Warning: Permanently added '[localhost]:27433' (ED25519) to the list of known hosts.
2026/02/01 09:40:56 parsed 1 programs
syzkaller login: [   86.714167][   T24] cfg80211: failed to load regulatory.db
[   88.670589][ T5835] cgroup: Unknown subsys name 'net'
[   88.797698][ T5835] cgroup: Unknown subsys name 'cpuset'
[   88.803318][ T5835] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   90.348934][ T5835] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.683144][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   93.470059][ T5870] chnl_net:caif_netlink_parms(): no params data found
[   93.548789][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.552307][ T5870] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.555281][ T5870] bridge_slave_0: entered allmulticast mode
[   93.559290][ T5870] bridge_slave_0: entered promiscuous mode
[   93.565180][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.568011][ T5870] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.570693][ T5870] bridge_slave_1: entered allmulticast mode
[   93.574959][ T5870] bridge_slave_1: entered promiscuous mode
[   93.621000][ T5870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.627190][ T5870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.653746][ T5870] team0: Port device team_slave_0 added
[   93.657835][ T5870] team0: Port device team_slave_1 added
[   93.680478][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.683847][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   93.693912][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.703175][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.706274][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   93.716744][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.750310][ T5870] hsr_slave_0: entered promiscuous mode
[   93.752603][ T5870] hsr_slave_1: entered promiscuous mode
[   93.863868][ T5870] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.869432][ T5870] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.874747][ T5870] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.878671][ T5870] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.900277][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.903059][ T5870] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.905777][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.908039][ T5870] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.941844][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.950836][ T3827] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.955667][ T3827] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.964214][ T5870] 8021q: adding VLAN 0 to HW filter on device team0
[   93.969870][ T3827] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.972158][ T3827] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.980210][ T3827] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.983108][ T3827] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.116120][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.145615][ T5870] veth0_vlan: entered promiscuous mode
[   94.151507][ T5870] veth1_vlan: entered promiscuous mode
[   94.171797][ T5870] veth0_macvtap: entered promiscuous mode
[   94.177072][ T5870] veth1_macvtap: entered promiscuous mode
[   94.189106][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.197329][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.205789][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.209233][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.212569][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.215971][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.319835][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.366652][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.422994][   T28] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.426142][   T28] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.438255][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.458292][   T28] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.460656][   T28] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.476229][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.509932][ T5221] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.514737][ T5221] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.517445][ T5221] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.520227][ T5221] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.525346][ T5221] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/02/01 09:41:06 executed programs: 0
[   96.282471][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.285990][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.289104][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.292603][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.297675][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.407028][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   96.449256][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.451389][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.453664][ T5941] bridge_slave_0: entered allmulticast mode
