Warning: Permanently added '10.128.1.192' (ED25519) to the list of known hosts.
2025/08/18 16:21:02 ignoring optional flag "sandboxArg"="0"
2025/08/18 16:21:03 parsed 1 programs
[   91.014772][ T4637] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   93.033055][ T4664] chnl_net:caif_netlink_parms(): no params data found
[   93.078040][ T4664] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.085521][ T4664] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.093318][ T4664] device bridge_slave_0 entered promiscuous mode
[   93.101538][ T4664] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.108771][ T4664] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.117212][ T4664] device bridge_slave_1 entered promiscuous mode
[   93.157319][ T4664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.171910][ T4664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.209462][ T4664] team0: Port device team_slave_0 added
[   93.217433][ T4664] team0: Port device team_slave_1 added
[   93.238226][ T4664] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.245391][ T4664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.271894][ T4664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.284135][ T4664] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.291508][ T4664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.318566][ T4664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.349719][ T4664] device hsr_slave_0 entered promiscuous mode
[   93.356901][ T4664] device hsr_slave_1 entered promiscuous mode
[   93.932694][ T4664] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.943349][ T4664] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.960970][ T4664] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.975732][ T4664] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.058964][ T4664] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.076498][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   94.087363][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   94.101596][ T4664] 8021q: adding VLAN 0 to HW filter on device team0
[   94.112842][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.122361][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   94.132130][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.139220][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.148331][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   94.170800][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   94.181255][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   94.191310][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.198510][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.212524][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   94.221788][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   94.261608][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   94.272016][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   94.283151][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   94.293141][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   94.301757][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   94.312058][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   94.320846][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   94.329396][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   94.341870][ T4664] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   94.361664][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   94.524245][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   94.532915][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   94.546397][ T4664] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.567753][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   94.577589][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.597594][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   94.606560][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   94.621151][ T4664] device veth0_vlan entered promiscuous mode
[   94.631898][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   94.640058][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   94.650847][ T4664] device veth1_vlan entered promiscuous mode
[   94.674274][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   94.684681][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   94.694220][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   94.704171][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.715787][ T4664] device veth0_macvtap entered promiscuous mode
[   94.727790][ T4664] device veth1_macvtap entered promiscuous mode
