BUG: corrupted list in dst_destroy
list_del corruption, ffff8880207b6c90->next is NULL
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:53!
Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
CPU: 0 UID: 0 PID: 3 Comm: pool_workqueue_ Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:__list_del_entry_valid_or_report+0xdf/0x190 lib/list_debug.c:52
Code: 49 39 1f 0f 85 9e 00 00 00 b0 01 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 c7 c7 c0 d6 27 8c 48 89 de e8 e2 bf 6e fc 90 <0f> 0b 48 c7 c7 20 d7 27 8c 48 89 de e8 d0 bf 6e fc 90 0f 0b 4c 89
RSP: 0018:ffffc90000007d58 EFLAGS: 00010046
RAX: 0000000000000033 RBX: ffff8880207b6c90 RCX: d6e914f6c1fbe000
RDX: 0000000000000100 RSI: 0000000080000101 RDI: 0000000000000000
RBP: 0000000000000203 R08: ffffc90000007ae7 R09: 1ffff92000000f5c
R10: dffffc0000000000 R11: fffff52000000f5d R12: 1ffff110040f6d92
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff888125455000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000561fe62a7950 CR3: 0000000078762000 CR4: 00000000003526f0
Call Trace:
__list_del_entry_valid include/linux/list.h:132 [inline]
__list_del_entry include/linux/list.h:223 [inline]
list_del_init include/linux/list.h:295 [inline]
dst_destroy+0x202/0x5a0 net/core/dst.c:163
rcu_do_batch kernel/rcu/tree.c:2617 [inline]
rcu_core+0x7cd/0x1070 kernel/rcu/tree.c:2869
handle_softirqs+0x22a/0x870 kernel/softirq.c:626
__do_softirq kernel/softirq.c:660 [inline]
invoke_softirq kernel/softirq.c:496 [inline]
__irq_exit_rcu+0x5f/0x150 kernel/softirq.c:727
irq_exit_rcu+0x9/0x30 kernel/softirq.c:743
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lockdep_unregister_key+0x2d5/0x350 kernel/locking/lockdep.c:6616
Code: 41 0c 09 00 89 c6 48 c7 c7 50 07 25 96 e8 63 ad 0f 0a 90 e9 65 fe ff ff e8 b8 fc 0c 0a 41 f7 c7 00 02 00 00 74 b3 fb 40 84 ed <75> b2 eb c3 90 0f 0b 90 e9 26 ff ff ff 90 0f 0b 90 e9 2e ff ff ff
RSP: 0018:ffffc90000087c90 EFLAGS: 00000246
RAX: 0000000000000046 RBX: ffff888075c8e138 RCX: 0000000000000046
RDX: ffffffff93e082b8 RSI: ffffffff8df15d53 RDI: ffffffff8c27d380
RBP: ffff88801dad9e00 R08: ffffffff81af0be8 R09: ffffffff8e7605a0
R10: dffffc0000000000 R11: fffff52000010f8d R12: 0000000000000000
R13: ffff888075c8e139 R14: 0000000000001000 R15: 0000000000000a03
wq_unregister_lockdep kernel/workqueue.c:4906 [inline]
pwq_release_workfn+0x6ea/0x880 kernel/workqueue.c:5202
kthread_worker_fn+0x509/0xb70 kernel/kthread.c:1056
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__list_del_entry_valid_or_report+0xdf/0x190 lib/list_debug.c:52
Code: 49 39 1f 0f 85 9e 00 00 00 b0 01 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 c7 c7 c0 d6 27 8c 48 89 de e8 e2 bf 6e fc 90 <0f> 0b 48 c7 c7 20 d7 27 8c 48 89 de e8 d0 bf 6e fc 90 0f 0b 4c 89
RSP: 0018:ffffc90000007d58 EFLAGS: 00010046
RAX: 0000000000000033 RBX: ffff8880207b6c90 RCX: d6e914f6c1fbe000
RDX: 0000000000000100 RSI: 0000000080000101 RDI: 0000000000000000
RBP: 0000000000000203 R08: ffffc90000007ae7 R09: 1ffff92000000f5c
R10: dffffc0000000000 R11: fffff52000000f5d R12: 1ffff110040f6d92
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff888125455000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000561fe62a7950 CR3: 0000000078762000 CR4: 00000000003526f0
----------------
Code disassembly (best guess), 2 bytes skipped:
0: 09 00 or %eax,(%rax)
2: 89 c6 mov %eax,%esi
4: 48 c7 c7 50 07 25 96 mov $0xffffffff96250750,%rdi
b: e8 63 ad 0f 0a call 0xa0fad73
10: 90 nop
11: e9 65 fe ff ff jmp 0xfffffe7b
16: e8 b8 fc 0c 0a call 0xa0cfcd3
1b: 41 f7 c7 00 02 00 00 test $0x200,%r15d
22: 74 b3 je 0xffffffd7
24: fb sti
25: 40 84 ed test %bpl,%bpl
* 28: 75 b2 jne 0xffffffdc <-- trapping instruction
2a: eb c3 jmp 0xffffffef
2c: 90 nop
2d: 0f 0b ud2
2f: 90 nop
30: e9 26 ff ff ff jmp 0xffffff5b
35: 90 nop
36: 0f 0b ud2
38: 90 nop
39: e9 2e ff ff ff jmp 0xffffff6c
Warning: Permanently added '10.128.0.221' (ED25519) to the list of known hosts.
