Warning: Permanently added '10.128.0.175' (ED25519) to the list of known hosts. 2025/12/21 07:06:12 parsed 1 programs syzkaller login: [ 89.134876][ T5773] cgroup: Unknown subsys name 'net' [ 89.268539][ T5773] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 91.029964][ T5773] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.021720][ T27] cfg80211: failed to load regulatory.db [ 93.251664][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 93.334408][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.342614][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.349838][ T5791] bridge_slave_0: entered allmulticast mode [ 93.357963][ T5791] bridge_slave_0: entered promiscuous mode [ 93.372258][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.379396][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.386840][ T5791] bridge_slave_1: entered allmulticast mode [ 93.394134][ T5791] bridge_slave_1: entered promiscuous mode [ 93.432261][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.444329][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.479932][ T5791] team0: Port device team_slave_0 added [ 93.491171][ T5791] team0: Port device team_slave_1 added [ 93.522165][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.529167][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.555153][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.570474][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.577443][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.603671][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.650530][ T5791] hsr_slave_0: entered promiscuous mode [ 93.656950][ T5791] hsr_slave_1: entered promiscuous mode [ 93.824629][ T5791] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.837477][ T5791] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.848790][ T5791] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.859585][ T5791] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.910904][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.918340][ T5791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.926459][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.933639][ T5791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.998917][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.014293][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.024199][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.050779][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.063175][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.070382][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.086178][ T3462] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.093355][ T3462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.298707][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.355065][ T5791] veth0_vlan: entered promiscuous mode [ 94.367728][ T5791] veth1_vlan: entered promiscuous mode [ 94.404001][ T5791] veth0_macvtap: entered promiscuous mode [ 94.413632][ T5791] veth1_macvtap: entered promiscuous mode [ 94.440743][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.457275][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.472595][ T5791] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.482090][ T5791] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.492182][ T5791] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.501056][ T5791] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.645859][ T1137] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.671959][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.682160][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.689959][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.698701][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.707850][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 94.715553][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 97.475798][ T1137] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.715565][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.725409][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.759066][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.767151][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/12/21 07:06:24 executed programs: 0 [ 98.514313][ T5080] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 98.523997][ T5080] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 98.532215][ T5080] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 98.541303][ T5080] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 98.549266][ T5080] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 98.557335][ T5080] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 98.728929][ T5877] chnl_net:caif_netlink_parms(): no params data found [ 98.804830][ T5877] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.812223][ T5877] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.819590][ T5877] bridge_slave_0: entered allmulticast mode [ 98.827746][ T5877] bridge_slave_0: entered promiscuous mode [ 98.836156][ T5877] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.844000][ T5877] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.852601][ T5877] bridge_slave_1: entered allmulticast mode [ 98.859719][ T5877] bridge_slave_1: entered promiscuous mode [ 98.892774][ T5877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.904653][ T5877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.941003][ T5877] team0: Port device team_slave_0 added [ 98.949671][ T5877] team0: Port device team_slave_1 added [ 98.981773][ T5877] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.988772][ T5877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.015433][ T5877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.028284][ T5877] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.035287][ T5877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.061509][ T5877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.107557][ T5877] hsr_slave_0: entered promiscuous mode [ 99.114049][ T5877] hsr_slave_1: entered promiscuous mode [ 99.120413][ T5877] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 99.128605][ T5877] Cannot create hsr debugfs directory [ 99.932327][ T1137] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.005814][ T1137] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.653222][ T5080] Bluetooth: hci0: command tx timeout [ 100.889939][ T5877] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 100.903547][ T5877] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 100.928629][ T1137] hsr_slave_0: left promiscuous mode [ 100.935176][ T1137] hsr_slave_1: left promiscuous mode [ 100.942655][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 100.950214][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.959011][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 100.968106][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 100.976963][ T1137] bridge_slave_1: left allmulticast mode [ 100.983005][ T1137] bridge_slave_1: left promiscuous mode [ 100.989591][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.003568][ T1137] bridge_slave_0: left allmulticast mode [ 101.009300][ T1137] bridge_slave_0: left promiscuous mode [ 101.015785][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.048769][ T1137] veth1_macvtap: left promiscuous mode [ 101.054889][ T1137] veth0_macvtap: left promiscuous mode [ 101.062789][ T1137] veth1_vlan: left promiscuous mode [ 101.068930][ T1137] veth0_vlan: left promiscuous mode [ 101.532248][ T1137] team0 (unregistering): Port device team_slave_1 removed [ 101.566338][ T1137] team0 (unregistering): Port device team_slave_0 removed [ 101.598360][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 101.636242][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 101.933685][ T1137] bond0 (unregistering): Released all slaves [ 102.026339][ T5877] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 102.037529][ T5877] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 102.137420][ T5877] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.174162][ T5877] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.198010][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.205244][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.221149][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.228455][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.458071][ T5877] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.524415][ T5877] veth0_vlan: entered promiscuous mode [ 102.546295][ T5877] veth1_vlan: entered promiscuous mode [ 102.595448][ T5877] veth0_macvtap: entered promiscuous mode [ 102.618470][ T5877] veth1_macvtap: entered promiscuous mode [ 102.676691][ T5877] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.703388][ T5877] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.718528][ T5877] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.728618][ T5877] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.738260][ T5080] Bluetooth: hci0: command tx timeout [ 102.744435][ T5877] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.754340][ T5877] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.869718][ T1328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.881623][ T1328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.914337][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.922647][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.971696][ T5922] syz.0.17[5922]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 102.986811][ T5922] loop0: detected capacity change from 0 to 128 [ 103.010726][ T5922] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 103.057533][ T5877] BUG: unable to handle page fault for address: ffffed101ee9de0c [ 103.065312][ T5877] #PF: supervisor read access in kernel mode [ 103.071345][ T5877] #PF: error_code(0x0000) - not-present page [ 103.077347][ T5877] PGD 23ffee067 P4D 23ffee067 PUD 13fff5067 PMD 0 [ 103.083894][ T5877] Oops: 0000 [#1] PREEMPT SMP KASAN [ 103.089114][ T5877] CPU: 0 PID: 5877 Comm: syz-executor Not tainted syzkaller #0 [ 103.096678][ T5877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 103.106756][ T5877] RIP: 0010:udf_close_lvid+0x152/0x990 [ 103.112248][ T5877] Code: 0f 84 f7 00 00 00 4c 89 6c 24 20 49 8d bd c0 00 00 00 48 89 7c 24 38 31 f6 e8 2a cf 78 07 49 8d 7c 24 18 48 89 f8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 07 05 00 00 4c 89 74 24 40 41 c6 44 24 [ 103.131884][ T5877] RSP: 0018:ffffc90003267be0 EFLAGS: 00010a06 [ 103.137972][ T5877] RAX: 1ffff1101ee9de0c RBX: ffff88805e50864b RCX: 0000000000000000 [ 103.145959][ T5877] RDX: 0000000000000000 RSI: ffffffff8afc6f60 RDI: ffff8880f74ef060 [ 103.153946][ T5877] RBP: ffffc90003267cd8 R08: ffffffff8e4a212f R09: 1ffffffff1c94425 [ 103.161938][ T5877] R10: dffffc0000000000 R11: fffffbfff1c94426 R12: ffff8880f74ef048 [ 103.170015][ T5877] R13: ffff88801da65800 R14: 1ffff9200064cf88 R15: dffffc0000000000 [ 103.178029][ T5877] FS: 00005555911da500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 103.186985][ T5877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.193587][ T5877] CR2: ffffed101ee9de0c CR3: 000000002f2a5000 CR4: 00000000003506f0 [ 103.201588][ T5877] Call Trace: [ 103.204898][ T5877] [ 103.207851][ T5877] ? udf_open_lvid+0x5a0/0x5a0 [ 103.212644][ T5877] ? iput+0x33d/0x920 [ 103.216652][ T5877] ? clear_inode+0x150/0x150 [ 103.221267][ T5877] udf_put_super+0xcc/0x160 [ 103.225831][ T5877] ? udf_free_in_core_inode+0x30/0x30 [ 103.231225][ T5877] generic_shutdown_super+0x134/0x2b0 [ 103.236641][ T5877] kill_block_super+0x44/0x90 [ 103.241337][ T5877] deactivate_locked_super+0x97/0x100 [ 103.246741][ T5877] cleanup_mnt+0x429/0x4c0 [ 103.251188][ T5877] task_work_run+0x1ce/0x250 [ 103.255800][ T5877] ? task_work_cancel+0x240/0x240 [ 103.260853][ T5877] ? exit_to_user_mode_loop+0x3b/0x110 [ 103.266334][ T5877] exit_to_user_mode_loop+0xe6/0x110 [ 103.271663][ T5877] exit_to_user_mode_prepare+0xf6/0x180 [ 103.277325][ T5877] syscall_exit_to_user_mode+0x1a/0x50 [ 103.282812][ T5877] do_syscall_64+0x61/0xb0 [ 103.287242][ T5877] ? clear_bhb_loop+0x40/0x90 [ 103.291947][ T5877] ? clear_bhb_loop+0x40/0x90 [ 103.296824][ T5877] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 103.302749][ T5877] RIP: 0033:0x7f27cb190a77 [ 103.307458][ T5877] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 103.327088][ T5877] RSP: 002b:00007ffd5f8d6298 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 103.335524][ T5877] RAX: 0000000000000000 RBX: 00007f27cb213d7d RCX: 00007f27cb190a77 [ 103.343519][ T5877] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5f8d6350 [ 103.351508][ T5877] RBP: 00007ffd5f8d6350 R08: 0000000000000000 R09: 0000000000000000 [ 103.359496][ T5877] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5f8d73e0 [ 103.367525][ T5877] R13: 00007f27cb213d7d R14: 0000000000019252 R15: 00007ffd5f8d7420 [ 103.375608][ T5877] [ 103.378749][ T5877] Modules linked in: [ 103.382677][ T5877] CR2: ffffed101ee9de0c [ 103.386876][ T5877] ---[ end trace 0000000000000000 ]--- [ 103.392349][ T5877] RIP: 0010:udf_close_lvid+0x152/0x990 [ 103.397842][ T5877] Code: 0f 84 f7 00 00 00 4c 89 6c 24 20 49 8d bd c0 00 00 00 48 89 7c 24 38 31 f6 e8 2a cf 78 07 49 8d 7c 24 18 48 89 f8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 07 05 00 00 4c 89 74 24 40 41 c6 44 24 [ 103.417557][ T5877] RSP: 0018:ffffc90003267be0 EFLAGS: 00010a06 [ 103.423642][ T5877] RAX: 1ffff1101ee9de0c RBX: ffff88805e50864b RCX: 0000000000000000 [ 103.431636][ T5877] RDX: 0000000000000000 RSI: ffffffff8afc6f60 RDI: ffff8880f74ef060 [ 103.439623][ T5877] RBP: ffffc90003267cd8 R08: ffffffff8e4a212f R09: 1ffffffff1c94425 [ 103.447611][ T5877] R10: dffffc0000000000 R11: fffffbfff1c94426 R12: ffff8880f74ef048 [ 103.455607][ T5877] R13: ffff88801da65800 R14: 1ffff9200064cf88 R15: dffffc0000000000 [ 103.463609][ T5877] FS: 00005555911da500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 103.472564][ T5877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.479171][ T5877] CR2: ffffed101ee9de0c CR3: 000000002f2a5000 CR4: 00000000003506f0 [ 103.487168][ T5877] Kernel panic - not syncing: Fatal exception [ 103.493796][ T5877] Kernel Offset: disabled [ 103.498130][ T5877] Rebooting in 86400 seconds..