Warning: Permanently added '[localhost]:15966' (ED25519) to the list of known hosts.
2026/02/05 14:17:56 parsed 1 programs
syzkaller login: [   59.725055][ T5836] cgroup: Unknown subsys name 'net'
[   59.888211][ T5836] cgroup: Unknown subsys name 'cpuset'
[   59.891853][ T5836] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   61.994140][ T5836] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   64.172361][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   64.585427][ T5862] chnl_net:caif_netlink_parms(): no params data found
[   64.691352][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.694875][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.697022][ T5862] bridge_slave_0: entered allmulticast mode
[   64.699601][ T5862] bridge_slave_0: entered promiscuous mode
[   64.704710][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.707263][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.709363][ T5862] bridge_slave_1: entered allmulticast mode
[   64.711928][ T5862] bridge_slave_1: entered promiscuous mode
[   64.733674][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.738107][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.755290][ T5862] team0: Port device team_slave_0 added
[   64.758478][ T5862] team0: Port device team_slave_1 added
[   64.773668][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.775654][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.783821][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.788379][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.790377][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.797637][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.822802][ T5862] hsr_slave_0: entered promiscuous mode
[   64.825113][ T5862] hsr_slave_1: entered promiscuous mode
[   64.933553][ T5862] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   64.940033][ T5862] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   64.945718][ T5862] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   64.950815][ T5862] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   64.976727][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.978866][ T5862] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.981354][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.983506][ T5862] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.023457][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.034544][  T374] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.037449][  T374] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.047430][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[   65.055313][  T374] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.057420][  T374] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.064425][  T374] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.066951][  T374] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.168188][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.192564][ T5862] veth0_vlan: entered promiscuous mode
[   65.198283][ T5862] veth1_vlan: entered promiscuous mode
[   65.217705][ T5862] veth0_macvtap: entered promiscuous mode
[   65.221683][ T5862] veth1_macvtap: entered promiscuous mode
[   65.233464][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.240353][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.249210][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.252586][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.256403][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.260638][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.362142][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.433725][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.485232][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.570415][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.097872][   T56] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.101008][   T56] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.106325][   T56] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.109040][   T56] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.111600][   T56] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.797314][  T374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.799597][  T374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.821562][  T374] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.824430][  T374] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/05 14:18:05 executed programs: 0
[   67.210088][ T5222] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.213747][ T5222] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.216212][ T5222] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.218815][ T5222] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.221306][ T5222] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.322135][ T5944] chnl_net:caif_netlink_parms(): no params data found
[   67.370030][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.372132][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.374743][ T5944] bridge_slave_0: entered allmulticast mode
