syzkaller login: [ 92.124370][ T54] cfg80211: failed to load regulatory.db Warning: Permanently added '[localhost]:43652' (ED25519) to the list of known hosts. 2025/09/21 07:40:17 parsed 1 programs [ 98.981302][ T5353] cgroup: Unknown subsys name 'net' [ 99.070051][ T5353] cgroup: Unknown subsys name 'cpuset' [ 99.078811][ T5353] cgroup: Unknown subsys name 'rlimit' [ 100.997794][ T5353] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 106.838452][ T5372] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.652711][ T3053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.656690][ T3053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.441979][ T184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.455533][ T184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.994697][ T5389] syz-executor (5389) used greatest stack depth: 18648 bytes left [ 113.229406][ T5416] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 113.234048][ T5416] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 113.256298][ T5416] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 113.276499][ T5416] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 113.286314][ T5416] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 115.317418][ T5416] Bluetooth: hci0: command tx timeout [ 116.286021][ T5399] chnl_net:caif_netlink_parms(): no params data found [ 116.613680][ T5399] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.646707][ T5399] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.650814][ T5399] bridge_slave_0: entered allmulticast mode [ 116.674504][ T5399] bridge_slave_0: entered promiscuous mode [ 116.716785][ T5399] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.719993][ T5399] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.723315][ T5399] bridge_slave_1: entered allmulticast mode [ 116.748158][ T5399] bridge_slave_1: entered promiscuous mode [ 116.816855][ T5399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.829954][ T5399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.890221][ T5399] team0: Port device team_slave_0 added [ 116.906376][ T5399] team0: Port device team_slave_1 added [ 116.954598][ T5399] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 116.964508][ T5399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 116.997668][ T5399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 117.005294][ T5399] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 117.016419][ T5399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 117.036390][ T5399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 117.088637][ T5399] hsr_slave_0: entered promiscuous mode [ 117.092694][ T5399] hsr_slave_1: entered promiscuous mode [ 117.272851][ T5399] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 117.283218][ T5399] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 117.291231][ T5399] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 117.301070][ T5399] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 117.333682][ T5399] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.337171][ T5399] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.341972][ T5399] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.347147][ T5399] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.397783][ T5416] Bluetooth: hci0: command tx timeout [ 117.414684][ T5399] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.431384][ T184] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.435484][ T184] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.455443][ T5399] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.464146][ T184] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.467312][ T184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.482591][ T184] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.485973][ T184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.703583][ T5399] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.748889][ T5399] veth0_vlan: entered promiscuous mode [ 117.761540][ T5399] veth1_vlan: entered promiscuous mode [ 117.792240][ T5399] veth0_macvtap: entered promiscuous mode [ 117.802582][ T5399] veth1_macvtap: entered promiscuous mode [ 117.819891][ T5399] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 117.832389][ T5399] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 117.846889][ T1077] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.852363][ T1077] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.863936][ T1077] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.880398][ T1077] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 2025/09/21 07:40:39 executed programs: 0 [ 118.291952][ T4705] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 118.330935][ T45] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 118.370815][ T5488] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 118.392981][ T5489] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 118.396753][ T5489] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 118.401468][ T5489] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 118.408481][ T5489] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 118.415429][ T5489] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 118.419751][ T5489] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 118.423303][ T5489] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 118.427107][ T5489] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 