Warning: Permanently added '10.128.1.37' (ED25519) to the list of known hosts. 2025/12/23 00:59:57 parsed 1 programs [ 69.551294][ T5766] cgroup: Unknown subsys name 'net' [ 69.689402][ T5766] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 71.094350][ T5766] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 71.549245][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.555864][ T1275] ieee802154 phy1 wpan1: encryption failed: -22 [ 73.426894][ T5811] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.435778][ T5811] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.446716][ T5811] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.455755][ T5811] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.463838][ T5811] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.471820][ T5811] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 74.694046][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.702979][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.729652][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.738403][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.594460][ T5850] chnl_net:caif_netlink_parms(): no params data found [ 75.650915][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.658869][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.666148][ T5850] bridge_slave_0: entered allmulticast mode [ 75.672908][ T5850] bridge_slave_0: entered promiscuous mode [ 75.689915][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.697641][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.705135][ T5850] bridge_slave_1: entered allmulticast mode [ 75.712075][ T5850] bridge_slave_1: entered promiscuous mode [ 75.736635][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.758372][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.783853][ T5850] team0: Port device team_slave_0 added [ 75.791769][ T5850] team0: Port device team_slave_1 added [ 75.812392][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.820555][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.846867][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.869460][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.876535][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.904296][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.950871][ T5850] hsr_slave_0: entered promiscuous mode [ 75.957396][ T5850] hsr_slave_1: entered promiscuous mode [ 76.089580][ T5850] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 76.100589][ T5850] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.124648][ T5850] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.136103][ T5850] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.220896][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.243012][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.258805][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.266165][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.309212][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.316376][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.528222][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.574439][ T5850] veth0_vlan: entered promiscuous mode [ 76.589185][ T5850] veth1_vlan: entered promiscuous mode [ 76.613053][ T5850] veth0_macvtap: entered promiscuous mode [ 76.622617][ T5850] veth1_macvtap: entered promiscuous mode [ 76.650389][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.680004][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.728656][ T5850] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.739050][ T5850] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.748138][ T5850] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.758614][ T5850] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.919209][ T5850] syz-executor (5850) used greatest stack depth: 20712 bytes left 2025/12/23 01:00:07 executed programs: 0 [ 77.282474][ T2928] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.329284][ T5082] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.338945][ T5082] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.347326][ T5082] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.357077][ T5082] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.364810][ T5082] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.372541][ T5082] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.491179][ T5876] chnl_net:caif_netlink_parms(): no params data found [ 77.541787][ T5876] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.549248][ T5876] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.557000][ T5876] bridge_slave_0: entered allmulticast mode [ 77.563986][ T5876] bridge_slave_0: entered promiscuous mode [ 77.571780][ T5876] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.579000][ T5876] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.586239][ T5876] bridge_slave_1: entered allmulticast mode [ 77.593866][ T5876] bridge_slave_1: entered promiscuous mode [ 77.621511][ T5876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.635820][ T5876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.662375][ T5876] team0: Port device team_slave_0 added [ 77.670778][ T5876] team0: Port device team_slave_1 added [ 77.692552][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.699728][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.726090][ T5876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.738672][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.745719][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.771649][ T5876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.819992][ T5876] hsr_slave_0: entered promiscuous mode [ 77.826667][ T5876] hsr_slave_1: entered promiscuous mode [ 77.832737][ T5876] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 77.840856][ T5876] Cannot create hsr debugfs directory [ 79.425141][ T2928] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.463712][ T5082] Bluetooth: hci0: command tx timeout [ 81.543577][ T5082] Bluetooth: hci0: command tx timeout [ 81.704646][ T2928] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.756506][ T2928] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.784316][ T8] cfg80211: failed to load regulatory.db [ 82.658248][ T2928] hsr_slave_0: left promiscuous mode [ 82.664347][ T2928] hsr_slave_1: left promiscuous mode [ 82.670184][ T2928] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.677815][ T2928] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.686344][ T2928] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.693831][ T2928] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 82.701446][ T2928] bridge_slave_1: left allmulticast mode [ 82.707148][ T2928] bridge_slave_1: left promiscuous mode [ 82.713738][ T2928] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.724389][ T2928] bridge_slave_0: left allmulticast mode [ 82.730041][ T2928] bridge_slave_0: left promiscuous mode [ 82.735891][ T2928] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.755451][ T2928] veth1_macvtap: left promiscuous mode [ 82.761168][ T2928] veth0_macvtap: left promiscuous mode [ 82.767460][ T2928] veth1_vlan: left promiscuous mode [ 82.772863][ T2928] veth0_vlan: left promiscuous mode [ 83.100123][ T2928] team0 (unregistering): Port device team_slave_1 removed [ 83.133426][ T2928] team0 (unregistering): Port device team_slave_0 removed [ 83.161758][ T2928] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.196566][ T2928] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 83.469003][ T2928] bond0 (unregistering): Released all slaves [ 83.553091][ T5876] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 83.562497][ T5876] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 83.572974][ T5876] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 83.582303][ T5876] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 83.635329][ T5082] Bluetooth: hci0: command tx timeout [ 83.661159][ T5876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.695279][ T5876] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.709498][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.716669][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.735442][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.742565][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.912376][ T5876] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.948429][ T5876] veth0_vlan: entered promiscuous mode [ 83.961182][ T5876] veth1_vlan: entered promiscuous mode [ 83.998478][ T5876] veth0_macvtap: entered promiscuous mode [ 84.007072][ T5876] veth1_macvtap: entered promiscuous mode [ 84.029090][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.042501][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.056747][ T5876] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.069091][ T5876] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.079190][ T5876] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.088212][ T5876] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.141849][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.152369][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.180712][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.188824][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.270883][ C1] [ 84.270889][ C1] ================================ [ 84.270891][ C1] WARNING: inconsistent lock state [ 84.270897][ C1] syzkaller #0 Not tainted [ 84.270902][ C1] -------------------------------- [ 84.270905][ C1] inconsistent {INITIAL USE} -> {IN-NMI} usage. [ 84.270909][ C1] syz.0.17/5925 [HC1[1]:SC0[0]:HE0:SE1] takes: [ 84.270919][ C1] ffff888025be7a68 (&htab->lockdep_key){....