Warning: Permanently added '10.128.0.238' (ED25519) to the list of known hosts.
1970/01/01 00:00:59 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:00 parsed 1 programs
1970/01/01 00:01:00 executed programs: 0
[   60.291626][   T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   60.294560][   T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   60.297053][   T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.299696][   T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.303130][   T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   60.305314][   T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.372983][ T6444] chnl_net:caif_netlink_parms(): no params data found
[   60.400937][ T6444] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.403071][ T6444] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.405094][ T6444] bridge_slave_0: entered allmulticast mode
[   60.407194][ T6444] bridge_slave_0: entered promiscuous mode
[   60.410959][ T6444] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.412931][ T6444] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.414849][ T6444] bridge_slave_1: entered allmulticast mode
[   60.416908][ T6444] bridge_slave_1: entered promiscuous mode
[   60.429234][ T6444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.433310][ T6444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.445598][ T6444] team0: Port device team_slave_0 added
[   60.449318][ T6444] team0: Port device team_slave_1 added
[   60.460401][ T6444] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.462285][ T6444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.469157][ T6444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.473505][ T6444] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.475410][ T6444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.482580][ T6444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.551754][ T6444] hsr_slave_0: entered promiscuous mode
[   60.590348][ T6444] hsr_slave_1: entered promiscuous mode
[   61.406582][ T6444] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.441994][ T6444] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.485677][ T6444] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.531566][ T6444] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   61.615715][ T6444] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.625416][ T6444] 8021q: adding VLAN 0 to HW filter on device team0
[   61.634441][ T2124] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.636429][ T2124] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.650796][ T6104] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.652614][ T6104] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.729148][ T6444] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.749456][ T6444] veth0_vlan: entered promiscuous mode
[   61.754759][ T6444] veth1_vlan: entered promiscuous mode
[   61.771498][ T6444] veth0_macvtap: entered promiscuous mode
[   61.774881][ T6444] veth1_macvtap: entered promiscuous mode
[   61.783833][ T6444] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.789233][ T6444] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.794723][ T6444] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.797071][ T6444] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.799348][ T6444] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.802314][ T6444] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.837242][  T477] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.839388][  T477] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.854541][  T477] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.856655][  T477] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.003935][ T6534] 
[   62.004596][ T6534] ======================================================
[   62.006494][ T6534] WARNING: possible circular locking dependency detected
[   62.008369][ T6534] 6.6.0-rc7-syzkaller-00089-g8de1e7afcc1c #0 Not tainted
[   62.010218][ T6534] ------------------------------------------------------
[   62.012075][ T6534] syz-executor.0/6534 is trying to acquire lock:
[   62.013771][ T6534] ffff0000e16b10b8 (&hdev->req_lock){+.+.}-{3:3}, at: hci_rfkill_set_block+0xe8/0x20c
[   62.016310][ T6534] 
[   62.016310][ T6534] but task is already holding lock:
[   62.018233][ T6534] ffff800090ff20c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x234/0x734
[   62.020794][ T6534] 
[   62.020794][ T6534] which lock already depends on the new lock.
[   62.020794][ T6534] 
[   62.023570][ T6534] 
[   62.023570][ T6534] the existing dependency chain (in reverse order) is:
[   62.026021][ T6534] 
[   62.026021][ T6534] -> #3 (rfkill_global_mutex){+.+.}-{3:3}:
[   62.028305][ T6534]        __mutex_lock_common+0x190/0x21a0
[   62.029874][ T6534]        mutex_lock_nested+0x2c/0x38
[   62.031290][ T6534]        rfkill_register+0x44/0x7d4
[   62.032740][ T6534]        hci_register_dev+0x3e0/0x954
[   62.034186][ T6534]        vhci_create_device+0x358/0x6c4
[   62.035724][ T6534]        vhci_write+0x318/0x3b8
[   62.037023][ T6534]        vfs_write+0x628/0x93c
[   62.038307][ T6534]        ksys_write+0x15c/0x26c
[   62.039588][ T6534]        __arm64_sys_write+0x7c/0x90
[   62.040958][ T6534]        invoke_syscall+0x98/0x2b8
[   62.042304][ T6534]        el0_svc_common+0x130/0x23c
