Warning: Permanently added '10.128.1.188' (ED25519) to the list of known hosts.
2025/07/31 03:36:42 ignoring optional flag "sandboxArg"="0"
2025/07/31 03:36:43 parsed 1 programs
[  103.411719][  T787] cfg80211: failed to load regulatory.db
[  104.482849][ T5793] cgroup: Unknown subsys name 'net'
[  104.651340][ T5793] cgroup: Unknown subsys name 'rlimit'
[  106.519003][ T5793] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  109.324784][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.337543][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.377427][ T1003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.386154][ T1003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.218537][ T5831] chnl_net:caif_netlink_parms(): no params data found
[  110.316813][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.326403][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.334485][ T5831] bridge_slave_0: entered allmulticast mode
[  110.343031][ T5831] bridge_slave_0: entered promiscuous mode
[  110.355483][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.364024][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.372157][ T5831] bridge_slave_1: entered allmulticast mode
[  110.380494][ T5831] bridge_slave_1: entered promiscuous mode
[  110.421483][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.434988][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.482893][ T5831] team0: Port device team_slave_0 added
[  110.496422][ T5831] team0: Port device team_slave_1 added
[  110.531293][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.539566][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.571897][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.586548][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.594561][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.622243][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.676601][ T5831] hsr_slave_0: entered promiscuous mode
[  110.683562][ T5831] hsr_slave_1: entered promiscuous mode
[  110.875858][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.901123][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.913961][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.925853][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  111.053643][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.090561][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[  111.116666][ T1003] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.125263][ T1003] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.143446][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.152879][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.463425][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.544615][ T5831] veth0_vlan: entered promiscuous mode
[  111.564893][ T5831] veth1_vlan: entered promiscuous mode
[  111.613149][ T5831] veth0_macvtap: entered promiscuous mode
[  111.628985][ T5831] veth1_macvtap: entered promiscuous mode
[  111.651338][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.668374][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.682851][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.692517][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.703539][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.714283][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.887492][   T34] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.888216][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  111.910577][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  111.919332][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  111.929358][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  111.940018][ T5853] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  111.954059][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/07/31 03:36:56 executed programs: 0
[  114.444474][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  114.458860][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  114.471343][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  114.482713][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  114.492302][ T5853] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  114.500834][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  114.681182][   T34] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.701915][ T5895] chnl_net:caif_netlink_parms(): no params data found
