Warning: Permanently added '[localhost]:39887' (ED25519) to the list of known hosts. 2025/12/02 17:50:25 parsed 1 programs syzkaller login: [ 52.594942][ T5818] cgroup: Unknown subsys name 'net' [ 52.717419][ T5818] cgroup: Unknown subsys name 'cpuset' [ 52.722920][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 54.113134][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.118978][ T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.122176][ T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.147214][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.150384][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.196494][ T5825] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 57.143140][ T5853] chnl_net:caif_netlink_parms(): no params data found [ 57.188781][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.191947][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.194540][ T5853] bridge_slave_0: entered allmulticast mode [ 57.197176][ T5853] bridge_slave_0: entered promiscuous mode [ 57.201307][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.203634][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.205844][ T5853] bridge_slave_1: entered allmulticast mode [ 57.208893][ T5853] bridge_slave_1: entered promiscuous mode [ 57.231448][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.238042][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.255922][ T5853] team0: Port device team_slave_0 added [ 57.258891][ T5853] team0: Port device team_slave_1 added [ 57.290386][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.292573][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 57.300612][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.305438][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.307598][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 57.315510][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.344585][ T5853] hsr_slave_0: entered promiscuous mode [ 57.346905][ T5853] hsr_slave_1: entered promiscuous mode [ 57.441301][ T5853] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.447866][ T5853] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.453164][ T5853] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.459136][ T5853] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.506231][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.520809][ T5853] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.528201][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.530560][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.538311][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.541412][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.635306][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.673085][ T5853] veth0_vlan: entered promiscuous mode [ 57.680546][ T5853] veth1_vlan: entered promiscuous mode [ 57.697491][ T5853] veth0_macvtap: entered promiscuous mode [ 57.701499][ T5853] veth1_macvtap: entered promiscuous mode [ 57.711693][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.718852][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.726925][ T5711] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.729843][ T5711] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.732677][ T5711] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.736241][ T5711] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.802216][ T5853] syz-executor (5853) used greatest stack depth: 18856 bytes left [ 57.823115][ T5711] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.877795][ T5711] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.922079][ T5711] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.963926][ T5711] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.180176][ T57] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.185130][ T57] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.188854][ T57] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.192663][ T57] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.196758][ T57] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 2025/12/02 17:50:33 executed programs: 0 [ 59.301581][ T57] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.304975][ T57] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.307590][ T57] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.310683][ T57] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.314497][ T57] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.407836][ T5922] chnl_net:caif_netlink_parms(): no params data found [ 59.452770][ T5922] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.455403][ T5922] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.457670][ T5922] bridge_slave_0: entered allmulticast mode [ 59.460237][ T5922] bridge_slave_0: entered promiscuous mode [ 59.464047][ T5922] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.466657][ T5922] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.468879][ T5922] bridge_slave_1: entered allmulticast mode [ 59.471404][ T5922] bridge_slave_1: entered promiscuous mode [ 59.488862][ T5922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.493128][ T5922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.509167][ T5922] team0: Port device team_slave_0 added [ 59.512394][ T5922] team0: Port device team_slave_1 added [ 59.529467][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.531600][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.539577][ T5922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.544988][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.547131][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.555479][ T5922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.579192][ T5922] hsr_slave_0: entered promiscuous mode [ 59.581411][ T5922] hsr_slave_1: entered promiscuous mode [ 59.583896][ T5922] debugfs: 'hsr0' already exists in 'hsr' [ 59.585687][ T5922] Cannot create hsr debugfs directory [ 61.355521][ T57] Bluetooth: hci0: command tx timeout [ 61.361132][ T5711] bridge_slave_1: left allmulticast mode [ 61.368845][ T5711] bridge_slave_1: left promiscuous mode [ 61.371547][ T5711] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.377120][ T5711] bridge_slave_0: left allmulticast mode [ 61.378893][ T5711] bridge_slave_0: left promiscuous mode [ 61.380740][ T5711] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.591528][ T5711] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 61.596230][ T5711] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 61.599616][ T5711] bond0 (unregistering): Released all slaves [ 61.711373][ T5711] hsr_slave_0: left promiscuous mode [ 61.719676][ T5711] hsr_slave_1: left promiscuous mode [ 61.722332][ T5711] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 61.726473][ T5711] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 61.730457][ T5711] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 61.733830][ T5711] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 61.747139][ T5711] veth1_macvtap: left promiscuous mode [ 61.749352][ T5711] veth0_macvtap: left promiscuous mode [ 61.751133][ T5711] veth1_vlan: left promiscuous mode [ 61.752802][ T5711] veth0_vlan: left promiscuous mode [ 62.006909][ T5711] team0 (unregistering): Port device team_slave_1 removed [ 62.026629][ T5711] team0 (unregistering): Port device team_slave_0 removed [ 62.335526][ T5922] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.344935][ T5922] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.348982][ T5922] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.352929][ T5922] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.400984][ T5922] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.412836][ T5922] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.418831][ T1092] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.421076][ T1092] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.430452][ T1092] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.433471][ T1092] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.536795][ T5922] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.765732][ T5922] veth0_vlan: entered promiscuous mode [ 62.775351][ T5922] veth1_vlan: entered promiscuous mode [ 62.806470][ T5922] veth0_macvtap: entered promiscuous mode [ 62.812363][ T5922] veth1_macvtap: entered promiscuous mode [ 62.842024][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.856353][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.872011][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.876783][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.887338][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.890088][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.985809][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.988956][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.016091][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.019273][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.066724][ T5953] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] SMP KASAN PTI [ 63.071348][ T5953] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] [ 63.074613][ T5953] CPU: 0 UID: 0 PID: 5953 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 63.077939][ T5953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 63.081791][ T5953] RIP: 0010:bpf_lru_push_free+0x6e/0xbb0 [ 63.084089][ T5953] Code: 01 0f 85 e4 00 00 00 4c 89 f0 48 c1 e8 03 80 3c 28 00 74 08 4c 89 f7 e8 c0 82 42 00 4d 8b 3e 4c 8d 73 10 4c 89 f0 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 5b 09 00 00 45 0f b7 36 bf 08 00 00 00 44 [ 63.091693][ T5953] RSP: 0018:ffffc900046d7b48 EFLAGS: 00010202 [ 63.094095][ T5953] RAX: 0000000000000004 RBX: 0000000000000010 RCX: ffff888112941d00 [ 63.096884][ T5953] RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffff888117c02300 [ 63.099592][ T5953] RBP: dffffc0000000000 R08: ffffffff8f7cee77 R09: 1ffffffff1ef9dce [ 63.102384][ T5953] R10: dffffc0000000000 R11: fffffbfff1ef9dcf R12: 0000000000000002 [ 63.105116][ T5953] R13: 00000000fffffffe R14: 0000000000000020 R15: 0000607d55cf6a80 [ 63.107786][ T5953] FS: 000055555edc7500(0000) GS:ffff88818eb38000(0000) knlGS:0000000000000000 [ 63.110831][ T5953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.113046][ T5953] CR2: 0000001b2ed63fff CR3: 000000010bca0000 CR4: 00000000000006f0 [ 63.115881][ T5953] Call Trace: [ 63.117097][ T5953] [ 63.118167][ T5953] ? check_and_free_fields+0x5e/0x2d0 [ 63.120102][ T5953] htab_lru_map_update_elem+0x33e/0xa90 [ 63.122080][ T5953] bpf_map_update_value+0x751/0x920 [ 63.123967][ T5953] map_update_elem+0x355/0x4b0 [ 63.125670][ T5953] __sys_bpf+0x619/0x860 [ 63.127186][ T5953] ? __pfx___sys_bpf+0x10/0x10 [ 63.128890][ T5953] ? count_memcg_event_mm+0x21/0x260 [ 63.130786][ T5953] ? __pfx___se_sys_futex+0x10/0x10 [ 63.132658][ T5953] ? do_user_addr_fault+0xc85/0x1380 [ 63.134555][ T5953] __x64_sys_bpf+0x7c/0x90 [ 63.136148][ T5953] do_syscall_64+0xfa/0xfa0 [ 63.137773][ T5953] ? lockdep_hardirqs_on+0x9c/0x150 [ 63.139631][ T5953] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.141810][ T5953] ? exc_page_fault+0xab/0x100 [ 63.143537][ T5953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.145580][ T5953] RIP: 0033:0x7fe41118f7c9 [ 63.147157][ T5953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 63.153943][ T5953] RSP: 002b:00007ffcd4179988 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 63.156839][ T5953] RAX: ffffffffffffffda RBX: 00007fe4113e5fa0 RCX: 00007fe41118f7c9 [ 63.159593][ T5953] RDX: 0000000000000020 RSI: 0000200000000800 RDI: 0000000000000002 [ 63.162306][ T5953] RBP: 00007fe4111f297f R08: 0000000000000000 R09: 0000000000000000 [ 63.165110][ T5953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.167886][ T5953] R13: 00007fe4113e5fa0 R14: 00007fe4113e5fa0 R15: 0000000000000003 [ 63.170580][ T5953] [ 63.171690][ T5953] Modules linked in: [ 63.173535][ T5953] ---[ end trace 0000000000000000 ]--- [ 63.177354][ T5953] RIP: 0010:bpf_lru_push_free+0x6e/0xbb0 [ 63.179688][ T5953] Code: 01 0f 85 e4 00 00 00 4c 89 f0 48 c1 e8 03 80 3c 28 00 74 08 4c 89 f7 e8 c0 82 42 00 4d 8b 3e 4c 8d 73 10 4c 89 f0 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 5b 09 00 00 45 0f b7 36 bf 08 00 00 00 44 [ 63.186361][ T5953] RSP: 0018:ffffc900046d7b48 EFLAGS: 00010202 [ 63.188322][ T5953] RAX: 0000000000000004 RBX: 0000000000000010 RCX: ffff888112941d00 [ 63.190754][ T5953] RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffff888117c02300 [ 63.193228][ T5953] RBP: dffffc0000000000 R08: ffffffff8f7cee77 R09: 1ffffffff1ef9dce [ 63.195965][ T5953] R10: dffffc0000000000 R11: fffffbfff1ef9dcf R12: 0000000000000002 [ 63.198523][ T5953] R13: 00000000fffffffe R14: 0000000000000020 R15: 0000607d55cf6a80 [ 63.200977][ T5953] FS: 000055555edc7500(0000) GS:ffff88818eb38000(0000) knlGS:0000000000000000 [ 63.203898][ T5953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.206056][ T5953] CR2: 0000001b2ed63fff CR3: 000000010bca0000 CR4: 00000000000006f0 [ 63.208450][ T5953] Kernel panic - not syncing: Fatal exception [ 63.211092][ T5953] Kernel Offset: disabled [ 63.212460][ T5953] Rebooting in 86400 seconds..