Warning: Permanently added '10.128.0.200' (ED25519) to the list of known hosts.
2025/08/10 13:17:46 ignoring optional flag "sandboxArg"="0"
2025/08/10 13:17:47 parsed 1 programs
[   66.136243][ T4273] cgroup: Unknown subsys name 'net'
[   66.269076][ T4273] cgroup: Unknown subsys name 'rlimit'
[   67.528919][ T4273] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   69.951050][ T4296] chnl_net:caif_netlink_parms(): no params data found
[   69.998005][ T4296] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.005314][ T4296] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.013520][ T4296] device bridge_slave_0 entered promiscuous mode
[   70.023285][ T4296] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.030630][ T4296] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.038933][ T4296] device bridge_slave_1 entered promiscuous mode
[   70.063412][ T4296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.074700][ T4296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.101964][ T4296] team0: Port device team_slave_0 added
[   70.109333][ T4296] team0: Port device team_slave_1 added
[   70.126918][ T4296] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.134137][ T4296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.160830][ T4296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.177756][ T4296] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.185047][ T4296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.211160][ T4296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.242615][ T4296] device hsr_slave_0 entered promiscuous mode
[   70.249712][ T4296] device hsr_slave_1 entered promiscuous mode
[   70.337961][ T4296] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   70.347972][ T4296] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   70.357327][ T4296] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   70.369175][ T4296] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   70.390920][ T4296] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.398227][ T4296] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.406021][ T4296] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.413078][ T4296] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.451276][ T4296] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.469999][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   70.480038][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.488441][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.496914][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   70.512188][ T4296] 8021q: adding VLAN 0 to HW filter on device team0
[   70.525500][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   70.534514][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.541586][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.557573][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   70.566487][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.573531][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.597770][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   70.607590][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   70.618795][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   70.627897][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   70.639342][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   70.649924][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   70.775972][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   70.783559][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   70.796380][ T4296] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.811317][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   70.828551][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   70.837425][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   70.845312][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   70.854633][ T4296] device veth0_vlan entered promiscuous mode
[   70.864302][ T4296] device veth1_vlan entered promiscuous mode
[   70.876487][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   70.884541][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   70.900174][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   70.909135][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   70.919039][ T4296] device veth0_macvtap entered promiscuous mode
[   70.928312][ T4296] device veth1_macvtap entered promiscuous mode
[   70.941684][ T4296] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.950388][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   70.958625][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   70.967149][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   70.976257][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   70.989953][ T4296] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.998948][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   71.007846][   T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   71.018044][ T4296] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.027278][ T4296] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.036193][ T4296] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.045069][ T4296] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.167241][    T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.387606][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[   71.394395][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[   71.861269][ T4328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.879637][ T4328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.891788][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   71.901830][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.909936][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.918626][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   72.320045][ T4359] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   72.329695][ T4359] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   72.337702][ T4359] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   72.345983][ T4358] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   72.353357][ T4359] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   72.360667][ T4359] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/08/10 13:17:55 executed programs: 0
[   72.685299][   T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   72.693070][   T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   72.701260][   T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   72.709217][   T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   72.717863][   T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   72.725164][   T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   72.824882][ T4367] chnl_net:caif_netlink_parms(): no params data found
[   72.862349][ T4367] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.869750][ T4367] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.878350][ T4367] device bridge_slave_0 entered promiscuous mode
[   72.886233][ T4367] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.893366][ T4367] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.901983][ T4367] device bridge_slave_1 entered promiscuous mode
[   72.922963][ T4367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.933633][ T4367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.955561][ T4367] team0: Port device team_slave_0 added
