Warning: Permanently added '10.128.1.18' (ED25519) to the list of known hosts. 2026/03/14 20:09:42 parsed 1 programs [ 86.854763][ T5834] cgroup: Unknown subsys name 'net' [ 87.009961][ T5834] cgroup: Unknown subsys name 'cpuset' [ 87.022478][ T5834] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 88.716988][ T5834] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.017657][ T92] cfg80211: failed to load regulatory.db [ 92.138837][ T5850] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 94.346721][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.359284][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.367296][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.376340][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.384563][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.861238][ T5898] chnl_net:caif_netlink_parms(): no params data found [ 94.963236][ T5898] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.972595][ T5898] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.980726][ T5898] bridge_slave_0: entered allmulticast mode [ 94.989840][ T5898] bridge_slave_0: entered promiscuous mode [ 95.000813][ T5898] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.008745][ T5898] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.017254][ T5898] bridge_slave_1: entered allmulticast mode [ 95.025353][ T5898] bridge_slave_1: entered promiscuous mode [ 95.062949][ T5898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.078572][ T5898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.113804][ T5898] team0: Port device team_slave_0 added [ 95.122989][ T5898] team0: Port device team_slave_1 added [ 95.153507][ T5898] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.161837][ T5898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.191083][ T5898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.205285][ T5898] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.212238][ T5898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.239720][ T5898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.292416][ T5898] hsr_slave_0: entered promiscuous mode [ 95.300096][ T5898] hsr_slave_1: entered promiscuous mode [ 95.479236][ T5898] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.494879][ T5898] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.507953][ T5898] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.519206][ T5898] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.562041][ T5898] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.570087][ T5898] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.578084][ T5898] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.585271][ T5898] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.667440][ T5898] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.691813][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.701485][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.720128][ T5898] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.736892][ T77] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.744415][ T77] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.762636][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.770280][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.996089][ T5898] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.060445][ T5898] veth0_vlan: entered promiscuous mode [ 96.074886][ T5898] veth1_vlan: entered promiscuous mode [ 96.117221][ T5898] veth0_macvtap: entered promiscuous mode [ 96.129589][ T5898] veth1_macvtap: entered promiscuous mode [ 96.158624][ T5898] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.176985][ T5898] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.196609][ T81] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.206724][ T81] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.219393][ T81] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.228559][ T81] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.388034][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.463080][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.540365][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.566194][ T137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.578349][ T137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.622842][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.640851][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.650799][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2026/03/14 20:09:56 executed programs: 0 [ 97.735738][ T5151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 97.745608][ T5151] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 97.753474][ T5151] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 97.763533][ T5151] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 97.772735][ T5151] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 97.944600][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 98.034843][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.042261][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.050161][ T5946] bridge_slave_0: entered allmulticast mode [ 98.057897][ T5946] bridge_slave_0: entered promiscuous mode [ 