Warning: Permanently added '10.128.0.210' (ED25519) to the list of known hosts.
1970/01/01 00:00:43 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:45 parsed 1 programs
[   47.634454][ T4032] cgroup: Unknown subsys name 'net'
[   47.877028][ T4032] cgroup: Unknown subsys name 'rlimit'
[   48.211671][ T4032] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   57.111761][ T4087] chnl_net:caif_netlink_parms(): no params data found
[   57.155997][ T4087] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.158074][ T4087] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.161432][ T4087] device bridge_slave_0 entered promiscuous mode
[   57.166075][ T4087] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.168207][ T4087] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.172723][ T4087] device bridge_slave_1 entered promiscuous mode
[   57.192892][ T4087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.197739][ T4087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.216656][ T4087] team0: Port device team_slave_0 added
[   57.221162][ T4087] team0: Port device team_slave_1 added
[   57.237337][ T4087] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.239242][ T4087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.246610][ T4087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.253279][ T4087] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.255260][ T4087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.262674][ T4087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.333956][ T4087] device hsr_slave_0 entered promiscuous mode
[   57.380774][ T4087] device hsr_slave_1 entered promiscuous mode
[   57.526110][ T4087] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   57.554989][ T4087] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   57.604570][ T4087] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   57.654056][ T4087] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.721197][ T4087] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.723282][ T4087] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.725845][ T4087] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.727778][ T4087] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.777552][ T4087] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.787370][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.793324][ T1636] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.796666][ T1636] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.805042][ T4087] 8021q: adding VLAN 0 to HW filter on device team0
[   57.812114][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   57.814850][ T1636] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.816738][ T1636] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.825104][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.827844][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.829766][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.846977][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   57.856127][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   57.859439][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   57.868937][ T4087] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   57.873901][ T4087] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.878767][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   57.883505][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   57.888460][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   57.968380][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   57.971115][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   57.978451][ T4087] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.993030][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.012417][ T4087] device veth0_vlan entered promiscuous mode
[   58.014826][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.017657][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.024184][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.036078][ T4087] device veth1_vlan entered promiscuous mode
[   58.051743][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   58.054388][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   58.063738][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   58.066520][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.071890][ T4087] device veth0_macvtap entered promiscuous mode
[   58.081105][ T4087] device veth1_macvtap entered promiscuous mode
[   58.093023][ T4087] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.095396][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   58.098024][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   58.101892][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   58.104660][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.111119][ T4087] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.113163][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.116064][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.122547][ T4087] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.125123][ T4087] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.127471][ T4087] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.129791][ T4087] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.640492][ T1636] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.642851][ T1636] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.645982][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   58.669606][ T1636] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.674895][ T1636] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.700413][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:00:58 executed programs: 0
