166.787194][ T30] ? __pfx_batadv_mcast_mla_update+0x10/0x10
[ 166.787208][ T30] ? do_raw_spin_lock+0x12b/0x2f0
[ 166.787226][ T30] ? process_scheduled_works+0xa25/0x1830
[ 166.787244][ T30] ? process_scheduled_works+0xa25/0x1830
[ 166.787258][ T30] process_scheduled_works+0xb02/0x1830
[ 166.787280][ T30] ? __pfx_process_scheduled_works+0x10/0x10
[ 166.787298][ T30] ? assign_work+0x3d5/0x5e0
[ 166.787314][ T30] worker_thread+0xa50/0xfc0
[ 166.787338][ T30] kthread+0x388/0x470
[ 166.787351][ T30] ? __pfx_worker_thread+0x10/0x10
[ 166.787366][ T30] ? __pfx_kthread+0x10/0x10
[ 166.787377][ T30] ret_from_fork+0x51e/0xb90
[ 166.787398][ T30] ? __pfx_ret_from_fork+0x10/0x10
[ 166.787411][ T30] ? __switch_to+0xc7d/0x1450
[ 166.787434][ T30] ? __pfx_kthread+0x10/0x10
[ 166.787454][ T30] ret_from_fork_asm+0x1a/0x30
[ 166.787473][ T30]
[ 166.787478][ T30]
[ 166.885024][ T30] Allocated by task 7677:
[ 166.887537][ T30] kasan_save_track+0x3e/0x80
[ 166.890066][ T30] __kasan_kmalloc+0x93/0xb0
[ 166.892175][ T30] __kmalloc_cache_noprof+0x31c/0x660
[ 166.894520][ T30] bpf_raw_tp_link_attach+0x278/0x700
[ 166.896942][ T30] bpf_raw_tracepoint_open+0x1b2/0x220
[ 166.899596][ T30] __sys_bpf+0x846/0x950
[ 166.901496][ T30] __x64_sys_bpf+0x7c/0x90
[ 166.903570][ T30] do_syscall_64+0x14d/0xf80
[ 166.905863][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 166.909282][ T30]
[ 166.910480][ T30] Freed by task 1049:
[ 166.912588][ T30] kasan_save_track+0x3e/0x80
[ 166.915444][ T30] kasan_save_free_info+0x46/0x50
[ 166.918225][ T30] __kasan_slab_free+0x5c/0x80
[ 166.920911][ T30] kfree+0x1c1/0x630
[ 166.923184][ T30] rcu_core+0x7cd/0x1070
[ 166.925374][ T30] handle_softirqs+0x22a/0x870
[ 166.927888][ T30] do_softirq+0x76/0xd0
[ 166.929851][ T30] __local_bh_enable_ip+0xf8/0x130
[ 166.932029][ T30] __alloc_skb+0x1aa/0x7d0
[ 166.933841][ T30] nsim_dev_trap_report_work+0x29a/0xb80
[ 166.936168][ T30] process_scheduled_works+0xb02/0x1830
[ 166.938216][ T30] worker_thread+0xa50/0xfc0
[ 166.940188][ T30] kthread+0x388/0x470
[ 166.942317][ T30] ret_from_fork+0x51e/0xb90
[ 166.944571][ T30] ret_from_fork_asm+0x1a/0x30
[ 166.946652][ T30]
[ 166.947618][ T30] Last potentially related work creation:
[ 166.949817][ T30] kasan_save_stack+0x3e/0x60
[ 166.951796][ T30] kasan_record_aux_stack+0xbd/0xd0
[ 166.954238][ T30] call_rcu+0xee/0x890
[ 166.956033][ T30] bpf_link_release+0x6b/0x80
[ 166.958176][ T30] __fput+0x44f/0xa70
[ 166.959978][ T30] task_work_run+0x1d9/0x270
[ 166.962073][ T30] exit_to_user_mode_loop+0xed/0x480
[ 166.964448][ T30] do_syscall_64+0x32d/0xf80
[ 166.966674][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 166.969321][ T30]
[ 166.970414][ T30] The buggy address belongs to the object at ffff888059440800
[ 166.970414][ T30] which belongs to the cache kmalloc-192 of size 192
[ 166.977169][ T30] The buggy address is located 128 bytes inside of
[ 166.977169][ T30] freed 192-byte region [ffff888059440800, ffff8880594408c0)
[ 166.984648][ T30]
[ 166.985709][ T30] The buggy address belongs to the physical page:
[ 166.988402][ T30] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x59440
[ 166.992131][ T30] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 166.995340][ T30] page_type: f5(slab)
[ 166.997381][ T30] raw: 04fff00000000000 ffff88801ac413c0 dead000000000100 dead000000000122
[ 167.002057][ T30] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 167.005815][ T30] page dumped because: kasan: bad access detected
[ 167.008466][ T30] page_owner tracks the page as allocated
[ 167.010903][ T30] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x1d2cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6361, tgid 6360 (syz.5.357), ts 150596059693, free_ts 150584593785
[ 167.019527][ T30] post_alloc_hook+0x231/0x280
[ 167.022005][ T30] get_page_from_freelist+0x24dc/0x2580
[ 167.024320][ T30] __alloc_frozen_pages_noprof+0x18d/0x380
[ 167.026680][ T30] allocate_slab+0x77/0x660
[ 167.028571][ T30] refill_objects+0x331/0x3c0
[ 167.030542][ T30] __pcs_replace_empty_main+0x2b9/0x620
[ 167.032520][ T30] __kmalloc_cache_noprof+0x392/0x660
[ 167.034543][ T30] bpf_raw_tp_link_attach+0x278/0x700
[ 167.036579][ T30] bpf_raw_tracepoint_open+0x1b2/0x220
[ 167.039264][ T30] __sys_bpf+0x846/0x950
[ 167.041739][ T30] __x64_sys_bpf+0x7c/0x90
[ 167.044209][ T30] do_syscall_64+0x14d/0xf80
[ 167.046324][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 167.048847][ T30] page last free pid 15 tgid 15 stack trace:
[ 167.051307][ T30] __free_frozen_pages+0xc2b/0xdb0
[ 167.053458][ T30] tlb_remove_table_rcu+0x85/0x100
[ 167.055652][ T30] rcu_core+0x7cd/0x1070
[ 167.057563][ T30] handle_softirqs+0x22a/0x870
[ 167.060294][ T30] run_ksoftirqd+0x36/0x60
[ 167.062769][ T30] smpboot_thread_fn+0x541/0xa50
[ 167.065211][ T30] kthread+0x388/0x470
[ 167.066979][ T30] ret_from_fork+0x51e/0xb90
[ 167.068819][ T30] ret_from_fork_asm+0x1a/0x30
[ 167.070878][ T30]
[ 167.071878][ T30] Memory state around the buggy address:
[ 167.074390][ T30] ffff888059440780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 167.077636][ T30] ffff888059440800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 167.082709][ T30] >ffff888059440880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 167.086292][ T30] ^
[ 167.088165][ T30] ffff888059440900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 167.091545][ T30] ffff888059440980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 167.095257][ T30] ==================================================================
[ 167.178149][ T30] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 167.181186][ T30] CPU: 0 UID: 0 PID: 30 Comm: kworker/u4:2 Not tainted syzkaller #0 PREEMPT(full)
[ 167.185129][ T30] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 167.189945][ T30] Workqueue: bat_events batadv_mcast_mla_update
[ 167.192967][ T30] Call Trace:
[ 167.194532][ T30]
[ 167.196072][ T30] vpanic+0x56c/0xa60
[ 167.198006][ T30] ? __pfx_vpanic+0x10/0x10
[ 167.200145][ T30] panic+0xc5/0xd0
[ 167.201852][ T30] ? __pfx_panic+0x10/0x10
[ 167.203978][ T30] ? preempt_schedule_thunk+0x16/0x30
