no interfaces have a carrier
[ 39.685021][ T3854] 8021q: adding VLAN 0 to HW filter on device bond0
[ 39.696553][ T3854] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.128' (ED25519) to the list of known hosts.
2025/07/06 03:37:17 ignoring optional flag "sandboxArg"="0"
2025/07/06 03:37:18 parsed 1 programs
syzkaller login: [ 69.883026][ T4188] cgroup: Unknown subsys name 'net'
[ 70.056710][ T4188] cgroup: Unknown subsys name 'rlimit'
[ 71.203672][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.210231][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.597434][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 73.176386][ T4209] chnl_net:caif_netlink_parms(): no params data found
[ 73.228639][ T4209] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.236473][ T4209] bridge0: port 1(bridge_slave_0) entered disabled state
[ 73.244745][ T4209] device bridge_slave_0 entered promiscuous mode
[ 73.257470][ T4209] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.264732][ T4209] bridge0: port 2(bridge_slave_1) entered disabled state
[ 73.273333][ T4209] device bridge_slave_1 entered promiscuous mode
[ 73.296150][ T4209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 73.309465][ T4209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 73.334870][ T4209] team0: Port device team_slave_0 added
[ 73.342364][ T4209] team0: Port device team_slave_1 added
[ 73.364949][ T4209] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 73.372009][ T4209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.398437][ T4209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 73.414975][ T4209] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 73.422008][ T4209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.448170][ T4209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 73.480668][ T4209] device hsr_slave_0 entered promiscuous mode
[ 73.487795][ T4209] device hsr_slave_1 entered promiscuous mode
[ 73.589286][ T4209] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 73.599764][ T4209] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 73.609457][ T4209] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 73.619091][ T4209] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 73.648631][ T4209] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.655846][ T4209] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 73.664170][ T4209] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.671313][ T4209] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 73.724189][ T4209] 8021q: adding VLAN 0 to HW filter on device bond0
[ 73.739197][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 73.754664][ T1278] bridge0: port 1(bridge_slave_0) entered disabled state
[ 73.764547][ T1278] bridge0: port 2(bridge_slave_1) entered disabled state
[ 73.774131][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 73.789752][ T4209] 8021q: adding VLAN 0 to HW filter on device team0
[ 73.804529][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 73.813909][ T1278] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.821134][ T1278] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 73.841186][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 73.849846][ T1278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.856980][ T1278] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 73.886391][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 73.895995][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 73.905480][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 73.914655][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 73.928035][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 73.941665][ T4209] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 74.075818][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 74.085844][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 74.100708][ T4209] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 74.124762][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 74.153437][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 74.165065][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 74.179732][ T4209] device veth0_vlan entered promiscuous mode
[ 74.187328][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 74.196760][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 74.211015][ T4209] device veth1_vlan entered promiscuous mode