118.433212][ T5489] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 118.439400][ T5489] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 118.442758][ T5489] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 118.446073][ T5489] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 118.449596][ T5489] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 118.458353][ T5490] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 118.463945][ T5490] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 118.468204][ T5490] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 118.471650][ T5489] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 118.476113][ T5490] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 118.480551][ T5489] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 118.485314][ T5489] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 118.488779][ T5489] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 118.492232][ T5489] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 118.498330][ T5490] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 118.502413][ T5489] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 118.516634][ T45] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 118.578088][ T45] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 118.583725][ T45] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 119.780723][ T3053] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.596069][ T45] Bluetooth: hci5: command tx timeout [ 120.599061][ T45] Bluetooth: hci1: command tx timeout [ 120.601739][ T45] Bluetooth: hci2: command tx timeout [ 120.604435][ T45] Bluetooth: hci3: command tx timeout [ 120.611949][ T5488] Bluetooth: hci4: command tx timeout [ 120.657380][ T5475] chnl_net:caif_netlink_parms(): no params data found [ 120.742843][ T3053] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.997767][ T45] Bluetooth: hci6: command tx timeout [ 121.099080][ T5475] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.101973][ T5475] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.114375][ T5475] bridge_slave_0: entered allmulticast mode [ 121.119757][ T5475] bridge_slave_0: entered promiscuous mode [ 121.159276][ T3053] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.185322][ T5475] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.191984][ T5475] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.195076][ T5475] bridge_slave_1: entered allmulticast mode [ 121.202108][ T5475] bridge_slave_1: entered promiscuous mode [ 121.279889][ T3053] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.441155][ T5475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 121.472265][ T5475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 121.972705][ T5475] team0: Port device team_slave_0 added [ 122.048465][ T5481] chnl_net:caif_netlink_parms(): no params data found [ 122.084589][ T5477] chnl_net:caif_netlink_parms(): no params data found [ 122.122743][ T5475] team0: Port device team_slave_1 added [ 122.183419][ T3053] bridge_slave_1: left allmulticast mode [ 122.185606][ T3053] bridge_slave_1: left promiscuous mode [ 122.203740][ T3053] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.248918][ T3053] bridge_slave_0: left allmulticast mode [ 122.250911][ T3053] bridge_slave_0: left promiscuous mode [ 122.255967][ T3053] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.679085][ T45] Bluetooth: hci3: command tx timeout [ 122.681635][ T45] Bluetooth: hci4: command tx timeout [ 122.684069][ T45] Bluetooth: hci2: command tx timeout [ 122.688974][ T5488] Bluetooth: hci1: command tx timeout [ 122.692544][ T5488] Bluetooth: hci5: command tx timeout [ 122.748208][ T3053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 122.755493][ T3053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 122.767191][ T3053] bond0 (unregistering): Released all slaves [ 123.004281][ T5474] chnl_net:caif_netlink_parms(): no params data found [ 123.079897][ T45] Bluetooth: hci6: command tx timeout [ 123.186446][ T5487] chnl_net:caif_netlink_parms(): no params data found [ 123.292345][ T3053] hsr_slave_0: left promiscuous mode [ 123.310081][ T3053] hsr_slave_1: left promiscuous mode [ 123.320783][ T3053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 123.323909][ T3053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 123.356127][ T3053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 123.359249][ T3053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 123.405425][ T3053] veth1_macvtap: left promiscuous mode [ 123.416648][ T3053] veth0_macvtap: left promiscuous mode [ 123.419495][ T3053] veth1_vlan: left promiscuous mode [ 123.422534][ T3053] veth0_vlan: left promiscuous mode [ 124.043034][ T3053] team0 (unregistering): Port device team_slave_1 removed [ 124.071850][ T3053] team0 (unregistering): Port device team_slave_0 removed [ 124.496339][ T5475] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 124.499491][ T5475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.536780][ T5475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 124.618856][ T5475] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 124.622024][ T5475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.648839][ T5475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 124.753120][ T5476] chnl_net:caif_netlink_parms(): no params data found [ 124.759543][ T45] Bluetooth: hci2: command tx timeout [ 124.762477][ T45] Bluetooth: hci5: command tx timeout [ 124.765477][ T45] Bluetooth: hci1: command tx timeout [ 124.770489][ T5489] Bluetooth: hci4: command tx timeout [ 124.772687][ T5489] Bluetooth: hci3: command tx timeout [ 124.920719][ T5481] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.924131][ T5481] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.936566][ T5481] bridge_slave_0: entered allmulticast mode [ 124.941577][ T5481] bridge_slave_0: entered promiscuous mode [ 124.948312][ T5477] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.951880][ T5477] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.955319][ T5477] bridge_slave_0: entered allmulticast mode [ 124.977164][ T5477] bridge_slave_0: entered promiscuous mode [ 124.991202][ T5477] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.994344][ T5477] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.009370][ T5477] bridge_slave_1: entered allmulticast mode [ 125.018326][ T5477] bridge_slave_1: entered promiscuous mode [ 125.068139][ T5475] hsr_slave_0: entered promiscuous mode [ 125.077568][ T5475] hsr_slave_1: entered promiscuous mode [ 125.122600][ T5481] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.134756][ T5481] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.148401][ T5481] bridge_slave_1: entered allmulticast mode [ 125.153140][ T5481] bridge_slave_1: entered promiscuous mode [ 125.160163][ T45] Bluetooth: hci6: command tx timeout [ 125.221488][ T5481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 125.304572][ T5474] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.319080][ T5474] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.322725][ T5474] bridge_slave_0: entered allmulticast mode [ 125.334093][ T5474] bridge_slave_0: entered promiscuous mode [ 125.351085][ T5474] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.354210][ T5474] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.367584][ T5474] bridge_slave_1: entered allmulticast mode [ 125.379598][ T5474] bridge_slave_1: entered promiscuous mode [ 125.402681][ T5481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 125.484934][ T5477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 125.516181][ T5487] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.519340][ T5487] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.522869][ T5487] bridge_slave_0: entered allmulticast mode [ 125.542198][ T5487] bridge_slave_0: entered promiscuous mode [ 125.591227][ T5477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 125.607433][ T5481] team0: Port device team_slave_0 added [ 125.624918][ T5487] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.633917][ T5487] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.641812][ T5487] bridge_slave_1: entered allmulticast mode [ 125.648637][ T5487] bridge_slave_1: entered promiscuous mode [ 125.680130][ T5474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 125.718014][ T5481] team0: Port device team_slave_1 added [ 125.775312][ T5487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 125.819087][ T5474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 125.908805][ T5487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 125.958517][ T5477] team0: Port device team_slave_0 added [ 125.961366][ T5476] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.964496][ T5476] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.976483][ T5476] bridge_slave_0: entered allmulticast mode [ 125.990246][ T5476] bridge_slave_0: entered promiscuous mode [ 126.091597][ T5477] team0: Port device team_slave_1 added [ 126.094880][ T5476] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.104575][ T5476] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.119231][ T5476] bridge_slave_1: entered allmulticast mode [ 126.139329][ T5476] bridge_slave_1: entered promiscuous mode [ 126.143466][ T5481] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.157080][ T5481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.190700][ T5481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.213768][ T5487] team0: Port device team_slave_0 added [ 126.221331][ T5474] team0: Port device team_slave_0 added [ 126.290740][ T5481] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.293834][ T5481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.334247][ T5481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.360787][ T5487] team0: Port device team_slave_1 added [ 126.364710][ T5474] team0: Port device team_slave_1 added [ 126.383071][ T5476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.437438][ T5476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 126.442327][ T5477] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.445526][ T5477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.464472][ T5477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.528211][ T5477] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.531970][ T5477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.567978][ T5477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.628893][ T5481] hsr_slave_0: entered promiscuous mode [ 126.632383][ T5481] hsr_slave_1: entered promiscuous mode [ 126.640562][ T5481] debugfs: 'hsr0' already exists in 'hsr' [ 126.643164][ T5481] Cannot create hsr debugfs directory [ 126.703471][ T5487] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.714432][ T5487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.748875][ T5487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.774847][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.788230][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.809079][ T5474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.840138][ T45] Bluetooth: hci1: command tx timeout [ 126.842597][ T45] Bluetooth: hci3: command tx timeout [ 126.845118][ T45] Bluetooth: hci4: command tx timeout [ 126.848166][ T5488] Bluetooth: hci5: command tx timeout [ 126.850962][ T5488] Bluetooth: hci2: command tx timeout [ 126.885496][ T5487] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.900711][ T5487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.939503][ T5487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.946321][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.949798][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.987267][ T5474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.994161][ T5476] team0: Port device team_slave_0 added [ 127.012912][ T5476] team0: Port device team_slave_1 added [ 127.237419][ T45] Bluetooth: hci6: command tx timeout [ 127.255617][ T5477] hsr_slave_0: entered promiscuous mode [ 127.262496][ T5477] hsr_slave_1: entered promiscuous mode [ 127.266082][ T5477] debugfs: 'hsr0' already exists in 'hsr' [ 127.268682][ T5477] Cannot create hsr debugfs directory [ 127.312842][ T5487] hsr_slave_0: entered promiscuous mode [ 127.326992][ T5487] hsr_slave_1: entered promiscuous mode [ 127.336497][ T5487] debugfs: 'hsr0' already exists in 'hsr' [ 127.338745][ T5487] Cannot create hsr debugfs directory [ 127.360024][ T5476] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 127.363180][ T5476] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.380712][ T5476] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 127.440219][ T5476] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 127.442795][ T5476] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.458564][ T5476] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.486171][ T5474] hsr_slave_0: entered promiscuous mode [ 127.490107][ T5474] hsr_slave_1: entered promiscuous mode [ 127.494062][ T5474] debugfs: 'hsr0' already exists in 'hsr' [ 127.499617][ T5474] Cannot create hsr debugfs directory [ 127.523252][ T5475] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 127.551967][ T5475] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 127.668443][ T5475] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 127.686705][ T5475] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 127.870640][ T5476] hsr_slave_0: entered promiscuous mode [ 127.898680][ T5476] hsr_slave_1: entered promiscuous mode [ 127.907045][ T5476] debugfs: 'hsr0' already exists in 'hsr' [ 127.909500][ T5476] Cannot create hsr debugfs directory [ 128.403670][ T5481] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 128.444890][ T5481] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 128.495152][ T5481] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 128.522095][ T5475] 8021q: adding VLAN 0 to HW filter on device bond0 [ 128.548354][ T5481] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 128.605578][ T5475] 8021q: adding VLAN 0 to HW filter on device team0 [ 128.621166][ T5487] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 128.727535][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.731058][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.742280][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.746399][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.768548][ T5487] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 128.820697][ T5487] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 128.835500][ T5487] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 129.117209][ T5477] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 129.250805][ T5477] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 129.282278][ T5477] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 129.490859][ T5477] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 129.666215][ T5481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 129.785015][ T5487] 8021q: adding VLAN 0 to HW filter on device bond0 [ 129.856839][ T5481] 8021q: adding VLAN 0 to HW filter on device team0 [ 129.969785][ T5475] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 129.974706][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.978437][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.018142][ T184] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.021613][ T184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.084039][ T5487] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.218635][ T184] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.222133][ T184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.250653][ T184] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.253830][ T184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.434178][ T5474] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 130.461864][ T5474] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 130.540093][ T5474] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 130.572086][ T5474] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 130.734529][ T5477] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.783277][ T5475] veth0_vlan: entered promiscuous mode [ 130.881390][ T5487] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 131.052353][ T5475] veth1_vlan: entered promiscuous mode [ 131.071970][ T5476] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 131.152821][ T5477] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.240556][ T5476] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 131.338881][ T5481] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.358236][ T5476] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 131.379100][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.382222][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.417413][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.420791][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.494533][ T5475] veth0_macvtap: entered promiscuous mode [ 131.517336][ T5476] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 131.648430][ T5475] veth1_macvtap: entered promiscuous mode [ 131.783062][ T5475] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.950813][ T5475] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 131.993591][ T5487] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 132.274500][ T5474] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.310077][ T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.402413][ T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.436701][ T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.441249][ T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.732152][ T5481] veth0_vlan: entered promiscuous mode [ 132.817293][ T5474] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.911183][ T5481] veth1_vlan: entered promiscuous mode [ 133.022985][ T5476] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.061172][ T1077] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.064332][ T1077] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.107345][ T1077] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.111044][ T1077] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.134124][ T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.154294][ T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.367983][ T5477] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.378709][ T5476] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.408841][ T5474] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 133.413111][ T5474] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 133.460987][ T5481] veth0_macvtap: entered promiscuous mode [ 133.535314][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.538302][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.577487][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.580879][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.622330][ T184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.629349][ T5481] veth1_macvtap: entered promiscuous mode [ 133.658403][ T184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/09/21 07:40:55 executed programs: 12 [ 134.008999][ T5487] veth0_vlan: entered promiscuous mode [ 134.094449][ T5481] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.165607][ T5487] veth1_vlan: entered promiscuous mode [ 134.264784][ T5481] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.298982][ T5477] veth0_vlan: entered promiscuous mode [ 134.400753][ T5477] veth1_vlan: entered promiscuous mode [ 134.443011][ T43] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.496671][ T1077] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.501033][ T1077] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.505471][ T1077] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.755108][ T5487] veth0_macvtap: entered promiscuous mode [ 134.868292][ T5487] veth1_macvtap: entered promiscuous mode [ 134.969176][ T5474] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.146595][ T5477] veth0_macvtap: entered promiscuous mode [ 135.152524][ T5477] veth1_macvtap: entered promiscuous mode [ 135.201552][ T5487] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.307863][ T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.311776][ T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.357795][ T5487] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.404004][ T1038] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.418277][ T1038] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.422516][ T1038] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.515613][ T5477] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.544433][ T1038] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.570109][ T5476] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.625243][ T5477] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.797050][ T3053] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.801809][ T3053] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.858640][ T3053] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.868343][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.871761][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.015346][ T31] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.283963][ T5476] veth0_vlan: entered promiscuous mode [ 136.310504][ T5474] veth0_vlan: entered promiscuous mode [ 136.330640][ T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.342608][ T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.454095][ T5476] veth1_vlan: entered promiscuous mode [ 136.490098][ T1077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.521388][ T1077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.531324][ T5474] veth1_vlan: entered promiscuous mode [ 136.698290][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.734457][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.879657][ T3053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.884431][ T3053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.961694][ T5474] veth0_macvtap: entered promiscuous mode [ 136.968646][ T5476] veth0_macvtap: entered promiscuous mode [ 136.975576][ T5476] veth1_macvtap: entered promiscuous mode [ 137.053716][ T5474] veth1_macvtap: entered promiscuous mode [ 137.232372][ T5476] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.255394][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.345121][ T5476] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.369525][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.528877][ T3053] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.630098][ T3053] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.719796][ T3053] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.815245][ T43] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.907977][ T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.055595][ T3053] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.176395][ T3053] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.206946][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.210473][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.231577][ T3053] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.409800][ T1077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.459491][ T1077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.538346][ T184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.574176][ T184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.795432][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.857925][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.963226][ T184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 2025/09/21 07:41:00 executed programs: 77 [ 139.021815][ T184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/09/21 07:41:05 executed programs: 258 2025/09/21 07:41:10 executed programs: 472 2025/09/21 07:41:15 executed programs: 685 2025/09/21 07:41:20 executed programs: 911 [ 160.685325][ T7690] [ 160.686477][ T7690] ====================================================== [ 160.690589][ T7690] WARNING: possible circular locking dependency detected [ 160.693540][ T7690] syzkaller #0 Not tainted [ 160.695376][ T7690] ------------------------------------------------------ [ 160.698374][ T7690] syz.2.986/7690 is trying to acquire lock: [ 160.702459][ T7690] ffff888055778c70 (&nr_node->node_lock){+...}-{3:3}, at: nr_rt_device_down+0x12a/0x720 [ 160.707006][ T7690] [ 160.707006][ T7690] but task is already holding lock: [ 160.710283][ T7690] ffffffff8f8918f8 (nr_node_list_lock){+...}-{3:3}, at: nr_rt_device_down+0xa9/0x720 [ 160.714988][ T7690] [ 160.714988][ T7690] which lock already depends on the new lock. [ 160.714988][ T7690] [ 160.719908][ T7690] [ 160.719908][ T7690] the existing dependency chain (in reverse order) is: [ 160.723596][ T7690] [ 160.723596][ T7690] -> #2 (nr_node_list_lock){+...}-{3:3}: [ 160.727156][ T7690] lock_acquire+0x120/0x360 [ 160.729741][ T7690] _raw_spin_lock_bh+0x36/0x50 [ 160.732835][ T7690] nr_rt_device_down+0xa9/0x720 [ 160.735653][ T7690] nr_device_event+0x137/0x150 [ 160.738685][ T7690] notifier_call_chain+0x1b3/0x3e0 [ 160.741942][ T7690] __dev_notify_flags+0x18d/0x2e0 [ 160.744831][ T7690] netif_change_flags+0xe8/0x1a0 [ 160.747669][ T7690] dev_change_flags+0x130/0x260 [ 160.750702][ T7690] dev_ioctl+0x7b4/0x1150 [ 160.753529][ T7690] sock_do_ioctl+0x22c/0x300 [ 160.756448][ T7690] sock_ioctl+0x576/0x790 [ 160.758927][ T7690] __se_sys_ioctl+0xfc/0x170 [ 160.761140][ T7690] do_syscall_64+0xfa/0x3b0 [ 160.763250][ T7690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.766412][ T7690] [ 160.766412][ T7690] -> #1 (nr_neigh_list_lock){+...}-{3:3}: [ 160.770381][ T7690] lock_acquire+0x120/0x360 [ 160.772552][ T7690] _raw_spin_lock_bh+0x36/0x50 [ 160.774764][ T7690] nr_remove_neigh+0x25/0xe0 [ 160.777003][ T7690] nr_add_node+0x1d9f/0x2570 [ 160.779390][ T7690] nr_rt_ioctl+0xc12/0xd50 [ 160.782063][ T7690] sock_do_ioctl+0xdc/0x300 [ 160.784723][ T7690] sock_ioctl+0x576/0x790 [ 160.786813][ T7690] __se_sys_ioctl+0xfc/0x170 [ 160.789038][ T7690] do_syscall_64+0xfa/0x3b0 [ 160.791262][ T7690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.794457][ T7690] [ 160.794457][ T7690] -> #0 (&nr_node->node_lock){+...}-{3:3}: [ 160.798717][ T7690] validate_chain+0xb9b/0x2140 [ 160.801124][ T7690] __lock_acquire+0xab9/0xd20 [ 160.803480][ T7690] lock_acquire+0x120/0x360 [ 160.805677][ T7690] _raw_spin_lock_bh+0x36/0x50 [ 160.808465][ T7690] nr_rt_device_down+0x12a/0x720 [ 160.811501][ T7690] nr_device_event+0x137/0x150 [ 160.814193][ T7690] notifier_call_chain+0x1b3/0x3e0 [ 160.816640][ T7690] __dev_notify_flags+0x18d/0x2e0 [ 160.819170][ T7690] netif_change_flags+0xe8/0x1a0 [ 160.821673][ T7690] dev_change_flags+0x130/0x260 [ 160.824422][ T7690] dev_ioctl+0x7b4/0x1150 [ 160.827158][ T7690] sock_do_ioctl+0x22c/0x300 [ 160.829395][ T7690] sock_ioctl+0x576/0x790 [ 160.831567][ T7690] __se_sys_ioctl+0xfc/0x170 [ 160.833797][ T7690] do_syscall_64+0xfa/0x3b0 [ 160.836129][ T7690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.839439][ T7690] [ 160.839439][ T7690] other info that might help us debug this: [ 160.839439][ T7690] [ 160.844406][ T7690] Chain exists of: [ 160.844406][ T7690] &nr_node->node_lock --> nr_neigh_list_lock --> nr_node_list_lock [ 160.844406][ T7690] [ 160.851003][ T7690] Possible unsafe locking scenario: [ 160.851003][ T7690] [ 160.855122][ T7690] CPU0 CPU1 [ 160.857534][ T7690] ---- ---- [ 160.859983][ T7690] lock(nr_node_list_lock); [ 160.862167][ T7690] lock(nr_neigh_list_lock); [ 160.865718][ T7690] lock(nr_node_list_lock); [ 160.869252][ T7690] lock(&nr_node->node_lock); [ 160.871562][ T7690] [ 160.871562][ T7690] *** DEADLOCK *** [ 160.871562][ T7690] [ 160.875088][ T7690] 3 locks held by syz.2.986/7690: [ 160.877569][ T7690] #0: ffffffff8f73c0c8 (rtnl_mutex){+.