[ 81.419213][ T975] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.199' (ED25519) to the list of known hosts. 2025/10/06 18:12:03 parsed 1 programs [ 84.594622][ T30] audit: type=1400 audit(1759774323.900:91): avc: denied { getattr } for pid=6004 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 84.627667][ T30] audit: type=1400 audit(1759774323.900:92): avc: denied { read } for pid=6004 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 84.649503][ T30] audit: type=1400 audit(1759774323.900:93): avc: denied { open } for pid=6004 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 2025/10/06 18:12:04 executed programs: 0 [ 84.818963][ T30] audit: type=1400 audit(1759774324.120:94): avc: denied { mounton } for pid=6016 comm="syz-executor.0" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 84.843383][ T6016] cgroup: Unknown subsys name 'cpuset' [ 84.850118][ T30] audit: type=1400 audit(1759774324.150:95): avc: denied { create } for pid=6016 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 85.899099][ T30] audit: type=1400 audit(1759774325.200:96): avc: denied { ioctl } for pid=6016 comm="syz-executor.0" path="socket:[5740]" dev="sockfs" ino=5740 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 85.899267][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.932499][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.939923][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.948211][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.955797][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.969844][ T30] audit: type=1400 audit(1759774325.270:97): avc: denied { mounton } for pid=6016 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 86.061789][ T6016] chnl_net:caif_netlink_parms(): no params data found [ 86.114432][ T6016] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.121499][ T6016] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.128771][ T6016] bridge_slave_0: entered allmulticast mode [ 86.135590][ T6016] bridge_slave_0: entered promiscuous mode [ 86.143551][ T6016] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.150662][ T6016] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.158510][ T6016] bridge_slave_1: entered allmulticast mode [ 86.165703][ T6016] bridge_slave_1: entered promiscuous mode [ 86.189383][ T6016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.200376][ T6016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.225782][ T6016] team0: Port device team_slave_0 added [ 86.233176][ T6016] team0: Port device team_slave_1 added [ 86.254433][ T6016] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.261377][ T6016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.287922][ T6016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.300021][ T6016] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.306983][ T6016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.332889][ T6016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.362991][ T6016] hsr_slave_0: entered promiscuous mode [ 86.369048][ T6016] hsr_slave_1: entered promiscuous mode [ 86.449619][ T6016] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.456778][ T6016] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.464201][ T6016] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.471369][ T6016] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.509796][ T6016] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.524600][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.533004][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.546472][ T6016] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.558705][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.565801][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.577514][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.584640][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.638169][ T6016] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.941604][ T6016] veth0_vlan: entered promiscuous mode [ 86.951392][ T6016] veth1_vlan: entered promiscuous mode [ 86.975650][ T6016] veth0_macvtap: entered promiscuous mode [ 86.984316][ T6016] veth1_macvtap: entered promiscuous mode [ 86.999204][ T6016] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.013574][ T6016] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.058858][ T30] audit: type=1400 audit(1759774326.360:98): avc: denied { create } for pid=6042 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 87.079867][ T30] audit: type=1400 audit(1759774326.360:99): avc: denied { bind } for pid=6042 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 87.108327][ T30] audit: type=1400 audit(1759774326.410:100): avc: denied { name_bind } for pid=6042 comm="syz-executor.0" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 87.878484][ T13] [ 87.880828][ T13] ============================================ [ 87.886957][ T13] WARNING: possible recursive locking detected [ 87.893100][ T13] syzkaller #0 Not tainted [ 87.897479][ T13] -------------------------------------------- [ 87.903592][ T13] kworker/u8:1/13 is trying to acquire lock: [ 87.909549][ T13] ffffe8ffffd39ef8 (&pd_list->lock){+...}-{3:3}, at: padata_do_serial+0x7d7/0xda0 [ 87.918785][ T13] [ 87.918785][ T13] but task is already holding lock: [ 87.926117][ T13] ffffe8ffffd39f48 (&pd_list->lock){+...}-{3:3}, at: padata_do_serial+0x6b0/0xda0 [ 87.935300][ T13] [ 87.935300][ T13] other info that might help us debug this: [ 87.943334][ T13] Possible unsafe locking scenario: [ 87.943334][ T13] [ 87.950769][ T13] CPU0 [ 87.954029][ T13] ---- [ 87.957286][ T13] lock(&pd_list->lock); [ 87.961602][ T13] lock(&pd_list->lock); [ 87.965919][ T13] [ 87.965919][ T13] *** DEADLOCK *** [ 87.965919][ T13] [ 87.974047][ T13] May be due to missing lock nesting notation [ 87.974047][ T13] [ 87.982345][ T13] 3 locks held by kworker/u8:1/13: [ 87.987440][ T13] #0: ffff888146eb3948 ((wq_completion)pencrypt_parallel){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 87.998805][ T13] #1: ffffc90000127d10 ((work_completion)(&pw->pw_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 88.010082][ T13] #2: ffffe8ffffd39f48 (&pd_list->lock){+...}-{3:3}, at: padata_do_serial+0x6b0/0xda0 [ 88.019727][ T13] [ 88.019727][ T13] stack backtrace: [ 88.025661][ T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) [ 88.025677][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 88.025687][ T13] Workqueue: pencrypt_parallel padata_parallel_worker [ 88.025709][ T13] Call Trace: [ 88.025716][ T13] [ 88.025722][ T13] dump_stack_lvl+0x116/0x1f0 [ 88.025740][ T13] print_deadlock_bug+0x1e9/0x240 [ 88.025752][ T13] __lock_acquire+0x1133/0x1ce0 [ 88.025764][ T13] ? __queue_work+0x431/0x1160 [ 88.025779][ T13] lock_acquire+0x179/0x350 [ 88.025789][ T13] ? padata_do_serial+0x7d7/0xda0 [ 88.025802][ T13] ? mark_held_locks+0x49/0x80 [ 88.025812][ T13] ? queue_work_on+0x12a/0x1f0 [ 88.025825][ T13] _raw_spin_lock+0x2e/0x40 [ 88.025840][ T13] ? padata_do_serial+0x7d7/0xda0 [ 88.025852][ T13] padata_do_serial+0x7d7/0xda0 [ 88.025866][ T13] pcrypt_aead_enc+0x5b/0x70 [ 88.025885][ T13] padata_parallel_worker+0x65/0xb0 [ 88.025898][ T13] process_one_work+0x9cc/0x1b70 [ 88.025913][ T13] ? __pfx_process_one_work+0x10/0x10 [ 88.025928][ T13] ? assign_work+0x1a0/0x250 [ 88.025940][ T13] worker_thread+0x6c8/0xf10 [ 88.025955][ T13] ? __pfx_worker_thread+0x10/0x10 [ 88.025968][ T13] kthread+0x3c5/0x780 [ 88.025980][ T13] ? __pfx_kthread+0x10/0x10 [ 88.025992][ T13] ? rcu_is_watching+0x12/0xc0 [ 88.026008][ T13] ? __pfx_kthread+0x10/0x10 [ 88.026019][ T13] ret_from_fork+0x56d/0x730 [ 88.026031][ T13] ? __pfx_kthread+0x10/0x10 [ 88.026043][ T13] ret_from_fork_asm+0x1a/0x30 [ 88.026061][ T13] [ 88.182882][ T5147] Bluetooth: hci0: command tx timeout [ 90.211987][ T5147] Bluetooth: hci0: command tx timeout [ 92.291941][ T5147] Bluetooth: hci0: command tx timeout [ 94.371943][ T5147] Bluetooth: hci0: command tx timeout