[ 74.236847][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 74.252410][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 74.261619][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 74.270894][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 74.282422][ T4209] device veth0_macvtap entered promiscuous mode
[ 74.295679][ T4209] device veth1_macvtap entered promiscuous mode
[ 74.315649][ T4209] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 74.325327][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 74.334700][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 74.343451][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 74.352328][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 74.364362][ T4209] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 74.372808][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 74.382294][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 74.393788][ T4209] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.404145][ T4209] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.413555][ T4209] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.423758][ T4209] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.566398][ T4209] syz-executor (4209) used greatest stack depth: 21152 bytes left
[ 75.122154][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.747280][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.606204][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.657752][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.671781][ T9] device hsr_slave_0 left promiscuous mode
[ 80.678702][ T9] device hsr_slave_1 left promiscuous mode
[ 80.685866][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 80.693975][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 80.702973][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 80.710768][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 80.718382][ T9] device bridge_slave_1 left promiscuous mode
[ 80.725555][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.738701][ T9] device bridge_slave_0 left promiscuous mode
[ 80.745173][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.762906][ T9] device veth1_macvtap left promiscuous mode
[ 80.769118][ T9] device veth0_macvtap left promiscuous mode
[ 80.775892][ T9] device veth1_vlan left promiscuous mode
[ 80.781864][ T9] device veth0_vlan left promiscuous mode
[ 80.938696][ T9] team0 (unregistering): Port device team_slave_1 removed
[ 80.951383][ T9] team0 (unregistering): Port device team_slave_0 removed
[ 80.965295][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 80.982382][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 81.055160][ T9] bond0 (unregistering): Released all slaves
[ 81.230726][ T4296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 81.238749][ T4296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 81.266586][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 81.296450][ T4296] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 81.318740][ T4296] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 81.342194][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/07/06 03:37:34 executed programs: 0
[ 83.558356][ T4358] chnl_net:caif_netlink_parms(): no params data found
[ 83.704245][ T4358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.711891][ T4358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.720444][ T4358] device bridge_slave_0 entered promiscuous mode
[ 83.740948][ T4358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.751460][ T4358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.759652][ T4358] device bridge_slave_1 entered promiscuous mode
[ 83.796083][ T4358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 83.822942][ T4358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 83.892950][ T4358] team0: Port device team_slave_0 added
[ 83.903295][ T4358] team0: Port device team_slave_1 added
[ 83.939649][ T4358] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 83.947038][ T4358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 83.974424][ T4358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 83.987804][ T4358] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 83.994910][ T4358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 84.021200][ T4358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 84.066260][ T4358] device hsr_slave_0 entered promiscuous mode
[ 84.075115][ T4358] device hsr_slave_1 entered promiscuous mode
