syzkaller login: [ 97.104789][ T10] cfg80211: failed to load regulatory.db Warning: Permanently added '[localhost]:54221' (ED25519) to the list of known hosts. 2025/12/27 02:10:42 parsed 1 programs [ 122.192958][ T5344] cgroup: Unknown subsys name 'net' [ 122.262268][ T5344] cgroup: Unknown subsys name 'cpuset' [ 122.267926][ T5344] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 124.132288][ T5344] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 129.894409][ T5360] chnl_net:caif_netlink_parms(): no params data found [ 130.092862][ T5360] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.096921][ T5360] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.100745][ T5360] bridge_slave_0: entered allmulticast mode [ 130.118505][ T5360] bridge_slave_0: entered promiscuous mode [ 130.124020][ T5360] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.127289][ T5360] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.138595][ T5360] bridge_slave_1: entered allmulticast mode [ 130.142626][ T5360] bridge_slave_1: entered promiscuous mode [ 130.201285][ T5360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.221000][ T5360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.270489][ T5360] team0: Port device team_slave_0 added [ 130.276674][ T5360] team0: Port device team_slave_1 added [ 130.299530][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.303076][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 130.314246][ T5360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.321690][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.325138][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 130.337080][ T5360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.381283][ T5360] hsr_slave_0: entered promiscuous mode [ 130.384948][ T5360] hsr_slave_1: entered promiscuous mode [ 130.560369][ T5360] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 130.570543][ T5360] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 130.577096][ T5360] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 130.584307][ T5360] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 130.618208][ T5360] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.621630][ T5360] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.625418][ T5360] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.628451][ T5360] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.691374][ T5360] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.707771][ T4644] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.712183][ T4644] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.723885][ T5360] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.733682][ T38] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.736691][ T38] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.747550][ T38] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.751346][ T38] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.843997][ T5360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 131.167037][ T5360] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.234031][ T5360] veth0_vlan: entered promiscuous mode [ 131.251209][ T5360] veth1_vlan: entered promiscuous mode [ 131.302204][ T5360] veth0_macvtap: entered promiscuous mode [ 131.317440][ T5360] veth1_macvtap: entered promiscuous mode [ 131.360284][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.376586][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 131.400568][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.404479][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.426644][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.446415][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.580306][ T5360] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 131.831559][ T2682] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.751241][ T2682] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.739186][ T2682] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.959008][ T4685] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 133.963294][ T4685] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 133.966797][ T4685] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 133.971367][ T4685] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 133.974745][ T4685] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 134.621965][ T2682] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.921779][ T2682] bridge_slave_1: left allmulticast mode [ 134.924445][ T2682] bridge_slave_1: left promiscuous mode [ 134.927672][ T2682] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.982781][ T2682] bridge_slave_0: left allmulticast mode [ 134.985282][ T2682] bridge_slave_0: left promiscuous mode [ 134.988655][ T2682] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.091133][ T2682] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 136.101780][ T2682] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 136.120178][ T2682] bond0 (unregistering): Released all slaves [ 136.258809][ T2682] hsr_slave_0: left promiscuous mode [ 136.269121][ T2682] hsr_slave_1: left promiscuous mode [ 136.272888][ T2682] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 136.276609][ T2682] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 136.289769][ T2682] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 136.293106][ T2682] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 136.328699][ T2682] veth1_macvtap: left promiscuous mode [ 136.331358][ T2682] veth0_macvtap: left promiscuous mode [ 136.334359][ T2682] veth1_vlan: left promiscuous mode [ 136.336860][ T2682] veth0_vlan: left promiscuous mode [ 137.050841][ T2682] team0 (unregistering): Port device team_slave_1 removed [ 137.080889][ T2682] team0 (unregistering): Port device team_slave_0 removed [ 140.410750][ T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.414389][ T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.492063][ T4644] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.496755][ T4644] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/12/27 02:11:04 executed programs: 0 [ 142.109607][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 142.113911][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 142.117607][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 142.121908][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 142.130223][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 142.336041][ T5485] chnl_net:caif_netlink_parms(): no params data found [ 142.417920][ T5485] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.421878][ T5485] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.425035][ T5485] bridge_slave_0: entered allmulticast mode [ 142.430482][ T5485] bridge_slave_0: entered promiscuous mode [ 142.435804][ T5485] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.439430][ T5485] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.442530][ T5485] bridge_slave_1: entered allmulticast mode [ 142.446321][ T5485] bridge_slave_1: entered promiscuous mode [ 142.474164][ T5485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 142.480436][ T5485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 142.505176][ T5485] team0: Port device team_slave_0 added [ 142.511318][ T5485] team0: Port device team_slave_1 added [ 142.534679][ T5485] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 142.537652][ T5485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 142.558255][ T5485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 142.568560][ T5485] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 142.571847][ T5485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 142.584533][ T5485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 142.624889][ T5485] hsr_slave_0: entered promiscuous mode [ 142.628503][ T5485] hsr_slave_1: entered promiscuous mode [ 143.161289][ T5485] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 143.183824][ T5485] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 143.188394][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.191429][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.199997][ T5485] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 143.217616][ T5485] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 143.361670][ T5485] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.402865][ T5485] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.429787][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.433057][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.458618][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.461814][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.799877][ T5485] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.872786][ T5485] veth0_vlan: entered promiscuous mode [ 143.891862][ T5485] veth1_vlan: entered promiscuous mode [ 143.939306][ T5485] veth0_macvtap: entered promiscuous mode [ 143.953350][ T5485] veth1_macvtap: entered promiscuous mode [ 143.982429][ T5485] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.001710][ T5485] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 144.022112][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.026048][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.044823][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.065378][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.211069][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.214325][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.226216][ T47] Bluetooth: hci0: command tx timeout [ 144.290439][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.294765][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.300142][ T47] Bluetooth: hci0: command tx timeout 2025/12/27 02:11:09 executed programs: 45 [ 148.380030][ T47] Bluetooth: hci0: command tx timeout [ 150.458162][ T47] Bluetooth: hci0: command tx timeout 2025/12/27 02:11:14 executed programs: 232 2025/12/27 02:11:20 executed programs: 448 [ 157.278340][ C0] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI [ 157.284057][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 157.287816][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(full) [ 157.291884][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.296333][ C0] RIP: 0010:bpf_get_local_storage+0xbd/0x180 [ 157.298999][ C0] Code: e0 49 83 c6 08 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 a2 83 39 00 4d 8b 36 83 fb 15 75 5c 4c 89 f0 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 f7 e8 84 83 39 00 49 8b 1e e8 ec 7e 6c [ 157.307422][ C0] RSP: 