DUID 00:04:52:37:01:18:ef:18:23:1a:50:cb:d1:49:65:cf:57:ac
forked to background, child pid 3918
[   42.150994][ T3919] 8021q: adding VLAN 0 to HW filter on device bond0
[   42.162926][ T3919] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.21' (ED25519) to the list of known hosts.
Setting up swapspace version 1, size = 127995904 bytes
syzkaller login: [   70.131279][ T4256] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   70.223808][ T4259] chnl_net:caif_netlink_parms(): no params data found
[   70.274308][ T4259] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.281971][ T4259] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.290253][ T4259] device bridge_slave_0 entered promiscuous mode
[   70.299362][ T4259] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.306591][ T4259] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.315305][ T4259] device bridge_slave_1 entered promiscuous mode
[   70.338883][ T4259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.350626][ T4259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.375110][ T4259] team0: Port device team_slave_0 added
[   70.382564][ T4259] team0: Port device team_slave_1 added
[   70.403259][ T4259] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.410207][ T4259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.436297][ T4259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.448612][ T4259] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.455796][ T4259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.481740][ T4259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.513472][ T4259] device hsr_slave_0 entered promiscuous mode
[   70.520777][ T4259] device hsr_slave_1 entered promiscuous mode
[   70.619017][ T4259] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   70.629234][ T4259] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   70.638570][ T4259] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   70.647737][ T4259] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   70.670042][ T4259] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.677336][ T4259] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.685182][ T4259] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.692327][ T4259] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.740357][ T4259] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.754258][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   70.764483][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.773697][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.782317][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   70.795353][ T4259] 8021q: adding VLAN 0 to HW filter on device team0
[   70.807551][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   70.816348][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.823632][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.836686][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   70.845390][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.852526][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.874455][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   70.883757][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   70.896434][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   70.907953][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   70.919927][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   70.930393][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   70.948327][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   70.955933][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   70.968455][ T4259] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.988492][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   71.009520][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   71.018518][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   71.026350][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   71.036672][ T4259] device veth0_vlan entered promiscuous mode
[   71.048195][ T4259] device veth1_vlan entered promiscuous mode
[   71.068600][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   71.077277][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   71.085523][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   71.096375][ T4259] device veth0_macvtap entered promiscuous mode
[   71.105920][ T4259] device veth1_macvtap entered promiscuous mode
[   71.125410][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.133841][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.143869][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   71.155350][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.164157][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   71.175237][ T4259] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.184250][ T4259] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.193330][ T4259] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.202444][ T4259] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.264454][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.288212][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.292929][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.298375][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
executing program
[   71.311322][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.320275][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   71.352142][    C0] hrtimer: interrupt took 7361822 ns
executing program
executing program
[   88.465427][    T7] cfg80211: failed to load regulatory.db
[  146.019089][ T4266] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-...D } 2635 jiffies s: 649 root: 0x1/.
[  146.034749][ T4266] rcu: blocking rcu_node structures (internal RCU debug):
[  146.042171][ T4266] Sending NMI from CPU 1 to CPUs 0:
[  146.047407][    C0] NMI backtrace for cpu 0
[  146.047434][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.136-syzkaller #0
[  146.047448][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  146.047460][    C0] RIP: 0010:lock_acquire+0x1/0x490
[  146.047494][    C0] Code: e8 24 61 6f 00 e9 35 fb ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 65 8b 05 b1 99 9f 7e a9 00 ff ff 00 0f 95 c0 c3 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec e0 00 00
[  146.047509][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00000046
[  146.047522][    C0] RAX: 0000000000010003 RBX: ffffffff96bde020 RCX: 0000000000000000
[  146.047532][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff96bde038
[  146.047542][    C0] RBP: ffffc90000007c80 R08: 0000000000000001 R09: 0000000000000000
[  146.047551][    C0] R10: fffff52000000f80 R11: 1ffff92000000f80 R12: dffffc0000000000
[  146.047561][    C0] R13: dffffc0000000000 R14: 0000000000000802 R15: 1ffff92000000f80
[  146.047572][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  146.047584][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  146.047594][    C0] CR2: 00007f3420f992d0 CR3: 000000007c389000 CR4: 00000000003506f0
[  146.047607][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  146.047614][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  146.047623][    C0] Call Trace:
[  146.047628][    C0]  <IRQ>
[  146.047634][    C0]  _raw_spin_lock_irqsave+0xa4/0xf0
[  146.047662][    C0]  ? debug_object_activate+0x6a/0x490
[  146.047681][    C0]  ? _raw_spin_lock+0x40/0x40
[  146.047706][    C0]  ? advance_sched+0x6cc/0x970
[  146.047726][    C0]  debug_object_activate+0x6a/0x490
[  146.047743][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  146.047766][    C0]  enqueue_hrtimer+0x30/0x3f0
[  146.047783][    C0]  __hrtimer_run_queues+0x642/0xc80
[  146.047801][    C0]  ? taprio_free_sched_cb+0x190/0x190
[  146.047842][    C0]  ? hrtimer_interrupt+0x8d0/0x8d0
[  146.047857][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  146.047880][    C0]  hrtimer_interrupt+0x3bb/0x8d0
[  146.047907][    C0]  __sysvec_apic_timer_interrupt+0x153/0x5a0
[  146.047930][    C0]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  146.047957][    C0]  </IRQ>
[  146.047961][    C0]  <TASK>
[  146.047966][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  146.047981][    C0] RIP: 0010:default_idle+0xb/0x10
[  146.048002][    C0] Code: 48 89 df e8 67 3a b9 f7 e9 4c ff ff ff e8 4d 14 f6 ff 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 66 90 0f 00 2d b7 a2 4d 00 fb f4 <c3> 0f 1f 40 00 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 48
[  146.048014][    C0] RSP: 0018:ffffffff8c607d88 EFLAGS: 000002c6
[  146.048026][    C0] RAX: d033f9e6234f6600 RBX: ffffffff8a1900d7 RCX: d033f9e6234f6600
[  146.048037][    C0] RDX: 0000000000000001 RSI: ffffffff8a6bfe00 RDI: ffffffff8abf0da0
[  146.048048][    C0] RBP: ffffffff8c607ec0 R08: dffffc0000000000 R09: ffffed10171c6aee
[  146.048059][    C0] R10: ffffed10171c6aee R11: 1ffff110171c6aed R12: 0000000000000000
[  146.048070][    C0] R13: dffffc0000000000 R14: ffffffff8c6bc680 R15: 1ffffffff1bfd07e
[  146.048083][    C0]  ? default_idle_call+0x77/0xc0
[  146.048109][    C0]  default_idle_call+0x84/0xc0
[  146.048129][    C0]  do_idle+0x1fc/0x570
[  146.048153][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  146.048174][    C0]  ? release_firmware_map_entry+0x18a/0x18a
[  146.048192][    C0]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  146.048214][    C0]  ? _raw_spin_unlock+0x40/0x40
[  146.048239][    C0]  cpu_startup_entry+0x3f/0x60
[  146.048260][    C0]  rest_init+0x2dc/0x300
[  146.048274][    C0]  ? time_init+0x33/0x33
[  146.048298][    C0]  arch_call_rest_init+0xa/0xa
[  146.048321][    C0]  start_kernel+0x490/0x539
[  146.048345][    C0]  secondary_startup_64_no_verify+0xcf/0xdb
[  146.048373][    C0]  </TASK>