Warning: Permanently added '10.128.1.128' (ED25519) to the list of known hosts.
2025/07/13 09:55:07 ignoring optional flag "sandboxArg"="0"
2025/07/13 09:55:08 parsed 1 programs
[   85.709976][ T5853] cgroup: Unknown subsys name 'net'
[   85.863097][ T5853] cgroup: Unknown subsys name 'cpuset'
[   85.873205][ T5853] cgroup: Unknown subsys name 'rlimit'
[   87.632690][ T5853] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   90.536626][ T5864] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   90.651603][ T5873] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   90.660073][ T5873] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   90.667823][ T5873] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   90.677868][ T5873] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   90.685950][ T5873] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   91.313904][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.322233][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.358660][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.366628][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.750695][  T981] cfg80211: failed to load regulatory.db
[   93.732160][ T5924] chnl_net:caif_netlink_parms(): no params data found
[   93.830423][ T5924] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.838048][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.846797][ T5924] bridge_slave_0: entered allmulticast mode
[   93.854482][ T5924] bridge_slave_0: entered promiscuous mode
[   93.870233][ T5924] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.877311][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.884859][ T5924] bridge_slave_1: entered allmulticast mode
[   93.892138][ T5924] bridge_slave_1: entered promiscuous mode
[   93.928620][ T5924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.941228][ T5924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.982273][ T5924] team0: Port device team_slave_0 added
[   93.997732][ T5924] team0: Port device team_slave_1 added
[   94.027318][ T5924] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.035670][ T5924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.061661][ T5924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.074577][ T5924] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.081560][ T5924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.107641][ T5924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.154846][ T5924] hsr_slave_0: entered promiscuous mode
[   94.161345][ T5924] hsr_slave_1: entered promiscuous mode
[   94.311472][ T5924] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.324214][ T5924] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.334932][ T5924] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.344977][ T5924] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.374042][ T5924] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.381252][ T5924] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.389016][ T5924] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.396155][ T5924] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.451007][ T5924] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.468948][ T4222] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.477869][ T4222] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.492628][ T5924] 8021q: adding VLAN 0 to HW filter on device team0
[   94.506173][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.513486][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.527865][ T4222] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.534991][ T4222] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.718157][ T5924] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.761406][ T5924] veth0_vlan: entered promiscuous mode
[   94.773299][ T5924] veth1_vlan: entered promiscuous mode
[   94.804250][ T5924] veth0_macvtap: entered promiscuous mode
[   94.814987][ T5924] veth1_macvtap: entered promiscuous mode
[   94.833962][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.847479][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.865749][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.874880][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.887423][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.896945][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.011757][ T5924] syz-executor (5924) used greatest stack depth: 18936 bytes left
[   95.040771][ T4222] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.129893][ T4222] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.218667][ T4222] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.285256][ T4222] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/07/13 09:55:21 executed programs: 0
[   95.600923][ T5873] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.608838][ T5873] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.616444][ T5873] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.625571][ T5873] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.634361][ T5873] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   95.808670][ T5954] chnl_net:caif_netlink_parms(): no params data found
[   95.888378][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.895746][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.903110][ T5954] bridge_slave_0: entered allmulticast mode
[   95.911129][ T5954] bridge_slave_0: entered promiscuous mode
[   95.919769][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.926942][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.934560][ T5954] bridge_slave_1: entered allmulticast mode
[   95.941841][ T5954] bridge_slave_1: entered promiscuous mode
[   95.977724][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.990400][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.030644][ T5954] team0: Port device team_slave_0 added
[   96.039537][ T5954] team0: Port device team_slave_1 added
[   96.073187][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.080182][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.106172][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.120747][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.127720][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.154103][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.209240][ T5954] hsr_slave_0: entered promiscuous mode
[   96.215640][ T5954] hsr_slave_1: entered promiscuous mode
[   96.222425][ T5954] debugfs: 'hsr0' already exists in 'hsr'
[   96.228235][ T5954] Cannot create hsr debugfs directory
[   97.669805][ T5170] Bluetooth: hci0: command tx timeout
[   97.881269][ T4222] bridge_slave_1: left allmulticast mode
[   97.887419][ T4222] bridge_slave_1: left promiscuous mode
[   97.895371][ T4222] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.906913][ T4222] bridge_slave_0: left allmulticast mode
[   97.917439][ T4222] bridge_slave_0: left promiscuous mode
[   97.924183][ T4222] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.147507][ T4222] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   98.158596][ T4222] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.168599][ T4222] bond0 (unregistering): Released all slaves
[   98.278824][ T4222] hsr_slave_0: left promiscuous mode
[   98.285349][ T4222] hsr_slave_1: left promiscuous mode
[   98.294032][ T4222] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.302731][ T4222] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.314054][ T4222] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.321838][ T4222] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.343785][ T4222] veth1_macvtap: left promiscuous mode
[   98.351213][ T4222] veth0_macvtap: left promiscuous mode
[   98.356878][ T4222] veth1_vlan: left promiscuous mode
[   98.364073][ T4222] veth0_vlan: left promiscuous mode
[   98.814444][ T4222] team0 (unregistering): Port device team_slave_1 removed
[   98.840436][ T4222] team0 (unregistering): Port device team_slave_0 removed
[   99.266721][ T5954] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   99.289290][ T5954] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   99.310670][ T5954] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   99.323724][ T5954] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   99.532731][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.553925][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[   99.591309][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.598541][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.635036][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.642319][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.753902][ T5170] Bluetooth: hci0: command tx timeout
[   99.867354][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.912243][ T5954] veth0_vlan: entered promiscuous mode
[   99.924381][ T5954] veth1_vlan: entered promiscuous mode
[   99.952822][ T5954] veth0_macvtap: entered promiscuous mode
[   99.963847][ T5954] veth1_macvtap: entered promiscuous mode
[   99.982022][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.001209][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.016748][ T2992] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.025671][ T2992] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.036016][ T2992] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.044855][ T2992] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.104617][ T4222] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.113058][ T4222] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.144170][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.152545][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.250784][ T6009] 
[  100.253177][ T6009] =====================================
[  100.258746][ T6009] WARNING: bad unlock balance detected!
