Warning: Permanently added '[localhost]:60483' (ED25519) to the list of known hosts.
2026/03/01 07:06:01 parsed 1 programs
[ 89.683064][ T5301] cgroup: Unknown subsys name 'net'
[ 89.741241][ T5301] cgroup: Unknown subsys name 'cpuset'
[ 89.747302][ T5301] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 91.576067][ T5301] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 96.822978][ T5320] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 96.948833][ T1352] cfg80211: failed to load regulatory.db
[ 97.343205][ T5326] chnl_net:caif_netlink_parms(): no params data found
[ 97.414558][ T5326] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.418456][ T5326] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.421802][ T5326] bridge_slave_0: entered allmulticast mode
[ 97.426023][ T5326] bridge_slave_0: entered promiscuous mode
[ 97.432584][ T5326] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.435853][ T5326] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.440172][ T5326] bridge_slave_1: entered allmulticast mode
[ 97.444457][ T5326] bridge_slave_1: entered promiscuous mode
[ 97.484963][ T5326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 97.491439][ T5326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 97.519432][ T5326] team0: Port device team_slave_0 added
[ 97.524014][ T5326] team0: Port device team_slave_1 added
[ 97.546650][ T5326] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 97.549703][ T5326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 97.560807][ T5326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 97.567541][ T5326] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 97.570354][ T5326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 97.581729][ T5326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 97.624439][ T5326] hsr_slave_0: entered promiscuous mode
[ 97.627697][ T5326] hsr_slave_1: entered promiscuous mode
[ 97.777368][ T5326] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 97.785632][ T5326] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 97.792184][ T5326] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 97.798989][ T5326] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 97.830423][ T5326] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.833887][ T5326] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 97.838153][ T5326] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.841395][ T5326] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 97.900847][ T5326] 8021q: adding VLAN 0 to HW filter on device bond0
[ 97.914026][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.919588][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.928081][ T5326] 8021q: adding VLAN 0 to HW filter on device team0
[ 97.938053][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.941118][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 97.950144][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.953182][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 98.160759][ T5326] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 98.217951][ T5326] veth0_vlan: entered promiscuous mode
[ 98.224983][ T5326] veth1_vlan: entered promiscuous mode
[ 98.251128][ T5326] veth0_macvtap: entered promiscuous mode
[ 98.259119][ T5326] veth1_macvtap: entered promiscuous mode
[ 98.272998][ T5326] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 98.285954][ T5326] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 98.301268][ T75] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.305006][ T75] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.316010][ T75] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.332789][ T75] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.579208][ T75] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.680360][ T75] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.728514][ T75] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.810568][ T75] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.824063][ T5373] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 99.828664][ T5373] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 99.832209][ T5373] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 99.835774][ T5373] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 99.839802][ T5373] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.349016][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 100.352412][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 100.418693][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 100.423404][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 100.953020][ T75] bridge_slave_1: left allmulticast mode
[ 100.969406][ T75] bridge_slave_1: left promiscuous mode
[ 100.972732][ T75] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.050250][ T75] bridge_slave_0: left allmulticast mode
[ 101.052757][ T75] bridge_slave_0: left promiscuous mode
[ 101.055444][ T75] bridge0: port 1(bridge_slave_0) entered disabled state
[ 101.559846][ T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 101.598045][ T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 101.607568][ T75] bond0 (unregistering): Released all slaves
[ 101.739676][ T75] hsr_slave_0: left promiscuous mode
[ 101.746584][ T75] hsr_slave_1: left promiscuous mode
[ 101.749498][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 101.752702][ T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 101.767965][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 101.771220][ T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 101.792860][ T75] veth1_macvtap: left promiscuous mode
[ 101.796051][ T75] veth0_macvtap: left promiscuous mode
[ 101.812458][ T75] veth1_vlan: left promiscuous mode
[ 101.815060][ T75] veth0_vlan: left promiscuous mode
[ 102.348486][ T75] team0 (unregistering): Port device team_slave_1 removed
[ 102.369788][ T75] team0 (unregistering): Port device team_slave_0 removed
2026/03/01 07:06:21 executed programs: 0
[ 106.939868][ T4662] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 106.946479][ T4662] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 106.950214][ T4662] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 106.954121][ T4662] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 106.957676][ T4662] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 107.143293][ T5443] chnl_net:caif_netlink_parms(): no params data found
[ 107.251739][ T5443] bridge0: port 1(bridge_slave_0) entered blocking state
[ 107.255048][ T5443] bridge0: port 1(bridge_slave_0) entered disabled state
[ 107.262181][ T5443] bridge_slave_0: entered allmulticast mode
[ 107.274631][ T5443] bridge_slave_0: entered promiscuous mode
[ 107.279826][ T5443] bridge0: port 2(bridge_slave_1) entered blocking state
[ 107.282910][ T5443] bridge0: port 2(bridge_slave_1) entered disabled state
[ 107.287779][ T5443] bridge_slave_1: entered allmulticast mode
[ 107.291617][ T5443] bridge_slave_1: entered promiscuous mode
[ 107.318484][ T5443] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 107.324998][ T5443] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 107.348702][ T5443] team0: Port device team_slave_0 added
[ 107.353115][ T5443] team0: Port device team_slave_1 added
[ 107.375781][ T5443] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 107.378871][ T5443] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 107.390680][ T5443] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 107.396803][ T5443] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 107.399912][ T5443] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 107.411287][ T5443] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 107.446509][ T5443] hsr_slave_0: entered promiscuous mode
[ 107.449614][ T5443] hsr_slave_1: entered promiscuous mode