+.}-{4:4}, at: dev_ioctl+0x7a4/0x1150 [ 160.882388][ T7690] #1: ffffffff8f891898 (nr_neigh_list_lock){+...}-{3:3}, at: nr_rt_device_down+0x28/0x720 [ 160.886705][ T7690] #2: ffffffff8f8918f8 (nr_node_list_lock){+...}-{3:3}, at: nr_rt_device_down+0xa9/0x720 [ 160.890930][ T7690] [ 160.890930][ T7690] stack backtrace: [ 160.893995][ T7690] CPU: 0 UID: 0 PID: 7690 Comm: syz.2.986 Not tainted syzkaller #0 PREEMPT(full) [ 160.894018][ T7690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.894026][ T7690] Call Trace: [ 160.894035][ T7690] [ 160.894059][ T7690] dump_stack_lvl+0x189/0x250 [ 160.894102][ T7690] ? __pfx_dump_stack_lvl+0x10/0x10 [ 160.894118][ T7690] ? __pfx__printk+0x10/0x10 [ 160.894147][ T7690] ? print_lock_name+0xde/0x100 [ 160.894165][ T7690] print_circular_bug+0x2ee/0x310 [ 160.894182][ T7690] check_noncircular+0x134/0x160 [ 160.894198][ T7690] validate_chain+0xb9b/0x2140 [ 160.894216][ T7690] __lock_acquire+0xab9/0xd20 [ 160.894240][ T7690] ? nr_rt_device_down+0x12a/0x720 [ 160.894257][ T7690] lock_acquire+0x120/0x360 [ 160.894274][ T7690] ? nr_rt_device_down+0x12a/0x720 [ 160.894293][ T7690] ? nr_rt_device_down+0x12a/0x720 [ 160.894310][ T7690] _raw_spin_lock_bh+0x36/0x50 [ 160.894330][ T7690] ? nr_rt_device_down+0x12a/0x720 [ 160.894347][ T7690] nr_rt_device_down+0x12a/0x720 [ 160.894368][ T7690] nr_device_event+0x137/0x150 [ 160.894386][ T7690] notifier_call_chain+0x1b3/0x3e0 [ 160.894403][ T7690] __dev_notify_flags+0x18d/0x2e0 [ 160.894418][ T7690] ? __pfx___dev_notify_flags+0x10/0x10 [ 160.894432][ T7690] ? __dev_change_flags+0x4cc/0x6d0 [ 160.894447][ T7690] ? __pfx___dev_change_flags+0x10/0x10 [ 160.894460][ T7690] ? full_name_hash+0x92/0xe0 [ 160.894483][ T7690] netif_change_flags+0xe8/0x1a0 [ 160.894499][ T7690] dev_change_flags+0x130/0x260 [ 160.894514][ T7690] dev_ioctl+0x7b4/0x1150 [ 160.894536][ T7690] sock_do_ioctl+0x22c/0x300 [ 160.894556][ T7690] ? __pfx_sock_do_ioctl+0x10/0x10 [ 160.894574][ T7690] ? __lock_acquire+0xab9/0xd20 [ 160.894598][ T7690] sock_ioctl+0x576/0x790 [ 160.894658][ T7690] ? __pfx_sock_ioctl+0x10/0x10 [ 160.894676][ T7690] ? __fget_files+0x2a/0x420 [ 160.894694][ T7690] ? __fget_files+0x3a0/0x420 [ 160.894711][ T7690] ? __fget_files+0x2a/0x420 [ 160.894730][ T7690] ? bpf_lsm_file_ioctl+0x9/0x20 [ 160.894746][ T7690] ? __pfx_sock_ioctl+0x10/0x10 [ 160.894762][ T7690] __se_sys_ioctl+0xfc/0x170 [ 160.894778][ T7690] do_syscall_64+0xfa/0x3b0 [ 160.894793][ T7690] ? lockdep_hardirqs_on+0x9c/0x150 [ 160.894806][ T7690] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.894820][ T7690] ? clear_bhb_loop+0x60/0xb0 [ 160.894836][ T7690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.894850][ T7690] RIP: 0033:0x7fd55538ec29 [ 160.894880][ T7690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.894905][ T7690] RSP: 002b:00007fd55614a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.894921][ T7690] RAX: ffffffffffffffda RBX: 00007fd5555d5fa0 RCX: 00007fd55538ec29 [ 160.894932][ T7690] RDX: 0000200000000000 RSI: 0000000000008914 RDI: 0000000000000007 [ 160.894940][ T7690] RBP: 00007fd555411e41 R08: 0000000000000000 R09: 0000000000000000 [ 160.894949][ T7690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.894957][ T7690] R13: 00007fd5555d6038 R14: 00007fd5555d5fa0 R15: 00007ffd70e3c1c8 [ 160.894972][ T7690] 2025/09/21 07:41:25 executed programs: 1224 2025/09/21 07:41:30 executed programs: 1630 VM DIAGNOSIS: 07:41:22 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000036 RBX=0000000000000036 RCX=0000000000000000 RDX=00000000000003f8 RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000e9cf030 R8 =ffff888034100237 R9 =1ffff11006820046 R10=dffffc0000000000 R11=ffffffff85513ae0 R12=dffffc0000000000 R13=ffffffff99d0e8c8 R14=ffffffff9a003860 R15=0000000000000000 RIP=ffffffff85513b5c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fd55614a6c0 ffffffff 00c00000 GS =0000 ffff88808d007000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000200000000080 CR3=000000005542e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd70e3c550 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd70e3c6d6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd70e3c6d6 00007ffd70e3c6dc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd555412e6e ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd555412e7b ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd555412e75 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd555412e89 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd555412f0f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd555412fed ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000