[ 84.915675][ T4358] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 84.930670][ T4358] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 84.973782][ T4358] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 84.985003][ T4358] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 85.121840][ T4358] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.136864][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 85.145197][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 85.156356][ T4358] 8021q: adding VLAN 0 to HW filter on device team0
[ 85.200940][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 85.209751][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 85.219043][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.226183][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.235214][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 85.253185][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 85.265289][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 85.274163][ T1278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.281464][ T1278] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.296444][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 85.350416][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 85.359281][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 85.369849][ T1107] Bluetooth: hci0: command 0x0409 tx timeout
[ 85.379733][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 85.390669][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 85.399500][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 85.411515][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 85.423359][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 85.433695][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 85.469241][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 85.479979][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 85.491423][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 85.644911][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 85.654131][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 85.668055][ T4358] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 85.707617][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 85.731577][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 85.765999][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 85.774797][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 85.784964][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 85.793702][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 85.805633][ T4358] device veth0_vlan entered promiscuous mode
[ 85.878581][ T4358] device veth1_vlan entered promiscuous mode
[ 85.904051][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 85.913431][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 85.926043][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 85.935257][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 85.949403][ T4358] device veth0_macvtap entered promiscuous mode
[ 85.963148][ T4358] device veth1_macvtap entered promiscuous mode
[ 85.991225][ T4358] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 85.998594][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 86.009405][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 86.017840][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 86.028990][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 86.042111][ T4358] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 86.060912][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 86.073686][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 86.091811][ T4358] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.102232][ T4358] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.111653][ T4358] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.121892][ T4358] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.223749][ T4298] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.244997][ T4298] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.274941][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 86.290321][ T1278] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.298331][ T1278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.331253][ T4298] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 86.562623][ T13] cfg80211: failed to load regulatory.db
[ 87.440515][ T4211] Bluetooth: hci0: command 0x041b tx timeout
[ 87.697940][ T4529] ------------[ cut here ]------------
[ 87.712666][ T4529] WARNING: CPU: 0 PID: 4529 at net/mac80211/offchannel.c:401 ieee80211_start_next_roc+0x194/0x200
[ 87.726135][ T4529] Modules linked in:
[ 87.730663][ T4529] CPU: 0 PID: 4529 Comm: syz.0.34 Not tainted 5.15.186-syzkaller #0