[ 107.895578][ T5443] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 107.917810][ T5443] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 107.933326][ T5443] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 107.948546][ T5443] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 108.028630][ T5443] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.031779][ T5443] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 108.035087][ T5443] bridge0: port 1(bridge_slave_0) entered blocking state
[ 108.038231][ T5443] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 108.131260][ T5443] 8021q: adding VLAN 0 to HW filter on device bond0
[ 108.150416][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 108.154016][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 108.169644][ T5443] 8021q: adding VLAN 0 to HW filter on device team0
[ 108.202060][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 108.205123][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 108.227923][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.230622][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 108.282870][ T5443] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 108.297631][ T5443] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 108.597144][ T5443] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 108.665522][ T5443] veth0_vlan: entered promiscuous mode
[ 108.694730][ T5443] veth1_vlan: entered promiscuous mode
[ 108.749125][ T5443] veth0_macvtap: entered promiscuous mode
[ 108.769577][ T5443] veth1_macvtap: entered promiscuous mode
[ 108.792181][ T5443] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 108.808858][ T5443] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 108.830613][ T75] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.834295][ T75] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.848620][ T75] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.852294][ T75] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.963580][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.976685][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.015841][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.021292][ T4662] Bluetooth: hci0: command tx timeout
[ 109.030096][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.241424][ T5487] ==================================================================
[ 109.245047][ T5487] BUG: KASAN: slab-use-after-free in bpf_trace_run3+0xdd/0x850
[ 109.248447][ T5487] Read of size 8 at addr ffff88803828ab18 by task dhcpcd-run-hook/5487
[ 109.252779][ T5487]
[ 109.253867][ T5487] CPU: 0 UID: 0 PID: 5487 Comm: dhcpcd-run-hook Not tainted syzkaller #0 PREEMPT(full)
[ 109.253881][ T5487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 109.253906][ T5487] Call Trace:
[ 109.253913][ T5487]
[ 109.253918][ T5487] dump_stack_lvl+0xe8/0x150
[ 109.253936][ T5487] print_report+0xba/0x230
[ 109.253950][ T5487] ? bpf_trace_run3+0xdd/0x850
[ 109.253965][ T5487] kasan_report+0x117/0x150
[ 109.253975][ T5487] ? preempt_schedule_thunk+0x16/0x30
[ 109.253988][ T5487] ? bpf_trace_run3+0xdd/0x850
[ 109.254003][ T5487] bpf_trace_run3+0xdd/0x850
[ 109.254018][ T5487] ? bpf_trace_run3+0x1f0/0x850
[ 109.254033][ T5487] ? __pfx_bpf_trace_run3+0x10/0x10
[ 109.254048][ T5487] ? unlink_anon_vmas+0x69d/0x730
[ 109.254065][ T5487] ? unlink_anon_vmas+0x69d/0x730
[ 109.254079][ T5487] __traceiter_kmem_cache_free+0x38/0x60
[ 109.254091][ T5487] kmem_cache_free+0x5ac/0x630
[ 109.254102][ T5487] ? unlink_anon_vmas+0x69d/0x730
[ 109.254112][ T5487] unlink_anon_vmas+0x69d/0x730
[ 109.254123][ T5487] free_pgtables+0x836/0xb70
[ 109.254136][ T5487] ? __pfx_free_pgtables+0x10/0x10
[ 109.254146][ T5487] ? __pfx_down_write+0x10/0x10
[ 109.254270][ T5487] exit_mmap+0x490/0xa10
[ 109.254285][ T5487] ? __pfx_exit_mmap+0x10/0x10
[ 109.254301][ T5487] ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 109.254319][ T5487] ? do_raw_spin_lock+0x12b/0x2f0
