Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts.
2026/01/18 01:20:14 parsed 1 programs
syzkaller login: [ 85.025120][ T5805] cgroup: Unknown subsys name 'net'
[ 85.285847][ T5805] cgroup: Unknown subsys name 'cpuset'
[ 85.341827][ T5805] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 86.845628][ T43] cfg80211: failed to load regulatory.db
[ 87.006402][ T5805] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 90.250457][ T5826] chnl_net:caif_netlink_parms(): no params data found
[ 90.743591][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 90.772402][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 90.775367][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 90.778414][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 90.781470][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 91.273429][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.274377][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.274644][ T5826] bridge_slave_0: entered allmulticast mode
[ 91.276732][ T5826] bridge_slave_0: entered promiscuous mode
[ 91.327708][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.328167][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.328378][ T5826] bridge_slave_1: entered allmulticast mode
[ 91.332495][ T5826] bridge_slave_1: entered promiscuous mode
[ 91.477344][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 91.509560][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 91.618329][ T5826] team0: Port device team_slave_0 added
[ 91.635463][ T5826] team0: Port device team_slave_1 added
[ 91.710077][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 91.710093][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 91.710117][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 91.716713][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 91.716734][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 91.716758][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 91.791362][ T5826] hsr_slave_0: entered promiscuous mode
[ 91.792986][ T5826] hsr_slave_1: entered promiscuous mode
[ 93.679485][ T3658] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.679511][ T3658] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 94.467689][ T1368] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 94.467708][ T1368] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 94.508225][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 94.584073][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 94.638561][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 94.718747][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 95.397745][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.424664][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.440343][ T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.440996][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.489038][ T3658] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.489677][ T3658] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.888928][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 95.949004][ T5826] veth0_vlan: entered promiscuous mode
[ 95.961090][ T5826] veth1_vlan: entered promiscuous mode
[ 96.004721][ T5826] veth0_macvtap: entered promiscuous mode
[ 96.025198][ T5826] veth1_macvtap: entered promiscuous mode
[ 96.047080][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.072394][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.160383][ T3658] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.173492][ T3658] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.173892][ T3658] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.173929][ T3658] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/01/18 01:20:28 executed programs: 0
[ 96.702808][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 96.708912][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 96.726661][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 96.730005][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 96.730849][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 96.776460][ T61] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 96.783901][ T61] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 96.814606][ T61] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 96.832981][ T5925] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 96.836411][ T5927] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 96.836470][ T5925] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 96.841105][ T5925] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 96.861467][ T5925] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 96.862656][ T5925] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 96.863776][ T5925] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 96.969094][ T5121] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 96.974446][ T5121] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 96.981974][ T5121] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 96.984549][ T5121] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 96.985675][ T5121] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 97.047495][ T5925] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 97.049138][ T5925] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 97.064578][ T5925] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 97.065847][ T5925] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 97.066556][ T5925] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 98.393398][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.466725][ T5922] chnl_net:caif_netlink_parms(): no params data found
[ 98.714986][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.807013][ T5916] chnl_net:caif_netlink_parms(): no params data found
[ 98.813352][ T5929] chnl_net:caif_netlink_parms(): no params data found
[ 98.824537][ T5931] chnl_net:caif_netlink_parms(): no params data found
[ 98.835948][ T5921] chnl_net:caif_netlink_parms(): no params data found
[ 98.843765][ T5925] Bluetooth: hci0: command tx timeout
[ 98.921409][ T5121] Bluetooth: hci2: command tx timeout
[ 98.921640][ T5925] Bluetooth: hci1: command tx timeout
[ 98.983535][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.082404][ T5925] Bluetooth: hci3: command tx timeout
[ 99.091521][ T5925] Bluetooth: hci4: command tx timeout
[ 99.385370][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.485972][ T5922] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.486470][ T5922] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.486661][ T5922] bridge_slave_0: entered allmulticast mode
[ 99.489514][ T5922] bridge_slave_0: entered promiscuous mode
[ 99.550813][ T5922] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.550927][ T5922] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.551042][ T5922] bridge_slave_1: entered allmulticast mode
[ 99.558002][ T5922] bridge_slave_1: entered promiscuous mode
[ 99.766618][ T5922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.766918][ T5916] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.767106][ T5916] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.767281][ T5916] bridge_slave_0: entered allmulticast mode
[ 99.768997][ T5916] bridge_slave_0: entered promiscuous mode
[ 99.771111][ T5929] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.814557][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.814712][ T5929] bridge_slave_0: entered allmulticast mode
[ 99.816139][ T5929] bridge_slave_0: entered promiscuous mode
[ 99.819390][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.819507][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.819682][ T5931] bridge_slave_0: entered allmulticast mode
[ 99.826983][ T5931] bridge_slave_0: entered promiscuous mode
[ 99.829611][ T5921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.829786][ T5921] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.830247][ T5921] bridge_slave_0: entered allmulticast mode
[ 99.834999][ T5921] bridge_slave_0: entered promiscuous mode
[ 99.863654][ T5922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.863873][ T5916] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.864310][ T5916] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.864487][ T5916] bridge_slave_1: entered allmulticast mode
[ 99.867000][ T5916] bridge_slave_1: entered promiscuous mode
[ 99.972472][ T5929] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.972545][ T5929] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.972675][ T5929] bridge_slave_1: entered allmulticast mode
[ 99.974164][ T5929] bridge_slave_1: entered promiscuous mode
[ 99.975565][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.975696][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.975893][ T5931] bridge_slave_1: entered allmulticast mode
[ 99.978362][ T5931] bridge_slave_1: entered promiscuous mode
[ 99.980684][ T5921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.980858][ T5921] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.981113][ T5921] bridge_slave_1: entered allmulticast mode
[ 99.985459][ T5921] bridge_slave_1: entered promiscuous mode
[ 100.173832][ T5922] team0: Port device team_slave_0 added