[   94.747134][ T4664] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.754920][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   94.764019][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   94.772720][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   94.782109][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.794097][ T4664] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.804461][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   94.813269][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.824687][ T4664] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.833792][ T4664] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.843529][ T4664] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.852571][ T4664] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.960571][   T55] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.404254][   T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.413297][   T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.421665][   T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.429911][   T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.438010][   T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   95.445540][   T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   95.836879][ T1116] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.857649][ T1116] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.882075][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   95.894330][ T1116] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.903757][ T1116] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.914486][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/08/18 16:21:11 executed programs: 0
[   96.971511][   T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.983003][   T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.992186][   T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.001791][   T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.009303][   T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   97.018342][   T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.162311][   T55] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.195916][ T4843] chnl_net:caif_netlink_parms(): no params data found
[   97.268534][ T4843] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.276841][ T4843] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.287269][ T4843] device bridge_slave_0 entered promiscuous mode
[   97.297451][ T4843] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.306167][ T4843] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.316031][ T4843] device bridge_slave_1 entered promiscuous mode
[   97.345521][ T4843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.358028][ T4843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.392728][ T4843] team0: Port device team_slave_0 added
[   97.401912][ T4843] team0: Port device team_slave_1 added
[   97.426787][ T4843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.434156][ T4843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.460671][ T4843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.473048][ T4843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.480006][ T4843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.507160][ T4843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.544288][ T4843] device hsr_slave_0 entered promiscuous mode
[   97.551440][ T4843] device hsr_slave_1 entered promiscuous mode
[   97.557985][ T4843] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.565830][ T4843] Cannot create hsr debugfs directory
[   99.090661][   T47] Bluetooth: hci0: command 0x0409 tx timeout
[   99.675572][   T55] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.737809][   T55] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.546565][   T55] device hsr_slave_0 left promiscuous mode
[  100.553313][   T55] device hsr_slave_1 left promiscuous mode
[  100.559981][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.570291][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.578225][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.588247][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.596463][   T55] device bridge_slave_1 left promiscuous mode
[  100.605063][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.615741][   T55] device bridge_slave_0 left promiscuous mode
[  100.624317][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.649919][   T55] device veth1_macvtap left promiscuous mode
[  100.656308][   T55] device veth0_macvtap left promiscuous mode
[  100.664719][   T55] device veth1_vlan left promiscuous mode
[  100.671350][   T55] device veth0_vlan left promiscuous mode
[  100.994498][   T55] team0 (unregistering): Port device team_slave_1 removed
[  101.023717][   T55] team0 (unregistering): Port device team_slave_0 removed
[  101.051503][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.081188][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.170837][   T47] Bluetooth: hci0: command 0x041b tx timeout
[  101.341847][   T55] bond0 (unregistering): Released all slaves
