Warning: Permanently added '[localhost]:13158' (ED25519) to the list of known hosts.
2026/02/05 14:19:45 parsed 1 programs
syzkaller login: [   53.091332][ T5821] cgroup: Unknown subsys name 'net'
[   53.201452][ T5821] cgroup: Unknown subsys name 'cpuset'
[   53.206521][ T5821] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   55.010942][ T5821] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   57.787396][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   58.197253][ T5854] chnl_net:caif_netlink_parms(): no params data found
[   58.255670][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.259561][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.262285][ T5854] bridge_slave_0: entered allmulticast mode
[   58.265394][ T5854] bridge_slave_0: entered promiscuous mode
[   58.270599][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.272755][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.275466][ T5854] bridge_slave_1: entered allmulticast mode
[   58.278163][ T5854] bridge_slave_1: entered promiscuous mode
[   58.297146][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.302585][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.320103][ T5854] team0: Port device team_slave_0 added
[   58.323259][ T5854] team0: Port device team_slave_1 added
[   58.338615][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.340639][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   58.348129][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.352926][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.355055][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   58.362612][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.390598][ T5854] hsr_slave_0: entered promiscuous mode
[   58.392987][ T5854] hsr_slave_1: entered promiscuous mode
[   58.507545][ T5854] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   58.514641][ T5854] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   58.520139][ T5854] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   58.524989][ T5854] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   58.555031][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.557547][ T5854] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.560812][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.563316][ T5854] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.603403][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.618092][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.621401][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.631584][ T5854] 8021q: adding VLAN 0 to HW filter on device team0
[   58.638429][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.640709][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.647544][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.649726][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.780589][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.810395][ T5854] veth0_vlan: entered promiscuous mode
[   58.816014][ T5854] veth1_vlan: entered promiscuous mode
[   58.834042][ T5854] veth0_macvtap: entered promiscuous mode
[   58.838751][ T5854] veth1_macvtap: entered promiscuous mode
[   58.851167][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.858422][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.868124][ T5842] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.871221][ T5842] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.882990][ T5842] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.887124][ T5842] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.968911][ T5842] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.016157][ T5842] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.091374][ T5842] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.151511][ T5842] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.178991][ T4228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.181398][ T4228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.204750][ T4228] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.207145][ T4228] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.571323][   T56] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   59.574117][   T56] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   59.577174][   T56] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   59.580018][   T56] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   59.582751][   T56] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/02/05 14:19:55 executed programs: 0