[   59.134307][ T4125] chnl_net:caif_netlink_parms(): no params data found
[   59.175366][ T4125] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.177606][ T4125] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.180658][ T4125] device bridge_slave_0 entered promiscuous mode
[   59.184373][ T4125] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.186501][ T4125] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.189276][ T4125] device bridge_slave_1 entered promiscuous mode
[   59.206219][ T4125] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.212028][ T4125] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.228048][ T4125] team0: Port device team_slave_0 added
[   59.235366][ T4125] team0: Port device team_slave_1 added
[   59.253818][ T4125] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.255867][ T4125] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.263205][ T4125] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.267951][ T4125] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.269979][ T4125] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.278777][ T4125] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.352420][ T4125] device hsr_slave_0 entered promiscuous mode
[   59.390720][ T4125] device hsr_slave_1 entered promiscuous mode
[   59.450509][ T4125] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.452934][ T4125] Cannot create hsr debugfs directory
[   59.519746][ T4125] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.071306][ T4093] Bluetooth: hci0: command 0x0409 tx timeout
[   62.466284][ T4125] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.150665][ T3607] Bluetooth: hci0: command 0x041b tx timeout
[   63.248359][ T4125] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.303716][ T4125] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.490086][ T4125] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.562453][ T4125] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.602634][ T4125] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.652864][ T4125] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.785645][ T4125] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.033045][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.035866][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.042816][ T4125] 8021q: adding VLAN 0 to HW filter on device team0
[   64.047704][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   64.050792][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.053744][ T1636] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.055720][ T1636] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.058324][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   64.065826][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   64.069014][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.074986][ T1727] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.077079][ T1727] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.091436][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   64.094347][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   64.097303][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   64.103231][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   64.107634][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   64.116096][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   64.119169][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.137209][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   64.139971][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.147291][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   64.150068][ T1727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.155390][ T4125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   64.246632][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   64.248835][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   64.256070][ T4125] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.269299][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   64.273669][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   64.288079][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   64.291057][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   64.293813][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   64.296411][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   64.301550][ T4125] device veth0_vlan entered promiscuous mode
[   64.308549][ T4125] device veth1_vlan entered promiscuous mode
[   64.324401][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   64.327216][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   64.329953][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   64.335005][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   64.368059][ T4125] device veth0_macvtap entered promiscuous mode
[   64.373558][ T4125] device veth1_macvtap entered promiscuous mode
