Warning: Permanently added '[localhost]:53707' (ED25519) to the list of known hosts.
2026/02/09 03:48:08 parsed 1 programs
syzkaller login: [   62.215580][ T5836] cgroup: Unknown subsys name 'net'
[   62.319129][ T5836] cgroup: Unknown subsys name 'cpuset'
[   62.325317][ T5836] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   64.100626][ T5836] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   67.018632][ T5844] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   67.915561][  T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.918031][  T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.937999][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.940449][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.249795][ T5221] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   68.257098][ T5221] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   68.260001][ T5221] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   68.263049][ T5221] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   68.265777][ T5221] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   68.780383][ T5897] chnl_net:caif_netlink_parms(): no params data found
[   68.860886][ T5897] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.863863][ T5897] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.866140][ T5897] bridge_slave_0: entered allmulticast mode
[   68.868880][ T5897] bridge_slave_0: entered promiscuous mode
[   68.878480][ T5897] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.880713][ T5897] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.882878][ T5897] bridge_slave_1: entered allmulticast mode
[   68.885893][ T5897] bridge_slave_1: entered promiscuous mode
[   68.910912][ T5897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.915560][ T5897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.932287][ T5897] team0: Port device team_slave_0 added
[   68.937221][ T5897] team0: Port device team_slave_1 added
[   68.953228][ T5897] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.955832][ T5897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.963692][ T5897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.969825][ T5897] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.971922][ T5897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.981039][ T5897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.008005][ T5897] hsr_slave_0: entered promiscuous mode
[   69.010287][ T5897] hsr_slave_1: entered promiscuous mode
[   69.115886][ T5897] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   69.122073][ T5897] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   69.126861][ T5897] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   69.131046][ T5897] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.178950][ T5897] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.192140][ T5897] 8021q: adding VLAN 0 to HW filter on device team0
[   69.198328][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.200511][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.213291][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.215698][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.313342][ T5897] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.340811][ T5897] veth0_vlan: entered promiscuous mode
[   69.348065][ T5897] veth1_vlan: entered promiscuous mode
[   69.366917][ T5897] veth0_macvtap: entered promiscuous mode
[   69.370969][ T5897] veth1_macvtap: entered promiscuous mode
[   69.382459][ T5897] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.389853][ T5897] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.399160][ T5868] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.406675][ T5868] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.409218][ T5868] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.411721][ T5868] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.521711][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.604009][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.664996][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.729227][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/02/09 03:48:18 executed programs: 0
[   70.263214][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   70.267665][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   70.270373][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   70.273180][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   70.277653][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   70.431299][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   70.507135][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.509965][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.512778][ T5943] bridge_slave_0: entered allmulticast mode
[   70.518200][ T5943] bridge_slave_0: entered promiscuous mode
[   70.523570][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.526903][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.529700][ T5943] bridge_slave_1: entered allmulticast mode
