Warning: Permanently added '10.128.1.46' (ED25519) to the list of known hosts. 2025/11/27 11:52:46 parsed 1 programs syzkaller login: [ 78.030466][ T5828] cgroup: Unknown subsys name 'net' [ 78.158137][ T5828] cgroup: Unknown subsys name 'cpuset' [ 78.167008][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 79.664185][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 82.470512][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 83.215408][ T5858] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.223949][ T5145] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.233545][ T5145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.246444][ T5145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.254297][ T5145] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.855823][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.864151][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.908724][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.916831][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.873195][ T5908] chnl_net:caif_netlink_parms(): no params data found [ 86.010478][ T5908] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.018583][ T5908] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.025908][ T5908] bridge_slave_0: entered allmulticast mode [ 86.033035][ T5908] bridge_slave_0: entered promiscuous mode [ 86.043219][ T5908] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.050711][ T5908] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.059396][ T5908] bridge_slave_1: entered allmulticast mode [ 86.069169][ T5908] bridge_slave_1: entered promiscuous mode [ 86.123104][ T5908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.135922][ T5908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.168078][ T5908] team0: Port device team_slave_0 added [ 86.178749][ T5908] team0: Port device team_slave_1 added [ 86.211487][ T5908] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.218807][ T5908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.245571][ T5908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.260409][ T5908] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.268749][ T5908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.295113][ T5908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.340516][ T5908] hsr_slave_0: entered promiscuous mode [ 86.347068][ T5908] hsr_slave_1: entered promiscuous mode [ 86.503200][ T5908] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.516147][ T5908] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.527691][ T5908] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.538927][ T5908] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.573975][ T5908] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.581259][ T5908] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.589830][ T5908] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.597173][ T5908] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.626497][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.636918][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.678596][ T5908] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.703023][ T5908] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.716306][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.723488][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.738162][ T1916] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.745493][ T1916] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.868317][ T977] cfg80211: failed to load regulatory.db [ 86.923729][ T5908] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.968299][ T5908] veth0_vlan: entered promiscuous mode [ 86.980789][ T5908] veth1_vlan: entered promiscuous mode [ 87.010989][ T5908] veth0_macvtap: entered promiscuous mode [ 87.020728][ T5908] veth1_macvtap: entered promiscuous mode [ 87.041329][ T5908] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.057189][ T5908] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.072262][ T3561] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.083231][ T3561] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.093533][ T3561] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.106347][ T3561] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.254858][ T1916] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.317780][ T1916] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.402958][ T1916] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.478791][ T1916] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/11/27 11:52:58 executed programs: 0 [ 87.997381][ T5145] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.006043][ T5145] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.015016][ T5145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.023538][ T5145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.033542][ T5145] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.205044][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 88.286130][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.293322][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.300820][ T5937] bridge_slave_0: entered allmulticast mode [ 88.310277][ T5937] bridge_slave_0: entered promiscuous mode [ 88.322933][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.330197][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.337793][ T5937] bridge_slave_1: entered allmulticast mode [ 88.345091][ T5937] bridge_slave_1: entered promiscuous mode [ 88.375571][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.389918][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.428072][ T5937] team0: Port device team_slave_0 added [ 88.437991][ T5937] team0: Port device team_slave_1 added [ 88.470415][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.478905][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.506410][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.519527][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.526681][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.553209][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.602953][ T5937] hsr_slave_0: entered promiscuous mode [ 88.609787][ T5937] hsr_slave_1: entered promiscuous mode [ 88.616788][ T5937] debugfs: 'hsr0' already exists in 'hsr' [ 88.622881][ T5937] Cannot create hsr debugfs directory [ 90.065665][ T53] Bluetooth: hci0: command tx timeout [ 90.509256][ T1916] bridge_slave_1: left allmulticast mode [ 90.516376][ T1916] bridge_slave_1: left promiscuous mode [ 90.523072][ T1916] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.536208][ T1916] bridge_slave_0: left allmulticast mode [ 90.541987][ T1916] bridge_slave_0: left promiscuous mode [ 90.552712][ T1916] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.818893][ T1916] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 90.830830][ T1916] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.843159][ T1916] bond0 (unregistering): Released all slaves [ 90.977440][ T1916] hsr_slave_0: left promiscuous mode [ 90.984934][ T1916] hsr_slave_1: left promiscuous mode [ 90.991861][ T1916] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.009586][ T1916] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.020266][ T1916] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.028943][ T1916] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.055126][ T1916] veth1_macvtap: left promiscuous mode [ 91.061550][ T1916] veth0_macvtap: left promiscuous mode [ 91.068365][ T1916] veth1_vlan: left promiscuous mode [ 91.074981][ T1916] veth0_vlan: left promiscuous mode [ 91.550784][ T1916] team0 (unregistering): Port device team_slave_1 removed [ 91.581360][ T1916] team0 (unregistering): Port device team_slave_0 removed [ 92.109322][ T5937] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.135460][ T5937] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.147778][ T53] Bluetooth: hci0: command tx timeout [ 92.161057][ T5937] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.180351][ T5937] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 92.462477][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.492262][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.508095][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.515714][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.538170][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.545547][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.741552][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.797089][ T5937] veth0_vlan: entered promiscuous mode [ 92.818287][ T5937] veth1_vlan: entered promiscuous mode [ 92.858821][ T5937] veth0_macvtap: entered promiscuous mode [ 92.870376][ T5937] veth1_macvtap: entered promiscuous mode [ 92.890452][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.908592][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.939989][ T3561] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.955753][ T3561] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.973987][ T3561] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.002893][ T3561] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.082029][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.090240][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.122427][ T3561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.131415][ T3561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.183415][ T5985] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI [ 93.195317][ T5985] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 93.203740][ T5985] CPU: 1 UID: 0 PID: 5985 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 93.212846][ T5985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 93.222896][ T5985] RIP: 0010:__fput+0x1b5/0xa70 [ 93.227861][ T5985] Code: fc ff df 80 3c 08 00 74 08 4c 89 e7 e8 e4 11 ee ff 4d 8b 34 24 49 8d 6e 28 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 bd 11 ee ff 41 bc 60 06 00 00 4c 03 [ 93.247468][ T5985] RSP: 0018:ffffc900025efd30 EFLAGS: 00010206 [ 93.253537][ T5985] RAX: 0000000000000005 RBX: ffff888031f176c0 RCX: dffffc0000000000 [ 93.261609][ T5985] RDX: ffff88807950db80 RSI: 0000000004000000 RDI: 0000000002000000 [ 93.269576][ T5985] RBP: 0000000000000028 R08: ffffffff8f7dec77 R09: 1ffffffff1efbd8e [ 93.277559][ T5985] R10: dffffc0000000000 R11: ffffffff8239f2c0 R12: ffff888056d00358 [ 93.285534][ T5985] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88807e263d00 [ 93.293604][ T5985] FS: 0000555584a94500(0000) GS:ffff888125f87000(0000) knlGS:0000000000000000 [ 93.302591][ T5985] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.309189][ T5985] CR2: 0000001b2fc63fff CR3: 0000000072b9c000 CR4: 00000000003526f0 [ 93.317173][ T5985] Call Trace: [ 93.320560][ T5985] [ 93.323679][ T5985] task_work_run+0x1d4/0x260 [ 93.328290][ T5985] ? __pfx_task_work_run+0x10/0x10 [ 93.333492][ T5985] ? __se_sys_close_range+0x4ed/0x650 [ 93.338869][ T5985] ? exit_to_user_mode_loop+0x55/0x4f0 [ 93.344345][ T5985] exit_to_user_mode_loop+0xff/0x4f0 [ 93.349635][ T5985] ? rcu_is_watching+0x15/0xb0 [ 93.354392][ T5985] do_syscall_64+0x2e3/0xf80 [ 93.358979][ T5985] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.365070][ T5985] ? clear_bhb_loop+0x60/0xb0 [ 93.370022][ T5985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.376626][ T5985] RIP: 0033:0x7fb482f8f749 [ 93.381425][ T5985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.403591][ T5985] RSP: 002b:00007ffd29bd9b18 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 93.412190][ T5985] RAX: 0000000000000000 RBX: 0000000000016bdb RCX: 00007fb482f8f749 [ 93.420168][ T5985] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 93.428137][ T5985] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000229bd9e0f [ 93.436186][ T5985] R10: 0000001b2f020000 R11: 0000000000000246 R12: 00007fb4831e5fac [ 93.444150][ T5985] R13: 00007fb4831e5fa0 R14: ffffffffffffffff R15: 0000000000000001 [ 93.452243][ T5985] [ 93.455252][ T5985] Modules linked in: [ 93.460257][ T5985] ---[ end trace 0000000000000000 ]--- [ 93.474789][ T5985] RIP: 0010:__fput+0x1b5/0xa70 [ 93.479693][ T5985] Code: fc ff df 80 3c 08 00 74 08 4c 89 e7 e8 e4 11 ee ff 4d 8b 34 24 49 8d 6e 28 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 bd 11 ee ff 41 bc 60 06 00 00 4c 03 [ 93.500112][ T5985] RSP: 0018:ffffc900025efd30 EFLAGS: 00010206 [ 93.506703][ T5985] RAX: 0000000000000005 RBX: ffff888031f176c0 RCX: dffffc0000000000 [ 93.515252][ T5985] RDX: ffff88807950db80 RSI: 0000000004000000 RDI: 0000000002000000 [ 93.523322][ T5985] RBP: 0000000000000028 R08: ffffffff8f7dec77 R09: 1ffffffff1efbd8e [ 93.531879][ T5985] R10: dffffc0000000000 R11: ffffffff8239f2c0 R12: ffff888056d00358 [ 93.539920][ T5985] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88807e263d00 [ 93.548847][ T5985] FS: 0000555584a94500(0000) GS:ffff888125e87000(0000) knlGS:0000000000000000 [ 93.557993][ T5985] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.564738][ T5985] CR2: 0000555584a94808 CR3: 0000000072b9c000 CR4: 00000000003526f0 [ 93.572757][ T5985] Kernel panic - not syncing: Fatal exception [ 93.579593][ T5985] Kernel Offset: disabled [ 93.584052][ T5985] Rebooting in 86400 seconds..