[   61.050375][   T56] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.053170][   T56] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.057376][   T56] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.061303][   T56] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.063931][   T56] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.167692][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   61.223666][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.226493][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.228762][ T5942] bridge_slave_0: entered allmulticast mode
[   61.231413][ T5942] bridge_slave_0: entered promiscuous mode
[   61.235060][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.237748][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.240158][ T5942] bridge_slave_1: entered allmulticast mode
[   61.243205][ T5942] bridge_slave_1: entered promiscuous mode
[   61.265834][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.270350][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.290673][ T5942] team0: Port device team_slave_0 added
[   61.294045][ T5942] team0: Port device team_slave_1 added
[   61.312084][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.314199][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   61.322555][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.327308][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.329591][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   61.337900][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.366401][ T5942] hsr_slave_0: entered promiscuous mode
[   61.368655][ T5942] hsr_slave_1: entered promiscuous mode
[   61.370871][ T5942] debugfs: 'hsr0' already exists in 'hsr'
[   61.372608][ T5942] Cannot create hsr debugfs directory
[   62.316422][ T5842] bridge_slave_1: left allmulticast mode
[   62.318393][ T5842] bridge_slave_1: left promiscuous mode
[   62.320636][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.327407][ T5842] bridge_slave_0: left allmulticast mode
[   62.329935][ T5842] bridge_slave_0: left promiscuous mode
[   62.331843][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.510460][ T5842] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   62.515430][ T5842] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   62.519168][ T5842] bond0 (unregistering): Released all slaves
[   62.603377][ T5842] hsr_slave_0: left promiscuous mode
[   62.605675][ T5842] hsr_slave_1: left promiscuous mode
[   62.607736][ T5842] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.614820][ T5842] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.618973][ T5842] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.621212][ T5842] batman_adv: batadv0: Removing interface: batadv_slave_1
[   62.635772][ T5842] veth1_macvtap: left promiscuous mode
[   62.637844][ T5842] veth0_macvtap: left promiscuous mode
[   62.641367][ T5842] veth1_vlan: left promiscuous mode
[   62.643017][ T5842] veth0_vlan: left promiscuous mode
[   62.927072][ T5842] team0 (unregistering): Port device team_slave_1 removed
[   62.948213][ T5842] team0 (unregistering): Port device team_slave_0 removed
[   63.135787][   T56] Bluetooth: hci0: command tx timeout
[   63.308534][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.315571][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.320478][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.325952][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.399396][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.410920][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   63.418233][ T4085] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.420377][ T4085] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.427934][ T4085] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.429996][ T4085] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.886229][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.930168][ T5942] veth0_vlan: entered promiscuous mode
[   63.939258][ T5942] veth1_vlan: entered promiscuous mode
[   63.978026][ T5942] veth0_macvtap: entered promiscuous mode
[   63.987902][ T5942] veth1_macvtap: entered promiscuous mode
[   64.046067][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.051924][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.060303][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.064017][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.068951][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.073342][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.178343][ T4470] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.181219][ T4470] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.253058][ T4470] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.262673][ T4470] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.318676][ T5976] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001b: 0000 [#1] SMP KASAN PTI