}-{2:2}, at: htab_lock_bucket+0x181/0x300 [ 84.270950][ C1] {INITIAL USE} state was registered at: [ 84.270953][ C1] lock_acquire+0x197/0x410 [ 84.270963][ C1] _raw_spin_lock+0x2e/0x40 [ 84.270972][ C1] htab_lock_bucket+0x181/0x300 [ 84.270979][ C1] htab_lru_map_update_elem+0x2c6/0x970 [ 84.270986][ C1] bpf_map_update_value+0x660/0x720 [ 84.270997][ C1] generic_map_update_batch+0x5e0/0x810 [ 84.271008][ C1] bpf_map_do_batch+0x3d7/0x610 [ 84.271015][ C1] __sys_bpf+0x31b/0x800 [ 84.271022][ C1] __x64_sys_bpf+0x7c/0x90 [ 84.271028][ C1] do_syscall_64+0x55/0xb0 [ 84.271035][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 84.271045][ C1] irq event stamp: 28836 [ 84.271048][ C1] hardirqs last enabled at (28835): [] syscall_enter_from_user_mode+0x25/0x80 [ 84.271061][ C1] hardirqs last disabled at (28836): [] exc_debug+0x7b/0x140 [ 84.271070][ C1] softirqs last enabled at (28584): [] bpf_prog_load+0x12f2/0x16d0 [ 84.271080][ C1] softirqs last disabled at (28582): [] bpf_ksym_add+0x2d/0x340 [ 84.271090][ C1] [ 84.271090][ C1] other info that might help us debug this: [ 84.271092][ C1] Possible unsafe locking scenario: [ 84.271092][ C1] [ 84.271094][ C1] CPU0 [ 84.271095][ C1] ---- [ 84.271097][ C1] lock(&htab->lockdep_key); [ 84.271102][ C1] [ 84.271103][ C1] lock(&htab->lockdep_key); [ 84.271108][ C1] [ 84.271108][ C1] *** DEADLOCK *** [ 84.271108][ C1] [ 84.271109][ C1] no locks held by syz.0.17/5925. [ 84.271113][ C1] [ 84.271113][ C1] stack backtrace: [ 84.271121][ C1] CPU: 1 PID: 5925 Comm: syz.0.17 Not tainted syzkaller #0 [ 84.271129][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 84.271138][ C1] Call Trace: [ 84.271142][ C1] <#DB> [ 84.271148][ C1] dump_stack_lvl+0x16c/0x230 [ 84.271162][ C1] ? show_regs_print_info+0x20/0x20 [ 84.271175][ C1] ? print_usage_bug+0x475/0x690 [ 84.271184][ C1] ? verify_lock_unused+0x18/0x140 [ 84.271193][ C1] lock_acquire+0x2b1/0x410 [ 84.271203][ C1] ? htab_lock_bucket+0x181/0x300 [ 84.271211][ C1] ? read_lock_is_recursive+0x20/0x20 [ 84.271223][ C1] _raw_spin_lock+0x2e/0x40 [ 84.271231][ C1] ? htab_lock_bucket+0x181/0x300 [ 84.271240][ C1] htab_lock_bucket+0x181/0x300 [ 84.271248][ C1] ? htab_lru_map_delete_node+0x750/0x750 [ 84.271257][ C1] ? look_up_lock_class+0x75/0x140 [ 84.271266][ C1] ? verify_lock_unused+0x18/0x140 [ 84.271275][ C1] ? jhash+0x34e/0x740 [ 84.271283][ C1] htab_lru_map_delete_elem+0x1a4/0x630 [ 84.271293][ C1] ? htab_lru_map_update_elem+0x970/0x970 [ 84.271301][ C1] ? perf_callchain+0x200/0x200 [ 84.271311][ C1] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 84.271324][ C1] bpf_overflow_handler+0x1f9/0x4f0 [ 84.271336][ C1] ? bpf_overflow_handler+0xcf/0x4f0 [ 84.271346][ C1] ? tp_perf_event_destroy+0x20/0x20 [ 84.271358][ C1] ? __perf_event_account_interrupt+0x187/0x280 [ 84.271367][ C1] __perf_event_overflow+0x447/0x630 [ 84.271377][ C1] perf_swevent_event+0x4de/0x5c0 [ 84.271387][ C1] ? perf_tp_event+0x13a0/0x13a0 [ 84.271397][ C1] perf_bp_event+0x252/0x300 [ 84.271407][ C1] ? perf_event_free_bpf_prog+0x120/0x120 [ 84.271422][ C1] ? lock_acquire+0x2b1/0x410 [ 84.271431][ C1] hw_breakpoint_exceptions_notify+0x23e/0x670 [ 84.271449][ C1] notifier_call_chain+0x197/0x390 [ 84.271460][ C1] ? atomic_notifier_call_chain+0x26/0x180 [ 84.271470][ C1] atomic_notifier_call_chain+0xda/0x180 [ 84.271480][ C1] notify_die+0x131/0x180 [ 84.271490][ C1] ? srcu_init_notifier_head+0x90/0x90 [ 84.271501][ C1] ? rcu_is_watching+0x15/0xb0 [ 84.271513][ C1] notify_debug+0x2e/0x50 [ 84.271525][ C1] exc_debug+0xe6/0x140 [ 84.271533][ C1] asm_exc_debug+0x1e/0x40 [ 84.271543][ C1] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 84.271553][ C1] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01 [ 84.271560][ C1] RSP: 0018:ffffc90003417d50 EFLAGS: 00050202 [ 84.271567][ C1] RAX: ffffffff841f3d01 RBX: 0000000000000050 RCX: 000000000000000f [ 84.271573][ C1] RDX: 0000000000000001 RSI: 0000200000000301 RDI: ffffc90003417e01 [ 84.271578][ C1] RBP: ffffc90003417ee8 R08: ffffc90003417e0f R09: 1ffff92000682fc1 [ 84.271584][ C1] R10: dffffc0000000000 R11: fffff52000682fc2 R12: 0000200000000310 [ 84.271590][ C1] R13: 0000000000000050 R14: ffffc90003417dc0 R15: 00002000000002c0 [ 84.271597][ C1] ? rcuref_put_slowpath+0xe1/0x150 [ 84.271609][ C1] [ 84.271611][ C1] [ 84.271614][ C1] _copy_from_user+0x8b/0xe0 [ 84.271623][ C1] __sys_bpf+0x1e9/0x800 [ 84.271632][ C1] ? bpf_link_show_fdinfo+0x350/0x350 [ 84.271643][ C1] ? lock_chain_count+0x20/0x20 [ 84.271653][ C1] __x64_sys_bpf+0x7c/0x90 [ 84.271660][ C1] do_syscall_64+0x55/0xb0 [ 84.271667][ C1] ? clear_bhb_loop+0x40/0x90 [ 84.271677][ C1] ? clear_bhb_loop+0x40/0x90 [ 84.271687][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 84.271698][ C1] RIP: 0033:0x7f803758f749 [ 84.271705][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.271711][ C1] RSP: 002b:00007f80383da038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.271719][ C1] RAX: ffffffffffffffda RBX: 00007f80377e5fa0 RCX: 00007f803758f749 [ 84.271725][ C1] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a [ 84.271730][ C1] RBP: 00007f8037613f91 R08: 0000000000000000 R09: 0000000000000000 [ 84.271735][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.271740][ C1] R13: 00007f80377e6038 R14: 00007f80377e5fa0 R15: 00007ffc18333248 [ 84.271749][ C1]