[  114.781654][ T5895] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.789002][ T5895] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.797724][ T5895] bridge_slave_0: entered allmulticast mode
[  114.805602][ T5895] bridge_slave_0: entered promiscuous mode
[  114.815349][ T5895] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.823071][ T5895] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.830533][ T5895] bridge_slave_1: entered allmulticast mode
[  114.837640][ T5895] bridge_slave_1: entered promiscuous mode
[  114.874124][ T5895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.886576][ T5895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.924571][ T5895] team0: Port device team_slave_0 added
[  114.934466][ T5895] team0: Port device team_slave_1 added
[  114.967634][ T5895] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.975928][ T5895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.002616][ T5895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.015027][ T5895] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.022611][ T5895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.050465][ T5895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.103618][ T5895] hsr_slave_0: entered promiscuous mode
[  115.110922][ T5895] hsr_slave_1: entered promiscuous mode
[  115.117308][ T5895] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  115.126331][ T5895] Cannot create hsr debugfs directory
[  116.531007][ T5101] Bluetooth: hci0: command tx timeout
[  116.934774][   T34] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.006612][   T34] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.996779][ T5895] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  118.038775][ T5895] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  118.057777][ T5895] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  118.084102][   T34] hsr_slave_0: left promiscuous mode
[  118.094825][   T34] hsr_slave_1: left promiscuous mode
[  118.104045][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.114781][   T34] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.129037][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.141687][   T34] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.151472][   T34] bridge_slave_1: left allmulticast mode
[  118.158584][   T34] bridge_slave_1: left promiscuous mode
[  118.170769][   T34] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.188783][   T34] bridge_slave_0: left allmulticast mode
[  118.197653][   T34] bridge_slave_0: left promiscuous mode
[  118.207902][   T34] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.251951][   T34] veth1_macvtap: left promiscuous mode
[  118.262179][   T34] veth0_macvtap: left promiscuous mode
[  118.271879][   T34] veth1_vlan: left promiscuous mode
[  118.277811][   T34] veth0_vlan: left promiscuous mode
[  118.613286][ T5101] Bluetooth: hci0: command tx timeout
[  118.827165][   T34] team0 (unregistering): Port device team_slave_1 removed
[  118.865086][   T34] team0 (unregistering): Port device team_slave_0 removed
[  118.903762][   T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.943334][   T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.326336][   T34] bond0 (unregistering): Released all slaves
[  119.424057][ T5895] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  119.543483][ T5895] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.586767][ T5895] 8021q: adding VLAN 0 to HW filter on device team0
[  119.602535][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.609789][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.634584][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.642187][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.041465][ T5895] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.162789][ T5895] veth0_vlan: entered promiscuous mode
[  120.184209][ T5895] veth1_vlan: entered promiscuous mode
[  120.247421][ T5895] veth0_macvtap: entered promiscuous mode
[  120.272265][ T5895] veth1_macvtap: entered promiscuous mode
[  120.341949][ T5895] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.362832][ T5895] batman_adv: batadv0: Interface activated: batadv_slave_1