[   64.322964][ T5976] KASAN: null-ptr-deref in range [0x00000000000000d8-0x00000000000000df]
[   64.325940][ T5976] CPU: 1 UID: 0 PID: 5976 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   64.329095][ T5976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   64.332658][ T5976] RIP: 0010:percpu_counter_add_batch+0x3e/0x1d0
[   64.334883][ T5976] Code: d4 49 89 f5 48 89 fb 49 bf 00 00 00 00 00 fc ff df e8 e6 76 f2 fc 48 89 5c 24 10 4c 8d 73 58 4c 89 f0 48 c1 e8 03 48 89 04 24 <42> 80 3c 38 00 74 08 4c 89 f7 e8 d3 2c 5a fd 49 8b 06 65 8b 28 41
[   64.342012][ T5976] RSP: 0018:ffffc90003b37778 EFLAGS: 00010206
[   64.344194][ T5976] RAX: 000000000000001b RBX: 0000000000000080 RCX: ffff888115b8ba80
[   64.347084][ T5976] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000080
[   64.350022][ T5976] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[   64.352931][ T5976] R10: dffffc0000000000 R11: fffff52000766ee4 R12: 0000000000000020
[   64.355843][ T5976] R13: ffffffffffffffff R14: 00000000000000d8 R15: dffffc0000000000
[   64.358675][ T5976] FS:  000055555baf2500(0000) GS:ffff8882a9928000(0000) knlGS:0000000000000000
[   64.361915][ T5976] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   64.364369][ T5976] CR2: 00007ffc74af2e38 CR3: 0000000115cec000 CR4: 00000000000006f0
[   64.366786][ T5976] Call Trace:
[   64.367824][ T5976]  <TASK>
[   64.368762][ T5976]  dst_release+0x126/0x1b0
[   64.370128][ T5976]  bpf_skb_set_tunnel_key+0x239/0xa30
[   64.371844][ T5976]  ? __pfx_bpf_skb_set_tunnel_key+0x10/0x10
[   64.373776][ T5976]  ? kvm_clock_get_cycles+0x47/0x60
[   64.375490][ T5976]  ? ktime_get+0x1d2/0x200
[   64.376916][ T5976]  bpf_prog_adb554717e5d6596+0x4f/0x5c
[   64.378437][ T5976]  ? bpf_test_run+0x1d1/0x830
[   64.379841][ T5976]  bpf_test_run+0x354/0x830
[   64.381191][ T5976]  ? __pfx_bpf_test_run+0x10/0x10
[   64.382657][ T5976]  ? eth_type_trans+0x35e/0x6d0
[   64.384190][ T5976]  ? skb_dst_set+0x72/0x140
[   64.385477][ T5976]  bpf_prog_test_run_skb+0xe02/0x1ea0
[   64.387105][ T5976]  ? __might_fault+0xaf/0x130
[   64.388457][ T5976]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   64.390116][ T5976]  bpf_prog_test_run+0x2c7/0x340
[   64.391681][ T5976]  __sys_bpf+0x643/0x950
[   64.392905][ T5976]  ? __pfx___sys_bpf+0x10/0x10
[   64.394259][ T5976]  ? exc_page_fault+0x6a/0xc0
[   64.395598][ T5976]  ? __pfx___se_sys_futex+0x10/0x10
[   64.397119][ T5976]  ? rcu_is_watching+0x15/0xb0
[   64.398433][ T5976]  __x64_sys_bpf+0x7c/0x90
[   64.399681][ T5976]  do_syscall_64+0xe2/0xf80
[   64.401008][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.402713][ T5976]  ? trace_irq_disable+0x37/0x100
[   64.404394][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.406409][ T5976] RIP: 0033:0x7fca1679acb9
[   64.407794][ T5976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   64.413426][ T5976] RSP: 002b:00007ffdef1739c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   64.415874][ T5976] RAX: ffffffffffffffda RBX: 00007fca16a15fa0 RCX: 00007fca1679acb9
[   64.418233][ T5976] RDX: 0000000000000050 RSI: 0000200000000d80 RDI: 000000000000000a
[   64.420425][ T5976] RBP: 00007fca16808bf7 R08: 0000000000000000 R09: 0000000000000000
[   64.422645][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   64.424881][ T5976] R13: 00007fca16a15fac R14: 00007fca16a15fa0 R15: 00007fca16a15fa0
[   64.427126][ T5976]  </TASK>
[   64.428020][ T5976] Modules linked in:
[   64.429229][ T5976] ---[ end trace 0000000000000000 ]---
[   64.430745][ T5976] RIP: 0010:percpu_counter_add_batch+0x3e/0x1d0
[   64.432479][ T5976] Code: d4 49 89 f5 48 89 fb 49 bf 00 00 00 00 00 fc ff df e8 e6 76 f2 fc 48 89 5c 24 10 4c 8d 73 58 4c 89 f0 48 c1 e8 03 48 89 04 24 <42> 80 3c 38 00 74 08 4c 89 f7 e8 d3 2c 5a fd 49 8b 06 65 8b 28 41
[   64.438030][ T5976] RSP: 0018:ffffc90003b37778 EFLAGS: 00010206
[   64.439856][ T5976] RAX: 000000000000001b RBX: 0000000000000080 RCX: ffff888115b8ba80
[   64.442271][ T5976] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000080
[   64.444532][ T5976] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[   64.446767][ T5976] R10: dffffc0000000000 R11: fffff52000766ee4 R12: 0000000000000020
[   64.449123][ T5976] R13: ffffffffffffffff R14: 00000000000000d8 R15: dffffc0000000000
[   64.451453][ T5976] FS:  000055555baf2500(0000) GS:ffff8882a9928000(0000) knlGS:0000000000000000
[   64.454173][ T5976] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   64.456099][ T5976] CR2: 00007ffc74af2e38 CR3: 0000000115cec000 CR4: 00000000000006f0
[   64.458488][ T5976] Kernel panic - not syncing: Fatal exception in interrupt
[   64.461398][ T5976] Kernel Offset: disabled
[   64.462768][ T5976] Rebooting in 86400 seconds..