[  101.408772][ T4843] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  101.419691][ T4843] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  101.429151][ T4843] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  101.437922][ T4843] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.507006][ T4843] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.518346][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  101.526701][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.551428][ T4843] 8021q: adding VLAN 0 to HW filter on device team0
[  101.560712][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  101.569345][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.578327][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.585568][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.600828][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  101.609957][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  101.621438][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.630008][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.637137][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.647838][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.657846][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.666819][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.675552][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.684187][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.695221][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.704138][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.717420][ T4843] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  101.728366][ T4843] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  101.741319][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.749683][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.758583][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.767714][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.776726][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  101.882713][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.890710][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.904179][ T4843] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.923998][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  101.936611][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.976505][ T4843] device veth0_vlan entered promiscuous mode
[  101.989461][ T4843] device veth1_vlan entered promiscuous mode
[  102.001717][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  102.010689][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  102.019324][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  102.029665][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  102.040511][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  102.058729][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  102.067473][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  102.076651][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  102.093191][ T4843] device veth0_macvtap entered promiscuous mode
[  102.109685][ T4843] device veth1_macvtap entered promiscuous mode
[  102.137051][ T4843] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.145535][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  102.154085][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  102.162689][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  102.171812][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  102.185580][ T4843] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.194406][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  102.203219][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  102.213846][ T4843] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.223584][ T4843] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.232395][ T4843] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.241296][ T4843] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.286470][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.307422][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.313032][ T1116] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.317696][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2025/08/18 16:21:17 executed programs: 2
[  102.330193][ T1116] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.339362][ T1116] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  102.391745][ T5089] ------------[ cut here ]------------
[  102.397463][ T5089] WARNING: CPU: 0 PID: 5089 at include/net/mac80211.h:6657 minstrel_ht_update_caps+0x467/0x18a0
[  102.408110][ T5089] Modules linked in:
[  102.412054][ T5089] CPU: 0 PID: 5089 Comm: syz.0.16 Not tainted 6.1.148-syzkaller #0
[  102.420029][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.430234][ T5089] RIP: 0010:minstrel_ht_update_caps+0x467/0x18a0