[  100.264310][ T6009] 6.16.0-rc5-next-20250711-syzkaller #0 Not tainted
[  100.270904][ T6009] -------------------------------------
[  100.276437][ T6009] syz.0.18/6009 is trying to release lock (vm_lock) at:
[  100.283378][ T6009] [<ffffffff82597857>] query_matching_vma+0x2f7/0x5c0
[  100.290247][ T6009] but there are no more locks to release!
[  100.295951][ T6009] 
[  100.295951][ T6009] other info that might help us debug this:
[  100.303997][ T6009] 2 locks held by syz.0.18/6009:
[  100.308935][ T6009]  #0: ffff888076f27808 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x146/0xdc0
[  100.317762][ T6009]  #1: ffffffff8e13c5a0 (rcu_read_lock){....}-{1:3}, at: query_matching_vma+0x141/0x5c0
[  100.327541][ T6009] 
[  100.327541][ T6009] stack backtrace:
[  100.333440][ T6009] CPU: 0 UID: 0 PID: 6009 Comm: syz.0.18 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  100.333458][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.333473][ T6009] Call Trace:
[  100.333479][ T6009]  <TASK>
[  100.333486][ T6009]  dump_stack_lvl+0x189/0x250
[  100.333508][ T6009]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.333524][ T6009]  ? __pfx__printk+0x10/0x10
[  100.333545][ T6009]  ? print_lock_name+0xde/0x100
[  100.333564][ T6009]  ? query_matching_vma+0x2f7/0x5c0
[  100.333585][ T6009]  print_unlock_imbalance_bug+0xdc/0xf0
[  100.333602][ T6009]  lock_release+0x269/0x3e0
[  100.333614][ T6009]  ? query_matching_vma+0x2f7/0x5c0
[  100.333635][ T6009]  ? query_matching_vma+0x141/0x5c0
[  100.333655][ T6009]  unlock_vma+0x70/0x180
[  100.333676][ T6009]  ? query_matching_vma+0x141/0x5c0
[  100.333695][ T6009]  query_matching_vma+0x2f7/0x5c0
[  100.333722][ T6009]  procfs_procmap_ioctl+0x3f9/0xd50
[  100.333744][ T6009]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  100.333768][ T6009]  ? __fget_files+0x2a/0x420
[  100.333790][ T6009]  ? __fget_files+0x2a/0x420
[  100.333809][ T6009]  ? __fget_files+0x3a0/0x420
[  100.333828][ T6009]  ? __fget_files+0x2a/0x420
[  100.333848][ T6009]  ? bpf_lsm_file_ioctl+0x9/0x20
[  100.333865][ T6009]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  100.333896][ T6009]  __se_sys_ioctl+0xf9/0x170
[  100.333920][ T6009]  do_syscall_64+0xfa/0x3b0
[  100.333949][ T6009]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.333968][ T6009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.333981][ T6009]  ? clear_bhb_loop+0x60/0xb0
[  100.333997][ T6009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.334010][ T6009] RIP: 0033:0x7fe59658e929
[  100.334027][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.334039][ T6009] RSP: 002b:00007fe5973be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  100.334054][ T6009] RAX: ffffffffffffffda RBX: 00007fe5967b6080 RCX: 00007fe59658e929
[  100.334064][ T6009] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003
[  100.334073][ T6009] RBP: 00007fe596610b39 R08: 0000000000000000 R09: 0000000000000000
[  100.334082][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.334090][ T6009] R13: 0000000000000001 R14: 00007fe5967b6080 R15: 00007ffcb4b95888
[  100.334105][ T6009]  </TASK>
[  101.828965][ T5170] Bluetooth: hci0: command tx timeout
[  103.908887][ T5170] Bluetooth: hci0: command tx timeout