[   72.963136][ T4367] team0: Port device team_slave_1 added
[   72.980569][ T4367] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.988136][ T4367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.014616][ T4367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.027067][ T4367] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.034209][ T4367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.060211][ T4367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.092275][ T4367] device hsr_slave_0 entered promiscuous mode
[   73.099112][ T4367] device hsr_slave_1 entered promiscuous mode
[   73.106255][ T4367] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.114152][ T4367] Cannot create hsr debugfs directory
[   73.604247][    T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.745269][   T47] Bluetooth: hci0: command 0x0409 tx timeout
[   75.942562][    T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.012713][    T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.506070][ T1169] cfg80211: failed to load regulatory.db
[   76.825425][   T47] Bluetooth: hci0: command 0x041b tx timeout
[   76.852082][ T4367] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   76.867234][ T4367] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   76.976080][ T4367] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   76.994961][ T4367] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   77.030193][    T9] device hsr_slave_0 left promiscuous mode
[   77.036963][    T9] device hsr_slave_1 left promiscuous mode
[   77.043283][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.050745][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.058683][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.066220][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.074508][    T9] device bridge_slave_1 left promiscuous mode
[   77.081279][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.091007][    T9] device bridge_slave_0 left promiscuous mode
[   77.097380][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.115220][    T9] device veth1_macvtap left promiscuous mode
[   77.121425][    T9] device veth0_macvtap left promiscuous mode
[   77.127555][    T9] device veth1_vlan left promiscuous mode
[   77.133408][    T9] device veth0_vlan left promiscuous mode
[   77.375625][    T9] team0 (unregistering): Port device team_slave_1 removed
[   77.398516][    T9] team0 (unregistering): Port device team_slave_0 removed
[   77.424194][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   77.450503][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   77.654670][    T9] bond0 (unregistering): Released all slaves
[   77.768744][ T4367] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.790198][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.798984][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.809035][ T4367] 8021q: adding VLAN 0 to HW filter on device team0
[   77.819287][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.828200][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.836814][ T4328] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.843935][ T4328] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.852112][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.875814][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.885147][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.893525][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.900644][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.912166][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.923338][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.936404][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.945816][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.958567][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.976735][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   77.985638][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.995585][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.004270][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.016436][ T4367] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.028257][ T4367] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   78.036104][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.045084][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.241502][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   78.250409][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   78.268108][ T4367] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.287646][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   78.296405][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   78.321252][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   78.329972][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   78.338926][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   78.347069][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   78.357658][ T4367] device veth0_vlan entered promiscuous mode
[   78.378576][ T4367] device veth1_vlan entered promiscuous mode
[   78.410121][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   78.419400][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   78.432105][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   78.440998][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   78.452661][ T4367] device veth0_macvtap entered promiscuous mode
[   78.462324][ T4367] device veth1_macvtap entered promiscuous mode
[   78.479191][ T4367] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.486720][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   78.495263][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   78.503006][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   78.511859][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   78.523052][ T4367] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.531136][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.539997][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.550189][ T4367] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.559203][ T4367] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.568422][ T4367] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.577181][ T4367] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.621390][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.635464][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.647159][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.656496][ T4328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.665039][ T4328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.673671][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.716371][ T4437] 
[   78.718725][ T4437] ======================================================
[   78.725718][ T4437] WARNING: possible circular locking dependency detected
[   78.732719][ T4437] 6.1.147-syzkaller #0 Not tainted
[   78.737801][ T4437] ------------------------------------------------------
[   78.744793][ T4437] syz.0.17/4437 is trying to acquire lock:
[   78.750598][ T4437] ffff888079d59450 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0xd4/0xa60
[   78.761976][ T4437] 
[   78.761976][ T4437] but task is already holding lock:
[   78.769316][ T4437] ffff888079d58130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530
[   78.778345][ T4437] 
[   78.778345][ T4437] which lock already depends on the new lock.