[ 100.182237][ T5916] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.185971][ T5929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.195425][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.202107][ T5921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.207977][ T5922] team0: Port device team_slave_1 added
[ 100.246162][ T5916] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.248870][ T5929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.272765][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.275050][ T5921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.433660][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.433672][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.433685][ T5922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.439274][ T5916] team0: Port device team_slave_0 added
[ 100.492996][ T5929] team0: Port device team_slave_0 added
[ 100.495114][ T5931] team0: Port device team_slave_0 added
[ 100.498829][ T5921] team0: Port device team_slave_0 added
[ 100.499677][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.499690][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.499713][ T5922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.537047][ T5916] team0: Port device team_slave_1 added
[ 100.540274][ T5929] team0: Port device team_slave_1 added
[ 100.555658][ T5931] team0: Port device team_slave_1 added
[ 100.558511][ T5921] team0: Port device team_slave_1 added
[ 100.651883][ T12] bridge_slave_1: left allmulticast mode
[ 100.652084][ T12] bridge_slave_1: left promiscuous mode
[ 100.653789][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.733006][ T12] bridge_slave_0: left allmulticast mode
[ 100.733027][ T12] bridge_slave_0: left promiscuous mode
[ 100.733244][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.924428][ T5925] Bluetooth: hci0: command tx timeout
[ 101.002163][ T5925] Bluetooth: hci1: command tx timeout
[ 101.002197][ T5925] Bluetooth: hci2: command tx timeout
[ 101.161810][ T5925] Bluetooth: hci4: command tx timeout
[ 101.161845][ T5925] Bluetooth: hci3: command tx timeout
[ 102.002059][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 102.044610][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 102.083577][ T12] bond0 (unregistering): Released all slaves
[ 102.200909][ T5916] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 102.200920][ T5916] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.200934][ T5916] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.213452][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 102.213467][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.213491][ T5929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.846400][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 102.846412][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.846425][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.848123][ T5921] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 102.848135][ T5921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.848148][ T5921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.867550][ T5916] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 102.867568][ T5916] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.867593][ T5916] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 102.869119][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 102.869131][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.869155][ T5929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 103.011667][ T5121] Bluetooth: hci0: command tx timeout
[ 103.081531][ T5925] Bluetooth: hci2: command tx timeout
[ 103.081624][ T5121] Bluetooth: hci1: command tx timeout
[ 103.166402][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 103.166414][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 103.166427][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 103.167370][ T5921] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 103.167379][ T5921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 103.167392][ T5921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 103.241386][ T5121] Bluetooth: hci4: command tx timeout
[ 103.253027][ T5121] Bluetooth: hci3: command tx timeout
[ 103.276528][ T5922] hsr_slave_0: entered promiscuous mode
[ 103.277703][ T5922] hsr_slave_1: entered promiscuous mode
[ 103.278444][ T5922] debugfs: 'hsr0' already exists in 'hsr'
[ 103.278527][ T5922] Cannot create hsr debugfs directory
[ 103.666346][ T5916] hsr_slave_0: entered promiscuous mode
[ 103.667157][ T5916] hsr_slave_1: entered promiscuous mode
[ 103.667672][ T5916] debugfs: 'hsr0' already exists in 'hsr'