2026/02/26 12:34:19 parsed 1 programs
[ 76.403038][ T5817] cgroup: Unknown subsys name 'net'
[ 76.532343][ T5817] cgroup: Unknown subsys name 'cpuset'
[ 76.540831][ T5817] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 77.866287][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 80.467210][ T5829] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 80.849379][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 80.857603][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 80.867728][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 80.876989][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 80.885429][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 81.703917][ T5859] chnl_net:caif_netlink_parms(): no params data found
[ 81.782551][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.790107][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.797359][ T5859] bridge_slave_0: entered allmulticast mode
[ 81.805523][ T5859] bridge_slave_0: entered promiscuous mode
[ 81.844920][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.852777][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.860072][ T5859] bridge_slave_1: entered allmulticast mode
[ 81.867260][ T5859] bridge_slave_1: entered promiscuous mode
[ 81.912448][ T5859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.924815][ T5859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.965851][ T5859] team0: Port device team_slave_0 added
[ 81.974196][ T5859] team0: Port device team_slave_1 added
[ 82.001745][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.008744][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 82.035741][ T5859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.049879][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.056927][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 82.083370][ T5859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.136197][ T5859] hsr_slave_0: entered promiscuous mode
[ 82.142955][ T5859] hsr_slave_1: entered promiscuous mode
[ 82.286796][ T5859] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 82.299098][ T5859] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 82.309959][ T5859] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 82.320996][ T5859] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 82.352089][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.359699][ T5859] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 82.367459][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.374649][ T5859] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.434740][ T5859] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.454007][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 82.462888][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 82.480388][ T5859] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.494706][ T147] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.501838][ T147] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.515802][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.523046][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 82.691620][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 82.742601][ T5859] veth0_vlan: entered promiscuous mode
[ 82.756468][ T5859] veth1_vlan: entered promiscuous mode
[ 82.792174][ T5859] veth0_macvtap: entered promiscuous mode
[ 82.802431][ T5859] veth1_macvtap: entered promiscuous mode
[ 82.824720][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 82.841907][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 82.858083][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.869684][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.881485][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.891400][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.035874][ T48] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.134611][ T48] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.202973][ T48] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.290545][ T48] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.562956][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.571563][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.599742][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.607651][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/26 12:34:29 executed programs: 0
[ 84.844320][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 84.853055][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 84.860829][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 84.871008][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 84.880170][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 85.036534][ T5927] chnl_net:caif_netlink_parms(): no params data found
[ 85.117211][ T5927] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.124515][ T5927] bridge0: port 1(bridge_slave_0) entered disabled state
[ 85.131830][ T5927] bridge_slave_0: entered allmulticast mode
[ 85.139253][ T5927] bridge_slave_0: entered promiscuous mode
[ 85.147303][ T5927] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.155351][ T5927] bridge0: port 2(bridge_slave_1) entered disabled state
[ 85.162962][ T5927] bridge_slave_1: entered allmulticast mode
[ 85.170484][ T5927] bridge_slave_1: entered promiscuous mode
[ 85.204505][ T5927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 85.217377][ T5927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 85.252252][ T5927] team0: Port device team_slave_0 added
[ 85.260695][ T5927] team0: Port device team_slave_1 added
[ 85.290583][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 85.297528][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 85.324393][ T5927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 85.337890][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 85.345334][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 85.371296][ T5927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 85.462412][ T5927] hsr_slave_0: entered promiscuous mode
[ 85.470646][ T5927] hsr_slave_1: entered promiscuous mode
[ 85.477119][ T5927] debugfs: 'hsr0' already exists in 'hsr'
[ 85.483264][ T5927] Cannot create hsr debugfs directory
[ 85.590146][ T48] bridge_slave_1: left allmulticast mode
[ 85.596496][ T48] bridge_slave_1: left promiscuous mode
[ 85.603207][ T48] bridge0: port 2(bridge_slave_1) entered disabled state
[ 85.617205][ T48] bridge_slave_0: left allmulticast mode
[ 85.623282][ T48] bridge_slave_0: left promiscuous mode
[ 85.629429][ T48] bridge0: port 1(bridge_slave_0) entered disabled state
[ 85.817359][ T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 85.834443][ T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 85.845469][ T48] bond0 (unregistering): Released all slaves
[ 85.969595][ T48] hsr_slave_0: left promiscuous mode
[ 85.975729][ T48] hsr_slave_1: left promiscuous mode
[ 85.982684][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 85.990406][ T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 86.001551][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 86.009038][ T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 86.022811][ T48] veth1_macvtap: left promiscuous mode
[ 86.029105][ T48] veth0_macvtap: left promiscuous mode
[ 86.034730][ T48] veth1_vlan: left promiscuous mode
[ 86.040248][ T48] veth0_vlan: left promiscuous mode
[ 86.193533][ T48] team0 (unregistering): Port device team_slave_1 removed
[ 86.206673][ T48] team0 (unregistering): Port device team_slave_0 removed
[ 86.380567][ C0] list_del corruption, ffff8880207b6c90->next is NULL
[ 86.388154][ C0] ------------[ cut here ]------------
[ 86.393630][ C0] kernel BUG at lib/list_debug.c:53!