[   70.533270][ T5943] bridge_slave_1: entered promiscuous mode
[   70.563749][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.570132][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.589738][ T5943] team0: Port device team_slave_0 added
[   70.593370][ T5943] team0: Port device team_slave_1 added
[   70.614639][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.616546][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   70.623732][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.629466][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.631494][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   70.639424][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.666825][ T5943] hsr_slave_0: entered promiscuous mode
[   70.669072][ T5943] hsr_slave_1: entered promiscuous mode
[   70.671125][ T5943] debugfs: 'hsr0' already exists in 'hsr'
[   70.672850][ T5943] Cannot create hsr debugfs directory
[   72.345738][ T5221] Bluetooth: hci0: command tx timeout
[   72.643207][   T13] bridge_slave_1: left allmulticast mode
[   72.647493][   T13] bridge_slave_1: left promiscuous mode
[   72.649930][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.657234][   T13] bridge_slave_0: left allmulticast mode
[   72.659307][   T13] bridge_slave_0: left promiscuous mode
[   72.661623][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.880528][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   72.888740][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   72.893753][   T13] bond0 (unregistering): Released all slaves
[   73.027677][   T13] hsr_slave_0: left promiscuous mode
[   73.030598][   T13] hsr_slave_1: left promiscuous mode
[   73.033314][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.036716][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[   73.040757][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.043581][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[   73.063164][   T13] veth1_macvtap: left promiscuous mode
[   73.067020][   T13] veth0_macvtap: left promiscuous mode
[   73.069309][   T13] veth1_vlan: left promiscuous mode
[   73.071529][   T13] veth0_vlan: left promiscuous mode
[   73.422794][   T13] team0 (unregistering): Port device team_slave_1 removed
[   73.457824][   T13] team0 (unregistering): Port device team_slave_0 removed
[   73.928073][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   73.936977][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   73.947341][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   73.956146][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   74.065739][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.249416][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   74.257807][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.260425][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.276163][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.278750][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.435011][ T5221] Bluetooth: hci0: command tx timeout
[   74.437925][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.468330][ T5943] veth0_vlan: entered promiscuous mode
[   74.477318][ T5943] veth1_vlan: entered promiscuous mode
[   74.507130][ T5943] veth0_macvtap: entered promiscuous mode
[   74.511312][ T5943] veth1_macvtap: entered promiscuous mode
[   74.521184][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.527959][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.535637][ T5868] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.541689][ T5868] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.544758][ T5868] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.547948][ T5868] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.590055][  T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.592490][  T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.612475][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.618624][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.652714][ T5991] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI
[   74.656253][ T5991] KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
[   74.659296][ T5991] CPU: 1 UID: 0 PID: 5991 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   74.662059][ T5991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   74.664987][ T5991] RIP: 0010:ip6_tnl_xmit+0x14a1/0x2af0
[   74.666580][ T5991] Code: 74 12 4c 89 ef e8 af d8 ea f7 48 ba 00 00 00 00 00 fc ff df 4d 01 f4 49 83 c4 18 4d 8b 6d 00 49 83 c5 68 4c 89 e8 48 c1 e8 03 <80> 3c 10 00 74 08 4c 89 ef e8 81 d8 ea f7 4d 8b 5d 00 4c 89 ff 31
[   74.672125][ T5991] RSP: 0018:ffffc90003976e60 EFLAGS: 00010202
[   74.673894][ T5991] RAX: 000000000000000d RBX: 1ffff1102e6c7d07 RCX: ffff88810b2c57c0
[   74.676433][ T5991] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   74.679270][ T5991] RBP: ffffc90003977028 R08: ffff88810b2c57c0 R09: 0000000000000002
[   74.682232][ T5991] R10: 000000000000dd86 R11: 0000000000000000 R12: ffff88816a0ce066