[ 103.667690][ T5916] Cannot create hsr debugfs directory
[ 103.706920][ T5931] hsr_slave_0: entered promiscuous mode
[ 103.707763][ T5931] hsr_slave_1: entered promiscuous mode
[ 103.708322][ T5931] debugfs: 'hsr0' already exists in 'hsr'
[ 103.708342][ T5931] Cannot create hsr debugfs directory
[ 103.800105][ T5929] hsr_slave_0: entered promiscuous mode
[ 103.802963][ T5929] hsr_slave_1: entered promiscuous mode
[ 103.803912][ T5929] debugfs: 'hsr0' already exists in 'hsr'
[ 103.803941][ T5929] Cannot create hsr debugfs directory
[ 103.817112][ T5921] hsr_slave_0: entered promiscuous mode
[ 103.818432][ T5921] hsr_slave_1: entered promiscuous mode
[ 103.819324][ T5921] debugfs: 'hsr0' already exists in 'hsr'
[ 103.819346][ T5921] Cannot create hsr debugfs directory
[ 104.151582][ T12] hsr_slave_0: left promiscuous mode
[ 104.171637][ T12] hsr_slave_1: left promiscuous mode
[ 104.172550][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 104.172624][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 104.233238][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 104.233265][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 104.297687][ T12] veth1_macvtap: left promiscuous mode
[ 104.297838][ T12] veth0_macvtap: left promiscuous mode
[ 104.297993][ T12] veth1_vlan: left promiscuous mode
[ 104.298157][ T12] veth0_vlan: left promiscuous mode
[ 105.081788][ T5121] Bluetooth: hci0: command tx timeout
[ 105.161415][ T5925] Bluetooth: hci2: command tx timeout
[ 105.161465][ T5121] Bluetooth: hci1: command tx timeout
[ 105.321388][ T5925] Bluetooth: hci4: command tx timeout
[ 105.321439][ T5121] Bluetooth: hci3: command tx timeout
[ 106.502110][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 106.691933][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 109.204505][ T5922] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 109.252937][ T5922] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 109.365686][ T5922] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 109.407405][ T5922] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 109.994265][ T5922] 8021q: adding VLAN 0 to HW filter on device bond0
[ 110.019234][ T5922] 8021q: adding VLAN 0 to HW filter on device team0
[ 110.028280][ T3746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.028483][ T3746] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 110.051954][ T996] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.052090][ T996] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 110.355970][ T5916] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 110.381716][ T5916] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 110.421361][ T5916] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 110.521769][ T5916] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 110.708337][ T5931] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 110.759240][ T5931] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 110.797762][ T5931] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 110.842176][ T5922] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 110.857432][ T5931] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 110.988150][ T5921] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 111.024729][ T5921] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 111.061801][ T5921] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 111.110841][ T5921] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 111.257699][ T5929] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 111.295095][ T5929] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 111.333563][ T5929] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 111.369359][ T5922] veth0_vlan: entered promiscuous mode
[ 111.370456][ T5929] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 111.453797][ T5922] veth1_vlan: entered promiscuous mode
[ 111.513729][ T5916] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.578795][ T5916] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.606687][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.626006][ T5922] veth0_macvtap: entered promiscuous mode
[ 111.629495][ T1368] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.629625][ T1368] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.661615][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.661739][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.663116][ T5922] veth1_macvtap: entered promiscuous mode