[   67.377498][ T5944] bridge_slave_0: entered promiscuous mode
[   67.380704][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.383493][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.385628][ T5944] bridge_slave_1: entered allmulticast mode
[   67.388086][ T5944] bridge_slave_1: entered promiscuous mode
[   67.407827][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.412021][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.428421][ T5944] team0: Port device team_slave_0 added
[   67.431545][ T5944] team0: Port device team_slave_1 added
[   67.446962][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.448975][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.456470][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.460399][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.462526][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.471413][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.496409][ T5944] hsr_slave_0: entered promiscuous mode
[   67.498589][ T5944] hsr_slave_1: entered promiscuous mode
[   67.500654][ T5944] debugfs: 'hsr0' already exists in 'hsr'
[   67.502355][ T5944] Cannot create hsr debugfs directory
[   68.254979][   T12] bridge_slave_1: left allmulticast mode
[   68.257043][   T12] bridge_slave_1: left promiscuous mode
[   68.259595][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.267230][   T12] bridge_slave_0: left allmulticast mode
[   68.268846][   T12] bridge_slave_0: left promiscuous mode
[   68.270561][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.443157][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.447936][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   68.451958][   T12] bond0 (unregistering): Released all slaves
[   68.546981][   T12] hsr_slave_0: left promiscuous mode
[   68.549429][   T12] hsr_slave_1: left promiscuous mode
[   68.551927][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   68.555964][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   68.560272][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   68.563382][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   68.587764][   T12] veth1_macvtap: left promiscuous mode
[   68.589874][   T12] veth0_macvtap: left promiscuous mode
[   68.592031][   T12] veth1_vlan: left promiscuous mode
[   68.594875][   T12] veth0_vlan: left promiscuous mode
[   68.870917][   T12] team0 (unregistering): Port device team_slave_1 removed
[   68.891406][   T12] team0 (unregistering): Port device team_slave_0 removed
[   69.257425][ T5944] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   69.266578][ T5944] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   69.274023][ T5944] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   69.280636][ T5944] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.283984][   T56] Bluetooth: hci0: command tx timeout
[   69.344520][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.355036][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   69.360108][ T3970] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.362253][ T3970] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.369157][ T3970] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.371250][ T3970] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.700242][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.729601][ T5944] veth0_vlan: entered promiscuous mode
[   69.737727][ T5944] veth1_vlan: entered promiscuous mode
[   69.759475][ T5944] veth0_macvtap: entered promiscuous mode
[   69.768820][ T5944] veth1_macvtap: entered promiscuous mode
[   69.789437][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.797462][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.850382][ T5982] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.870329][ T5982] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.883228][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.899462][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.927443][ T4446] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.929686][ T4446] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.951799][ T4446] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.954439][ T4446] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.027123][ T5985] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[   70.031379][ T5985] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   70.034308][ T5985] CPU: 0 UID: 0 PID: 5985 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   70.037582][ T5985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   70.040633][ T5985] RIP: 0010:xfrm_lookup_with_ifid+0xe1/0x1af0
[   70.042497][ T5985] Code: 24 20 4d 8d 66 08 4c 89 e0 48 c1 e8 03 4d 89 ee 42 80 3c 28 00 74 08 4c 89 e7 e8 ba 20 17 f8 4d 8b 24 24 4c 89 e0 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 94 17 00 00 41 0f b7 04 24 89 44 24 28
[   70.048446][ T5985] RSP: 0018:ffffc90003e96fe0 EFLAGS: 00010246
[   70.050451][ T5985] RAX: 0000000000000000 RBX: ffffc90003e97080 RCX: 0000000000000000
[   70.052816][ T5985] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003e97090