[ 86.399080][ C0] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 86.405349][ C0] CPU: 0 UID: 0 PID: 3 Comm: pool_workqueue_ Not tainted syzkaller #0 PREEMPT(full)
[ 86.414814][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 86.424893][ C0] RIP: 0010:__list_del_entry_valid_or_report+0xdf/0x190
[ 86.431866][ C0] Code: 49 39 1f 0f 85 9e 00 00 00 b0 01 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 c7 c7 c0 d6 27 8c 48 89 de e8 e2 bf 6e fc 90 <0f> 0b 48 c7 c7 20 d7 27 8c 48 89 de e8 d0 bf 6e fc 90 0f 0b 4c 89
[ 86.451482][ C0] RSP: 0018:ffffc90000007d58 EFLAGS: 00010046
[ 86.457558][ C0] RAX: 0000000000000033 RBX: ffff8880207b6c90 RCX: d6e914f6c1fbe000
[ 86.465518][ C0] RDX: 0000000000000100 RSI: 0000000080000101 RDI: 0000000000000000
[ 86.473560][ C0] RBP: 0000000000000203 R08: ffffc90000007ae7 R09: 1ffff92000000f5c
[ 86.481604][ C0] R10: dffffc0000000000 R11: fffff52000000f5d R12: 1ffff110040f6d92
[ 86.489560][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[ 86.497778][ C0] FS: 0000000000000000(0000) GS:ffff888125455000(0000) knlGS:0000000000000000
[ 86.506872][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.513441][ C0] CR2: 0000561fe62a7950 CR3: 0000000078762000 CR4: 00000000003526f0
[ 86.521404][ C0] Call Trace:
[ 86.524674][ C0]
[ 86.527501][ C0] dst_destroy+0x202/0x5a0
[ 86.531899][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 86.537696][ C0] ? rcu_core+0x751/0x1070
[ 86.542109][ C0] ? __pfx_dst_destroy_rcu+0x10/0x10
[ 86.547405][ C0] rcu_core+0x7cd/0x1070
[ 86.551637][ C0] ? __pfx_rcu_core+0x10/0x10
[ 86.556297][ C0] ? sched_clock_cpu+0x74/0x440
[ 86.561138][ C0] handle_softirqs+0x22a/0x870
[ 86.565899][ C0] ? __irq_exit_rcu+0x5f/0x150
[ 86.570656][ C0] __irq_exit_rcu+0x5f/0x150
[ 86.575234][ C0] irq_exit_rcu+0x9/0x30
[ 86.579559][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 86.585206][ C0]
[ 86.588127][ C0]
[ 86.591054][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 86.597021][ C0] RIP: 0010:lockdep_unregister_key+0x2d5/0x350
[ 86.603179][ C0] Code: 41 0c 09 00 89 c6 48 c7 c7 50 07 25 96 e8 63 ad 0f 0a 90 e9 65 fe ff ff e8 b8 fc 0c 0a 41 f7 c7 00 02 00 00 74 b3 fb 40 84 ed <75> b2 eb c3 90 0f 0b 90 e9 26 ff ff ff 90 0f 0b 90 e9 2e ff ff ff
[ 86.622768][ C0] RSP: 0018:ffffc90000087c90 EFLAGS: 00000246
[ 86.628845][ C0] RAX: 0000000000000046 RBX: ffff888075c8e138 RCX: 0000000000000046
[ 86.636853][ C0] RDX: ffffffff93e082b8 RSI: ffffffff8df15d53 RDI: ffffffff8c27d380
[ 86.644834][ C0] RBP: ffff88801dad9e00 R08: ffffffff81af0be8 R09: ffffffff8e7605a0
[ 86.652804][ C0] R10: dffffc0000000000 R11: fffff52000010f8d R12: 0000000000000000
[ 86.660768][ C0] R13: ffff888075c8e139 R14: 0000000000001000 R15: 0000000000000a03
[ 86.668730][ C0] ? __is_module_percpu_address+0x28/0x3f0
[ 86.674532][ C0] pwq_release_workfn+0x6ea/0x880
[ 86.679554][ C0] kthread_worker_fn+0x509/0xb70
[ 86.684491][ C0] ? kthread_worker_fn+0xe2/0xb70
[ 86.689513][ C0] ? __pfx_pwq_release_workfn+0x10/0x10
[ 86.695059][ C0] kthread+0x388/0x470
[ 86.699112][ C0] ? __pfx_kthread_worker_fn+0x10/0x10