[ 87.741792][ T4529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 87.752789][ T4529] RIP: 0010:ieee80211_start_next_roc+0x194/0x200
[ 87.759249][ T4529] Code: 04 34 f8 48 89 df 4c 89 f6 48 89 c2 5b 41 5c 41 5e 41 5f 5d e9 6d 8e 0c 00 e8 a8 cd 44 f8 0f 0b e9 e6 fe ff ff e8 9c cd 44 f8 <0f> 0b e9 25 ff ff ff 48 c7 c1 44 af 69 8d 80 e1 07 80 c1 03 38 c1
[ 87.789498][ T4529] RSP: 0018:ffffc9000338f290 EFLAGS: 00010293
[ 87.795954][ T4529] RAX: ffffffff8932f574 RBX: ffff888079708da0 RCX: ffff88802292d940
[ 87.805575][ T4529] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 87.814065][ T4529] RBP: 0000000000000001 R08: dffffc0000000000 R09: ffffed100fae2a54
[ 87.829534][ T4529] R10: ffffed100fae2a54 R11: 1ffff1100fae2a53 R12: dffffc0000000000
[ 87.838904][ T4529] R13: 0000000000000000 R14: ffff8880241995a0 R15: ffff8880797095dd
[ 87.849632][ T4529] FS: 000055557033d500(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[ 87.858999][ T4529] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 87.866027][ T4529] CR2: 00007fd06c721286 CR3: 000000005bd3c000 CR4: 00000000003506f0
[ 87.874461][ T4529] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 87.882872][ T4529] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 87.891271][ T4529] Call Trace:
[ 87.894701][ T4529]
[ 87.897669][ T4529] ieee80211_scan_cancel+0x142/0x5d0
[ 87.903537][ T4529] ? ieee80211_do_stop+0x12c/0x1c70
[ 87.908872][ T4529] ieee80211_do_stop+0x135/0x1c70
[ 87.914456][ T4529] ? rcu_exp_sel_wait_wake+0x1b00/0x1b00
[ 87.922219][ T4529] ? ieee80211_sdata_stop+0x80/0x80
[ 87.927477][ T4529] ? ieee80211_stop_queues_by_reason+0x19c/0x220
[ 87.935194][ T4529] ? __might_sleep+0xf0/0xf0
[ 87.939841][ T4529] ? init_wait_entry+0xd0/0xd0
[ 87.945038][ T4529] ? ieee80211_check_concurrent_iface+0x618/0x690
[ 87.951845][ T4529] ? ieee80211_get_vif_queues+0x21d/0x390
[ 87.957615][ T4529] ieee80211_if_change_type+0x435/0x9c0
[ 87.963791][ T4529] ieee80211_change_iface+0x57/0x420
[ 87.969133][ T4529] cfg80211_change_iface+0x770/0xeb0
[ 87.974932][ T4529] nl80211_set_interface+0x598/0x7d0
[ 87.980630][ T4529] ? nl80211_dump_interface+0x5c0/0x5c0
[ 87.986418][ T4529] ? mutex_lock_nested+0x17/0x20
[ 87.996562][ T4529] genl_rcv_msg+0xbc6/0xf40
[ 88.006701][ T4529] ? genl_bind+0x370/0x370
[ 88.016838][ T4529] ? verify_lock_unused+0x140/0x140
[ 88.025823][ T4529] ? __dev_queue_xmit+0x1bc5/0x2ed0
[ 88.032435][ T4529] ? dev_queue_xmit+0x20/0x20
[ 88.037165][ T4529] ? nl80211_dump_interface+0x5c0/0x5c0
[ 88.042843][ T4529] netlink_rcv_skb+0x1e0/0x430
[ 88.047645][ T4529] ? genl_bind+0x370/0x370
[ 88.052402][ T4529] ? netlink_ack+0xb60/0xb60
[ 88.057062][ T4529] ? __lock_acquire+0x7c60/0x7c60
[ 88.062513][ T4529] ? preempt_count_add+0x8d/0x190
[ 88.067582][ T4529] ? down_read+0x1aa/0x2e0
[ 88.072076][ T4529] genl_rcv+0x24/0x40
[ 88.076096][ T4529] netlink_unicast+0x77c/0x920
[ 88.081128][ T4529] netlink_sendmsg+0x8ab/0xbc0
[ 88.085930][ T4529] ? netlink_getsockopt+0x560/0x560
[ 88.091235][ T4529] ? aa_sock_msg_perm+0x94/0x150
[ 88.096208][ T4529] ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 88.101822][ T4529] ? security_socket_sendmsg+0x7c/0xa0
[ 88.107320][ T4529] __sys_sendto+0x423/0x580
[ 88.111996][ T4529] ? __ia32_sys_getpeername+0x80/0x80
[ 88.117419][ T4529] ? __lock_acquire+0x7c60/0x7c60
[ 88.122761][ T4529] ? lock_chain_count+0x20/0x20
[ 88.127643][ T4529] ? vtime_user_exit+0x2dc/0x400
[ 88.132952][ T4529] __x64_sys_sendto+0xda/0xf0
[ 88.137775][ T4529] do_syscall_64+0x4c/0xa0
[ 88.142364][ T4529] ? clear_bhb_loop+0x30/0x80
[ 88.147067][ T4529] ? clear_bhb_loop+0x30/0x80
[ 88.152250][ T4529] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 88.158200][ T4529] RIP: 0033:0x7f37e3fae7bc
[ 88.163144][ T4529] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[ 88.183100][ T4529] RSP: 002b:00007fff210b0b70 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 88.191747][ T4529] RAX: ffffffffffffffda RBX: 00007fff210b0cf0 RCX: 00007f37e3fae7bc
[ 88.199789][ T4529] RDX: 0000000000000024 RSI: 00007fff210b0d40 RDI: 0000000000000006
[ 88.207961][ T4529] RBP: 0000000000000000 R08: 00007fff210b0bc4 R09: 000000000000000c
[ 88.216213][ T4529] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006
[ 88.224279][ T4529] R13: 0000000000000000 R14: 00007fff210b0d40 R15: 0000000000000000
[ 88.232321][ T4529]
[ 88.235360][ T4529] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 88.242661][ T4529] CPU: 0 PID: 4529 Comm: syz.0.34 Not tainted 5.15.186-syzkaller #0
[ 88.250657][ T4529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 88.260712][ T4529] Call Trace:
[ 88.263994][ T4529]
[ 88.266926][ T4529] dump_stack_lvl+0x168/0x230
[ 88.271609][ T4529] ? show_regs_print_info+0x20/0x20
[ 88.276855][ T4529] ? load_image+0x3b0/0x3b0
[ 88.281383][ T4529] panic+0x2c9/0x7f0
[ 88.285287][ T4529] ? bpf_jit_dump+0xd0/0xd0
[ 88.289796][ T4529] ? ieee80211_start_next_roc+0x194/0x200
[ 88.295519][ T4529] __warn+0x248/0x2b0
[ 88.299514][ T4529] ? ieee80211_start_next_roc+0x194/0x200
[ 88.305233][ T4529] report_bug+0x1b7/0x2e0
[ 88.309570][ T4529] handle_bug+0x3a/0x70
[ 88.313725][ T4529] exc_invalid_op+0x16/0x40
[ 88.318230][ T4529] asm_exc_invalid_op+0x16/0x20
[ 88.323115][ T4529] RIP: 0010:ieee80211_start_next_roc+0x194/0x200
[ 88.329557][ T4529] Code: 04 34 f8 48 89 df 4c 89 f6 48 89 c2 5b 41 5c 41 5e 41 5f 5d e9 6d 8e 0c 00 e8 a8 cd 44 f8 0f 0b e9 e6 fe ff ff e8 9c cd 44 f8 <0f> 0b e9 25 ff ff ff 48 c7 c1 44 af 69 8d 80 e1 07 80 c1 03 38 c1
[ 88.349166][ T4529] RSP: 0018:ffffc9000338f290 EFLAGS: 00010293
[ 88.355244][ T4529] RAX: ffffffff8932f574 RBX: ffff888079708da0 RCX: ffff88802292d940
[ 88.363421][ T4529] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 88.371487][ T4529] RBP: 0000000000000001 R08: dffffc0000000000 R09: ffffed100fae2a54
[ 88.379460][ T4529] R10: ffffed100fae2a54 R11: 1ffff1100fae2a53 R12: dffffc0000000000
[ 88.387441][ T4529] R13: 0000000000000000 R14: ffff8880241995a0 R15: ffff8880797095dd
[ 88.395429][ T4529] ? ieee80211_start_next_roc+0x194/0x200
[ 88.401169][ T4529] ieee80211_scan_cancel+0x142/0x5d0
[ 88.406466][ T4529] ? ieee80211_do_stop+0x12c/0x1c70
[ 88.411674][ T4529] ieee80211_do_stop+0x135/0x1c70
[ 88.416721][ T4529] ? rcu_exp_sel_wait_wake+0x1b00/0x1b00
[ 88.422365][ T4529] ? ieee80211_sdata_stop+0x80/0x80
[ 88.427574][ T4529] ? ieee80211_stop_queues_by_reason+0x19c/0x220
[ 88.433993][ T4529] ? __might_sleep+0xf0/0xf0
[ 88.438586][ T4529] ? init_wait_entry+0xd0/0xd0
[ 88.443353][ T4529] ? ieee80211_check_concurrent_iface+0x618/0x690
[ 88.449784][ T4529] ? ieee80211_get_vif_queues+0x21d/0x390
[ 88.455626][ T4529] ieee80211_if_change_type+0x435/0x9c0
[ 88.461190][ T4529] ieee80211_change_iface+0x57/0x420
[ 88.466614][ T4529] cfg80211_change_iface+0x770/0xeb0
[ 88.471939][ T4529] nl80211_set_interface+0x598/0x7d0
[ 88.477233][ T4529] ? nl80211_dump_interface+0x5c0/0x5c0
[ 88.482786][ T4529] ? mutex_lock_nested+0x17/0x20
[ 88.487731][ T4529] genl_rcv_msg+0xbc6/0xf40
[ 88.492247][ T4529] ? genl_bind+0x370/0x370
[ 88.496676][ T4529] ? verify_lock_unused+0x140/0x140
[ 88.501874][ T4529] ? __dev_queue_xmit+0x1bc5/0x2ed0
[ 88.507131][ T4529] ? dev_queue_xmit+0x20/0x20
[ 88.511818][ T4529] ? nl80211_dump_interface+0x5c0/0x5c0
[ 88.517380][ T4529] netlink_rcv_skb+0x1e0/0x430
[ 88.522156][ T4529] ? genl_bind+0x370/0x370
[ 88.526571][ T4529] ? netlink_ack+0xb60/0xb60
[ 88.531184][ T4529] ? __lock_acquire+0x7c60/0x7c60
[ 88.536227][ T4529] ? preempt_count_add+0x8d/0x190
[ 88.541256][ T4529] ? down_read+0x1aa/0x2e0
[ 88.545695][ T4529] genl_rcv+0x24/0x40
[ 88.549677][ T4529] netlink_unicast+0x77c/0x920
[ 88.554452][ T4529] netlink_sendmsg+0x8ab/0xbc0
[ 88.559223][ T4529] ? netlink_getsockopt+0x560/0x560
[ 88.564623][ T4529] ? aa_sock_msg_perm+0x94/0x150
[ 88.569573][ T4529] ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 88.574869][ T4529] ? security_socket_sendmsg+0x7c/0xa0
[ 88.580334][ T4529] __sys_sendto+0x423/0x580
[ 88.584850][ T4529] ? __ia32_sys_getpeername+0x80/0x80
[ 88.590241][ T4529] ? __lock_acquire+0x7c60/0x7c60
[ 88.595300][ T4529] ? lock_chain_count+0x20/0x20
[ 88.600153][ T4529] ? vtime_user_exit+0x2dc/0x400
[ 88.605096][ T4529] __x64_sys_sendto+0xda/0xf0
[ 88.609788][ T4529] do_syscall_64+0x4c/0xa0
[ 88.614204][ T4529] ? clear_bhb_loop+0x30/0x80
[ 88.618884][ T4529] ? clear_bhb_loop+0x30/0x80
[ 88.623577][ T4529] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 88.629782][ T4529] RIP: 0033:0x7f37e3fae7bc
[ 88.634218][ T4529] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[ 88.653959][ T4529] RSP: 002b:00007fff210b0b70 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 88.662398][ T4529] RAX: ffffffffffffffda RBX: 00007fff210b0cf0 RCX: 00007f37e3fae7bc
[ 88.670380][ T4529] RDX: 0000000000000024 RSI: 00007fff210b0d40 RDI: 0000000000000006
[ 88.678364][ T4529] RBP: 0000000000000000 R08: 00007fff210b0bc4 R09: 000000000000000c
[ 88.686556][ T4529] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006
[ 88.694558][ T4529] R13: 0000000000000000 R14: 00007fff210b0d40 R15: 0000000000000000
[ 88.702774][ T4529]
[ 88.706047][ T4529] Kernel Offset: disabled
[ 88.710527][ T4529] Rebooting in 86400 seconds..