[   78.778345][ T4437] 
[   78.788730][ T4437] 
[   78.788730][ T4437] the existing dependency chain (in reverse order) is:
[   78.797723][ T4437] 
[   78.797723][ T4437] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[   78.805463][ T4437]        lock_sock_nested+0x44/0x100
[   78.810736][ T4437]        smc_listen_out+0x109/0x3d0
[   78.815953][ T4437]        process_one_work+0x898/0x1160
[   78.821393][ T4437]        worker_thread+0xaa2/0x1250
[   78.826573][ T4437]        kthread+0x29d/0x330
[   78.831149][ T4437]        ret_from_fork+0x1f/0x30
[   78.836071][ T4437] 
[   78.836071][ T4437] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[   78.846219][ T4437]        __lock_acquire+0x2cf8/0x7c50
[   78.851574][ T4437]        lock_acquire+0x1b4/0x490
[   78.856578][ T4437]        __flush_work+0xed/0xa60
[   78.861497][ T4437]        __cancel_work_timer+0x3ac/0x520
[   78.867112][ T4437]        smc_clcsock_release+0x5c/0xe0
[   78.872556][ T4437]        __smc_release+0x661/0x7d0
[   78.877646][ T4437]        smc_close_non_accepted+0xd1/0x1f0
[   78.883432][ T4437]        smc_close_active+0xb00/0xea0
[   78.888799][ T4437]        __smc_release+0x8d/0x7d0
[   78.893803][ T4437]        smc_release+0x2ca/0x530
[   78.898721][ T4437]        sock_close+0xd5/0x240
[   78.903468][ T4437]        __fput+0x22c/0x920
[   78.907954][ T4437]        task_work_run+0x1ca/0x250
[   78.913046][ T4437]        exit_to_user_mode_loop+0xe6/0x110
[   78.918836][ T4437]        exit_to_user_mode_prepare+0xb1/0x140
[   78.924884][ T4437]        syscall_exit_to_user_mode+0x16/0x40
[   78.930845][ T4437]        do_syscall_64+0x58/0xa0
[   78.935774][ T4437]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   78.942170][ T4437] 
[   78.942170][ T4437] other info that might help us debug this:
[   78.942170][ T4437] 
[   78.952376][ T4437]  Possible unsafe locking scenario:
[   78.952376][ T4437] 
[   78.959801][ T4437]        CPU0                    CPU1
[   78.965157][ T4437]        ----                    ----
[   78.970497][ T4437]   lock(sk_lock-AF_SMC/1);
[   78.974984][ T4437]                                lock((work_completion)(&new_smc->smc_listen_work));
[   78.984415][ T4437]                                lock(sk_lock-AF_SMC/1);
[   78.991421][ T4437]   lock((work_completion)(&new_smc->smc_listen_work));
[   78.998335][ T4437] 
[   78.998335][ T4437]  *** DEADLOCK ***
[   78.998335][ T4437] 
[   79.006453][ T4437] 2 locks held by syz.0.17/4437:
[   79.011361][ T4437]  #0: ffff888068b6be10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240
[   79.021530][ T4437]  #1: ffff888079d58130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530
[   79.030907][ T4437] 
[   79.030907][ T4437] stack backtrace:
[   79.036793][ T4437] CPU: 0 PID: 4437 Comm: syz.0.17 Not tainted 6.1.147-syzkaller #0
[   79.044662][ T4437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   79.054704][ T4437] Call Trace:
[   79.057966][ T4437]  <TASK>
[   79.060879][ T4437]  dump_stack_lvl+0x168/0x22e
[   79.065537][ T4437]  ? load_image+0x3b0/0x3b0
[   79.070023][ T4437]  ? show_regs_print_info+0x12/0x12
[   79.075204][ T4437]  ? print_circular_bug+0x12b/0x1a0
[   79.080386][ T4437]  check_noncircular+0x274/0x310
[   79.085311][ T4437]  ? add_chain_block+0x940/0x940
[   79.090243][ T4437]  ? lockdep_lock+0xdc/0x1e0
[   79.094826][ T4437]  ? rcu_is_watching+0x11/0xa0
[   79.099580][ T4437]  ? lock_release+0xd4/0x910
[   79.104155][ T4437]  ? _find_first_zero_bit+0xcf/0x100
[   79.109433][ T4437]  __lock_acquire+0x2cf8/0x7c50
[   79.114272][ T4437]  ? __lock_acquire+0x7c50/0x7c50
[   79.119284][ T4437]  ? is_bpf_text_address+0x28b/0x2a0