[ 86.704782][ C0] ? __pfx_kthread+0x10/0x10
[ 86.709355][ C0] ret_from_fork+0x51e/0xb90
[ 86.713941][ C0] ? __pfx_ret_from_fork+0x10/0x10
[ 86.719044][ C0] ? __switch_to+0xc7d/0x1450
[ 86.723712][ C0] ? __pfx_kthread+0x10/0x10
[ 86.728292][ C0] ret_from_fork_asm+0x1a/0x30
[ 86.733053][ C0]
[ 86.736075][ C0] Modules linked in:
[ 86.739982][ C0] ---[ end trace 0000000000000000 ]---
[ 86.745441][ C0] RIP: 0010:__list_del_entry_valid_or_report+0xdf/0x190
[ 86.752375][ C0] Code: 49 39 1f 0f 85 9e 00 00 00 b0 01 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 c7 c7 c0 d6 27 8c 48 89 de e8 e2 bf 6e fc 90 <0f> 0b 48 c7 c7 20 d7 27 8c 48 89 de e8 d0 bf 6e fc 90 0f 0b 4c 89
[ 86.771973][ C0] RSP: 0018:ffffc90000007d58 EFLAGS: 00010046
[ 86.778114][ C0] RAX: 0000000000000033 RBX: ffff8880207b6c90 RCX: d6e914f6c1fbe000
[ 86.786073][ C0] RDX: 0000000000000100 RSI: 0000000080000101 RDI: 0000000000000000
[ 86.794027][ C0] RBP: 0000000000000203 R08: ffffc90000007ae7 R09: 1ffff92000000f5c
[ 86.801982][ C0] R10: dffffc0000000000 R11: fffff52000000f5d R12: 1ffff110040f6d92
[ 86.809942][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[ 86.817908][ C0] FS: 0000000000000000(0000) GS:ffff888125455000(0000) knlGS:0000000000000000
[ 86.826848][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.833434][ C0] CR2: 0000561fe62a7950 CR3: 0000000078762000 CR4: 00000000003526f0
[ 86.841494][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 86.849251][ C0] Kernel Offset: disabled
[ 86.853580][ C0] Rebooting in 86400 seconds..
syzkaller build log:
go env (err=)
AR='ar'
CC='gcc'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='g++'
GCCGO='gccgo'
GO111MODULE='auto'
GOAMD64='v1'
GOARCH='amd64'
GOAUTH='netrc'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build1447801724=/tmp/go-build -gno-record-gcc-switches'
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMOD='/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOMODCACHE='/syzkaller/jobs/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/syzkaller/.config/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.24.4'
GOWORK=''
PKG_CONFIG='pkg-config'
git status (err=)
HEAD detached at 4fb8ef376b2
nothing to commit, working tree clean
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=4fb8ef376b21a14e0ed92c40c92913ac567bd2a3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251121-171912" ./sys/syz-sysgen | grep -q false || go install -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=4fb8ef376b21a14e0ed92c40c92913ac567bd2a3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251121-171912" ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=4fb8ef376b21a14e0ed92c40c92913ac567bd2a3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251121-171912" -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"4fb8ef376b21a14e0ed92c40c92913ac567bd2a3\"
/usr/bin/ld: /tmp/cc7eE8AE.o: in function `Connection::Connect(char const*, char const*)':
executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEPKcS1_]+0x386): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
./tools/check-syzos.sh 2>/dev/null