[   74.685059][ T5991] R13: 0000000000000068 R14: ffff88816a0ce000 R15: ffffc90003977ba0
[   74.687856][ T5991] FS:  000055555f394500(0000) GS:ffff8882a9927000(0000) knlGS:0000000000000000
[   74.690434][ T5991] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   74.692339][ T5991] CR2: 0000001b30263fff CR3: 000000010d832000 CR4: 00000000000006f0
[   74.694639][ T5991] Call Trace:
[   74.695658][ T5991]  <TASK>
[   74.696565][ T5991]  ? lock_acquire+0x106/0x330
[   74.697976][ T5991]  ? __pfx_ip6_tnl_xmit+0x10/0x10
[   74.699472][ T5991]  ? __pfx_make_kuid+0x10/0x10
[   74.700876][ T5991]  ? iptunnel_handle_offloads+0x2fd/0x630
[   74.702565][ T5991]  ip6_tnl_start_xmit+0xc79/0x11d0
[   74.704078][ T5991]  ? __pfx_ip6_tnl_start_xmit+0x10/0x10
[   74.705713][ T5991]  ? stack_depot_save_flags+0x3f3/0x810
[   74.707365][ T5991]  dev_hard_start_xmit+0x2cd/0x7f0
[   74.708861][ T5991]  __dev_queue_xmit+0x14dd/0x32a0
[   74.710349][ T5991]  ? __dev_queue_xmit+0x2a7/0x32a0
[   74.711838][ T5991]  ? __pfx___dev_queue_xmit+0x10/0x10
[   74.713415][ T5991]  ? pskb_expand_head+0x19d/0x1160
[   74.714893][ T5991]  ? rcu_is_watching+0x15/0xb0
[   74.716321][ T5991]  ? trace_kmalloc+0x1f/0xb0
[   74.717664][ T5991]  ? __kmalloc_node_track_caller_noprof+0x577/0x7f0
[   74.719572][ T5991]  ? skb_release_data+0x2b6/0x7c0
[   74.721049][ T5991]  ? pskb_expand_head+0xb44/0x1160
[   74.722583][ T5991]  __bpf_tx_skb+0x18e/0x260
[   74.723916][ T5991]  bpf_clone_redirect+0x313/0x4b0
[   74.725410][ T5991]  ? bpf_test_run+0x1d1/0x830
[   74.726800][ T5991]  bpf_prog_2f59963de350c2d2+0x5e/0x67
[   74.728403][ T5991]  ? do_raw_spin_lock+0x12b/0x2f0
[   74.729891][ T5991]  ? lock_acquire+0x106/0x330
[   74.731633][ T5991]  ? ktime_get+0x45/0x200
[   74.733275][ T5991]  ? seqcount_lockdep_reader_access+0xa9/0x100
[   74.735586][ T5991]  ? kvm_clock_get_cycles+0x47/0x60
[   74.737532][ T5991]  ? ktime_get+0x1d2/0x200
[   74.739211][ T5991]  bpf_test_run+0x354/0x830
[   74.740913][ T5991]  ? __pfx_bpf_test_run+0x10/0x10
[   74.742812][ T5991]  ? bpf_prog_test_run_skb+0x12cf/0x1e00
[   74.744912][ T5991]  bpf_prog_test_run_skb+0x13b4/0x1e00
[   74.746935][ T5991]  ? __lock_acquire+0x6b5/0x2cf0
[   74.748786][ T5991]  ? futex_hash+0x40/0x2d0
[   74.750461][ T5991]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   74.752645][ T5991]  ? __pfx_dst_discard+0x10/0x10
[   74.754488][ T5991]  ? __pfx_dst_discard_out+0x10/0x10
[   74.756481][ T5991]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   74.758642][ T5991]  bpf_prog_test_run+0x2c7/0x340
[   74.760478][ T5991]  __sys_bpf+0x643/0x950
[   74.762063][ T5991]  ? __pfx___sys_bpf+0x10/0x10
[   74.763839][ T5991]  ? __pfx___se_sys_futex+0x10/0x10
[   74.765821][ T5991]  __x64_sys_bpf+0x7c/0x90
[   74.767501][ T5991]  do_syscall_64+0xe2/0xf80
[   74.769196][ T5991]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.771455][ T5991]  ? trace_irq_disable+0x37/0x100
[   74.773319][ T5991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.775545][ T5991] RIP: 0033:0x7ff39439acb9
[   74.777167][ T5991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   74.782758][ T5991] RSP: 002b:00007ffc03f9fef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   74.785197][ T5991] RAX: ffffffffffffffda RBX: 00007ff394615fa0 RCX: 00007ff39439acb9
[   74.787498][ T5991] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 000000000000000a
[   74.789802][ T5991] RBP: 00007ff394408bf7 R08: 0000000000000000 R09: 0000000000000000
[   74.792090][ T5991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.794382][ T5991] R13: 00007ff394615fac R14: 00007ff394615fa0 R15: 00007ff394615fa0
[   74.796693][ T5991]  </TASK>
[   74.797628][ T5991] Modules linked in:
[   74.798926][ T5991] ---[ end trace 0000000000000000 ]---
[   74.800530][ T5991] RIP: 0010:ip6_tnl_xmit+0x14a1/0x2af0
[   74.802187][ T5991] Code: 74 12 4c 89 ef e8 af d8 ea f7 48 ba 00 00 00 00 00 fc ff df 4d 01 f4 49 83 c4 18 4d 8b 6d 00 49 83 c5 68 4c 89 e8 48 c1 e8 03 <80> 3c 10 00 74 08 4c 89 ef e8 81 d8 ea f7 4d 8b 5d 00 4c 89 ff 31
[   74.808350][ T5991] RSP: 0018:ffffc90003976e60 EFLAGS: 00010202
[   74.810616][ T5991] RAX: 000000000000000d RBX: 1ffff1102e6c7d07 RCX: ffff88810b2c57c0
[   74.813546][ T5991] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   74.816123][ T5991] RBP: ffffc90003977028 R08: ffff88810b2c57c0 R09: 0000000000000002
[   74.818442][ T5991] R10: 000000000000dd86 R11: 0000000000000000 R12: ffff88816a0ce066
[   74.820732][ T5991] R13: 0000000000000068 R14: ffff88816a0ce000 R15: ffffc90003977ba0
[   74.823041][ T5991] FS:  000055555f394500(0000) GS:ffff8882a9927000(0000) knlGS:0000000000000000
[   74.825732][ T5991] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   74.827674][ T5991] CR2: 0000001b30263fff CR3: 000000010d832000 CR4: 00000000000006f0
[   74.829994][ T5991] Kernel panic - not syncing: Fatal exception in interrupt
[   74.832754][ T5991] Kernel Offset: disabled
[   74.834055][ T5991] Rebooting in 86400 seconds..