Warning: Permanently added '[localhost]:57094' (ED25519) to the list of known hosts.
2026/02/05 14:45:54 parsed 1 programs
syzkaller login: [   70.095688][ T5839] cgroup: Unknown subsys name 'net'
[   70.208609][ T5839] cgroup: Unknown subsys name 'cpuset'
[   70.214497][ T5839] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   71.917551][ T5839] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   74.450376][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   75.196498][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.204797][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.229333][ T3906] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.231640][ T3906] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.068678][ T5889] chnl_net:caif_netlink_parms(): no params data found
[   76.151327][ T5889] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.153882][ T5889] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.156199][ T5889] bridge_slave_0: entered allmulticast mode
[   76.159445][ T5889] bridge_slave_0: entered promiscuous mode
[   76.165033][ T5889] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.167212][ T5889] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.169397][ T5889] bridge_slave_1: entered allmulticast mode
[   76.171982][ T5889] bridge_slave_1: entered promiscuous mode
[   76.191418][ T5889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.196958][ T5889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.233543][ T5889] team0: Port device team_slave_0 added
[   76.237204][ T5889] team0: Port device team_slave_1 added
[   76.254998][ T5889] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.256978][ T5889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   76.264793][ T5889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.271040][ T5889] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.274275][ T5889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   76.283280][ T5889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.318542][ T5889] hsr_slave_0: entered promiscuous mode
[   76.320837][ T5889] hsr_slave_1: entered promiscuous mode
[   76.438255][ T5889] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   76.445913][ T5889] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   76.450396][ T5889] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   76.455756][ T5889] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   76.517717][ T5889] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.530968][ T5889] 8021q: adding VLAN 0 to HW filter on device team0
[   76.540308][ T2171] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.543211][ T2171] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.555336][ T2171] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.557932][ T2171] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.686705][ T5889] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.728785][ T5889] veth0_vlan: entered promiscuous mode
[   76.738734][ T5889] veth1_vlan: entered promiscuous mode
[   76.767808][ T5889] veth0_macvtap: entered promiscuous mode
[   76.773687][ T5889] veth1_macvtap: entered promiscuous mode
[   76.789627][ T5889] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.800244][ T5889] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.811634][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.815570][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.819367][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.823105][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.955358][ T5860] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.017319][ T5860] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.068503][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[   77.070670][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[   77.086086][ T5860] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.193578][ T5860] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.207159][   T56] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.210574][   T56] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.213254][   T56] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.216777][   T56] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.219311][   T56] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/02/05 14:46:05 executed programs: 0
[   78.654294][ T5218] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   78.657597][ T5218] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   78.660984][ T5218] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   78.666284][ T5218] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   78.669399][ T5218] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   78.812528][ T5944] chnl_net:caif_netlink_parms(): no params data found
[   78.883140][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.886025][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.888879][ T5944] bridge_slave_0: entered allmulticast mode
[   78.892825][ T5944] bridge_slave_0: entered promiscuous mode
