Warning: Permanently added '10.128.0.208' (ED25519) to the list of known hosts. 2025/12/03 03:49:33 parsed 1 programs syzkaller login: [ 80.147825][ T5830] cgroup: Unknown subsys name 'net' [ 80.279166][ T5830] cgroup: Unknown subsys name 'cpuset' [ 80.287994][ T5830] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 81.761630][ T5830] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.707235][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 86.988871][ T794] cfg80211: failed to load regulatory.db [ 87.006136][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.014613][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.114821][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.140613][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.556952][ T5896] chnl_net:caif_netlink_parms(): no params data found [ 87.651056][ T5896] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.658996][ T5896] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.666252][ T5896] bridge_slave_0: entered allmulticast mode [ 87.675753][ T5896] bridge_slave_0: entered promiscuous mode [ 87.685657][ T5896] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.692940][ T5896] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.701107][ T5896] bridge_slave_1: entered allmulticast mode [ 87.708610][ T5896] bridge_slave_1: entered promiscuous mode [ 87.746689][ T5896] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.761519][ T5896] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.795045][ T5896] team0: Port device team_slave_0 added [ 87.804342][ T5896] team0: Port device team_slave_1 added [ 87.831137][ T5896] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.838516][ T5896] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.865663][ T5896] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.879041][ T5896] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.886056][ T5896] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.912145][ T5896] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.952339][ T5896] hsr_slave_0: entered promiscuous mode [ 87.960467][ T5896] hsr_slave_1: entered promiscuous mode [ 88.116615][ T5896] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.129142][ T5896] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.140757][ T5896] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.152121][ T5896] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.182818][ T5896] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.190069][ T5896] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.198206][ T5896] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.205845][ T5896] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.260328][ T5896] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.281167][ T4545] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.290748][ T4545] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.304999][ T5896] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.320586][ T4545] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.327842][ T4545] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.342956][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.350184][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.514871][ T5896] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.564525][ T5896] veth0_vlan: entered promiscuous mode [ 88.576100][ T5896] veth1_vlan: entered promiscuous mode [ 88.608525][ T5896] veth0_macvtap: entered promiscuous mode [ 88.618706][ T5896] veth1_macvtap: entered promiscuous mode [ 88.637676][ T5896] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.653981][ T5896] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.677671][ T4545] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.688931][ T4545] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.701355][ T4545] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.713188][ T4545] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.848684][ T4545] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.859376][ T5148] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.869856][ T5148] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.878618][ T5148] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.888207][ T5148] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.897499][ T5148] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.966700][ T4545] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.072187][ T4545] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.151180][ T4545] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/12/03 03:49:45 executed programs: 0 [ 89.888372][ T5148] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.898643][ T5148] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.907603][ T5148] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.918685][ T5148] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.927756][ T5148] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.089323][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 90.166447][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.173779][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.182863][ T5938] bridge_slave_0: entered allmulticast mode [ 90.190503][ T5938] bridge_slave_0: entered promiscuous mode [ 90.200663][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.209097][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.216721][ T5938] bridge_slave_1: entered allmulticast mode [ 90.223896][ T5938] bridge_slave_1: entered promiscuous mode [ 90.263401][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.279164][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.316456][ T5938] team0: Port device team_slave_0 added [ 90.325797][ T5938] team0: Port device team_slave_1 added [ 90.357042][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.364009][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.390280][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.403866][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.411058][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.438189][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.486575][ T5938] hsr_slave_0: entered promiscuous mode [ 90.493428][ T5938] hsr_slave_1: entered promiscuous mode [ 90.501390][ T5938] debugfs: 'hsr0' already exists in 'hsr' [ 90.507408][ T5938] Cannot create hsr debugfs directory [ 91.870869][ T4545] bridge_slave_1: left allmulticast mode [ 91.878991][ T4545] bridge_slave_1: left promiscuous mode [ 91.885614][ T4545] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.898477][ T4545] bridge_slave_0: left allmulticast