[   96.457258][ T5941] bridge_slave_0: entered promiscuous mode
[   96.460331][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.462435][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.465165][ T5941] bridge_slave_1: entered allmulticast mode
[   96.468699][ T5941] bridge_slave_1: entered promiscuous mode
[   96.496295][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.502062][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.521652][ T5941] team0: Port device team_slave_0 added
[   96.527054][ T5941] team0: Port device team_slave_1 added
[   96.544819][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.547292][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.556364][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.561847][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.564981][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.573547][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.601043][ T5941] hsr_slave_0: entered promiscuous mode
[   96.603972][ T5941] hsr_slave_1: entered promiscuous mode
[   96.606073][ T5941] debugfs: 'hsr0' already exists in 'hsr'
[   96.607800][ T5941] Cannot create hsr debugfs directory
[   97.311686][   T12] bridge_slave_1: left allmulticast mode
[   97.314210][   T12] bridge_slave_1: left promiscuous mode
[   97.316656][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.322445][   T12] bridge_slave_0: left allmulticast mode
[   97.325812][   T12] bridge_slave_0: left promiscuous mode
[   97.327641][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.482603][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   97.487547][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   97.492240][   T12] bond0 (unregistering): Released all slaves
[   97.580375][   T12] hsr_slave_0: left promiscuous mode
[   97.585561][   T12] hsr_slave_1: left promiscuous mode
[   97.587962][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.590446][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.594887][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.597158][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.606219][   T12] veth1_macvtap: left promiscuous mode
[   97.608047][   T12] veth0_macvtap: left promiscuous mode
[   97.609841][   T12] veth1_vlan: left promiscuous mode
[   97.611800][   T12] veth0_vlan: left promiscuous mode
[   97.856883][   T12] team0 (unregistering): Port device team_slave_1 removed
[   97.877299][   T12] team0 (unregistering): Port device team_slave_0 removed
[   98.318621][   T55] Bluetooth: hci0: command tx timeout
[   98.339047][ T5941] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.346189][ T5941] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.352297][ T5941] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.362076][ T5941] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.436085][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.447796][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   98.458466][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.460964][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.469478][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.472193][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.957262][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.027974][ T5941] veth0_vlan: entered promiscuous mode
[   99.043182][ T5941] veth1_vlan: entered promiscuous mode
[   99.105221][ T5941] veth0_macvtap: entered promiscuous mode
[   99.110747][ T5941] veth1_macvtap: entered promiscuous mode
[   99.121783][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.130411][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.142366][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.146663][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.150054][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.154981][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.208174][   T28] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.210543][   T28] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.246017][ T3536] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.249091][ T3536] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.304520][ T5983] loop0: detected capacity change from 0 to 512
[   99.309101][ T5983] EXT4-fs (loop0): filesystem is read-only
[   99.311387][ T5983] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   99.330029][ T5983] EXT4-fs (loop0): filesystem is read-only
[   99.331859][ T5983] EXT4-fs (loop0): orphan cleanup on readonly fs
[   99.335781][ T5983] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.17: bg 0: block 64: padding at end of block bitmap is not set
