Warning: Permanently added '10.128.1.154' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs [ 33.213355][ T4323] cgroup: Unknown subsys name 'net' [ 33.487468][ T4323] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.753363][ T4323] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 39.138822][ T4348] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.140520][ T4348] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.141775][ T4348] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.143198][ T4348] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.144476][ T4348] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 39.146433][ T4348] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 39.222147][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.223431][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.225383][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 39.237435][ T200] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.238718][ T200] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.240222][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 40.253604][ T4417] chnl_net:caif_netlink_parms(): no params data found [ 40.270815][ T4417] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.272081][ T4417] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.273690][ T4417] device bridge_slave_0 entered promiscuous mode [ 40.276892][ T4417] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.277944][ T4417] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.279411][ T4417] device bridge_slave_1 entered promiscuous mode [ 40.287405][ T4417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.289690][ T4417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.297109][ T4417] team0: Port device team_slave_0 added [ 40.298662][ T4417] team0: Port device team_slave_1 added [ 40.305072][ T4417] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.306150][ T4417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.310013][ T4417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.312487][ T4417] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.313532][ T4417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.317680][ T4417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.395686][ T4417] device hsr_slave_0 entered promiscuous mode [ 40.444897][ T4417] device hsr_slave_1 entered promiscuous mode [ 40.541364][ T4417] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.578227][ T4417] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.627538][ T4417] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.698559][ T4417] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.751666][ T4417] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.752785][ T4417] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.754186][ T4417] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.755319][ T4417] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.774029][ T4417] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.778253][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.780596][ T200] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.782217][ T200] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.784013][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 40.802978][ T4417] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.807003][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.808630][ T200] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.809732][ T200] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.812985][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.814425][ T200] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.815668][ T200] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.822861][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 40.824518][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 40.842482][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 40.846301][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.849200][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.852050][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 40.911582][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 40.912905][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 40.925829][ T4417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.931163][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.937315][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.939102][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.940616][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.942762][ T4417] device veth0_vlan entered promiscuous mode [ 40.945901][ T4417] device veth1_vlan entered promiscuous mode [ 40.952756][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 40.954227][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 40.957077][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.959629][ T4417] device veth0_macvtap entered promiscuous mode [ 40.961924][ T4417] device veth1_macvtap entered promiscuous mode [ 40.968177][ T4417] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.969363][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.971370][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 40.974243][ T4417] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.976443][ T200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.979243][ T4417] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.980673][ T4417] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.981993][ T4417] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.983369][ T4417] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:41 executed programs: 0 [ 41.509002][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 41.510633][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 41.512001][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 41.513447][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 41.515400][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 41.516634][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 41.716500][ T4440] chnl_net:caif_netlink_parms(): no params data found [ 41.747314][ T4440] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.748510][ T4440] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.750015][ T4440] device bridge_slave_0 entered promiscuous mode [ 41.752465][ T4440] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.753617][ T4440] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.755398][ T4440] device bridge_slave_1 entered promiscuous mode [ 41.762024][ T4440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.764883][ T4440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.771625][ T4440] team0: Port device team_slave_0 added [ 41.773764][ T4440] team0: Port device team_slave_1 added [ 41.855140][ T4440] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.856271][ T4440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.860189][ T4440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.862847][ T4440] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.863946][ T4440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.868236][ T4440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.125544][ T4440] device hsr_slave_0 entered promiscuous mode [ 42.175071][ T4440] device hsr_slave_1 entered promiscuous mode [ 42.224751][ T4440] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 42.226065][ T4440] Cannot create hsr debugfs directory [ 42.567035][ T4440] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.544820][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 45.006074][ T4440] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.614907][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 46.456048][ T4440] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.596447][ T4440] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.810665][ T4440] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.907021][ T4440] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.007157][ T4440] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.045718][ T4440] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.137041][ T4440] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.140325][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 47.141812][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.144092][ T4440] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.177929][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.179615][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.181041][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.182126][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.183504][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 47.186433][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.188003][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.189506][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.190610][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.193969][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 47.196858][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 47.199670][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 47.201477][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 47.202945][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 47.206221][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 47.207724][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 47.210175][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.211680][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.214581][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.216948][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.247893][ T4440] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 47.287221][ T9] device hsr_slave_0 left promiscuous mode [ 47.344993][ T9] device hsr_slave_1 left promiscuous mode [ 47.434778][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 47.435905][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 47.437458][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 47.438538][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 47.439791][ T9] device bridge_slave_1 left promiscuous mode [ 47.441235][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.475816][ T9] device bridge_slave_0 left promiscuous mode [ 47.476813][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.594937][ T9] device veth1_macvtap left promiscuous mode [ 47.596101][ T9] device veth0_macvtap left promiscuous mode [ 47.597037][ T9] device veth1_vlan left promiscuous mode [ 47.597991][ T9] device veth0_vlan left promiscuous mode [ 47.704729][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 49.496584][ T9] team0 (unregistering): Port device team_slave_1 removed [ 49.655677][ T9] team0 (unregistering): Port device team_slave_0 removed [ 49.774631][ T47] Bluetooth: hci0: command 0x0419 tx timeout [ 49.825101][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 50.044987][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 52.546165][ T9] bond0 (unregistering): Released all slaves [ 52.762799][ T4433] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 52.764096][ T4433] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 52.767109][ T4440] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.772598][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 52.774174][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 52.780464][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 52.781897][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 52.783722][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 52.785394][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 52.788095][ T4440] device veth0_vlan entered promiscuous mode [ 52.790921][ T4440] device veth1_vlan entered promiscuous mode [ 52.797184][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 52.798675][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 52.800098][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 52.801538][ T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 52.803780][ T4440] device veth0_macvtap entered promiscuous mode [ 52.810674][ T4440] device veth1_macvtap entered promiscuous mode [ 52.816093][ T4440] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.817143][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 