[ 109.254330][ T5487] ? __pfx_exit_aio+0x10/0x10
[ 109.254356][ T5487] ? arch_uprobe_clear_state+0x1c8/0x240
[ 109.254376][ T5487] ? uprobe_clear_state+0x27c/0x290
[ 109.254393][ T5487] __mmput+0x118/0x430
[ 109.254406][ T5487] exec_mmap+0x3b4/0x440
[ 109.254422][ T5487] begin_new_exec+0x134a/0x24a0
[ 109.254439][ T5487] ? load_elf_phdrs+0x1ac/0x240
[ 109.254450][ T5487] ? __pfx_begin_new_exec+0x10/0x10
[ 109.254466][ T5487] load_elf_binary+0xa47/0x2980
[ 109.254478][ T5487] ? __pfx_load_elf_binary+0x10/0x10
[ 109.254487][ T5487] bprm_execve+0x93d/0x1460
[ 109.254498][ T5487] ? __pfx_bprm_execve+0x10/0x10
[ 109.254508][ T5487] ? count+0x1e0/0x230
[ 109.254517][ T5487] do_execveat_common+0x50d/0x690
[ 109.254529][ T5487] __x64_sys_execve+0x97/0xc0
[ 109.254541][ T5487] do_syscall_64+0x14d/0xf80
[ 109.254556][ T5487] ? trace_irq_disable+0x3b/0x150
[ 109.254572][ T5487] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 109.254583][ T5487] ? clear_bhb_loop+0x40/0x90
[ 109.254594][ T5487] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 109.254606][ T5487] RIP: 0033:0x7f4dd469a107
[ 109.254625][ T5487] Code: Unable to access opcode bytes at 0x7f4dd469a0dd.
[ 109.254630][ T5487] RSP: 002b:00007ffed1452c68 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 109.254642][ T5487] RAX: ffffffffffffffda RBX: 000055b1f84170c8 RCX: 00007f4dd469a107
[ 109.254650][ T5487] RDX: 000055b1f84170e8 RSI: 000055b1f84170c8 RDI: 000055b1f8417170
[ 109.254659][ T5487] RBP: 000055b1f8417170 R08: 00007ffed1456ea4 R09: 0000000000000000
[ 109.254666][ T5487] R10: 0000000000000008 R11: 0000000000000246 R12: 000055b1f84170e8
[ 109.254673][ T5487] R13: 00007f4dd485fe8b R14: 000055b1f84170e8 R15: 0000000000000000
[ 109.254685][ T5487]
[ 109.254689][ T5487]
[ 109.383034][ T5487] Allocated by task 5486:
[ 109.384877][ T5487] kasan_save_track+0x3e/0x80
[ 109.386965][ T5487] __kasan_kmalloc+0x93/0xb0
[ 109.389024][ T5487] __kmalloc_cache_noprof+0x31c/0x660
[ 109.391286][ T5487] bpf_raw_tp_link_attach+0x278/0x700
[ 109.393673][ T5487] bpf_raw_tracepoint_open+0x1b2/0x220
[ 109.395966][ T5487] __sys_bpf+0x846/0x950
[ 109.397820][ T5487] __x64_sys_bpf+0x7c/0x90
[ 109.399781][ T5487] do_syscall_64+0x14d/0xf80
[ 109.401751][ T5487] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 109.404430][ T5487]
[ 109.405407][ T5487] Freed by task 15:
[ 109.406948][ T5487] kasan_save_track+0x3e/0x80
[ 109.408829][ T5487] kasan_save_free_info+0x46/0x50
[ 109.410837][ T5487] __kasan_slab_free+0x5c/0x80
[ 109.412682][ T5487] kfree+0x1c1/0x630
[ 109.414279][ T5487] rcu_core+0x7cd/0x1070
[ 109.415934][ T5487] handle_softirqs+0x22a/0x870
[ 109.417878][ T5487] run_ksoftirqd+0x36/0x60
[ 109.419650][ T5487] smpboot_thread_fn+0x541/0xa50
[ 109.421816][ T5487] kthread+0x388/0x470
[ 109.423622][ T5487] ret_from_fork+0x51e/0xb90
[ 109.425681][ T5487] ret_from_fork_asm+0x1a/0x30
[ 109.427829][ T5487]
[ 109.428818][ T5487] Last potentially related work creation:
[ 109.430984][ T5487] kasan_save_stack+0x3e/0x60
[ 109.432769][ T5487] kasan_record_aux_stack+0xbd/0xd0
[ 109.436391][ T5487] call_rcu+0xee/0x890
[ 109.438068][ T5487] bpf_link_release+0x6b/0x80
[ 109.440144][ T5487] __fput+0x44f/0xa70
[ 109.442054][ T5487] task_work_run+0x1d9/0x270
[ 109.444134][ T5487] do_exit+0x69b/0x2320
[ 109.445984][ T5487] do_group_exit+0x21b/0x2d0
[ 109.448040][ T5487] __x64_sys_exit_group+0x3f/0x40
[ 109.450055][ T5487] x64_sys_call+0x221a/0x2240
[ 109.451881][ T5487] do_syscall_64+0x14d/0xf80
[ 109.453785][ T5487] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 109.456505][ T5487]
[ 109.457574][ T5487] The buggy address belongs to the object at ffff88803828ab00
[ 109.457574][ T5487] which belongs to the cache kmalloc-192 of size 192
[ 109.463222][ T5487] The buggy address is located 24 bytes inside of
[ 109.463222][ T5487] freed 192-byte region [ffff88803828ab00, ffff88803828abc0)