[ 111.719964][ T5931] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.736361][ T5921] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.760032][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.760612][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.785437][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 111.804364][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.805686][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.834125][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 111.870654][ T5921] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.870899][ T4031] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.886708][ T4031] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.902814][ T4031] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.923172][ T5929] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.925024][ T4031] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.944382][ T1368] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.944594][ T1368] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 112.026303][ T1368] bridge0: port 2(bridge_slave_1) entered blocking state
[ 112.026514][ T1368] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 112.184629][ T5929] 8021q: adding VLAN 0 to HW filter on device team0
[ 112.262884][ T1368] bridge0: port 1(bridge_slave_0) entered blocking state
[ 112.263104][ T1368] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 112.354250][ T161] bridge0: port 2(bridge_slave_1) entered blocking state
[ 112.356532][ T161] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 112.397628][ T4031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.397651][ T4031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.533461][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.533482][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.539839][ T5916] 8021q: adding VLAN 0 to HW filter on device batadv0
2026/01/18 01:20:44 executed programs: 10
[ 112.750348][ T6042] loop0: detected capacity change from 0 to 512
[ 112.790974][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 112.893564][ T5916] veth0_vlan: entered promiscuous mode
[ 112.907041][ T6042] EXT4-fs (loop0): revision level too high, forcing read-only mode
[ 112.907060][ T6042] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[ 112.909717][ T6042] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 112.952788][ T6042] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #13: comm syz.0.17: iget: bad i_size value: 12154761577498
[ 112.962390][ T6042] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.17: couldn't read orphan inode 13 (err -117)
[ 112.997751][ T5916] veth1_vlan: entered promiscuous mode
[ 113.021610][ T6042] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 113.023899][ T6042] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.17: dx entry: limit 65535 != root limit 120
[ 113.023930][ T6042] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.17: Corrupt directory, running e2fsck is recommended
[ 113.024065][ T6042] ==================================================================
[ 113.024075][ T6042] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x755/0x8e0
[ 113.024110][ T6042] Read of size 2 at addr ffff8880343bb003 by task syz.0.17/6042
[ 113.024125][ T6042]
[ 113.024145][ T6042] CPU: 0 UID: 0 PID: 6042 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 113.024166][ T6042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 113.024187][ T6042] Call Trace:
[ 113.024197][ T6042]
[ 113.024205][ T6042] dump_stack_lvl+0xe8/0x150
[ 113.024230][ T6042] print_report+0xba/0x230
[ 113.024251][ T6042] ? __ext4_check_dir_entry+0x755/0x8e0
[ 113.024271][ T6042] kasan_report+0x117/0x150
[ 113.024299][ T6042] ? __ext4_check_dir_entry+0x755/0x8e0
[ 113.024324][ T6042] __ext4_check_dir_entry+0x755/0x8e0
[ 113.024346][ T6042] ext4_readdir+0x14ac/0x4000
[ 113.024365][ T6042] ? __lock_acquire+0x6b5/0x2cf0
[ 113.024395][ T6042] ? __pfx_ext4_readdir+0x10/0x10
[ 113.024418][ T6042] ? iterate_dir+0x29e/0x580
[ 113.024439][ T6042] ? __pfx_down_read_killable+0x10/0x10
[ 113.024469][ T6042] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 113.024489][ T6042] ? lockdep_hardirqs_on+0x7a/0x110
[ 113.024508][ T6042] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 113.024527][ T6042] iterate_dir+0x3a5/0x580
[ 113.024549][ T6042] __se_sys_getdents64+0xf1/0x280
[ 113.024572][ T6042] ? __pfx___se_sys_getdents64+0x10/0x10
[ 113.024594][ T6042] ? __pfx_filldir64+0x10/0x10
[ 113.024617][ T6042] ? __x64_sys_lseek+0x187/0x1f0
[ 113.024644][ T6042] do_syscall_64+0xe2/0xf80
[ 113.024663][ T6042] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.024680][ T6042] ? trace_irq_disable+0x37/0x100