52.818733][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 52.820105][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 52.821929][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 52.824327][ T4440] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.825895][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 52.827232][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 52.829543][ T4440] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.830892][ T4440] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.832380][ T4440] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.833890][ T4440] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.852243][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.853497][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.855181][ T4433] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 52.862508][ T88] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.863754][ T88] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.866277][ T4433] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 52.894405][ T4462] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 52.897031][ T4462] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 52.900254][ T88] ------------[ cut here ]------------ [ 52.901106][ T88] WARNING: CPU: 0 PID: 88 at net/wireless/scan.c:1710 cfg80211_bss_update+0xe7c/0x1c7c [ 52.901631][ T4462] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 52.902525][ T88] Modules linked in: [ 52.904687][ T88] CPU: 0 PID: 88 Comm: kworker/u4:3 Not tainted syzkaller #0 [ 52.905847][ T88] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 52.907322][ T88] Workqueue: phy6 ieee80211_iface_work [ 52.908102][ T88] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 52.909303][ T88] pc : cfg80211_bss_update+0xe7c/0x1c7c [ 52.910015][ T88] lr : cfg80211_bss_update+0xc54/0x1c7c [ 52.910825][ T88] sp : ffff80001ce37260 [ 52.911422][ T88] x29: ffff80001ce37340 x28: 0000000000000000 x27: 0000000000000001 [ 52.912554][ T88] x26: ffff0000d8725800 x25: ffff0000deae901d x24: ffff0000d8725880 [ 52.913714][ T88] x23: ffff0000cd0c2448 x22: ffff0000d8725810 x21: ffff0000cd0c2410 [ 52.914874][ T88] x20: ffff0000cd0c2400 x19: dfff800000000000 x18: ffff800011a5bd40 [ 52.916021][ T88] x17: 1fffe00033ee7b7e x16: ffff800008042d90 x15: 0000000000000000 [ 52.917174][ T88] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000ff0100 [ 52.918310][ T88] x11: ff00800010fc863c x10: 0000000000000000 x9 : ffff0000c62a5340 [ 52.919445][ T88] x8 : ffff0000cd0c7410 x7 : 0000000000000000 x6 : 0000000000000000 [ 52.920580][ T88] x5 : ffff0000cd0c24c8 x4 : ffff80001ce37528 x3 : ffff800010fc87ec [ 52.921691][ T88] x2 : 0000000000000001 x1 : 0000000000000000 x0 : ffff0000d8725810 [ 52.922813][ T88] Call trace: [ 52.923281][ T88] cfg80211_bss_update+0xe7c/0x1c7c [ 52.924008][ T88] cfg80211_inform_bss_frame_data+0x884/0x10b4 [ 52.924839][ T88] ieee80211_bss_info_update+0x5d0/0x9b4 [ 52.925639][ T88] ieee80211_ibss_rx_queued_mgmt+0x86c/0x2490 [ 52.926483][ T88] ieee80211_iface_work+0x598/0xa34 [ 52.927195][ T88] process_one_work+0x7f4/0x13a8 [ 52.927864][ T88] worker_thread+0x8c8/0xfbc [ 52.928496][ T88] kthread+0x250/0x2d8 [ 52.929064][ T88] ret_from_fork+0x10/0x20 [ 52.929683][ T88] irq event stamp: 590799 [ 52.930291][ T88] hardirqs last enabled at (590798): [] ___slab_alloc+0xcdc/0xec8 [ 52.931570][ T88] hardirqs last disabled at (590799): [] el1_dbg+0x24/0x80 [ 52.932778][ T88] softirqs last enabled at (590704): [] cfg80211_get_bss+0x5dc/0x850 [ 52.934052][ T88] softirqs last disabled at (590792): [] cfg80211_bss_update+0x80/0x1c7c [ 52.935481][ T88] ---[ end trace 0000000000000000 ]--- [ 52.936492][ T88] ------------[ cut here ]------------ [ 52.937248][ T88] WARNING: CPU: 0 PID: 88 at net/wireless/scan.c:1708 cfg80211_bss_update+0xe70/0x1c7c [ 52.938676][ T88] Modules linked in: [ 52.939244][ T88] CPU: 0 PID: 88 Comm: kworker/u4:3 Tainted: G W syzkaller #0 [ 52.940547][ T88] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 52.941940][ T88] Workqueue: phy6 ieee80211_iface_work [ 52.942873][ T88] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 52.944175][ T88] pc : cfg80211_bss_update+0xe70/0x1c7c [ 52.945078][ T88] lr : cfg80211_bss_update+0xe70/0x1c7c [ 52.945924][ T88] sp : ffff80001ce37260 [ 52.946611][ T88] x29: ffff80001ce37340 x28: 0000000000000000 x27: 0000000000000002 [ 52.947907][ T88] x26: ffff0000cd0c7400 x25: ffff0000d368e01d x24: ffff0000cd0c7480 [ 52.949173][ T88] x23: ffff0000cd0c2448 x22: ffff0000cd0c7490 x21: ffff0000cd0c2410 [ 52.950518][ T88] x20: ffff0000cd0c2400 x19: dfff800000000000 x18: ffff800011a5bd40 [ 52.951785][ T88] x17: 1fffe00033ee7b7e x16: ffff800008042d90 x15: 0000000000000000 [ 52.953061][ T88] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000ff0100 [ 52.954331][ T88] x11: ff00800010fc8858 x10: 0000000000000000 x9 : ffff800010fc8858 [ 52.955591][ T88] x8 : ffff0000c62a5340 x7 : 0000000000000000 x6 : 0000000000000000 [ 52.956864][ T88] x5 : ffff0000cd0c24c8 x4 : ffff80001ce37528 x3 : ffff800010fc87ec [ 52.958088][ T88] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000006 [ 52.959370][ T88] Call trace: [ 52.959928][ T88] cfg80211_bss_update+0xe70/0x1c7c [ 52.960758][ T88] cfg80211_inform_bss_frame_data+0x884/0x10b4 [ 52.961670][ T88] ieee80211_bss_info_update+0x5d0/0x9b4 [ 52.962544][ T88] ieee80211_ibss_rx_queued_mgmt+0x86c/0x2490 [ 52.963451][ T88] ieee80211_iface_work+0x598/0xa34 [ 52.964277][ T88] process_one_work+0x7f4/0x13a8 [ 52.965070][ T88] worker_thread+0x8c8/0xfbc [ 52.965817][ T88] kthread+0x250/0x2d8 [ 52.966513][ T88] ret_from_fork+0x10/0x20 [ 52.967272][ T88] irq event stamp: 590805 [ 52.968023][ T88] hardirqs last enabled at (590804): [] exit_to_kernel_mode+0xcc/0xfc [ 52.969515][ T88] hardirqs last disabled at (590805): [] el1_dbg+0x24/0x80 [ 52.970763][ T88] softirqs last enabled at (590704): [] cfg80211_get_bss+0x5dc/0x850 [ 52.972313][ T88] softirqs last disabled at (590792): [] cfg80211_bss_update+0x80/0x1c7c [ 52.973788][ T88] ---[ end trace 0000000000000000 ]---