[  102.436751][ T5089] Code: 2b e8 ed cc e4 f7 48 c1 fd 38 49 bf 00 00 00 00 00 fc ff df 48 8b 5c 24 18 4c 8b 64 24 10 eb 13 e8 ce cc e4 f7 4c 8b 64 24 10 <0f> 0b 31 ed 48 8b 5c 24 18 48 8d 44 6d 00 4d 8d 24 84 4c 89 e0 48
[  102.456677][ T5089] RSP: 0018:ffffc90003727008 EFLAGS: 00010293
[  102.462984][ T5089] RAX: ffffffff8999eba2 RBX: ffff888068fd3380 RCX: ffff888021668000
[  102.471109][ T5089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  102.479119][ T5089] RBP: 0b00000000000000 R08: 0000000000000001 R09: 0000000000000000
[  102.487151][ T5089] R10: 0000000000000000 R11: 0000000000000540 R12: ffff888068fd5ed8
[  102.495170][ T5089] R13: 1ffff1100d1fa670 R14: ffff8880737b4fe8 R15: dffffc0000000000
[  102.503341][ T5089] FS:  00007f827e0ab6c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  102.512516][ T5089] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  102.519100][ T5089] CR2: 0000200000001080 CR3: 0000000068399000 CR4: 00000000003506f0
[  102.527131][ T5089] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  102.535152][ T5089] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  102.543439][ T5089] Call Trace:
[  102.546810][ T5089]  <TASK>
[  102.549733][ T5089]  ? __rwlock_init+0x140/0x140
[  102.554593][ T5089]  ? minstrel_ht_alloc_sta+0x20/0x20
[  102.559892][ T5089]  rate_control_rate_init+0x39c/0x5c0
[  102.565309][ T5089]  ? rate_control_rate_init+0xe0/0x5c0
[  102.570806][ T5089]  sta_apply_auth_flags+0x1c2/0x400
[  102.576128][ T5089]  sta_apply_parameters+0xd4b/0x1430
[  102.581823][ T5089]  ieee80211_add_station+0x392/0x5d0
[  102.587133][ T5089]  rdev_add_station+0x10c/0x2d0
[  102.592029][ T5089]  ? mutex_unlock+0x10/0x10
[  102.596541][ T5089]  nl80211_new_station+0x15ef/0x1a00
[  102.601886][ T5089]  ? nl80211_set_station+0x1700/0x1700
[  102.607355][ T5089]  ? netdev_run_todo+0xcfb/0xd60
[  102.612367][ T5089]  ? nl80211_pre_doit+0x4da/0x910
[  102.617413][ T5089]  genl_family_rcv_msg_doit+0x22e/0x320
[  102.623044][ T5089]  ? end_current_label_crit_section+0x170/0x170
[  102.629303][ T5089]  ? genl_family_rcv_msg_dumpit+0x340/0x340
[  102.635268][ T5089]  ? bpf_lsm_capable+0x5/0x10
[  102.639967][ T5089]  ? security_capable+0x85/0xb0
[  102.644968][ T5089]  genl_rcv_msg+0x5f2/0x780
[  102.649616][ T5089]  ? genl_bind+0x350/0x350
[  102.654100][ T5089]  ? nl80211_set_station+0x1700/0x1700
[  102.659585][ T5089]  netlink_rcv_skb+0x1de/0x420
[  102.664405][ T5089]  ? genl_bind+0x350/0x350
[  102.668880][ T5089]  ? netlink_ack+0x1130/0x1130
[  102.673696][ T5089]  ? down_read+0x1a8/0x2d0
[  102.678228][ T5089]  genl_rcv+0x24/0x40
[  102.682443][ T5089]  netlink_unicast+0x74d/0x8d0
[  102.687318][ T5089]  netlink_sendmsg+0x89e/0xbc0
[  102.692129][ T5089]  ? netlink_getsockopt+0x540/0x540
[  102.697347][ T5089]  ? aa_sock_msg_perm+0x94/0x150
[  102.702357][ T5089]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  102.707655][ T5089]  ? security_socket_sendmsg+0x7c/0xa0
[  102.713158][ T5089]  ? netlink_getsockopt+0x540/0x540
[  102.718361][ T5089]  ____sys_sendmsg+0x592/0x8f0
[  102.723168][ T5089]  ? __sys_sendmsg_sock+0x30/0x30
[  102.728471][ T5089]  ? __import_iovec+0x315/0x500
[  102.733389][ T5089]  ? import_iovec+0x6f/0xa0
[  102.737916][ T5089]  ___sys_sendmsg+0x21c/0x290
[  102.742726][ T5089]  ? __sys_sendmsg+0x270/0x270
[  102.747505][ T5089]  ? put_user_ifreq+0x81/0xb0
[  102.752241][ T5089]  ? __fdget+0x17c/0x200
[  102.756504][ T5089]  __se_sys_sendmsg+0x19e/0x270
[  102.761401][ T5089]  ? __x64_sys_sendmsg+0x80/0x80
[  102.766354][ T5089]  ? lockdep_hardirqs_on+0x94/0x140
[  102.771597][ T5089]  do_syscall_64+0x4c/0xa0
[  102.776048][ T5089]  ? clear_bhb_loop+0x60/0xb0
[  102.780797][ T5089]  ? clear_bhb_loop+0x60/0xb0
[  102.785671][ T5089]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  102.791622][ T5089] RIP: 0033:0x7f827d18e969
[  102.796062][ T5089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.815907][ T5089] RSP: 002b:00007f827e0ab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.824456][ T5089] RAX: ffffffffffffffda RBX: 00007f827d3b5fa0 RCX: 00007f827d18e969
[  102.832475][ T5089] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000006
[  102.840578][ T5089] RBP: 00007f827d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  102.848646][ T5089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.856714][ T5089] R13: 0000000000000000 R14: 00007f827d3b5fa0 R15: 00007ffe20e7b638
[  102.864740][ T5089]  </TASK>
[  102.867754][ T5089] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  102.875120][ T5089] CPU: 0 PID: 5089 Comm: syz.0.16 Not tainted 6.1.148-syzkaller #0
[  102.882995][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.893121][ T5089] Call Trace:
[  102.896397][ T5089]  <TASK>
[  102.899312][ T5089]  dump_stack_lvl+0x168/0x22e
[  102.903997][ T5089]  ? memcpy+0x3c/0x60
[  102.907977][ T5089]  ? show_regs_print_info+0x12/0x12
[  102.913166][ T5089]  ? load_image+0x3b0/0x3b0