[   64.383703][ T4125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.386837][ T4125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.390739][ T4125] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.394534][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   64.397514][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   64.400183][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   64.404945][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   64.408295][ T4125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.412060][ T4125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.415696][ T4125] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.419091][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   64.424626][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   64.429035][ T4125] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.432003][ T4125] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.434517][ T4125] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.436959][ T4125] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.486055][ T1727] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.488411][ T1727] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.496490][ T1636] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   64.504746][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.507043][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.510096][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:04 executed programs: 2
[   64.717351][ T4146] 
[   64.718090][ T4146] ======================================================
[   64.720020][ T4146] WARNING: possible circular locking dependency detected
[   64.721855][ T4146] 5.15.185-syzkaller #0 Not tainted
[   64.723262][ T4146] ------------------------------------------------------
[   64.725118][ T4146] syz.0.16/4146 is trying to acquire lock:
[   64.726792][ T4146] ffff0000dba04c28 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}, at: __flush_work+0xcc/0x1bc
[   64.729753][ T4146] 
[   64.729753][ T4146] but task is already holding lock:
[   64.731915][ T4146] ffff800016507d48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x238/0x5cc
[   64.734620][ T4146] 
[   64.734620][ T4146] which lock already depends on the new lock.
[   64.734620][ T4146] 
[   64.737552][ T4146] 
[   64.737552][ T4146] the existing dependency chain (in reverse order) is:
[   64.739954][ T4146] 
[   64.739954][ T4146] -> #4 (rfkill_global_mutex){+.+.}-{3:3}:
[   64.742066][ T4146]        __mutex_lock_common+0x194/0x1edc
[   64.743588][ T4146]        mutex_lock_nested+0xac/0x11c
[   64.745091][ T4146]        rfkill_register+0x44/0x77c
[   64.746561][ T4146]        hci_register_dev+0x3d8/0x854
[   64.748062][ T4146]        vhci_create_device+0x2bc/0x564
[   64.749555][ T4146]        vhci_write+0x30c/0x3ac
[   64.750856][ T4146]        vfs_write+0x7c8/0xa2c
[   64.752128][ T4146]        ksys_write+0x120/0x210
[   64.753405][ T4146]        __arm64_sys_write+0x7c/0x90
[   64.754797][ T4146]        invoke_syscall+0x98/0x2b8
[   64.756117][ T4146]        el0_svc_common+0x138/0x258
[   64.757500][ T4146]        do_el0_svc+0x58/0x14c
[   64.758795][ T4146]        el0_svc+0x78/0x1e0
[   64.760028][ T4146]        el0t_64_sync_handler+0xcc/0xe4
[   64.761573][ T4146]        el0t_64_sync+0x1a0/0x1a4
[   64.762920][ T4146] 
[   64.762920][ T4146] -> #3 (&data->open_mutex){+.+.}-{3:3}:
[   64.765047][ T4146]        __mutex_lock_common+0x194/0x1edc
[   64.766679][ T4146]        mutex_lock_nested+0xac/0x11c
[   64.768218][ T4146]        vhci_send_frame+0x88/0x118
[   64.769631][ T4146]        hci_send_frame+0x194/0x2f0
[   64.771091][ T4146]        hci_tx_work+0x7e4/0x1394
[   64.772567][ T4146]        process_one_work+0x79c/0x1140
[   64.774086][ T4146]        worker_thread+0x8f4/0x101c
[   64.775550][ T4146]        kthread+0x374/0x454
[   64.776808][ T4146]        ret_from_fork+0x10/0x20
[   64.778099][ T4146] 
[   64.778099][ T4146] -> #2 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}:
[   64.780694][ T4146]        __flush_work+0xf4/0x1bc
[   64.782090][ T4146]        flush_work+0x24/0x38
[   64.783343][ T4146]        hci_dev_do_close+0x164/0x105c
[   64.784956][ T4146]        hci_unregister_dev+0x23c/0x4c0
[   64.786503][ T4146]        vhci_release+0x74/0xc4
[   64.787898][ T4146]        __fput+0x1c0/0x7f8
[   64.789157][ T4146]        ____fput+0x20/0x30
[   64.790436][ T4146]        task_work_run+0x12c/0x1e0
[   64.791945][ T4146]        do_exit+0x67c/0x1f58
[   64.793205][ T4146]        do_group_exit+0x100/0x268
[   64.794615][ T4146]        get_signal+0x73c/0x1340
[   64.796065][ T4146]        do_notify_resume+0x35c/0x3128
[   64.797627][ T4146]        el0_svc+0xf0/0x1e0
[   64.798852][ T4146]        el0t_64_sync_handler+0xcc/0xe4
[   64.800389][ T4146]        el0t_64_sync+0x1a0/0x1a4
[   64.801847][ T4146] 
[   64.801847][ T4146] -> #1 (&hdev->req_lock){+.+.}-{3:3}:
[   64.803989][ T4146]        __mutex_lock_common+0x194/0x1edc
[   64.805617][ T4146]        mutex_lock_nested+0xac/0x11c
[   64.807155][ T4146]        bg_scan_update+0x48/0x3d0
[   64.808526][ T4146]        process_one_work+0x79c/0x1140
[   64.810038][ T4146]        worker_thread+0x8f4/0x101c
[   64.811533][ T4146]        kthread+0x374/0x454
[   64.812850][ T4146]        ret_from_fork+0x10/0x20
[   64.814240][ T4146] 