98.067083][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.074553][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.082647][ T5946] bridge_slave_1: entered allmulticast mode [ 98.090507][ T5946] bridge_slave_1: entered promiscuous mode [ 98.129091][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.142554][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.180121][ T5946] team0: Port device team_slave_0 added [ 98.188869][ T5946] team0: Port device team_slave_1 added [ 98.219343][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.226487][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.253585][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.267412][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.274696][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.302642][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.353148][ T5946] hsr_slave_0: entered promiscuous mode [ 98.360436][ T5946] hsr_slave_1: entered promiscuous mode [ 98.367738][ T5946] debugfs: 'hsr0' already exists in 'hsr' [ 98.373669][ T5946] Cannot create hsr debugfs directory [ 98.933681][ T35] bridge_slave_1: left allmulticast mode [ 98.939865][ T35] bridge_slave_1: left promiscuous mode [ 98.947018][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.957929][ T35] bridge_slave_0: left allmulticast mode [ 98.963664][ T35] bridge_slave_0: left promiscuous mode [ 98.971655][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.133274][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 99.144607][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 99.155681][ T35] bond0 (unregistering): Released all slaves [ 99.222303][ T35] hsr_slave_0: left promiscuous mode [ 99.230940][ T35] hsr_slave_1: left promiscuous mode [ 99.237399][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.244942][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.253086][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 99.261692][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 99.276376][ T35] veth1_macvtap: left promiscuous mode [ 99.281997][ T35] veth0_macvtap: left promiscuous mode [ 99.288391][ T35] veth1_vlan: left promiscuous mode [ 99.293818][ T35] veth0_vlan: left promiscuous mode [ 99.481436][ T35] team0 (unregistering): Port device team_slave_1 removed [ 99.498401][ T35] team0 (unregistering): Port device team_slave_0 removed [ 99.855677][ T51] Bluetooth: hci0: command tx timeout [ 100.041868][ T5946] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 100.067611][ T5946] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 100.084359][ T5946] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 100.102050][ T5946] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 100.679874][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.823169][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.847081][ T77] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.854598][ T77] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.881844][ T137] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.889222][ T137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.326229][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.401309][ T5946] veth0_vlan: entered promiscuous mode [ 101.423604][ T5946] veth1_vlan: entered promiscuous mode [ 101.498322][ T5946] veth0_macvtap: entered promiscuous mode [ 101.518397][ T5946] veth1_macvtap: entered promiscuous mode [ 101.546363][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.564656][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.589995][ T77] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.599594][ T77] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.611498][ T77] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.622723][ T77] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.710316][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.724122][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.753408][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.762786][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.807763][ T5992] [ 101.810226][ T5992] ====================================================== [ 101.817251][ T5992] WARNING: possible circular locking dependency detected [ 101.824283][ T5992] syzkaller #0 Not tainted [ 101.828788][ T5992] ------------------------------------------------------ [ 101.836172][ T5992] syz.0.17/5992 is trying to acquire lock: [ 101.842184][ T5992] ffff88803797a8b8 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0xaf/0x130 [ 101.851247][ T5992] [ 101.851247][ T5992] but task is already holding lock: [ 101.858751][ T5992] ffff888032724cf0 (&ctx->map_changing_lock){.+.+}-{4:4}, at: mfill_get_vma+0x162/0x660 [ 101.868594][ T5992] [ 101.868594][ T5992] which lock already depends on the new lock. [ 101.868594][ T5992] [ 101.879306][ T5992] [ 101.879306][ T5992] the existing dependency chain (in reverse order) is: [ 101.888408][ T5992] [ 101.888408][ T5992] -> #2 (&ctx->map_changing_lock){.+.