[ 109.469286][ T5487]
[ 109.470337][ T5487] The buggy address belongs to the physical page:
[ 109.472995][ T5487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803828a100 pfn:0x3828a
[ 109.477185][ T5487] flags: 0x4fff00000000200(workingset|node=1|zone=1|lastcpupid=0x7ff)
[ 109.480789][ T5487] page_type: f5(slab)
[ 109.482506][ T5487] raw: 04fff00000000200 ffff88801ac413c0 ffff888030400288 ffffea0000e19390
[ 109.486270][ T5487] raw: ffff88803828a100 000000080010000e 00000000f5000000 0000000000000000
[ 109.489928][ T5487] page dumped because: kasan: bad access detected
[ 109.492611][ T5487] page_owner tracks the page as allocated
[ 109.494978][ T5487] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 22245651735, free_ts 22245107019
[ 109.502988][ T5487] post_alloc_hook+0x231/0x280
[ 109.505138][ T5487] get_page_from_freelist+0x24dc/0x2580
[ 109.507513][ T5487] __alloc_frozen_pages_noprof+0x18d/0x380
[ 109.509961][ T5487] allocate_slab+0x77/0x660
[ 109.511920][ T5487] refill_objects+0x331/0x3c0
[ 109.514019][ T5487] __pcs_replace_empty_main+0x2b9/0x620
[ 109.516452][ T5487] __kmalloc_noprof+0x474/0x760
[ 109.518619][ T5487] usb_alloc_urb+0x46/0x150
[ 109.520677][ T5487] usb_control_msg+0x118/0x3e0
[ 109.522775][ T5487] usb_set_configuration+0x127a/0x2110
[ 109.525124][ T5487] usb_generic_driver_probe+0x8d/0x150
[ 109.527453][ T5487] usb_probe_device+0x1c4/0x3b0
[ 109.529576][ T5487] really_probe+0x267/0xaf0
[ 109.531611][ T5487] __driver_probe_device+0x18c/0x320
[ 109.534022][ T5487] driver_probe_device+0x4f/0x240
[ 109.536196][ T5487] __device_attach_driver+0x2d4/0x4c0
[ 109.538533][ T5487] page last free pid 30 tgid 30 stack trace:
[ 109.541144][ T5487] __free_frozen_pages+0xc2b/0xdb0
[ 109.543367][ T5487] __kasan_populate_vmalloc+0x1b2/0x1d0
[ 109.545910][ T5487] alloc_vmap_area+0xd73/0x14b0
[ 109.548027][ T5487] __get_vm_area_node+0x1f8/0x300
[ 109.550105][ T5487] __vmalloc_node_range_noprof+0x372/0x1730
[ 109.552602][ T5487] __vmalloc_node_noprof+0xc2/0x100
[ 109.555121][ T5487] dup_task_struct+0x228/0x9a0
[ 109.557339][ T5487] copy_process+0x508/0x3cf0
[ 109.559418][ T5487] kernel_clone+0x248/0x8e0
[ 109.561448][ T5487] user_mode_thread+0x110/0x180
[ 109.563648][ T5487] call_usermodehelper_exec_work+0x5c/0x230
[ 109.566334][ T5487] process_scheduled_works+0xb02/0x1830
[ 109.568718][ T5487] worker_thread+0xa50/0xfc0
[ 109.570603][ T5487] kthread+0x388/0x470
[ 109.572330][ T5487] ret_from_fork+0x51e/0xb90
[ 109.574244][ T5487] ret_from_fork_asm+0x1a/0x30
[ 109.576421][ T5487]
[ 109.577488][ T5487] Memory state around the buggy address:
[ 109.579853][ T5487] ffff88803828aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 109.583259][ T5487] ffff88803828aa80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 109.586724][ T5487] >ffff88803828ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 109.590057][ T5487] ^
[ 109.592177][ T5487] ffff88803828ab80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 109.595560][ T5487] ffff88803828ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 109.598817][ T5487] ==================================================================
[ 109.636620][ T5487] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 109.639311][ T5487] CPU: 0 UID: 0 PID: 5487 Comm: dhcpcd-run-hook Not tainted syzkaller #0 PREEMPT(full)
[ 109.642946][ T5487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 109.647405][ T5487] Call Trace:
[ 109.648852][ T5487]
[ 109.650186][ T5487] vpanic+0x56c/0xa60
[ 109.651891][ T5487] ? __pfx_vpanic+0x10/0x10
[ 109.653940][ T5487] panic+0xc5/0xd0
[ 109.655642][ T5487] ? __pfx_panic+0x10/0x10
[ 109.657570][ T5487] ? preempt_schedule_thunk+0x16/0x30
[ 109.659854][ T5487] ? bpf_trace_run3+0xdd/0x850
[ 109.662093][ T5487] ? preempt_schedule_thunk+0x16/0x30
[ 109.664524][ T5487] ? bpf_trace_run3+0xdd/0x850
[ 109.666609][ T5487] check_panic_on_warn+0x89/0xb0
[ 109.668802][ T5487] ? bpf_trace_run3+0xdd/0x850