[   62.043674][ T6534]        do_el0_svc+0x48/0x58
[   62.044906][ T6534]        el0_svc+0x54/0x158
[   62.046064][ T6534]        el0t_64_sync_handler+0x84/0xfc
[   62.047597][ T6534]        el0t_64_sync+0x190/0x194
[   62.048958][ T6534] 
[   62.048958][ T6534] -> #2 (&data->open_mutex){+.+.}-{3:3}:
[   62.051094][ T6534]        __mutex_lock_common+0x190/0x21a0
[   62.052627][ T6534]        mutex_lock_nested+0x2c/0x38
[   62.054086][ T6534]        vhci_send_frame+0x8c/0x10c
[   62.055481][ T6534]        hci_send_frame+0x1c4/0x35c
[   62.056899][ T6534]        hci_tx_work+0xba0/0x18e4
[   62.058238][ T6534]        process_one_work+0x694/0x1204
[   62.059679][ T6534]        worker_thread+0x938/0xef4
[   62.061063][ T6534]        kthread+0x288/0x310
[   62.062304][ T6534]        ret_from_fork+0x10/0x20
[   62.063588][ T6534] 
[   62.063588][ T6534] -> #1 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}:
[   62.066051][ T6534]        __flush_work+0xf8/0x1c0
[   62.067364][ T6534]        flush_work+0x24/0x38
[   62.068626][ T6534]        hci_dev_close_sync+0x1c8/0xf2c
[   62.070185][ T6534]        hci_unregister_dev+0x1e8/0x4ac
[   62.071651][ T6534]        vhci_release+0x7c/0xd0
[   62.072985][ T6534]        __fput+0x324/0x7f8
[   62.074186][ T6534]        ____fput+0x20/0x30
[   62.075329][ T6534]        task_work_run+0x230/0x2e0
[   62.076670][ T6534]        do_exit+0x63c/0x1f58
[   62.077945][ T6534]        do_group_exit+0x194/0x22c
[   62.079323][ T6534]        get_signal+0x1500/0x15ec
[   62.080694][ T6534]        do_notify_resume+0x3bc/0x393c
[   62.082160][ T6534]        el0_svc+0x9c/0x158
[   62.083365][ T6534]        el0t_64_sync_handler+0x84/0xfc
[   62.084853][ T6534]        el0t_64_sync+0x190/0x194
[   62.086202][ T6534] 
[   62.086202][ T6534] -> #0 (&hdev->req_lock){+.+.}-{3:3}:
[   62.088268][ T6534]        __lock_acquire+0x3370/0x75e8
[   62.089754][ T6534]        lock_acquire+0x23c/0x71c
[   62.091104][ T6534]        __mutex_lock_common+0x190/0x21a0
[   62.092646][ T6534]        mutex_lock_nested+0x2c/0x38
[   62.094051][ T6534]        hci_rfkill_set_block+0xe8/0x20c
[   62.095559][ T6534]        rfkill_set_block+0x18c/0x37c
[   62.097063][ T6534]        rfkill_fop_write+0x578/0x734
[   62.098520][ T6534]        vfs_write+0x2a0/0x93c
[   62.099761][ T6534]        ksys_write+0x15c/0x26c
[   62.101086][ T6534]        __arm64_sys_write+0x7c/0x90
[   62.102488][ T6534]        invoke_syscall+0x98/0x2b8
[   62.103889][ T6534]        el0_svc_common+0x130/0x23c
[   62.105304][ T6534]        do_el0_svc+0x48/0x58
[   62.106557][ T6534]        el0_svc+0x54/0x158
[   62.107801][ T6534]        el0t_64_sync_handler+0x84/0xfc
[   62.109237][ T6534]        el0t_64_sync+0x190/0x194
[   62.110556][ T6534] 
[   62.110556][ T6534] other info that might help us debug this:
[   62.110556][ T6534] 
[   62.113259][ T6534] Chain exists of:
[   62.113259][ T6534]   &hdev->req_lock --> &data->open_mutex --> rfkill_global_mutex
[   62.113259][ T6534] 
[   62.116997][ T6534]  Possible unsafe locking scenario:
[   62.116997][ T6534] 
[   62.118976][ T6534]        CPU0                    CPU1
[   62.120420][ T6534]        ----                    ----
[   62.121836][ T6534]   lock(rfkill_global_mutex);
[   62.123095][ T6534]                                lock(&data->open_mutex);
[   62.124973][ T6534]                                lock(rfkill_global_mutex);
[   62.126955][ T6534]   lock(&hdev->req_lock);
[   62.128097][ T6534] 
[   62.128097][ T6534]  *** DEADLOCK ***
[   62.128097][ T6534] 
[   62.130283][ T6534] 1 lock held by syz-executor.0/6534:
[   62.131709][ T6534]  #0: ffff800090ff20c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x234/0x734
[   62.134537][ T6534] 
[   62.134537][ T6534] stack backtrace:
[   62.136148][ T6534] CPU: 1 PID: 6534 Comm: syz-executor.0 Not tainted 6.6.0-rc7-syzkaller-00089-g8de1e7afcc1c #0
[   62.138947][ T6534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[   62.141628][ T6534] Call trace:
[   62.142517][ T6534]  dump_backtrace+0x1b8/0x1e4
[   62.143841][ T6534]  show_stack+0x2c/0x44
[   62.144982][ T6534]  dump_stack_lvl+0xd0/0x124
[   62.146273][ T6534]  dump_stack+0x1c/0x28
[   62.147454][ T6534]  print_circular_bug+0x150/0x1b8
[   62.148895][ T6534]  check_noncircular+0x310/0x404
[   62.150284][ T6534]  __lock_acquire+0x3370/0x75e8
[   62.151634][ T6534]  lock_acquire+0x23c/0x71c
[   62.152935][ T6534]  __mutex_lock_common+0x190/0x21a0
[   62.154325][ T6534]  mutex_lock_nested+0x2c/0x38
[   62.155663][ T6534]  hci_rfkill_set_block+0xe8/0x20c
[   62.157114][ T6534]  rfkill_set_block+0x18c/0x37c
[   62.158500][ T6534]  rfkill_fop_write+0x578/0x734
[   62.159894][ T6534]  vfs_write+0x2a0/0x93c
[   62.161069][ T6534]  ksys_write+0x15c/0x26c
[   62.162252][ T6534]  __arm64_sys_write+0x7c/0x90
[   62.163588][ T6534]  invoke_syscall+0x98/0x2b8
[   62.164925][ T6534]  el0_svc_common+0x130/0x23c
[   62.166206][ T6534]  do_el0_svc+0x48/0x58
[   62.167355][ T6534]  el0_svc+0x54/0x158
[   62.168520][ T6534]  el0t_64_sync_handler+0x84/0xfc
[   62.169913][ T6534]  el0t_64_sync+0x190/0x194
[   64.533241][ T2216] ieee802154 phy0 wpan0: encryption failed: -22
[   64.535166][ T2216] ieee802154 phy1 wpan1: encryption failed: -22
1970/01/01 00:01:05 executed programs: 143
[   69.650320][ T1652] cfg80211: failed to load regulatory.db
1970/01/01 00:01:10 executed programs: 577