mode [ 91.904160][ T4545] bridge_slave_0: left promiscuous mode [ 91.910304][ T4545] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.019096][ T52] Bluetooth: hci0: command tx timeout [ 92.196517][ T4545] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 92.208547][ T4545] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 92.218478][ T4545] bond0 (unregistering): Released all slaves [ 92.315352][ T4545] hsr_slave_0: left promiscuous mode [ 92.321692][ T4545] hsr_slave_1: left promiscuous mode [ 92.328220][ T4545] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 92.339388][ T4545] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 92.349298][ T4545] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 92.357183][ T4545] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 92.379075][ T4545] veth1_macvtap: left promiscuous mode [ 92.385004][ T4545] veth0_macvtap: left promiscuous mode [ 92.391729][ T4545] veth1_vlan: left promiscuous mode [ 92.398382][ T4545] veth0_vlan: left promiscuous mode [ 92.841879][ T4545] team0 (unregistering): Port device team_slave_1 removed [ 92.870662][ T4545] team0 (unregistering): Port device team_slave_0 removed [ 93.509250][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.523079][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.543867][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.574563][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.924574][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.026602][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.042681][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.050487][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.083510][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.090839][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.102304][ T52] Bluetooth: hci0: command tx timeout [ 94.429578][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.497588][ T5938] veth0_vlan: entered promiscuous mode [ 94.514790][ T5938] veth1_vlan: entered promiscuous mode [ 94.561146][ T5938] veth0_macvtap: entered promiscuous mode [ 94.574297][ T5938] veth1_macvtap: entered promiscuous mode [ 94.601144][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.624541][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.649282][ T4545] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.665810][ T4545] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.674769][ T4545] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.696798][ T4545] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.785625][ T4545] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.793492][ T4545] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.841569][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.859108][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.924274][ T6010] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI [ 94.936381][ T6010] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 94.944934][ T6010] CPU: 0 UID: 0 PID: 6010 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 94.954038][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 94.964370][ T6010] RIP: 0010:__fput+0x1b5/0xa70 [ 94.969744][ T6010] Code: fc ff df 80 3c 08 00 74 08 4c 89 e7 e8 b4 0d ee ff 4d 8b 34 24 49 8d 6e 28 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 8d 0d ee ff 41 bc 60 06 00 00 4c 03 [ 94.989464][ T6010] RSP: 0018:ffffc90003627d30 EFLAGS: 00010206 [ 94.995551][ T6010] RAX: 0000000000000005 RBX: ffff888025041880 RCX: dffffc0000000000 [ 95.003517][ T6010] RDX: ffff888077d10000 RSI: 0000000004000000 RDI: 0000000002000000 [ 95.011745][ T6010] RBP: 0000000000000028 R08: ffffffff8f813377 R09: 1ffffffff1f0266e [ 95.019792][ T6010] R10: dffffc0000000000 R11: ffffffff823a0220 R12: ffff88805985b670 [ 95.028013][ T6010] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88801dbf4a80 [ 95.036098][ T6010] FS: 00005555817f6500(0000) GS:ffff888125e4f000(0000) knlGS:0000000000000000 [ 95.045038][ T6010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.051720][ T6010] CR2: 0000001b2fd63fff CR3: 0000000031774000 CR4: 00000000003526f0 [ 95.059783][ T6010] Call Trace: [ 95.063055][ T6010] [ 95.065984][ T6010] task_work_run+0x1d4/0x260 [ 95.070570][ T6010] ? __pfx_task_work_run+0x10/0x10 [ 95.075671][ T6010] ? __se_sys_close_range+0x4ed/0x650 [ 95.081034][ T6010] ? exit_to_user_mode_loop+0x55/0x4f0 [ 95.086574][ T6010] exit_to_user_mode_loop+0xff/0x4f0 [ 95.091842][ T6010] ? rcu_is_watching+0x15/0xb0 [ 95.097732][ T6010] do_syscall_64+0x2e3/0xf80 [ 95.102329][ T6010] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.108439][ T6010] ? clear_bhb_loop+0x60/0xb0 [ 95.113118][ T6010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.119008][ T6010] RIP: 0033:0x7f43b0b8f749 [ 95.123447][ T6010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.143056][ T6010] RSP: 002b:00007fff4cc266b8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 95.151478][ T6010] RAX: 0000000000000000 RBX: 000000000001729c RCX: 00007f43b0b8f749 [ 95.159437][ T6010] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 95.167394][ T6010] RBP: 0000000000000000 R08: 0000000000000001 R09: 000000024cc269af [ 95.175445][ T6010] R10: 0000001b2f120000 R11: 0000000000000246 R12: 00007f43b0de5fac [ 95.183425][ T6010] R13: 00007f43b0de5fa0 R14: ffffffffffffffff R15: 0000000000000001 [ 95.191492][ T6010] [ 95.194519][ T6010] Modules linked in: [ 95.199144][ T6010] ---[ end trace 0000000000000000 ]--- [ 95.205292][ T6010] RIP: 0010:__fput+0x1b5/0xa70 [ 95.210191][ T6010] Code: fc ff df 80 3c 08 00 74 08 4c 89 e7 e8 b4 0d ee ff 4d 8b 34 24 49 8d 6e 28 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 8d 0d ee ff 41 bc 60 06 00 00 4c 03 [ 95.232558][ T6010] RSP: 0018:ffffc90003627d30 EFLAGS: 00010206 [ 95.244368][ T6010] RAX: 0000000000000005 RBX: ffff888025041880 RCX: dffffc0000000000 [ 95.252534][ T6010] RDX: ffff888077d10000 RSI: 0000000004000000 RDI: 0000000002000000 [ 95.261904][ T6010] RBP: 0000000000000028 R08: ffffffff8f813377 R09: 1ffffffff1f0266e [ 95.270260][ T6010] R10: dffffc0000000000 R11: ffffffff823a0220 R12: ffff88805985b670 [ 95.278284][ T6010] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88801dbf4a80 [ 95.290416][ T6010] FS: 00005555817f6500(0000) GS:ffff888125f4f000(0000) knlGS:0000000000000000 [ 95.299806][ T6010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.306616][ T6010] CR2: 00007ffea0e4c008 CR3: 0000000031774000 CR4: 00000000003526f0 [ 95.314793][ T6010] Kernel panic - not syncing: Fatal exception [ 95.321427][ T6010] Kernel Offset: disabled [ 95.326612][ T6010] Rebooting in 86400 seconds..