Warning: Permanently added '10.128.0.88' (ED25519) to the list of known hosts. 2026/03/14 21:49:30 parsed 1 programs [ 73.786113][ T5831] cgroup: Unknown subsys name 'net' [ 73.871367][ T5831] cgroup: Unknown subsys name 'cpuset' [ 73.880751][ T5831] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.238732][ T5831] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 78.205800][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 78.882099][ T5861] chnl_net:caif_netlink_parms(): no params data found [ 78.970012][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.977772][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.985141][ T5861] bridge_slave_0: entered allmulticast mode [ 78.992546][ T5861] bridge_slave_0: entered promiscuous mode [ 79.002181][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.009818][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.017198][ T5861] bridge_slave_1: entered allmulticast mode [ 79.024667][ T5861] bridge_slave_1: entered promiscuous mode [ 79.079608][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.093988][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.130921][ T5861] team0: Port device team_slave_0 added [ 79.139385][ T5861] team0: Port device team_slave_1 added [ 79.168970][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.175897][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.202151][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.216658][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.223632][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.249531][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.300347][ T5861] hsr_slave_0: entered promiscuous mode [ 79.306998][ T5861] hsr_slave_1: entered promiscuous mode [ 79.451545][ T5861] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.463129][ T5861] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.472888][ T5861] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.483870][ T5861] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.515465][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.522816][ T5861] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.530491][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.537577][ T5861] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.602735][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.623725][ T77] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.632369][ T77] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.649824][ T5861] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.664472][ T1118] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.671636][ T1118] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.687801][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.694913][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.860515][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.911697][ T5861] veth0_vlan: entered promiscuous mode [ 79.925183][ T5861] veth1_vlan: entered promiscuous mode [ 79.959672][ T5861] veth0_macvtap: entered promiscuous mode [ 79.970035][ T5861] veth1_macvtap: entered promiscuous mode [ 79.994235][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.011422][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.028274][ T1118] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.037297][ T1118] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.047906][ T1118] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.057004][ T1118] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.198640][ T1118] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.262407][ T1118] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.329377][ T1118] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.415608][ T1118] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.440747][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.449047][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.456583][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.464921][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.473087][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 80.704954][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.713252][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.750526][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.758568][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2026/03/14 21:49:42 executed programs: 0 [ 82.809959][ T5150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.820667][ T5150] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.829766][ T5150] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.837944][ T5150] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.845850][ T5150] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.969104][ T1118] bridge_slave_1: left allmulticast mode [ 82.975256][ T1118] bridge_slave_1: left promiscuous mode [ 82.981915][ T1118] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.993016][ T1118] bridge_slave_0: left allmulticast mode [ 82.999956][ T1118] bridge_slave_0: left promiscuous mode [ 83.005632][ T1118] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.156354][ T1118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 83.167036][ T1118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.176778][ T1118] bond0 (unregistering): Released all slaves [ 83.308390][ T1118] hsr_slave_0: left promiscuous mode [ 83.319555][ T1118] hsr_slave_1: left promiscuous mode [ 83.325685][ T1118] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 83.333894][ T1118] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 83.342424][ T1118] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.351856][ T1118] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.368580][ T1118] veth1_macvtap: left promiscuous mode [ 83.374407][ T1118] veth0_macvtap: left promiscuous mode [ 83.380360][ T1118] veth1_vlan: left promiscuous mode [ 83.385793][ T1118] veth0_vlan: left promiscuous mode [ 83.683743][ T1118] team0 (unregistering): Port device team_slave_1 removed [ 83.719889][ T1118] team0 (unregistering): Port device team_slave_0 removed [ 83.860734][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 84.002710][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.028220][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.036869][ T5942] bridge_slave_0: entered allmulticast mode [ 84.046422][ T5942] bridge_slave_0: entered promiscuous mode [ 84.055897][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.063494][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.075384][ T5942] bridge_slave_1: entered allmulticast mode [ 84.083927][ T5942] bridge_slave_1: entered promiscuous mode [ 84.129734][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.144043][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.188675][ T5942] team0: Port device team_slave_0 added [ 84.200619][ T5942] team0: Port device team_slave_1 added [ 84.267292][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.278202][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.304603][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.321879][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.338151][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 84.367401][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.774285][ T5942] hsr_slave_0: entered promiscuous mode [ 84.799613][ T5942] hsr_slave_1: entered promiscuous mode [ 84.889299][ T5150] Bluetooth: hci0: command tx timeout [ 85.687935][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 85.702436][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 85.714824][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 85.727695][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.866162][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.896857][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.914369][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.921558][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.943139][ T1118] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.950374][ T1118] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.240252][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.328423][ T5942] veth0_vlan: entered promiscuous mode [ 86.345662][ T5942] veth1_vlan: entered promiscuous mode [ 86.401212][ T5942] veth0_macvtap: entered promiscuous mode [ 86.416058][ T5942] veth1_macvtap: entered promiscuous mode [ 86.451143][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.484123][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.506178][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.518713][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.541040][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.559359][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.640221][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.658871][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.704102][ T1118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.713152][ T1118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.740328][ T24] cfg80211: failed to load regulatory.db [ 86.789202][ T6044] [ 86.791548][ T6044] ====================================================== [ 86.798556][ T6044] WARNING: possible circular locking dependency detected [ 86.805573][ T6044] syzkaller #0 Not tainted [ 86.809967][ T6044] ------------------------------------------------------ [ 86.816961][ T6044] syz.0.17/6044 is trying to acquire lock: [ 86.822744][ T6044] ffff888079ae1c38 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0xaf/0x130 [ 86.831609][ T6044] [ 86.831609][ T6044] but task is already holding lock: [ 86.838961][ T6044] ffff8880362b8cf0 (&ctx->map_changing_lock){.+.+}-{4:4}, at: mfill_get_vma+0x162/0x660 [ 86.848686][ T6044] [ 86.848686][ T6044] which lock already depends on the new lock. [ 86.848686][ T6044] [ 86.859067][ T6044] [ 86.859067][ T6044] the existing dependency chain (in reverse order) is: [ 86.868064][ T6044] [ 86.868064][ T6044] -> #2 (&ctx->map_changing_lock){.+.