[ 113.024698][ T6042] ? clear_bhb_loop+0x60/0xb0
[ 113.024717][ T6042] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.024733][ T6042] RIP: 0033:0x7f344625acb9
[ 113.024755][ T6042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 113.024770][ T6042] RSP: 002b:00007ffc705c24c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 113.024790][ T6042] RAX: ffffffffffffffda RBX: 00007f34464d5fa0 RCX: 00007f344625acb9
[ 113.024802][ T6042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 113.024813][ T6042] RBP: 00007f34462c8bf7 R08: 0000000000000000 R09: 0000000000000000
[ 113.024825][ T6042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 113.024836][ T6042] R13: 00007f34464d5fac R14: 00007f34464d5fa0 R15: 00007f34464d5fa0
[ 113.024856][ T6042]
[ 113.024863][ T6042]
[ 113.024867][ T6042] Allocated by task 5824:
[ 113.024876][ T6042] kasan_save_track+0x3e/0x80
[ 113.024898][ T6042] __kasan_slab_alloc+0x6c/0x80
[ 113.024919][ T6042] kmem_cache_alloc_noprof+0x188/0x6a0
[ 113.024944][ T6042] __kernfs_new_node+0xe9/0x960
[ 113.024968][ T6042] kernfs_new_node+0x102/0x210
[ 113.024989][ T6042] __kernfs_create_file+0x4b/0x2e0
[ 113.025006][ T6042] sysfs_add_file_mode_ns+0x238/0x300
[ 113.025024][ T6042] sysfs_merge_group+0x183/0x320
[ 113.025044][ T6042] dpm_sysfs_add+0xd2/0x270
[ 113.025063][ T6042] device_add+0x4d8/0xb80
[ 113.025081][ T6042] netdev_register_kobject+0x178/0x310
[ 113.025098][ T6042] register_netdevice+0x1272/0x1ab0
[ 113.025121][ T6042] register_netdev+0x40/0x60
[ 113.025135][ T6042] vti6_init_net+0x238/0x370
[ 113.025150][ T6042] ops_init+0x35c/0x5c0
[ 113.025168][ T6042] setup_net+0x118/0x340
[ 113.025185][ T6042] copy_net_ns+0x3e2/0x570
[ 113.025200][ T6042] create_new_namespaces+0x3e7/0x6a0
[ 113.025217][ T6042] unshare_nsproxy_namespaces+0x11a/0x160
[ 113.025233][ T6042] ksys_unshare+0x4f4/0x900
[ 113.025252][ T6042] __x64_sys_unshare+0x38/0x50
[ 113.025272][ T6042] do_syscall_64+0xe2/0xf80
[ 113.025290][ T6042] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.025306][ T6042]
[ 113.025310][ T6042] Freed by task 28:
[ 113.025317][ T6042] kasan_save_track+0x3e/0x80
[ 113.025337][ T6042] kasan_save_free_info+0x46/0x50
[ 113.025355][ T6042] __kasan_slab_free+0x5c/0x80
[ 113.025375][ T6042] kmem_cache_free+0x18d/0x8c0
[ 113.025396][ T6042] rcu_cpu_kthread+0xbba/0x1b10
[ 113.025419][ T6042] smpboot_thread_fn+0x541/0xa50
[ 113.025437][ T6042] kthread+0x726/0x8b0
[ 113.025462][ T6042] ret_from_fork+0x51b/0xa40
[ 113.025478][ T6042] ret_from_fork_asm+0x1a/0x30
[ 113.025500][ T6042]
[ 113.025504][ T6042] Last potentially related work creation:
[ 113.025510][ T6042] kasan_save_stack+0x3e/0x60
[ 113.025528][ T6042] kasan_record_aux_stack+0xbd/0xd0
[ 113.025544][ T6042] call_rcu+0xee/0x890
[ 113.025558][ T6042] kernfs_put+0x191/0x470
[ 113.025579][ T6042] kernfs_remove_by_name_ns+0xb7/0x130
[ 113.025593][ T6042] sysfs_unmerge_group+0xd4/0x140
[ 113.025615][ T6042] dpm_sysfs_remove+0x76/0xd0
[ 113.025633][ T6042] device_del+0x250/0x900
[ 113.025649][ T6042] unregister_netdevice_many_notify+0x1dfa/0x2360
[ 113.025666][ T6042] ops_undo_list+0x3d3/0x940
[ 113.025684][ T6042] cleanup_net+0x4e5/0x7b0
[ 113.025702][ T6042] process_scheduled_works+0xaec/0x17a0
[ 113.025720][ T6042] worker_thread+0x89f/0xd90
[ 113.025737][ T6042] kthread+0x726/0x8b0
[ 113.025755][ T6042] ret_from_fork+0x51b/0xa40
[ 113.025769][ T6042] ret_from_fork_asm+0x1a/0x30
[ 113.025791][ T6042]
[ 113.025795][ T6042] The buggy address belongs to the object at ffff8880343bb000
[ 113.025795][ T6042] which belongs to the cache kernfs_node_cache of size 176
[ 113.025811][ T6042] The buggy address is located 3 bytes inside of
[ 113.025811][ T6042] freed 176-byte region [ffff8880343bb000, ffff8880343bb0b0)
[ 113.025828][ T6042]
[ 113.025833][ T6042] The buggy address belongs to the physical page:
[ 113.025848][ T6042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880343bb3c0 pfn:0x343bb
[ 113.025866][ T6042] flags: 0x80000000000200(workingset|node=0|zone=1)
[ 113.025880][ T6042] page_type: f5(slab)
[ 113.025896][ T6042] raw: 0080000000000200 ffff88814040b000 ffffea0000bfa4d0 ffffea00009017d0
[ 113.025910][ T6042] raw: ffff8880343bb3c0 0000000000110002 00000000f5000000 0000000000000000
[ 113.025919][ T6042] page dumped because: kasan: bad access detected
[ 113.025932][ T6042] page_owner tracks the page as allocated
[ 113.025939][ T6042] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5824, tgid 5824 (syz-executor), ts 89728002543, free_ts 72535029384
[ 113.025972][ T6042] post_alloc_hook+0x228/0x280
[ 113.025994][ T6042] get_page_from_freelist+0x28bb/0x2950