[ 109.670928][ T5487] end_report+0x73/0x180
[ 109.672784][ T5487] ? bpf_trace_run3+0xdd/0x850
[ 109.674924][ T5487] kasan_report+0x128/0x150
[ 109.677011][ T5487] ? preempt_schedule_thunk+0x16/0x30
[ 109.679257][ T5487] ? bpf_trace_run3+0xdd/0x850
[ 109.681259][ T5487] bpf_trace_run3+0xdd/0x850
[ 109.683303][ T5487] ? bpf_trace_run3+0x1f0/0x850
[ 109.685443][ T5487] ? __pfx_bpf_trace_run3+0x10/0x10
[ 109.687654][ T5487] ? unlink_anon_vmas+0x69d/0x730
[ 109.689883][ T5487] ? unlink_anon_vmas+0x69d/0x730
[ 109.692134][ T5487] __traceiter_kmem_cache_free+0x38/0x60
[ 109.694561][ T5487] kmem_cache_free+0x5ac/0x630
[ 109.696970][ T5487] ? unlink_anon_vmas+0x69d/0x730
[ 109.699734][ T5487] unlink_anon_vmas+0x69d/0x730
[ 109.701845][ T5487] free_pgtables+0x836/0xb70
[ 109.704005][ T5487] ? __pfx_free_pgtables+0x10/0x10
[ 109.706203][ T5487] ? __pfx_down_write+0x10/0x10
[ 109.708392][ T5487] exit_mmap+0x490/0xa10
[ 109.710152][ T5487] ? __pfx_exit_mmap+0x10/0x10
[ 109.712181][ T5487] ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 109.714570][ T5487] ? do_raw_spin_lock+0x12b/0x2f0
[ 109.716886][ T5487] ? __pfx_exit_aio+0x10/0x10
[ 109.718977][ T5487] ? arch_uprobe_clear_state+0x1c8/0x240
[ 109.721506][ T5487] ? uprobe_clear_state+0x27c/0x290
[ 109.723775][ T5487] __mmput+0x118/0x430
[ 109.725587][ T5487] exec_mmap+0x3b4/0x440
[ 109.727462][ T5487] begin_new_exec+0x134a/0x24a0
[ 109.729590][ T5487] ? load_elf_phdrs+0x1ac/0x240
[ 109.731706][ T5487] ? __pfx_begin_new_exec+0x10/0x10
[ 109.734083][ T5487] load_elf_binary+0xa47/0x2980
[ 109.736518][ T5487] ? __pfx_load_elf_binary+0x10/0x10
[ 109.739010][ T5487] bprm_execve+0x93d/0x1460
[ 109.741290][ T5487] ? __pfx_bprm_execve+0x10/0x10
[ 109.743664][ T5487] ? count+0x1e0/0x230
[ 109.745725][ T5487] do_execveat_common+0x50d/0x690
[ 109.748023][ T5487] __x64_sys_execve+0x97/0xc0
[ 109.750137][ T5487] do_syscall_64+0x14d/0xf80
[ 109.752248][ T5487] ? trace_irq_disable+0x3b/0x150
[ 109.754503][ T5487] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 109.757212][ T5487] ? clear_bhb_loop+0x40/0x90
[ 109.759240][ T5487] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 109.761833][ T5487] RIP: 0033:0x7f4dd469a107
[ 109.763957][ T5487] Code: Unable to access opcode bytes at 0x7f4dd469a0dd.
[ 109.767002][ T5487] RSP: 002b:00007ffed1452c68 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 109.770625][ T5487] RAX: ffffffffffffffda RBX: 000055b1f84170c8 RCX: 00007f4dd469a107
[ 109.774102][ T5487] RDX: 000055b1f84170e8 RSI: 000055b1f84170c8 RDI: 000055b1f8417170
[ 109.777476][ T5487] RBP: 000055b1f8417170 R08: 00007ffed1456ea4 R09: 0000000000000000
[ 109.780643][ T5487] R10: 0000000000000008 R11: 0000000000000246 R12: 000055b1f84170e8
[ 109.783918][ T5487] R13: 00007f4dd485fe8b R14: 000055b1f84170e8 R15: 0000000000000000
[ 109.787453][ T5487]
[ 109.789058][ T5487] Kernel Offset: disabled
[ 109.790972][ T5487] Rebooting in 86400 seconds..
VM DIAGNOSIS:
07:06:23 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90003416cd0
R8 =ffff888034d68237 R9 =1ffff110069ad046 R10=dffffc0000000000 R11=ffffffff854195f0
R12=dffffc0000000000 R13=ffffffff9a2bda64 R14=ffffffff9a5d5c60 R15=0000000000000000
RIP=ffffffff8541966c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808ca59000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055b1f8406950 CR3=0000000054b6c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 307a79732f74656e 2f70756f7267637a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe72478616
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe72478616 00007ffe7247861c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ccac331bc
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ccac331fc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ccac33360
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ccac331ee
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000