+}-{4:4}: [ 86.876390][ T6044] down_read+0x47/0x2e0 [ 86.881052][ T6044] mfill_get_vma+0x162/0x660 [ 86.886150][ T6044] mfill_atomic_continue+0x189/0x12c0 [ 86.892028][ T6044] userfaultfd_ioctl+0x232d/0x4c70 [ 86.897650][ T6044] __se_sys_ioctl+0xfc/0x170 [ 86.902764][ T6044] do_syscall_64+0x14d/0xf80 [ 86.907856][ T6044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.914251][ T6044] [ 86.914251][ T6044] -> #1 (vm_lock){++++}-{0:0}: [ 86.921188][ T6044] __vma_start_exclude_readers+0x28a/0x940 [ 86.927503][ T6044] __vma_start_write+0xdc/0x290 [ 86.932870][ T6044] mprotect_fixup+0x5eb/0xa80 [ 86.938054][ T6044] setup_arg_pages+0x565/0xac0 [ 86.943329][ T6044] load_elf_binary+0xc5e/0x2980 [ 86.948683][ T6044] bprm_execve+0x949/0x1470 [ 86.953696][ T6044] kernel_execve+0x844/0x930 [ 86.958799][ T6044] try_to_run_init_process+0x13/0x60 [ 86.964593][ T6044] kernel_init+0xad/0x1d0 [ 86.969427][ T6044] ret_from_fork+0x51e/0xb90 [ 86.974532][ T6044] ret_from_fork_asm+0x1a/0x30 [ 86.979798][ T6044] [ 86.979798][ T6044] -> #0 (&mm->mmap_lock){++++}-{4:4}: [ 86.987339][ T6044] __lock_acquire+0x15a5/0x2cf0 [ 86.992700][ T6044] lock_acquire+0xf0/0x2e0 [ 86.997625][ T6044] __might_fault+0xcb/0x130 [ 87.002638][ T6044] userfaultfd_ioctl+0x2372/0x4c70 [ 87.008257][ T6044] __se_sys_ioctl+0xfc/0x170 [ 87.013350][ T6044] do_syscall_64+0x14d/0xf80 [ 87.018442][ T6044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.024840][ T6044] [ 87.024840][ T6044] other info that might help us debug this: [ 87.024840][ T6044] [ 87.035046][ T6044] Chain exists of: [ 87.035046][ T6044] &mm->mmap_lock --> vm_lock --> &ctx->map_changing_lock [ 87.035046][ T6044] [ 87.047982][ T6044] Possible unsafe locking scenario: [ 87.047982][ T6044] [ 87.055413][ T6044] CPU0 CPU1 [ 87.060757][ T6044] ---- ---- [ 87.066103][ T6044] rlock(&ctx->map_changing_lock); [ 87.071288][ T6044] lock(vm_lock); [ 87.077516][ T6044] lock(&ctx->map_changing_lock); [ 87.085128][ T6044] rlock(&mm->mmap_lock); [ 87.089536][ T6044] [ 87.089536][ T6044] *** DEADLOCK *** [ 87.089536][ T6044] [ 87.097660][ T6044] 2 locks held by syz.0.17/6044: [ 87.102573][ T6044] #0: ffff8880769c5808 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x1d1/0x500 [ 87.111787][ T6044] #1: ffff8880362b8cf0 (&ctx->map_changing_lock){.+.+}-{4:4}, at: mfill_get_vma+0x162/0x660 [ 87.121950][ T6044] [ 87.121950][ T6044] stack backtrace: [ 87.127838][ T6044] CPU: 0 UID: 0 PID: 6044 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 87.127855][ T6044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 87.127870][ T6044] Call Trace: [ 87.127877][ T6044] [ 87.127884][ T6044] dump_stack_lvl+0xe8/0x150 [ 87.127905][ T6044] print_circular_bug+0x2e1/0x300 [ 87.127923][ T6044] check_noncircular+0x12e/0x150 [ 87.127940][ T6044] __lock_acquire+0x15a5/0x2cf0 [ 87.127962][ T6044] ? mfill_get_vma+0x392/0x660 [ 87.127981][ T6044] ? mfill_atomic_continue+0x1054/0x12c0 [ 87.127996][ T6044] ? unwind_get_return_address+0x4d/0x90 [ 87.128012][ T6044] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 87.128029][ T6044] ? arch_stack_walk+0xfb/0x150 [ 87.128046][ T6044] lock_acquire+0xf0/0x2e0 [ 87.128065][ T6044] ? __might_fault+0xaf/0x130 [ 87.128087][ T6044] ? __might_fault+0xaf/0x130 [ 87.128106][ T6044] __might_fault+0xcb/0x130 [ 87.128124][ T6044] ? __might_fault+0xaf/0x130 [ 87.128143][ T6044] userfaultfd_ioctl+0x2372/0x4c70 [ 87.128162][ T6044] ? __kasan_slab_free+0x5c/0x80 [ 87.128174][ T6044] ? kfree+0x1c5/0x650 [ 87.128197][ T6044] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 87.128225][ T6044] ? kasan_quarantine_put+0xbb/0x1f0 [ 87.128247][ T6044] ? tomoyo_path_number_perm+0x219/0x630 [ 87.128266][ T6044] ? tomoyo_path_number_perm+0x219/0x630 [ 87.128284][ T6044] ? do_vfs_ioctl+0x1166/0x1530 [ 87.128299][ T6044] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 87.128316][ T6044] ? do_futex+0x395/0x420 [ 87.128334][ T6044] ? __se_sys_futex+0x3a8/0x450 [ 87.128348][ T6044] ? exc_page_fault+0x6a/0xc0 [ 87.128368][ T6044] ? __pfx___se_sys_futex+0x10/0x10 [ 87.128382][ T6044] ? bpf_lsm_file_ioctl+0x9/0x20 [ 87.128396][ T6044] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 87.128415][ T6044] __se_sys_ioctl+0xfc/0x170 [ 87.128430][ T6044] do_syscall_64+0x14d/0xf80 [ 87.128442][ T6044] ? trace_irq_disable+0x3b/0x150 [ 87.128459][ T6044] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.128473][ T6044] ? clear_bhb_loop+0x40/0x90 [ 87.128489][ T6044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.128509][ T6044] RIP: 0033:0x7f64a0d9c799 [ 87.128526][ T6044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 87.128539][ T6044] RSP: 002b:00007fffa8d247f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.128553][ T6044] RAX: ffffffffffffffda RBX: 00007f64a1015fa0 RCX: 00007f64a0d9c799 [ 87.128564][ T6044] RDX: 0000200000000080 RSI: 00000000c020aa07 RDI: 0000000000000003 [ 87.128574][ T6044] RBP: 00007f64a0e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 87.128583][ T6044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 87.128591][ T6044] R13: 00007f64a1015fac R14: 00007f64a1015fa0 R15: 00007f64a1015fa0 [ 87.128607][ T6044] [ 87.430423][ T5150] Bluetooth: hci0: command tx timeout [ 89.448043][ T5150] Bluetooth: hci0: command tx timeout [ 91.528660][ T5150] Bluetooth: hci0: command tx timeout