0018:ffffc9000041eff8 EFLAGS: 00010246 [ 157.310127][ C0] RAX: 0000000000000000 RBX: 0000000000000015 RCX: 0000000000000100 [ 157.313639][ C0] RDX: ffff88801c2dc980 RSI: 0000000000000015 RDI: 0000000000000015 [ 157.317450][ C0] RBP: ffffc9000041f030 R08: 0000000000000003 R09: 0000000000000000 [ 157.321068][ C0] R10: ffffc9000041f0a0 R11: ffffffffa0203cf0 R12: 0000000000000001 [ 157.324624][ C0] R13: ffff8880119543c0 R14: 0000000000000000 R15: dffffc0000000000 [ 157.328138][ C0] FS: 0000000000000000(0000) GS:ffff88808d416000(0000) knlGS:0000000000000000 [ 157.331856][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.334650][ C0] CR2: 00007f58f2aac170 CR3: 0000000011519000 CR4: 0000000000352ef0 [ 157.338016][ C0] Call Trace: [ 157.339439][ C0] [ 157.340938][ C0] bpf_prog_e63b106389d7305a+0x2e/0x45 [ 157.343342][ C0] __bpf_prog_run_save_cb+0x127/0x370 [ 157.345693][ C0] ? __cgroup_bpf_run_filter_skb+0x565/0xf40 [ 157.348239][ C0] ? __pfx___bpf_prog_run_save_cb+0x10/0x10 [ 157.350694][ C0] __cgroup_bpf_run_filter_skb+0x9e0/0xf40 [ 157.353193][ C0] ? lockdep_hardirqs_on+0x7b/0x110 [ 157.355348][ C0] ? __pfx___cgroup_bpf_run_filter_skb+0x10/0x10 [ 157.357945][ C0] ? __pfx_inet_ehashfn+0x10/0x10 [ 157.360253][ C0] ? tcp_rcv_established+0x103a/0x2580 [ 157.363091][ C0] sk_filter_trim_cap+0xd42/0xf50 [ 157.365883][ C0] ? tcp_inbound_hash+0x3ab/0x880 [ 157.369048][ C0] ? __pfx_tcp_inbound_hash+0x10/0x10 [ 157.371499][ C0] ? __pfx_sk_filter_trim_cap+0x10/0x10 [ 157.374057][ C0] ? __pfx___inet_lookup_established+0x10/0x10 [ 157.376994][ C0] tcp_v4_rcv+0x1f90/0x2f20 [ 157.379032][ C0] ? raw_local_deliver+0x30d/0xf10 [ 157.381498][ C0] ? lock_acquire+0x107/0x340 [ 157.383489][ C0] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 157.385646][ C0] ? ip_local_deliver_finish+0x2ae/0x6f0 [ 157.388280][ C0] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 157.390556][ C0] ip_protocol_deliver_rcu+0x221/0x440 [ 157.393363][ C0] ? ip_local_deliver_finish+0x2ae/0x6f0 [ 157.396184][ C0] ip_local_deliver_finish+0x3bb/0x6f0 [ 157.398661][ C0] NF_HOOK+0x30c/0x3a0 [ 157.400331][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 157.403023][ C0] ? NF_HOOK+0x9a/0x3a0 [ 157.404912][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 157.407104][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 157.409477][ C0] ? skb_dst+0x4f/0xd0 [ 157.411306][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 157.413536][ C0] NF_HOOK+0x30c/0x3a0 [ 157.415289][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 157.417731][ C0] ? NF_HOOK+0x9a/0x3a0 [ 157.419643][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 157.422016][ C0] ? ip_rcv_core+0x7f7/0xd00 [ 157.424440][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 157.426423][ C0] __netif_receive_skb+0x143/0x380 [ 157.428753][ C0] ? process_backlog+0x247/0x1340 [ 157.431040][ C0] process_backlog+0x54f/0x1340 [ 157.433250][ C0] __napi_poll+0xae/0x320 [ 157.435042][ C0] ? skb_defer_free_flush+0x233/0x260 [ 157.437425][ C0] net_rx_action+0x64a/0xe00 [ 157.439550][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 157.441946][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 157.444318][ C0] handle_softirqs+0x22b/0x7c0 [ 157.446486][ C0] ? run_ksoftirqd+0x36/0x60 [ 157.448462][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 157.450583][ C0] run_ksoftirqd+0x36/0x60 [ 157.452594][ C0] smpboot_thread_fn+0x542/0xa60 [ 157.454723][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 157.457034][ C0] kthread+0x711/0x8a0 [ 157.458796][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 157.461261][ C0] ? __pfx_kthread+0x10/0x10 [ 157.463583][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 157.465949][ C0] ? __pfx_kthread+0x10/0x10 [ 157.467987][ C0] ret_from_fork+0x510/0xa50 [ 157.470049][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 157.472488][ C0] ? __switch_to+0xc9e/0x1480 [ 157.474466][ C0] ? __pfx_kthread+0x10/0x10 [ 157.476462][ C0] ret_from_fork_asm+0x1a/0x30 [ 157.478621][ C0] [ 157.480025][ C0] Modules linked in: [ 157.481886][ C0] ---[ end trace 0000000000000000 ]--- [ 157.484327][ C0] RIP: 0010:bpf_get_local_storage+0xbd/0x180 [ 157.487010][ C0] Code: e0 49 83 c6 08 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 a2 83 39 00 4d 8b 36 83 fb 15 75 5c 4c 89 f0 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 f7 e8 84 83 39 00 49 8b 1e e8 ec 7e 6c [ 157.494701][ C0] RSP: 0018:ffffc9000041eff8 EFLAGS: 00010246 [ 157.497285][ C0] RAX: 0000000000000000 RBX: 0000000000000015 RCX: 0000000000000100 [ 157.501085][ C0] RDX: ffff88801c2dc980 RSI: 0000000000000015 RDI: 0000000000000015 [ 157.504867][ C0] RBP: ffffc9000041f030 R08: 0000000000000003 R09: 0000000000000000 [ 157.508867][ C0] R10: ffffc9000041f0a0 R11: ffffffffa0203cf0 R12: 0000000000000001 [ 157.512319][ C0] R13: ffff8880119543c0 R14: 0000000000000000 R15: dffffc0000000000 [ 157.515758][ C0] FS: 0000000000000000(0000) GS:ffff88808d416000(0000) knlGS:0000000000000000 [ 157.519688][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.522468][ C0] CR2: 00007f58f2aac170 CR3: 0000000011519000 CR4: 0000000000352ef0 [ 157.525824][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 157.529306][ C0] Kernel Offset: disabled [ 157.531260][ C0] Rebooting in 86400 seconds..