[   78.898016][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.900683][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.903349][ T5944] bridge_slave_1: entered allmulticast mode
[   78.909098][ T5944] bridge_slave_1: entered promiscuous mode
[   78.939517][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.945867][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.975657][ T5944] team0: Port device team_slave_0 added
[   78.980592][ T5944] team0: Port device team_slave_1 added
[   79.003919][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.006634][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.016443][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.022144][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.024935][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.035146][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.078680][ T5944] hsr_slave_0: entered promiscuous mode
[   79.081659][ T5944] hsr_slave_1: entered promiscuous mode
[   79.084502][ T5944] debugfs: 'hsr0' already exists in 'hsr'
[   79.086917][ T5944] Cannot create hsr debugfs directory
[   80.314955][ T5860] bridge_slave_1: left allmulticast mode
[   80.317249][ T5860] bridge_slave_1: left promiscuous mode
[   80.319934][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.332162][ T5860] bridge_slave_0: left allmulticast mode
[   80.334336][ T5860] bridge_slave_0: left promiscuous mode
[   80.336461][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.554011][ T5860] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   80.558350][ T5860] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   80.561556][ T5860] bond0 (unregistering): Released all slaves
[   80.653219][ T5860] hsr_slave_0: left promiscuous mode
[   80.655987][ T5860] hsr_slave_1: left promiscuous mode
[   80.658553][ T5860] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   80.661049][ T5860] batman_adv: batadv0: Removing interface: batadv_slave_0
[   80.669699][ T5860] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   80.672153][ T5860] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.685216][ T5860] veth1_macvtap: left promiscuous mode
[   80.686910][ T5860] veth0_macvtap: left promiscuous mode
[   80.688933][ T5860] veth1_vlan: left promiscuous mode
[   80.691357][ T5860] veth0_vlan: left promiscuous mode
[   80.745479][ T5218] Bluetooth: hci0: command tx timeout
[   81.117819][ T5860] team0 (unregistering): Port device team_slave_1 removed
[   81.147863][ T5860] team0 (unregistering): Port device team_slave_0 removed
[   81.683884][ T5944] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.712175][ T5944] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.718136][ T5944] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.723123][ T5944] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.806351][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.817672][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   81.825602][ T3484] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.827954][ T3484] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.020130][ T3484] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.022800][ T3484] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.178637][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.205962][ T5944] veth0_vlan: entered promiscuous mode
[   82.213798][ T5944] veth1_vlan: entered promiscuous mode
[   82.231467][ T5944] veth0_macvtap: entered promiscuous mode
[   82.238970][ T5944] veth1_macvtap: entered promiscuous mode
[   82.250630][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.259635][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.267894][ T5992] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.271296][ T5992] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.287907][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.291501][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.350481][ T3484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.363866][ T3484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.382528][ T1096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.387279][ T1096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.441056][ T5994] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000a: 0000 [#1] SMP KASAN PTI
[   82.445282][ T5994] KASAN: null-ptr-deref in range [0x0000000000000050-0x0000000000000057]
[   82.448311][ T5994] CPU: 0 UID: 0 PID: 5994 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   82.451539][ T5994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   82.455491][ T5994] RIP: 0010:tnl_update_pmtu+0x52b/0x1190
[   82.457765][ T5994] Code: c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 0d 3a 2a f8 4c 8b 3b 49 83 c7 50 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ff e8 e7 39 2a f8 4d 8b 3f 4d 85 ff 8b 5c
[   82.464856][ T5994] RSP: 0018:ffffc90004ef6f68 EFLAGS: 00010206
[   82.467126][ T5994] RAX: 000000000000000a RBX: ffffffff9a2dcec8 RCX: dffffc0000000000