[   64.814240][ T4146] -> #0 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}:
[   64.816976][ T4146]        __lock_acquire+0x2928/0x651c
[   64.818482][ T4146]        lock_acquire+0x1f4/0x620
[   64.819957][ T4146]        __flush_work+0xf4/0x1bc
[   64.821365][ T4146]        __cancel_work_timer+0x2ec/0x448
[   64.822962][ T4146]        cancel_work_sync+0x24/0x38
[   64.824402][ T4146]        hci_request_cancel_all+0xbc/0x2d0
[   64.826029][ T4146]        hci_dev_do_close+0x54/0x105c
[   64.827489][ T4146]        hci_rfkill_set_block+0xdc/0x1d0
[   64.829099][ T4146]        rfkill_set_block+0x18c/0x374
[   64.830542][ T4146]        rfkill_fop_write+0x4a4/0x5cc
[   64.832007][ T4146]        vfs_write+0x280/0xa2c
[   64.833336][ T4146]        ksys_write+0x120/0x210
[   64.834672][ T4146]        __arm64_sys_write+0x7c/0x90
[   64.836154][ T4146]        invoke_syscall+0x98/0x2b8
[   64.837639][ T4146]        el0_svc_common+0x138/0x258
[   64.839083][ T4146]        do_el0_svc+0x58/0x14c
[   64.840357][ T4146]        el0_svc+0x78/0x1e0
[   64.841623][ T4146]        el0t_64_sync_handler+0xcc/0xe4
[   64.843113][ T4146]        el0t_64_sync+0x1a0/0x1a4
[   64.844559][ T4146] 
[   64.844559][ T4146] other info that might help us debug this:
[   64.844559][ T4146] 
[   64.847374][ T4146] Chain exists of:
[   64.847374][ T4146]   (work_completion)(&hdev->bg_scan_update) --> &data->open_mutex --> rfkill_global_mutex
[   64.847374][ T4146] 
[   64.851859][ T4146]  Possible unsafe locking scenario:
[   64.851859][ T4146] 
[   64.853965][ T4146]        CPU0                    CPU1
[   64.855353][ T4146]        ----                    ----
[   64.856823][ T4146]   lock(rfkill_global_mutex);
[   64.858109][ T4146]                                lock(&data->open_mutex);
[   64.860042][ T4146]                                lock(rfkill_global_mutex);
[   64.862078][ T4146]   lock((work_completion)(&hdev->bg_scan_update));
[   64.863944][ T4146] 
[   64.863944][ T4146]  *** DEADLOCK ***
[   64.863944][ T4146] 
[   64.866203][ T4146] 1 lock held by syz.0.16/4146:
[   64.867521][ T4146]  #0: ffff800016507d48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x238/0x5cc
[   64.870360][ T4146] 
[   64.870360][ T4146] stack backtrace:
[   64.871952][ T4146] CPU: 1 PID: 4146 Comm: syz.0.16 Not tainted 5.15.185-syzkaller #0
[   64.874165][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.876953][ T4146] Call trace:
[   64.877858][ T4146]  dump_backtrace+0x0/0x43c
[   64.879050][ T4146]  show_stack+0x2c/0x3c
[   64.880190][ T4146]  __dump_stack+0x30/0x40
[   64.881365][ T4146]  dump_stack_lvl+0xf8/0x160
[   64.882611][ T4146]  dump_stack+0x1c/0x5c
[   64.883746][ T4146]  print_circular_bug+0x148/0x1b0
[   64.885090][ T4146]  check_noncircular+0x240/0x2d4
[   64.886430][ T4146]  __lock_acquire+0x2928/0x651c
[   64.887795][ T4146]  lock_acquire+0x1f4/0x620
[   64.889073][ T4146]  __flush_work+0xf4/0x1bc
[   64.890300][ T4146]  __cancel_work_timer+0x2ec/0x448
[   64.891740][ T4146]  cancel_work_sync+0x24/0x38
[   64.892984][ T4146]  hci_request_cancel_all+0xbc/0x2d0
[   64.894486][ T4146]  hci_dev_do_close+0x54/0x105c
[   64.895960][ T4146]  hci_rfkill_set_block+0xdc/0x1d0
[   64.897446][ T4146]  rfkill_set_block+0x18c/0x374
[   64.898877][ T4146]  rfkill_fop_write+0x4a4/0x5cc
[   64.900278][ T4146]  vfs_write+0x280/0xa2c
[   64.901474][ T4146]  ksys_write+0x120/0x210
[   64.902663][ T4146]  __arm64_sys_write+0x7c/0x90
[   64.903979][ T4146]  invoke_syscall+0x98/0x2b8
[   64.905330][ T4146]  el0_svc_common+0x138/0x258
[   64.906643][ T4146]  do_el0_svc+0x58/0x14c
[   64.907791][ T4146]  el0_svc+0x78/0x1e0
[   64.908929][ T4146]  el0t_64_sync_handler+0xcc/0xe4
[   64.910290][ T4146]  el0t_64_sync+0x1a0/0x1a4
[   66.727816][  T153] device hsr_slave_0 left promiscuous mode
[   66.771100][  T153] device hsr_slave_1 left promiscuous mode
[   66.880498][  T153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.882637][  T153] batman_adv: batadv0: Removing interface: batadv_slave_0
[   66.885260][  T153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.887334][  T153] batman_adv: batadv0: Removing interface: batadv_slave_1
[   66.889675][  T153] device bridge_slave_1 left promiscuous mode
[   66.891618][  T153] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.931229][  T153] device bridge_slave_0 left promiscuous mode
[   66.933074][  T153] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.120610][  T153] device veth1_macvtap left promiscuous mode
[   67.122343][  T153] device veth0_macvtap left promiscuous mode
[   67.124039][  T153] device veth1_vlan left promiscuous mode
[   67.125639][  T153] device veth0_vlan left promiscuous mode
[   67.293139][  T153] team0 (unregistering): Port device team_slave_1 removed
[   67.299825][  T153] team0 (unregistering): Port device team_slave_0 removed
[   67.306565][  T153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   67.336730][  T153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   67.458710][  T153] bond0 (unregistering): Released all slaves
1970/01/01 00:01:09 executed programs: 185
[   69.631863][   T21] cfg80211: failed to load regulatory.db
[   69.634110][ T2056] ieee802154 phy0 wpan0: encryption failed: -22
[   69.635923][ T2056] ieee802154 phy1 wpan1: encryption failed: -22
1970/01/01 00:01:14 executed programs: 479