[   70.055033][ T5985] RBP: ffffc90003e970f8 R08: ffffc90003e9708f R09: 0000000000000000
[   70.057230][ T5985] R10: ffffc90003e97080 R11: fffff520007d2e12 R12: 0000000000000000
[   70.059439][ T5985] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000
[   70.061660][ T5985] FS:  000055558c0ab500(0000) GS:ffff88818e328000(0000) knlGS:0000000000000000
[   70.064132][ T5985] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.066007][ T5985] CR2: 0000001b30363fff CR3: 00000001b9fc8000 CR4: 00000000000006f0
[   70.068252][ T5985] Call Trace:
[   70.069412][ T5985]  <TASK>
[   70.070347][ T5985]  ? bpf_lsm_xfrm_decode_session+0x9/0x20
[   70.071932][ T5985]  ? security_xfrm_decode_session+0x76/0x2a0
[   70.073935][ T5985]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[   70.075777][ T5985]  ? __pfx___xfrm_decode_session+0x10/0x10
[   70.077793][ T5985]  xfrm_lookup_route+0x3c/0x1c0
[   70.079195][ T5985]  vti_tunnel_xmit+0x48e/0x18f0
[   70.080678][ T5985]  ? __pfx_vti_tunnel_xmit+0x10/0x10
[   70.082197][ T5985]  ? stack_depot_save_flags+0x3f3/0x810
[   70.083851][ T5985]  dev_hard_start_xmit+0x2cd/0x7f0
[   70.085395][ T5985]  __dev_queue_xmit+0x14dd/0x32a0
[   70.086886][ T5985]  ? __dev_queue_xmit+0x2a7/0x32a0
[   70.088493][ T5985]  ? __pfx___dev_queue_xmit+0x10/0x10
[   70.090217][ T5985]  ? pskb_expand_head+0x19d/0x1160
[   70.091713][ T5985]  ? rcu_is_watching+0x15/0xb0
[   70.093115][ T5985]  ? trace_kmalloc+0x1f/0xb0
[   70.094547][ T5985]  ? __kmalloc_node_track_caller_noprof+0x577/0x7f0
[   70.096446][ T5985]  ? skb_release_data+0x2b6/0x7c0
[   70.097833][ T5985]  ? pskb_expand_head+0xb44/0x1160
[   70.099281][ T5985]  __bpf_tx_skb+0x18e/0x260
[   70.100577][ T5985]  bpf_clone_redirect+0x313/0x4b0
[   70.101989][ T5985]  ? bpf_test_run+0x1d1/0x830
[   70.103354][ T5985]  bpf_prog_e16758452f539c38+0x5f/0x68
[   70.104863][ T5985]  ? do_raw_spin_lock+0x12b/0x2f0
[   70.106313][ T5985]  ? lock_acquire+0x106/0x330
[   70.107639][ T5985]  ? ktime_get+0x45/0x200
[   70.108908][ T5985]  ? seqcount_lockdep_reader_access+0xa9/0x100
[   70.110700][ T5985]  ? kvm_clock_get_cycles+0x47/0x60
[   70.112230][ T5985]  ? ktime_get+0x1d2/0x200
[   70.113540][ T5985]  bpf_test_run+0x354/0x830
[   70.114834][ T5985]  ? __pfx_bpf_test_run+0x10/0x10
[   70.116259][ T5985]  ? eth_type_trans+0x35e/0x6d0
[   70.117650][ T5985]  ? skb_dst_set+0x72/0x140
[   70.118967][ T5985]  bpf_prog_test_run_skb+0xe02/0x1ea0
[   70.120526][ T5985]  ? __might_fault+0xaf/0x130
[   70.121858][ T5985]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   70.123486][ T5985]  bpf_prog_test_run+0x2c7/0x340
[   70.124892][ T5985]  __sys_bpf+0x643/0x950
[   70.126092][ T5985]  ? __pfx___sys_bpf+0x10/0x10
[   70.127473][ T5985]  ? __pfx___se_sys_futex+0x10/0x10
[   70.128992][ T5985]  __x64_sys_bpf+0x7c/0x90
[   70.130308][ T5985]  do_syscall_64+0xe2/0xf80
[   70.131587][ T5985]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.133298][ T5985]  ? trace_irq_disable+0x37/0x100
[   70.134743][ T5985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.136415][ T5985] RIP: 0033:0x7fe30af9acb9
[   70.137685][ T5985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   70.143097][ T5985] RSP: 002b:00007fffa3d1a918 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   70.145459][ T5985] RAX: ffffffffffffffda RBX: 00007fe30b215fa0 RCX: 00007fe30af9acb9
[   70.147687][ T5985] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[   70.149910][ T5985] RBP: 00007fe30b008bf7 R08: 0000000000000000 R09: 0000000000000000
[   70.152125][ T5985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   70.154366][ T5985] R13: 00007fe30b215fac R14: 00007fe30b215fa0 R15: 00007fe30b215fa0
[   70.156596][ T5985]  </TASK>
[   70.157456][ T5985] Modules linked in:
[   70.158662][ T5985] ---[ end trace 0000000000000000 ]---
[   70.160262][ T5985] RIP: 0010:xfrm_lookup_with_ifid+0xe1/0x1af0
[   70.161979][ T5985] Code: 24 20 4d 8d 66 08 4c 89 e0 48 c1 e8 03 4d 89 ee 42 80 3c 28 00 74 08 4c 89 e7 e8 ba 20 17 f8 4d 8b 24 24 4c 89 e0 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 94 17 00 00 41 0f b7 04 24 89 44 24 28
[   70.167449][ T5985] RSP: 0018:ffffc90003e96fe0 EFLAGS: 00010246
[   70.169196][ T5985] RAX: 0000000000000000 RBX: ffffc90003e97080 RCX: 0000000000000000
[   70.171471][ T5985] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003e97090
[   70.173797][ T5985] RBP: ffffc90003e970f8 R08: ffffc90003e9708f R09: 0000000000000000
[   70.176029][ T5985] R10: ffffc90003e97080 R11: fffff520007d2e12 R12: 0000000000000000
[   70.178243][ T5985] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000
[   70.180431][ T5985] FS:  000055558c0ab500(0000) GS:ffff88818e328000(0000) knlGS:0000000000000000
[   70.182974][ T5985] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.184829][ T5985] CR2: 0000001b30363fff CR3: 00000001b9fc8000 CR4: 00000000000006f0
[   70.187087][ T5985] Kernel panic - not syncing: Fatal exception in interrupt
[   70.189719][ T5985] Kernel Offset: disabled
[   70.190910][ T5985] Rebooting in 86400 seconds..