[   82.470044][ T5994] RDX: 0000000000000000 RSI: ffffffff9a2dcec0 RDI: 0000000000000000
[   82.472961][ T5994] RBP: ffffffff9a2dcec0 R08: ffffffff89db11f3 R09: ffffffff8e35a3a0
[   82.475851][ T5994] R10: ffffc90004ef6f20 R11: fffff520009dede6 R12: ffff888112583800
[   82.478740][ T5994] R13: ffff888112583858 R14: 1ffff110224b070b R15: 0000000000000050
[   82.481593][ T5994] FS:  000055557643a500(0000) GS:ffff88818e328000(0000) knlGS:0000000000000000
[   82.484745][ T5994] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   82.487162][ T5994] CR2: 0000001b30363fff CR3: 00000001744e0000 CR4: 00000000000006f0
[   82.490158][ T5994] Call Trace:
[   82.491423][ T5994]  <TASK>
[   82.492563][ T5994]  ip_tunnel_xmit+0xd36/0x2430
[   82.494420][ T5994]  ? unwind_next_frame+0xa5/0x23c0
[   82.496362][ T5994]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[   82.498307][ T5994]  ? gre_build_header+0x31f/0xa40
[   82.500135][ T5994]  ? __pfx_gre_build_header+0x10/0x10
[   82.502165][ T5994]  ? iptunnel_handle_offloads+0x2fd/0x630
[   82.504290][ T5994]  ipgre_xmit+0x8e6/0xc60
[   82.505890][ T5994]  ? __pfx_ipgre_xmit+0x10/0x10
[   82.507728][ T5994]  dev_hard_start_xmit+0x2cd/0x7f0
[   82.509593][ T5994]  __dev_queue_xmit+0x14dd/0x32a0
[   82.511455][ T5994]  ? __dev_queue_xmit+0x2a7/0x32a0
[   82.513369][ T5994]  ? __pfx___dev_queue_xmit+0x10/0x10
[   82.515363][ T5994]  ? rcu_is_watching+0x15/0xb0
[   82.517182][ T5994]  ? trace_kmalloc+0x1f/0xb0
[   82.518931][ T5994]  ? __kmalloc_node_track_caller_noprof+0x577/0x7f0
[   82.521331][ T5994]  ? skb_release_data+0x2b6/0x7c0
[   82.523226][ T5994]  ? pskb_expand_head+0xb44/0x1160
[   82.525082][ T5994]  __bpf_tx_skb+0x18e/0x260
[   82.526866][ T5994]  bpf_clone_redirect+0x313/0x4b0
[   82.528762][ T5994]  ? bpf_test_run+0x1d1/0x830
[   82.530527][ T5994]  bpf_prog_885767c90d177146+0x62/0x6b
[   82.532533][ T5994]  ? do_raw_spin_lock+0x12b/0x2f0
[   82.534349][ T5994]  ? lock_acquire+0x106/0x330
[   82.536084][ T5994]  ? ktime_get+0x45/0x200
[   82.537738][ T5994]  ? seqcount_lockdep_reader_access+0xa9/0x100
[   82.539996][ T5994]  ? kvm_clock_get_cycles+0x47/0x60
[   82.541956][ T5994]  ? ktime_get+0x1d2/0x200
[   82.543613][ T5994]  bpf_test_run+0x354/0x830
[   82.545368][ T5994]  ? __pfx_bpf_test_run+0x10/0x10
[   82.547271][ T5994]  ? eth_type_trans+0x35e/0x6d0
[   82.549088][ T5994]  ? skb_dst_set+0x72/0x140
[   82.550746][ T5994]  bpf_prog_test_run_skb+0xe02/0x1ea0
[   82.552770][ T5994]  ? __might_fault+0xaf/0x130
[   82.554565][ T5994]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   82.556781][ T5994]  bpf_prog_test_run+0x2c7/0x340
[   82.558709][ T5994]  __sys_bpf+0x643/0x950
[   82.560303][ T5994]  ? __pfx___sys_bpf+0x10/0x10
[   82.562113][ T5994]  ? __pfx___se_sys_futex+0x10/0x10
[   82.564141][ T5994]  __x64_sys_bpf+0x7c/0x90
[   82.565897][ T5994]  do_syscall_64+0xe2/0xf80
[   82.567646][ T5994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.569955][ T5994]  ? trace_irq_disable+0x37/0x100
[   82.571908][ T5994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.574055][ T5994] RIP: 0033:0x7fad0c59acb9
[   82.575733][ T5994] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   82.582783][ T5994] RSP: 002b:00007ffe97cab158 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   82.585884][ T5994] RAX: ffffffffffffffda RBX: 00007fad0c815fa0 RCX: 00007fad0c59acb9
[   82.588697][ T5994] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[   82.591659][ T5994] RBP: 00007fad0c608bf7 R08: 0000000000000000 R09: 0000000000000000
[   82.594543][ T5994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   82.597412][ T5994] R13: 00007fad0c815fac R14: 00007fad0c815fa0 R15: 00007fad0c815fa0
[   82.600179][ T5994]  </TASK>
[   82.601361][ T5994] Modules linked in:
[   82.602972][ T5994] ---[ end trace 0000000000000000 ]---
[   82.605152][ T5994] RIP: 0010:tnl_update_pmtu+0x52b/0x1190
[   82.607337][ T5994] Code: c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 0d 3a 2a f8 4c 8b 3b 49 83 c7 50 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ff e8 e7 39 2a f8 4d 8b 3f 4d 85 ff 8b 5c
[   82.614450][ T5994] RSP: 0018:ffffc90004ef6f68 EFLAGS: 00010206
[   82.616761][ T5994] RAX: 000000000000000a RBX: ffffffff9a2dcec8 RCX: dffffc0000000000
[   82.619645][ T5994] RDX: 0000000000000000 RSI: ffffffff9a2dcec0 RDI: 0000000000000000
[   82.622571][ T5994] RBP: ffffffff9a2dcec0 R08: ffffffff89db11f3 R09: ffffffff8e35a3a0
[   82.625672][ T5994] R10: ffffc90004ef6f20 R11: fffff520009dede6 R12: ffff888112583800
[   82.628726][ T5994] R13: ffff888112583858 R14: 1ffff110224b070b R15: 0000000000000050
[   82.631790][ T5994] FS:  000055557643a500(0000) GS:ffff88818e328000(0000) knlGS:0000000000000000
[   82.635081][ T5994] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   82.637584][ T5994] CR2: 0000001b30363fff CR3: 00000001744e0000 CR4: 00000000000006f0
[   82.640596][ T5994] Kernel panic - not syncing: Fatal exception in interrupt
[   82.644005][ T5994] Kernel Offset: disabled
[   82.645723][ T5994] Rebooting in 86400 seconds..