Warning: Permanently added '[localhost]:5541' (ED25519) to the list of known hosts. 2025/12/02 15:28:22 parsed 1 programs syzkaller login: [ 84.541142][ T5325] cgroup: Unknown subsys name 'net' [ 84.606828][ T5325] cgroup: Unknown subsys name 'cpuset' [ 84.612192][ T5325] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.245441][ T5325] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 90.721441][ T5344] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.725788][ T5344] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.729415][ T5344] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.733535][ T5344] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.737334][ T5344] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.990081][ T5342] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 91.848275][ T10] cfg80211: failed to load regulatory.db [ 95.384433][ T3257] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.387668][ T3257] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.441063][ T1819] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.446877][ T1819] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.214643][ T5413] chnl_net:caif_netlink_parms(): no params data found [ 97.349467][ T5413] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.363212][ T5413] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.367231][ T5413] bridge_slave_0: entered allmulticast mode [ 97.383086][ T5413] bridge_slave_0: entered promiscuous mode [ 97.389270][ T5413] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.392458][ T5413] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.396076][ T5413] bridge_slave_1: entered allmulticast mode [ 97.403505][ T5413] bridge_slave_1: entered promiscuous mode [ 97.466251][ T5413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.485891][ T5413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.537209][ T5413] team0: Port device team_slave_0 added [ 97.554431][ T5413] team0: Port device team_slave_1 added [ 97.603168][ T5413] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.606364][ T5413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.632892][ T5413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.643557][ T5413] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.646590][ T5413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.673192][ T5413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.755186][ T5413] hsr_slave_0: entered promiscuous mode [ 97.763782][ T5413] hsr_slave_1: entered promiscuous mode [ 98.081904][ T5413] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.099562][ T5413] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.116223][ T5413] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.134773][ T5413] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.261915][ T5413] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.280932][ T5413] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.290744][ T1819] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.294366][ T1819] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.308273][ T1819] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.311424][ T1819] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.497561][ T5413] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.534945][ T5413] veth0_vlan: entered promiscuous mode [ 98.546566][ T5413] veth1_vlan: entered promiscuous mode [ 98.572020][ T5413] veth0_macvtap: entered promiscuous mode [ 98.580041][ T5413] veth1_macvtap: entered promiscuous mode [ 98.594234][ T5413] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.604052][ T5413] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.617257][ T1819] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.627661][ T1819] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.640353][ T1819] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.656105][ T3257] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.805249][ T1819] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.845217][ T1819] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.896579][ T1819] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.936363][ T1819] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/12/02 15:28:39 executed programs: 0 [ 99.391886][ T46] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 99.398405][ T46] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 99.401725][ T46] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 99.405679][ T46] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 99.409058][ T46] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 99.590207][ T5439] chnl_net:caif_netlink_parms(): no params data found [ 99.765534][ T5439] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.768693][ T5439] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.772020][ T5439] bridge_slave_0: entered allmulticast mode [ 99.777704][ T5439] bridge_slave_0: entered promiscuous mode [ 99.783604][ T5439] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.786972][ T5439] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.790122][ T5439] bridge_slave_1: entered allmulticast mode [ 99.794870][ T5439] bridge_slave_1: entered promiscuous mode [ 99.819936][ T5439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.826786][ T5439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.856739][ T5439] team0: Port device team_slave_0 added [ 99.860949][ T5439] team0: Port device team_slave_1 added [ 99.885713][ T5439] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.888817][ T5439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 99.900752][ T5439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.907202][ T5439] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.910415][ T5439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 99.922971][ T5439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.967420][ T5439] hsr_slave_0: entered promiscuous mode [ 99.970761][ T5439] hsr_slave_1: entered promiscuous mode [ 99.984163][ T5439] debugfs: 'hsr0' already exists in 'hsr' [ 99.986752][ T5439] Cannot create hsr debugfs directory [ 101.433780][ T46] Bluetooth: hci0: command tx timeout [ 101.650836][ T1819] bridge_slave_1: left allmulticast mode [ 101.660130][ T1819] bridge_slave_1: left promiscuous mode [ 101.673372][ T1819] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.680322][ T1819] bridge_slave_0: left allmulticast mode [ 101.693336][ T1819] bridge_slave_0: left promiscuous mode [ 101.697629][ T1819] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.054323][ T1819] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.060381][ T1819] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 102.066766][ T1819] bond0 (unregistering): Released all slaves [ 102.163536][ T1819] hsr_slave_0: left promiscuous mode [ 102.183776][ T1819] hsr_slave_1: left promiscuous mode [ 102.192883][ T1819] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.196033][ T1819] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 102.204280][ T1819] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.208213][ T1819] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 102.240034][ T1819] veth1_macvtap: left promiscuous mode [ 102.253494][ T1819] veth0_macvtap: left promiscuous mode [ 102.255727][ T1819] veth1_vlan: left promiscuous mode [ 102.257992][ T1819] veth0_vlan: left promiscuous mode [ 102.817857][ T1819] team0 (unregistering): Port device team_slave_1 removed [ 102.841390][ T1819] team0 (unregistering): Port device team_slave_0 removed [ 103.361530][ T5439] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 103.381816][ T5439] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 103.399749][ T5439] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 103.417875][ T5439] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 103.515888][ T46] Bluetooth: hci0: command tx timeout [ 103.677320][ T5439] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.714069][ T5439] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.731684][ T3374] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.734992][ T3374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.756762][ T3374] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.760293][ T3374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.912421][ T5439] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.948645][ T5439] veth0_vlan: entered promiscuous mode [ 103.958137][ T5439] veth1_vlan: entered promiscuous mode [ 103.984348][ T5439] veth0_macvtap: entered promiscuous mode [ 103.991185][ T5439] veth1_macvtap: entered promiscuous mode [ 104.009151][ T5439] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.019077][ T5439] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.028309][ T3374] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.041574][ T3374] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.059500][ T3374] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.076051][ T3374] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.107242][ T3374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.110641][ T3374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.145088][ T3374] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.148585][ T3374] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.211514][ T5470] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KASAN NOPTI [ 104.216332][ T5470] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 104.219880][ T5470] CPU: 0 UID: 0 PID: 5470 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 104.223636][ T5470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 104.228236][ T5470] RIP: 0010:fd_install+0x57/0x3d0 [ 104.230500][ T5470] Code: 48 81 c3 48 09 00 00 48 89 d8 48 c1 e8 03 80 3c 28 00 74 08 48 89 df e8 c7 4c e6 ff 4c 8b 3b 49 8d 5e 40 48 89 d8 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 29 03 00 00 8b 1b 89 de 81 e6 00 00 00 01 [ 104.238868][ T5470] RSP: 0018:ffffc900028bfca0 EFLAGS: 00010202 [ 104.241510][ T5470] RAX: 0000000000000008 RBX: 0000000000000041 RCX: ffff888000e64980 [ 104.244970][ T5470] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000006 [ 104.248398][ T5470] RBP: dffffc0000000000 R08: ffff888012023b2b R09: 1ffff11002404765 [ 104.251840][ T5470] R10: dffffc0000000000 R11: ffffed1002404766 R12: 0000000000000006 [ 104.255185][ T5470] R13: 0000000000000006 R14: 0000000000000001 R15: ffff888000530f00 [ 104.258389][ T5470] FS: 000055557ae2f500(0000) GS:ffff88808d6ba000(0000) knlGS:0000000000000000 [ 104.262109][ T5470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.265242][ T5470] CR2: 0000001b30a63fff CR3: 0000000041ed9000 CR4: 0000000000352ef0 [ 104.268896][ T5470] Call Trace: [ 104.270334][ T5470] [ 104.271657][ T5470] ? do_mq_open+0x595/0x770 [ 104.273690][ T5470] do_mq_open+0x5a0/0x770 [ 104.275668][ T5470] ? __pfx_do_mq_open+0x10/0x10 [ 104.277726][ T5470] ? __pfx_do_futex+0x10/0x10 [ 104.279710][ T5470] ? kfree+0x4d/0x6b0 [ 104.281341][ T5470] __x64_sys_mq_open+0x16a/0x1c0 [ 104.283349][ T5470] ? __pfx___x64_sys_mq_open+0x10/0x10 [ 104.285624][ T5470] ? __se_sys_fspick+0x319/0x3d0 [ 104.287670][ T5470] ? do_syscall_64+0xbe/0xf80 [ 104.289532][ T5470] do_syscall_64+0xfa/0xf80 [ 104.291369][ T5470] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.293650][ T5470] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 104.296282][ T5470] ? clear_bhb_loop+0x60/0xb0 [ 104.298215][ T5470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.300567][ T5470] RIP: 0033:0x7fa16998f7c9 [ 104.302434][ T5470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.310289][ T5470] RSP: 002b:00007fff7c063318 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0 [ 104.313637][ T5470] RAX: ffffffffffffffda RBX: 00007fa169be5fa0 RCX: 00007fa16998f7c9 [ 104.316768][ T5470] RDX: 0000000000000110 RSI: 0000000000000040 RDI: 00002000000004c0 [ 104.320130][ T5470] RBP: 00007fa169a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 104.323378][ T5470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.326511][ T5470] R13: 00007fa169be5fa0 R14: 00007fa169be5fa0 R15: 0000000000000004 [ 104.329657][ T5470] [ 104.330940][ T5470] Modules linked in: [ 104.333385][ T5470] ---[ end trace 0000000000000000 ]--- [ 104.347031][ T5470] RIP: 0010:fd_install+0x57/0x3d0 [ 104.349268][ T5470] Code: 48 81 c3 48 09 00 00 48 89 d8 48 c1 e8 03 80 3c 28 00 74 08 48 89 df e8 c7 4c e6 ff 4c 8b 3b 49 8d 5e 40 48 89 d8 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 29 03 00 00 8b 1b 89 de 81 e6 00 00 00 01 [ 104.363046][ T5470] RSP: 0018:ffffc900028bfca0 EFLAGS: 00010202 [ 104.365437][ T5470] RAX: 0000000000000008 RBX: 0000000000000041 RCX: ffff888000e64980 [ 104.368807][ T5470] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000006 [ 104.372283][ T5470] RBP: dffffc0000000000 R08: ffff888012023b2b R09: 1ffff11002404765 [ 104.376418][ T5470] R10: dffffc0000000000 R11: ffffed1002404766 R12: 0000000000000006 [ 104.379771][ T5470] R13: 0000000000000006 R14: 0000000000000001 R15: ffff888000530f00 [ 104.383705][ T5470] FS: 000055557ae2f500(0000) GS:ffff88808d6ba000(0000) knlGS:0000000000000000 [ 104.387593][ T5470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.390430][ T5470] CR2: 0000001b30a63fff CR3: 0000000041ed9000 CR4: 0000000000352ef0 [ 104.395229][ T5470] Kernel panic - not syncing: Fatal exception [ 104.397974][ T5470] Kernel Offset: disabled [ 104.399839][ T5470] Rebooting in 86400 seconds..