[   99.342160][ T5983] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   99.345369][ T5983] EXT4-fs (loop0): 1 orphan inode deleted
[   99.348082][ T5983] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   99.353745][ T5983] /dev/loop0: Can't open blockdev
[   99.355378][ T5983] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[   99.358991][ T5983] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   99.361857][ T5983] CPU: 0 UID: 0 PID: 5983 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   99.364793][ T5983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   99.367954][ T5983] RIP: 0010:fuse_kill_sb_blk+0x210/0x270
[   99.369673][ T5983] Code: fe 4c 89 ff e8 d1 b5 ff ff 48 89 ef e8 79 5d 00 ff 43 80 3c 2e 00 74 08 48 89 df e8 0a da ed fe 48 8b 1b 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 f1 d9 ed fe 48 8b 3b e8 f9 6a ff
[   99.376347][ T5983] RSP: 0018:ffffc90003c17af8 EFLAGS: 00010246
[   99.378262][ T5983] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888118069d40
[   99.381061][ T5983] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00000000ffffffff
[   99.383752][ T5983] RBP: ffff8881168e0000 R08: ffff8881168e0077 R09: 1ffff11022d1c00e
[   99.386506][ T5983] R10: dffffc0000000000 R11: ffffed1022d1c00f R12: ffff8881168e0068
[   99.388902][ T5983] R13: dffffc0000000000 R14: 1ffff11022d1c0c7 R15: 0000000000000000
[   99.391320][ T5983] FS:  0000555591c2f500(0000) GS:ffff88818e342000(0000) knlGS:0000000000000000
[   99.394020][ T5983] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   99.395951][ T5983] CR2: 0000200000002000 CR3: 00000001115be000 CR4: 00000000000006f0
[   99.398353][ T5983] Call Trace:
[   99.399399][ T5983]  <TASK>
[   99.400311][ T5983]  ? shrinker_free+0x2ce/0x3e0
[   99.401775][ T5983]  deactivate_locked_super+0xbc/0x130
[   99.403420][ T5983]  get_tree_bdev_flags+0x4b4/0x560
[   99.404976][ T5983]  ? __pfx_fuse_fill_super+0x10/0x10
[   99.406602][ T5983]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   99.408317][ T5983]  ? fuse_conn_init+0xa09/0xdb0
[   99.410035][ T5983]  fuse_get_tree+0x23c/0x4f0
[   99.411785][ T5983]  vfs_get_tree+0x92/0x2a0
[   99.413423][ T5983]  do_new_mount+0x329/0xa50
[   99.415081][ T5983]  ? apparmor_capable+0x137/0x1a0
[   99.416826][ T5983]  ? __pfx_do_new_mount+0x10/0x10
[   99.418596][ T5983]  ? ns_capable+0x89/0xe0
[   99.420043][ T5983]  ? kmem_cache_free+0x195/0x610
[   99.421771][ T5983]  __se_sys_mount+0x31d/0x420
[   99.423483][ T5983]  ? __pfx___se_sys_mount+0x10/0x10
[   99.425469][ T5983]  ? do_syscall_64+0xb4/0xf80
[   99.427147][ T5983]  ? __x64_sys_mount+0x20/0xc0
[   99.428705][ T5983]  do_syscall_64+0xf0/0xf80
[   99.430076][ T5983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.431942][ T5983]  ? exc_page_fault+0xa7/0xf0
[   99.433434][ T5983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.435222][ T5983] RIP: 0033:0x7f29dd79acb9
[   99.436661][ T5983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   99.442778][ T5983] RSP: 002b:00007fffc5c2bf88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   99.445363][ T5983] RAX: ffffffffffffffda RBX: 00007f29dda15fa0 RCX: 00007f29dd79acb9
[   99.447781][ T5983] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 0000200000000000
[   99.450183][ T5983] RBP: 00007f29dd808bf7 R08: 0000000000000000 R09: 0000000000000000
[   99.452552][ T5983] R10: 0000000003000000 R11: 0000000000000246 R12: 0000000000000000
[   99.455003][ T5983] R13: 00007f29dda15fac R14: 00007f29dda15fa0 R15: 00007f29dda15fa0
[   99.457453][ T5983]  </TASK>
[   99.458465][ T5983] Modules linked in:
[   99.460065][ T5983] ---[ end trace 0000000000000000 ]---
[   99.464727][ T5983] RIP: 0010:fuse_kill_sb_blk+0x210/0x270
[   99.466452][ T5983] Code: fe 4c 89 ff e8 d1 b5 ff ff 48 89 ef e8 79 5d 00 ff 43 80 3c 2e 00 74 08 48 89 df e8 0a da ed fe 48 8b 1b 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 f1 d9 ed fe 48 8b 3b e8 f9 6a ff
[   99.472361][ T5983] RSP: 0018:ffffc90003c17af8 EFLAGS: 00010246
[   99.474599][ T5983] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888118069d40
[   99.477158][ T5983] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00000000ffffffff
[   99.479562][ T5983] RBP: ffff8881168e0000 R08: ffff8881168e0077 R09: 1ffff11022d1c00e
[   99.481985][ T5983] R10: dffffc0000000000 R11: ffffed1022d1c00f R12: ffff8881168e0068
[   99.484726][ T5983] R13: dffffc0000000000 R14: 1ffff11022d1c0c7 R15: 0000000000000000
[   99.487153][ T5983] FS:  0000555591c2f500(0000) GS:ffff88818e342000(0000) knlGS:0000000000000000
[   99.489929][ T5983] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   99.491908][ T5983] CR2: 0000200000002000 CR3: 00000001115be000 CR4: 00000000000006f0
[   99.494702][ T5983] Kernel panic - not syncing: Fatal exception
[   99.497407][ T5983] Kernel Offset: disabled
[   99.498902][ T5983] Rebooting in 86400 seconds..