[ 167.206386][ T30] ? bpf_trace_run2+0x2c4/0x840
[ 167.208897][ T30] ? preempt_schedule_thunk+0x16/0x30
[ 167.212093][ T30] ? bpf_trace_run2+0x2c4/0x840
[ 167.214316][ T30] check_panic_on_warn+0x89/0xb0
[ 167.216373][ T30] ? bpf_trace_run2+0x2c4/0x840
[ 167.218516][ T30] end_report+0x73/0x180
[ 167.220162][ T30] ? bpf_trace_run2+0x2c4/0x840
[ 167.222112][ T30] kasan_report+0x128/0x150
[ 167.223879][ T30] ? bpf_trace_run2+0x2c4/0x840
[ 167.225936][ T30] bpf_trace_run2+0x2c4/0x840
[ 167.228096][ T30] ? bpf_trace_run2+0x1c9/0x840
[ 167.230364][ T30] ? __pfx_bpf_trace_run2+0x10/0x10
[ 167.233026][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 167.236519][ T30] ? kasan_quarantine_put+0xbb/0x1f0
[ 167.238845][ T30] ? lockdep_hardirqs_on+0x7a/0x110
[ 167.241206][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 167.243754][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 167.246414][ T30] kfree+0x5b2/0x630
[ 167.248459][ T30] ? batadv_mcast_mla_update+0x3380/0x3740
[ 167.251921][ T30] ? do_raw_spin_unlock+0x4d/0x210
[ 167.254452][ T30] batadv_mcast_mla_update+0x3380/0x3740
[ 167.257099][ T30] ? __pfx_batadv_mcast_mla_update+0x10/0x10
[ 167.259772][ T30] ? do_raw_spin_lock+0x12b/0x2f0
[ 167.261902][ T30] ? process_scheduled_works+0xa25/0x1830
[ 167.264316][ T30] ? process_scheduled_works+0xa25/0x1830
[ 167.267222][ T30] process_scheduled_works+0xb02/0x1830
[ 167.271125][ T30] ? __pfx_process_scheduled_works+0x10/0x10
[ 167.274125][ T30] ? assign_work+0x3d5/0x5e0
[ 167.276054][ T30] worker_thread+0xa50/0xfc0
[ 167.278080][ T30] kthread+0x388/0x470
[ 167.279867][ T30] ? __pfx_worker_thread+0x10/0x10
[ 167.282002][ T30] ? __pfx_kthread+0x10/0x10
[ 167.284013][ T30] ret_from_fork+0x51e/0xb90
[ 167.285893][ T30] ? __pfx_ret_from_fork+0x10/0x10
[ 167.288243][ T30] ? __switch_to+0xc7d/0x1450
[ 167.291224][ T30] ? __pfx_kthread+0x10/0x10
[ 167.294468][ T30] ret_from_fork_asm+0x1a/0x30
[ 167.296523][ T30]
[ 167.298085][ T30] Kernel Offset: disabled
[ 167.299913][ T30] Rebooting in 86400 seconds..
VM DIAGNOSIS:
16:16:28 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000072 RBX=0000000000000072 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90000387170
R8 =ffff888034d98237 R9 =1ffff110069b3046 R10=dffffc0000000000 R11=ffffffff8541cae0
R12=dffffc0000000000 R13=ffffffff9a2bea6d R14=ffffffff9a5d6ce0 R15=0000000000000000
RIP=ffffffff8541cb5c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808ca58000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fea1a94da08 CR3=0000000044a1f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 347a79732f74656e 2f70756f7267637a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcde031496
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcde031496 00007ffcde03149c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fea19c331bc
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fea19c331fc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fea19c33360
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fea19c331ee
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000