[  120.382536][ T5895] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.393217][ T5895] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.404601][ T5895] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.413913][ T5895] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.587034][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.595671][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.672648][ T3460] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.689481][ T5101] Bluetooth: hci0: command tx timeout
[  120.696808][ T3460] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/31 03:37:02 executed programs: 2
[  120.948225][   T43] 
[  120.951757][   T43] ======================================================
[  120.959843][   T43] WARNING: possible circular locking dependency detected
[  120.972135][   T43] 6.6.100-syzkaller #0 Not tainted
[  120.978512][   T43] ------------------------------------------------------
[  120.987666][   T43] kworker/u4:3/43 is trying to acquire lock:
[  120.994642][   T43] ffff8880b8e295a8 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0x15a/0x780
[  121.004808][   T43] 
[  121.004808][   T43] but task is already holding lock:
[  121.013004][   T43] ffff8880b8e297d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270
[  121.024673][   T43] 
[  121.024673][   T43] which lock already depends on the new lock.
[  121.024673][   T43] 
[  121.037637][   T43] 
[  121.037637][   T43] the existing dependency chain (in reverse order) is:
[  121.047382][   T43] 
[  121.047382][   T43] -> #1 (&base->lock){-.-.}-{2:2}:
[  121.055427][   T43]        _raw_spin_lock_irqsave+0xa8/0xf0
[  121.062810][   T43]        lock_timer_base+0x123/0x270
[  121.069139][   T43]        __mod_timer+0xf9/0xdb0
[  121.076714][   T43]        queue_delayed_work_on+0x12a/0x1e0
[  121.083468][   T43]        kvfree_call_rcu+0x541/0x780
[  121.090097][   T43]        rtnl_register_internal+0x486/0x590
[  121.097171][   T43]        rtnl_register+0x32/0x70
[  121.102607][   T43]        ip_rt_init+0x2ec/0x390
[  121.108269][   T43]        ip_init+0xe/0x20
[  121.112927][   T43]        inet_init+0x2c1/0x3e0
[  121.117977][   T43]        do_one_initcall+0x1fd/0x750
[  121.123567][   T43]        do_initcall_level+0x137/0x1f0
[  121.130042][   T43]        do_initcalls+0x69/0xd0
[  121.135781][   T43]        kernel_init_freeable+0x3d2/0x570
[  121.143348][   T43]        kernel_init+0x1d/0x1c0
[  121.149406][   T43]        ret_from_fork+0x48/0x80
[  121.156863][   T43]        ret_from_fork_asm+0x11/0x20
[  121.162622][   T43] 
[  121.162622][   T43] -> #0 (krc.lock){..-.}-{2:2}:
[  121.170650][   T43]        __lock_acquire+0x2ddb/0x7c80
[  121.176675][   T43]        lock_acquire+0x197/0x410
[  121.182598][   T43]        _raw_spin_lock+0x2e/0x40
[  121.188351][   T43]        kvfree_call_rcu+0x15a/0x780
[  121.193938][   T43]        trie_delete_elem+0x535/0x6a0
[  121.200335][   T43]        bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[  121.206827][   T43]        bpf_trace_run3+0x1e7/0x400
[  121.212233][   T43]        __bpf_trace_timer_start+0x14a/0x1b0
[  121.218751][   T43]        enqueue_timer+0x398/0x530
[  121.224163][   T43]        __mod_timer+0x977/0xdb0
[  121.229685][   T43]        addrconf_dad_completed+0x934/0xd40
[  121.236091][   T43]        addrconf_dad_work+0xc4e/0x14e0
[  121.241954][   T43]        process_scheduled_works+0xa45/0x15b0
[  121.248805][   T43]        worker_thread+0xa55/0xfc0
[  121.254421][   T43]        kthread+0x2fa/0x390
[  121.261621][   T43]        ret_from_fork+0x48/0x80
[  121.268333][   T43]        ret_from_fork_asm+0x11/0x20
[  121.274221][   T43] 
[  121.274221][   T43] other info that might help us debug this:
[  121.274221][   T43] 
[  121.284908][   T43]  Possible unsafe locking scenario:
[  121.284908][   T43] 
[  121.292373][   T43]        CPU0                    CPU1
[  121.297864][   T43]        ----                    ----
[  121.304567][   T43]   lock(&base->lock);
[  121.309015][   T43]                                lock(krc.lock);
[  121.317119][   T43]                                lock(&base->lock);
[  121.324792][   T43]   lock(krc.lock);
[  121.328970][   T43] 
[  121.328970][   T43]  *** DEADLOCK ***
[  121.328970][   T43] 
[  121.338740][   T43] 7 locks held by kworker/u4:3/43:
[  121.344161][   T43]  #0: ffff88802ca3e538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  121.358143][   T43]  #1: ffffc90000b3fd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  121.374218][   T43]  #2: ffffffff8dfbb188 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x14e0
[  121.386098][   T43]  #3: ffff888061185580 (&ndev->lock){++--}-{2:2}, at: addrconf_dad_completed+0x7c6/0xd40
[  121.397730][   T43]  #4: ffff88802d298040 (&ifa->lock){+...}-{2:2}, at: addrconf_dad_completed+0x7d4/0xd40
[  121.408333][   T43]  #5: ffff8880b8e297d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270
[  121.417983][   T43]  #6: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0xf4/0x400
[  121.427693][   T43] 
[  121.427693][   T43] stack backtrace:
[  121.433794][   T43] CPU: 0 PID: 43 Comm: kworker/u4:3 Not tainted 6.6.100-syzkaller #0
[  121.441914][   T43] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  121.452568][   T43] Workqueue: ipv6_addrconf addrconf_dad_work
[  121.459065][   T43] Call Trace:
[  121.462575][   T43]  <TASK>
[  121.465721][   T43]  dump_stack_lvl+0x16c/0x230
[  121.470632][   T43]  ? load_image+0x3b0/0x3b0
[  121.475264][   T43]  ? show_regs_print_info+0x20/0x20
[  121.481978][   T43]  ? print_circular_bug+0x12b/0x1a0
[  121.487855][   T43]  check_noncircular+0x2bd/0x3c0
[  121.492948][   T43]  ? print_deadlock_bug+0x5d0/0x5d0
[  121.498388][   T43]  ? lockdep_lock+0xe0/0x220
[  121.503014][   T43]  ? _find_first_zero_bit+0xd3/0x100
[  121.508709][   T43]  __lock_acquire+0x2ddb/0x7c80
[  121.513795][   T43]  ? verify_lock_unused+0x140/0x140
[  121.519139][   T43]  ? verify_lock_unused+0x140/0x140
[  121.524474][   T43]  lock_acquire+0x197/0x410
[  121.529472][   T43]  ? kvfree_call_rcu+0x15a/0x780
[  121.534470][   T43]  ? __virt_addr_valid+0x18c/0x540
[  121.539885][   T43]  ? read_lock_is_recursive+0x20/0x20
[  121.545380][   T43]  ? __virt_addr_valid+0x18c/0x540
[  121.550705][   T43]  ? __virt_addr_valid+0x18c/0x540
[  121.555942][   T43]  ? __virt_addr_valid+0x469/0x540
[  121.561277][   T43]  ? __phys_addr+0xba/0x170
[  121.566017][   T43]  _raw_spin_lock+0x2e/0x40
[  121.571730][   T43]  ? kvfree_call_rcu+0x15a/0x780
[  121.577317][   T43]  kvfree_call_rcu+0x15a/0x780
[  121.582661][   T43]  ? call_rcu+0x930/0x930
[  121.587466][   T43]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  121.593927][   T43]  ? _raw_spin_unlock+0x40/0x40
[  121.599459][   T43]  trie_delete_elem+0x535/0x6a0
[  121.604652][   T43]  bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[  121.610753][   T43]  bpf_trace_run3+0x1e7/0x400
[  121.616080][   T43]  ? bpf_trace_run3+0xf4/0x400
[  121.621510][   T43]  ? bpf_trace_run2+0x3c0/0x3c0
[  121.626996][   T43]  ? __bpf_trace_timer_start+0x133/0x1b0
[  121.634160][   T43]  __bpf_trace_timer_start+0x14a/0x1b0
[  121.641418][   T43]  ? __bpf_trace_timer_class+0x100/0x100
[  121.647996][   T43]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  121.654028][   T43]  ? _raw_spin_unlock+0x40/0x40
[  121.659880][   T43]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  121.665921][   T43]  ? _raw_spin_lock+0x40/0x40
[  121.670906][   T43]  enqueue_timer+0x398/0x530
[  121.676434][   T43]  __mod_timer+0x977/0xdb0
[  121.681900][   T43]  addrconf_dad_completed+0x934/0xd40
[  121.687999][   T43]  ? addrconf_dad_stop+0x430/0x430
[  121.693511][   T43]  addrconf_dad_work+0xc4e/0x14e0
[  121.699319][   T43]  ? ipv6_get_saddr_eval+0xee0/0xee0
[  121.705534][   T43]  ? read_lock_is_recursive+0x20/0x20
[  121.711285][   T43]  ? _raw_spin_unlock_irq+0x23/0x50
[  121.716818][   T43]  ? process_scheduled_works+0x957/0x15b0
[  121.723897][   T43]  ? process_scheduled_works+0x957/0x15b0
[  121.730297][   T43]  process_scheduled_works+0xa45/0x15b0
[  121.736254][   T43]  ? assign_work+0x400/0x400
[  121.741178][   T43]  ? assign_work+0x39e/0x400
[  121.746147][   T43]  worker_thread+0xa55/0xfc0
[  121.751075][   T43]  kthread+0x2fa/0x390
[  121.756648][   T43]  ? pr_cont_work+0x560/0x560
[  121.761781][   T43]  ? kthread_blkcg+0xd0/0xd0
[  121.768509][   T43]  ret_from_fork+0x48/0x80
[  121.773570][   T43]  ? kthread_blkcg+0xd0/0xd0
[  121.779914][   T43]  ret_from_fork_asm+0x11/0x20
[  121.785212][   T43]  </TASK>
[  122.769614][ T5101] Bluetooth: hci0: command tx timeout
2025/07/31 03:37:07 executed programs: 175
2025/07/31 03:37:12 executed programs: 413