[   79.124554][ T4437]  ? hlock_conflict+0x59/0x1f0
[   79.129365][ T4437]  ? verify_lock_unused+0x140/0x140
[   79.134546][ T4437]  ? __bfs+0x2a3/0x5c0
[   79.138600][ T4437]  ? check_path+0x40/0x40
[   79.142914][ T4437]  ? mark_lock+0x94/0x320
[   79.147228][ T4437]  ? __lock_acquire+0x13c0/0x7c50
[   79.152233][ T4437]  ? add_chain_block+0x940/0x940
[   79.157155][ T4437]  lock_acquire+0x1b4/0x490
[   79.161640][ T4437]  ? __flush_work+0xd4/0xa60
[   79.166215][ T4437]  ? __lock_acquire+0x13c0/0x7c50
[   79.171220][ T4437]  ? read_lock_is_recursive+0x10/0x10
[   79.176573][ T4437]  ? verify_lock_unused+0x140/0x140
[   79.181760][ T4437]  ? __flush_work+0xd4/0xa60
[   79.186331][ T4437]  __flush_work+0xed/0xa60
[   79.190728][ T4437]  ? __flush_work+0xd4/0xa60
[   79.195299][ T4437]  ? verify_lock_unused+0x140/0x140
[   79.200482][ T4437]  ? flush_work+0x20/0x20
[   79.204794][ T4437]  ? try_to_grab_pending+0xf1/0x840
[   79.209977][ T4437]  ? lockdep_hardirqs_off+0x70/0x100
[   79.215258][ T4437]  ? mark_lock+0x94/0x320
[   79.219580][ T4437]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   79.225545][ T4437]  ? lock_chain_count+0x20/0x20
[   79.230394][ T4437]  ? __cancel_work_timer+0x331/0x520
[   79.235678][ T4437]  __cancel_work_timer+0x3ac/0x520
[   79.240781][ T4437]  ? cancel_work_sync+0x20/0x20
[   79.245621][ T4437]  ? __smc_release+0x659/0x7d0
[   79.250365][ T4437]  ? __local_bh_enable_ip+0x12a/0x1b0
[   79.255730][ T4437]  ? lockdep_hardirqs_on+0x94/0x140
[   79.260912][ T4437]  ? __local_bh_enable_ip+0x12a/0x1b0
[   79.266265][ T4437]  ? _local_bh_enable+0xa0/0xa0
[   79.271106][ T4437]  smc_clcsock_release+0x5c/0xe0
[   79.276023][ T4437]  __smc_release+0x661/0x7d0
[   79.280591][ T4437]  ? do_raw_spin_unlock+0x11d/0x230
[   79.285777][ T4437]  smc_close_non_accepted+0xd1/0x1f0
[   79.291042][ T4437]  smc_close_active+0xb00/0xea0
[   79.295871][ T4437]  ? sock_no_sendpage_locked+0x160/0x160
[   79.301483][ T4437]  __smc_release+0x8d/0x7d0
[   79.305964][ T4437]  ? do_raw_spin_unlock+0x11d/0x230
[   79.311149][ T4437]  smc_release+0x2ca/0x530
[   79.315550][ T4437]  sock_close+0xd5/0x240
[   79.319775][ T4437]  ? sock_mmap+0x90/0x90
[   79.323997][ T4437]  __fput+0x22c/0x920
[   79.327963][ T4437]  task_work_run+0x1ca/0x250
[   79.332537][ T4437]  ? task_work_cancel+0x230/0x230
[   79.337545][ T4437]  ? __close_range+0x1c5/0x730
[   79.342295][ T4437]  ? exit_to_user_mode_loop+0x3b/0x110
[   79.347741][ T4437]  exit_to_user_mode_loop+0xe6/0x110
[   79.353013][ T4437]  exit_to_user_mode_prepare+0xb1/0x140
[   79.358539][ T4437]  syscall_exit_to_user_mode+0x16/0x40
[   79.363986][ T4437]  do_syscall_64+0x58/0xa0
[   79.368380][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   79.373038][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   79.377694][ T4437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.383573][ T4437] RIP: 0033:0x7f641118ebe9
[   79.387984][ T4437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.407578][ T4437] RSP: 002b:00007fff4efc3e28 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   79.415971][ T4437] RAX: 0000000000000000 RBX: 000000000001335a RCX: 00007f641118ebe9
[   79.423922][ T4437] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   79.431874][ T4437] RBP: 0000000000000000 R08: 0000000000000001 R09: 000000074efc411f
[   79.439825][ T4437] R10: 0000001b2ce20000 R11: 0000000000000246 R12: 00007f64113b5fac
[   79.447774][ T4437] R13: 00007f64113b5fa0 R14: ffffffffffffffff R15: 0000000000000003
[   79.455729][ T4437]  </TASK>
[   79.473917][   T47] Bluetooth: hci0: command 0x040f tx timeout