+}-{4:4}: [ 101.896762][ T5992] down_read+0x47/0x2e0 [ 101.901531][ T5992] mfill_get_vma+0x162/0x660 [ 101.906653][ T5992] mfill_atomic_continue+0x189/0x12c0 [ 101.913000][ T5992] userfaultfd_ioctl+0x232d/0x4c70 [ 101.918754][ T5992] __se_sys_ioctl+0xfc/0x170 [ 101.924058][ T5992] do_syscall_64+0x14d/0xf80 [ 101.929185][ T5992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.935691][ T5992] [ 101.935691][ T5992] -> #1 (vm_lock){++++}-{0:0}: [ 101.942737][ T5992] __vma_start_exclude_readers+0x28a/0x940 [ 101.949160][ T5992] __vma_start_write+0xdc/0x290 [ 101.954539][ T5992] mprotect_fixup+0x5eb/0xa80 [ 101.959737][ T5992] setup_arg_pages+0x565/0xac0 [ 101.965112][ T5992] load_elf_binary+0xc5e/0x2980 [ 101.970569][ T5992] bprm_execve+0x949/0x1470 [ 101.975783][ T5992] kernel_execve+0x844/0x930 [ 101.981034][ T5992] try_to_run_init_process+0x13/0x60 [ 101.987019][ T5992] kernel_init+0xad/0x1d0 [ 101.991961][ T5992] ret_from_fork+0x51e/0xb90 [ 101.997073][ T5992] ret_from_fork_asm+0x1a/0x30 [ 102.002357][ T5992] [ 102.002357][ T5992] -> #0 (&mm->mmap_lock){++++}-{4:4}: [ 102.009963][ T5992] __lock_acquire+0x15a5/0x2cf0 [ 102.015350][ T5992] lock_acquire+0xf0/0x2e0 [ 102.020382][ T5992] __might_fault+0xcb/0x130 [ 102.025763][ T5992] userfaultfd_ioctl+0x2372/0x4c70 [ 102.031403][ T5992] __se_sys_ioctl+0xfc/0x170 [ 102.036622][ T5992] do_syscall_64+0x14d/0xf80 [ 102.041735][ T5992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.048325][ T5992] [ 102.048325][ T5992] other info that might help us debug this: [ 102.048325][ T5992] [ 102.059178][ T5992] Chain exists of: [ 102.059178][ T5992] &mm->mmap_lock --> vm_lock --> &ctx->map_changing_lock [ 102.059178][ T5992] [ 102.072401][ T5992] Possible unsafe locking scenario: [ 102.072401][ T5992] [ 102.079866][ T5992] CPU0 CPU1 [ 102.085404][ T5992] ---- ---- [ 102.090800][ T5992] rlock(&ctx->map_changing_lock); [ 102.096007][ T5992] lock(vm_lock); [ 102.102508][ T5992] lock(&ctx->map_changing_lock); [ 102.110386][ T5992] rlock(&mm->mmap_lock); [ 102.115064][ T5992] [ 102.115064][ T5992] *** DEADLOCK *** [ 102.115064][ T5992] [ 102.123291][ T5992] 2 locks held by syz.0.17/5992: [ 102.128222][ T5992] #0: ffff8880375dbd08 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x1d1/0x500 [ 102.137729][ T5992] #1: ffff888032724cf0 (&ctx->map_changing_lock){.+.+}-{4:4}, at: mfill_get_vma+0x162/0x660 [ 102.148111][ T5992] [ 102.148111][ T5992] stack backtrace: [ 102.154233][ T5992] CPU: 0 UID: 0 PID: 5992 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 102.154252][ T5992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 102.154261][ T5992] Call Trace: [ 102.154267][ T5992] [ 102.154274][ T5992] dump_stack_lvl+0xe8/0x150 [ 102.154299][ T5992] print_circular_bug+0x2e1/0x300 [ 102.154317][ T5992] check_noncircular+0x12e/0x150 [ 102.154335][ T5992] __lock_acquire+0x15a5/0x2cf0 [ 102.154358][ T5992] ? mfill_get_vma+0x392/0x660 [ 102.154374][ T5992] ? mfill_atomic_continue+0x1054/0x12c0 [ 102.154388][ T5992] ? unwind_get_return_address+0x4d/0x90 [ 102.154403][ T5992] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 102.154422][ T5992] ? arch_stack_walk+0xfb/0x150 [ 102.154439][ T5992] lock_acquire+0xf0/0x2e0 [ 102.154459][ T5992] ? __might_fault+0xaf/0x130 [ 102.154482][ T5992] ? __might_fault+0xaf/0x130 [ 102.154501][ T5992] __might_fault+0xcb/0x130 [ 102.154520][ T5992] ? __might_fault+0xaf/0x130 [ 102.154540][ T5992] userfaultfd_ioctl+0x2372/0x4c70 [ 102.154560][ T5992] ? __kasan_slab_free+0x5c/0x80 [ 102.154572][ T5992] ? kfree+0x1c5/0x650 [ 102.154595][ T5992] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 102.154623][ T5992] ? kasan_quarantine_put+0xbb/0x1f0 [ 102.154646][ T5992] ? tomoyo_path_number_perm+0x219/0x630 [ 102.154665][ T5992] ? tomoyo_path_number_perm+0x219/0x630 [ 102.154683][ T5992] ? do_vfs_ioctl+0x1166/0x1530 [ 102.154699][ T5992] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 102.154717][ T5992] ? do_futex+0x395/0x420 [ 102.154735][ T5992] ? __se_sys_futex+0x3a8/0x450 [ 102.154749][ T5992] ? exc_page_fault+0x6a/0xc0 [ 102.154770][ T5992] ? __pfx___se_sys_futex+0x10/0x10 [ 102.154784][ T5992] ? bpf_lsm_file_ioctl+0x9/0x20 [ 102.154799][ T5992] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 102.154818][ T5992] __se_sys_ioctl+0xfc/0x170 [ 102.154833][ T5992] do_syscall_64+0x14d/0xf80 [ 102.154853][ T5992] ? trace_irq_disable+0x3b/0x150 [ 102.154870][ T5992] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.154885][ T5992] ? clear_bhb_loop+0x40/0x90 [ 102.154901][ T5992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.154915][ T5992] RIP: 0033:0x7f743159c799 [ 102.154929][ T5992] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 102.154942][ T5992] RSP: 002b:00007fffce866018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 102.154958][ T5992] RAX: ffffffffffffffda RBX: 00007f7431815fa0 RCX: 00007f743159c799 [ 102.154969][ T5992] RDX: 0000200000000080 RSI: 00000000c020aa07 RDI: 0000000000000003 [ 102.154978][ T5992] RBP: 00007f7431632c99 R08: 0000000000000000 R09: 0000000000000000 [ 102.154988][ T5992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.154996][ T5992] R13: 00007f7431815fac R14: 00007f7431815fa0 R15: 00007f7431815fa0 [ 102.155012][ T5992] [ 102.443580][ T51] Bluetooth: hci0: command tx timeout [ 104.494110][ T51] Bluetooth: hci0: command tx timeout [ 106.574626][ T51] Bluetooth: hci0: command tx timeout