[  102.917773][ T5089]  panic+0x2c9/0x710
[  102.921766][ T5089]  ? bpf_jit_dump+0xd0/0xd0
[  102.926290][ T5089]  __warn+0x2f8/0x4f0
[  102.930315][ T5089]  ? minstrel_ht_update_caps+0x467/0x18a0
[  102.936023][ T5089]  ? minstrel_ht_update_caps+0x467/0x18a0
[  102.941745][ T5089]  report_bug+0x2ba/0x4f0
[  102.946095][ T5089]  ? minstrel_ht_update_caps+0x467/0x18a0
[  102.951806][ T5089]  handle_bug+0x3a/0x70
[  102.956077][ T5089]  exc_invalid_op+0x16/0x40
[  102.960566][ T5089]  asm_exc_invalid_op+0x16/0x20
[  102.965401][ T5089] RIP: 0010:minstrel_ht_update_caps+0x467/0x18a0
[  102.971732][ T5089] Code: 2b e8 ed cc e4 f7 48 c1 fd 38 49 bf 00 00 00 00 00 fc ff df 48 8b 5c 24 18 4c 8b 64 24 10 eb 13 e8 ce cc e4 f7 4c 8b 64 24 10 <0f> 0b 31 ed 48 8b 5c 24 18 48 8d 44 6d 00 4d 8d 24 84 4c 89 e0 48
[  102.991328][ T5089] RSP: 0018:ffffc90003727008 EFLAGS: 00010293
[  102.997386][ T5089] RAX: ffffffff8999eba2 RBX: ffff888068fd3380 RCX: ffff888021668000
[  103.005474][ T5089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  103.013480][ T5089] RBP: 0b00000000000000 R08: 0000000000000001 R09: 0000000000000000
[  103.021557][ T5089] R10: 0000000000000000 R11: 0000000000000540 R12: ffff888068fd5ed8
[  103.029526][ T5089] R13: 1ffff1100d1fa670 R14: ffff8880737b4fe8 R15: dffffc0000000000
[  103.038026][ T5089]  ? minstrel_ht_update_caps+0x462/0x18a0
[  103.043779][ T5089]  ? minstrel_ht_update_caps+0x462/0x18a0
[  103.049524][ T5089]  ? __rwlock_init+0x140/0x140
[  103.054298][ T5089]  ? minstrel_ht_alloc_sta+0x20/0x20
[  103.059594][ T5089]  rate_control_rate_init+0x39c/0x5c0
[  103.065174][ T5089]  ? rate_control_rate_init+0xe0/0x5c0
[  103.070732][ T5089]  sta_apply_auth_flags+0x1c2/0x400
[  103.075955][ T5089]  sta_apply_parameters+0xd4b/0x1430
[  103.081348][ T5089]  ieee80211_add_station+0x392/0x5d0
[  103.086803][ T5089]  rdev_add_station+0x10c/0x2d0
[  103.091667][ T5089]  ? mutex_unlock+0x10/0x10
[  103.096253][ T5089]  nl80211_new_station+0x15ef/0x1a00
[  103.101543][ T5089]  ? nl80211_set_station+0x1700/0x1700
[  103.106997][ T5089]  ? netdev_run_todo+0xcfb/0xd60
[  103.111977][ T5089]  ? nl80211_pre_doit+0x4da/0x910
[  103.117015][ T5089]  genl_family_rcv_msg_doit+0x22e/0x320
[  103.122563][ T5089]  ? end_current_label_crit_section+0x170/0x170
[  103.128806][ T5089]  ? genl_family_rcv_msg_dumpit+0x340/0x340
[  103.134709][ T5089]  ? bpf_lsm_capable+0x5/0x10
[  103.139398][ T5089]  ? security_capable+0x85/0xb0
[  103.144247][ T5089]  genl_rcv_msg+0x5f2/0x780
[  103.148754][ T5089]  ? genl_bind+0x350/0x350
[  103.153181][ T5089]  ? nl80211_set_station+0x1700/0x1700
[  103.158656][ T5089]  netlink_rcv_skb+0x1de/0x420
[  103.163495][ T5089]  ? genl_bind+0x350/0x350
[  103.167941][ T5089]  ? netlink_ack+0x1130/0x1130
[  103.172732][ T5089]  ? down_read+0x1a8/0x2d0
[  103.177166][ T5089]  genl_rcv+0x24/0x40
[  103.181345][ T5089]  netlink_unicast+0x74d/0x8d0
[  103.186268][ T5089]  netlink_sendmsg+0x89e/0xbc0
[  103.191131][ T5089]  ? netlink_getsockopt+0x540/0x540
[  103.196340][ T5089]  ? aa_sock_msg_perm+0x94/0x150
[  103.201450][ T5089]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  103.206759][ T5089]  ? security_socket_sendmsg+0x7c/0xa0
[  103.212209][ T5089]  ? netlink_getsockopt+0x540/0x540
[  103.217415][ T5089]  ____sys_sendmsg+0x592/0x8f0
[  103.222171][ T5089]  ? __sys_sendmsg_sock+0x30/0x30
[  103.227269][ T5089]  ? __import_iovec+0x315/0x500
[  103.232107][ T5089]  ? import_iovec+0x6f/0xa0
[  103.236767][ T5089]  ___sys_sendmsg+0x21c/0x290
[  103.241427][ T5089]  ? __sys_sendmsg+0x270/0x270
[  103.246209][ T5089]  ? put_user_ifreq+0x81/0xb0
[  103.250876][ T5089]  ? __fdget+0x17c/0x200
[  103.255105][ T5089]  __se_sys_sendmsg+0x19e/0x270
[  103.259973][ T5089]  ? __x64_sys_sendmsg+0x80/0x80
[  103.264932][ T5089]  ? lockdep_hardirqs_on+0x94/0x140
[  103.270220][ T5089]  do_syscall_64+0x4c/0xa0
[  103.272450][   T47] Bluetooth: hci0: command 0x040f tx timeout
[  103.280710][ T5089]  ? clear_bhb_loop+0x60/0xb0
[  103.285399][ T5089]  ? clear_bhb_loop+0x60/0xb0
[  103.290260][ T5089]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  103.296147][ T5089] RIP: 0033:0x7f827d18e969
[  103.300564][ T5089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.320421][ T5089] RSP: 002b:00007f827e0ab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.328825][ T5089] RAX: ffffffffffffffda RBX: 00007f827d3b5fa0 RCX: 00007f827d18e969
[  103.336779][ T5089] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000006
[  103.344750][ T5089] RBP: 00007f827d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  103.352715][ T5089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  103.360665][ T5089] R13: 0000000000000000 R14: 00007f827d3b5fa0 R15: 00007ffe20e7b638
[  103.368632][ T5089]  </TASK>
[  103.371961][ T5089] Kernel Offset: disabled
[  103.376339][ T5089] Rebooting in 86400 seconds..