[ 113.026008][ T6042] __alloc_frozen_pages_noprof+0x18d/0x380
[ 113.026023][ T6042] alloc_pages_mpol+0xd1/0x380
[ 113.026046][ T6042] allocate_slab+0x86/0x3a0
[ 113.026063][ T6042] ___slab_alloc+0xaf8/0x13d0
[ 113.026079][ T6042] __slab_alloc+0xc5/0x1f0
[ 113.026095][ T6042] kmem_cache_alloc_noprof+0x100/0x6a0
[ 113.026114][ T6042] __kernfs_new_node+0xe9/0x960
[ 113.026136][ T6042] kernfs_new_node+0x102/0x210
[ 113.026157][ T6042] __kernfs_create_file+0x4b/0x2e0
[ 113.026174][ T6042] sysfs_add_file_mode_ns+0x238/0x300
[ 113.026191][ T6042] sysfs_merge_group+0x183/0x320
[ 113.026211][ T6042] dpm_sysfs_add+0xd2/0x270
[ 113.026229][ T6042] device_add+0x4d8/0xb80
[ 113.026245][ T6042] netdev_register_kobject+0x178/0x310
[ 113.026261][ T6042] page last free pid 5786 tgid 5786 stack trace:
[ 113.026270][ T6042] __free_frozen_pages+0xfc1/0x1130
[ 113.026293][ T6042] __slab_free+0x2e6/0x330
[ 113.026309][ T6042] qlist_free_all+0x97/0x100
[ 113.026327][ T6042] kasan_quarantine_reduce+0x148/0x160
[ 113.026346][ T6042] __kasan_slab_alloc+0x22/0x80
[ 113.026367][ T6042] kmem_cache_alloc_noprof+0x188/0x6a0
[ 113.026388][ T6042] getname_flags+0xb7/0x540
[ 113.026402][ T6042] do_sys_openat2+0xca/0x220
[ 113.026417][ T6042] __x64_sys_openat+0x138/0x170
[ 113.026434][ T6042] do_syscall_64+0xe2/0xf80
[ 113.026460][ T6042] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.026476][ T6042]
[ 113.026480][ T6042] Memory state around the buggy address:
[ 113.026490][ T6042] ffff8880343baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 113.026502][ T6042] ffff8880343baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 113.026513][ T6042] >ffff8880343bb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 113.026522][ T6042] ^
[ 113.026531][ T6042] ffff8880343bb080: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb
[ 113.026543][ T6042] ffff8880343bb100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 113.026552][ T6042] ==================================================================
[ 113.026564][ T6042] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 113.026583][ T6042] CPU: 0 UID: 0 PID: 6042 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 113.026602][ T6042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 113.026613][ T6042] Call Trace:
[ 113.026620][ T6042]
[ 113.026628][ T6042] vpanic+0x1e0/0x670
[ 113.026654][ T6042] panic+0xc5/0xd0
[ 113.026676][ T6042] ? __pfx_panic+0x10/0x10
[ 113.026699][ T6042] ? __ext4_check_dir_entry+0x755/0x8e0
[ 113.026721][ T6042] ? rcu_is_watching+0x15/0xb0
[ 113.026742][ T6042] ? __ext4_check_dir_entry+0x755/0x8e0
[ 113.026762][ T6042] check_panic_on_warn+0x89/0xb0
[ 113.026788][ T6042] ? __ext4_check_dir_entry+0x755/0x8e0
[ 113.026808][ T6042] end_report+0x6f/0x140
[ 113.026833][ T6042] kasan_report+0x128/0x150
[ 113.026860][ T6042] ? __ext4_check_dir_entry+0x755/0x8e0
[ 113.026885][ T6042] __ext4_check_dir_entry+0x755/0x8e0
[ 113.026911][ T6042] ext4_readdir+0x14ac/0x4000
[ 113.026932][ T6042] ? __lock_acquire+0x6b5/0x2cf0
[ 113.026967][ T6042] ? __pfx_ext4_readdir+0x10/0x10
[ 113.026991][ T6042] ? iterate_dir+0x29e/0x580
[ 113.027014][ T6042] ? __pfx_down_read_killable+0x10/0x10
[ 113.027035][ T6042] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 113.027056][ T6042] ? lockdep_hardirqs_on+0x7a/0x110
[ 113.027076][ T6042] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 113.027098][ T6042] iterate_dir+0x3a5/0x580
[ 113.027124][ T6042] __se_sys_getdents64+0xf1/0x280
[ 113.027150][ T6042] ? __pfx___se_sys_getdents64+0x10/0x10
[ 113.027173][ T6042] ? __pfx_filldir64+0x10/0x10
[ 113.027197][ T6042] ? __x64_sys_lseek+0x187/0x1f0
[ 113.027224][ T6042] do_syscall_64+0xe2/0xf80
[ 113.027244][ T6042] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.027261][ T6042] ? trace_irq_disable+0x37/0x100
[ 113.027279][ T6042] ? clear_bhb_loop+0x60/0xb0
[ 113.027297][ T6042] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.027314][ T6042] RIP: 0033:0x7f344625acb9
[ 113.027329][ T6042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 113.027343][ T6042] RSP: 002b:00007ffc705c24c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 113.027363][ T6042] RAX: ffffffffffffffda RBX: 00007f34464d5fa0 RCX: 00007f344625acb9
[ 113.027375][ T6042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 113.027386][ T6042] RBP: 00007f34462c8bf7 R08: 0000000000000000 R09: 0000000000000000
[ 113.027397][ T6042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 113.027408][ T6042] R13: 00007f34464d5fac R14: 00007f34464d5fa0 R15: 00007f34464d5fa0
[ 113.027429][ T6042]
[ 113.027818][ T6042] Kernel Offset: disabled