Warning: Permanently added '[localhost]:56729' (ED25519) to the list of known hosts. 2025/09/25 17:48:30 parsed 1 programs syzkaller login: [ 54.065734][ T5850] cgroup: Unknown subsys name 'net' [ 54.198751][ T5850] cgroup: Unknown subsys name 'cpuset' [ 54.205258][ T5850] cgroup: Unknown subsys name 'rlimit' [ 56.040489][ T5850] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.875456][ T5859] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 59.588490][ T5876] chnl_net:caif_netlink_parms(): no params data found [ 59.663818][ T5876] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.666592][ T5876] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.668902][ T5876] bridge_slave_0: entered allmulticast mode [ 59.672309][ T5876] bridge_slave_0: entered promiscuous mode [ 59.676163][ T5876] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.678711][ T5876] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.682088][ T5876] bridge_slave_1: entered allmulticast mode [ 59.685461][ T5876] bridge_slave_1: entered promiscuous mode [ 59.705656][ T5876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.710344][ T5876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.728824][ T5876] team0: Port device team_slave_0 added [ 59.732965][ T5876] team0: Port device team_slave_1 added [ 59.749570][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.752297][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.761284][ T5876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.767351][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.769828][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.778711][ T5876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.804604][ T5876] hsr_slave_0: entered promiscuous mode [ 59.807221][ T5876] hsr_slave_1: entered promiscuous mode [ 59.918357][ T5876] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.926816][ T5876] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.933020][ T5876] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.938974][ T5876] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.973135][ T5876] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.976279][ T5876] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.979999][ T5876] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.983308][ T5876] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.037077][ T5876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.050764][ T1088] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.056524][ T1088] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.067335][ T5876] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.077361][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.080355][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.089734][ T1088] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.092102][ T1088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.225756][ T5876] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.267456][ T5876] veth0_vlan: entered promiscuous mode [ 60.275890][ T5876] veth1_vlan: entered promiscuous mode [ 60.301297][ T5876] veth0_macvtap: entered promiscuous mode [ 60.307407][ T5876] veth1_macvtap: entered promiscuous mode [ 60.324997][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.336209][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.346616][ T5866] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.351237][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.355912][ T5880] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.359781][ T5880] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.458939][ T5880] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.526546][ T5880] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.584794][ T5880] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.649752][ T5880] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.212603][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.215966][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.235548][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.238796][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.663981][ T5933] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 61.667146][ T5933] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.670508][ T5933] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.674872][ T5933] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.678376][ T5933] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 2025/09/25 17:48:41 executed programs: 0 [ 62.643337][ T5933] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.647374][ T5933] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.650833][ T5933] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.655824][ T5933] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.659528][ T5933] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.816725][ T5959] chnl_net:caif_netlink_parms(): no params data found [ 62.895216][ T5959] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.898407][ T5959] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.901729][ T5959] bridge_slave_0: entered allmulticast mode [ 62.905644][ T5959] bridge_slave_0: entered promiscuous mode [ 62.910508][ T5959] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.914751][ T5959] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.917878][ T5959] bridge_slave_1: entered allmulticast mode [ 62.922637][ T5959] bridge_slave_1: entered promiscuous mode [ 62.954479][ T5959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.962018][ T5959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.992738][ T5959] team0: Port device team_slave_0 added [ 62.998323][ T5959] team0: Port device team_slave_1 added [ 63.027091][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.029988][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.041751][ T5959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.046569][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.049393][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.058563][ T5959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.084696][ T5959] hsr_slave_0: entered promiscuous mode [ 63.087004][ T5959] hsr_slave_1: entered promiscuous mode [ 63.089244][ T5959] debugfs: 'hsr0' already exists in 'hsr' [ 63.091391][ T5959] Cannot create hsr debugfs directory [ 63.771771][ T5880] bridge_slave_1: left allmulticast mode [ 63.774466][ T5880] bridge_slave_1: left promiscuous mode [ 63.777876][ T5880] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.786586][ T5880] bridge_slave_0: left allmulticast mode [ 63.788967][ T5880] bridge_slave_0: left promiscuous mode [ 63.800773][ T5880] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.035738][ T5880] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 64.043500][ T5880] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 64.048512][ T5880] bond0 (unregistering): Released all slaves [ 64.169411][ T5880] hsr_slave_0: left promiscuous mode [ 64.179665][ T5880] hsr_slave_1: left promiscuous mode [ 64.183917][ T5880] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 64.187213][ T5880] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 64.193740][ T5880] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 64.196926][ T5880] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 64.209524][ T5880] veth1_macvtap: left promiscuous mode [ 64.212321][ T5880] veth0_macvtap: left promiscuous mode [ 64.215213][ T5880] veth1_vlan: left promiscuous mode [ 64.217647][ T5880] veth0_vlan: left promiscuous mode [ 64.533033][ T5880] team0 (unregistering): Port device team_slave_1 removed [ 64.553730][ T5880] team0 (unregistering): Port device team_slave_0 removed [ 64.677959][ T5239] Bluetooth: hci0: command tx timeout [ 64.976772][ T5959] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.983684][ T5959] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.990072][ T5959] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.996737][ T5959] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.077658][ T5959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.094621][ T5959] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.103624][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.106650][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.530387][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.532974][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.706446][ T5959] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.752773][ T5959] veth0_vlan: entered promiscuous mode [ 65.803948][ T5959] veth1_vlan: entered promiscuous mode [ 65.826267][ T5959] veth0_macvtap: entered promiscuous mode [ 65.834472][ T5959] veth1_macvtap: entered promiscuous mode [ 65.860113][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.894946][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.908649][ T5918] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.913015][ T5918] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.917032][ T5918] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.921474][ T5918] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.023123][ T732] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.026626][ T732] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.049745][ T732] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.054318][ T732] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.103898][ T5991] [ 66.105011][ T5991] ================================================ [ 66.107779][ T5991] WARNING: lock held when returning to user space! [ 66.110568][ T5991] syzkaller #0 Not tainted [ 66.113163][ T5991] ------------------------------------------------ [ 66.116341][ T5991] syz.0.17/5991 is leaving the kernel with locks still held! [ 66.119384][ T5991] 1 lock held by syz.0.17/5991: [ 66.121411][ T5991] #0: ffff88801f7dcce8 (&resv_map->rw_sema){+.+.}-{4:4}, at: hugetlb_vmdelete_list+0x67/0x230 [ 66.751803][ T5239] Bluetooth: hci0: command tx timeout [ 68.831640][ T5239] Bluetooth: hci0: command tx timeout [ 70.911865][ T5239] Bluetooth: hci0: command tx timeout [ 71.233769][ T1363] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.236012][ T1363] ieee802154 phy1 wpan1: encryption failed: -22 VM DIAGNOSIS: 17:48:45 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8 RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000430f8b0 R8 =ffff8881065d8237 R9 =1ffff11020cbb046 R10=dffffc0000000000 R11=ffffffff854fada0 R12=dffffc0000000000 R13=ffffffff99b038e4 R14=ffffffff99df8460 R15=0000000000000000 RIP=ffffffff854fae1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055555568e500 ffffffff 00c00000 GS =0000 ffff8880b8612000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b31263fff CR3=000000010dd0c000 CR4=000006f0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000 0000000000000000 XMM01=a82876583736db57 4e5f06ba711f10d1 XMM02=f62b7f3bacb3e538 298f3794bde61bce XMM03=393a370e4d2f42a1 292d7792691eea37 XMM04=6b8d8700ea4fe614 765e13d5b7567edb XMM05=2c0937da639697f2 6e661e726f1479a2 XMM06=5ccd28714c997f05 a751ded2b3a5c311 XMM07=a2cfd78c9ab9926f 14d997176fe857d8 XMM08=b3207c0137b98365 eb25df476b8d8700 XMM09=0000000000000000 00007fc64f812fed XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000 XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000 XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=f70b7f3aefe68400 RBX=ffffffff819683f8 RCX=f70b7f3aefe68400 RDX=0000000000000001 RSI=ffffffff8be33f60 RDI=ffffffff819683f8 RBP=ffffc90000177f20 RSP=ffffc90000177de0 R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4 R12=ffffffff8fa3a730 R13=0000000000000001 R14=0000000000000001 R15=1ffff110200d6000 RIP=ffffffff8b7a53f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8881a3c12000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007faec875a095 CR3=0000000027eee000 CR4=000006f0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525 XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000 XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007fc64f812e7b XMM06=0000000000000000 00007fc64f812e75 XMM07=0000000000000000 00007fc64f812e89 XMM08=0000000000000000 00007fc64f812f0f XMM09=0000000000000000 00007fc64f812fed XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000 XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000 XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000