Warning: Permanently added '10.128.1.15' (ED25519) to the list of known hosts. 2025/11/06 05:24:04 parsed 1 programs [ 72.365395][ T4271] cgroup: Unknown subsys name 'net' [ 72.466016][ T4271] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 73.727359][ T4271] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 75.208482][ T4287] chnl_net:caif_netlink_parms(): no params data found [ 75.254264][ T4287] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.262585][ T4287] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.270719][ T4287] device bridge_slave_0 entered promiscuous mode [ 75.284018][ T4287] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.291214][ T4287] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.299278][ T4287] device bridge_slave_1 entered promiscuous mode [ 75.323914][ T4287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.334729][ T4287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.357056][ T4287] team0: Port device team_slave_0 added [ 75.364481][ T4287] team0: Port device team_slave_1 added [ 75.384822][ T4287] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.391970][ T4287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.418349][ T4287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.430780][ T4287] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.437789][ T4287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.463977][ T4287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.496424][ T4287] device hsr_slave_0 entered promiscuous mode [ 75.503181][ T4287] device hsr_slave_1 entered promiscuous mode [ 75.592075][ T4287] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.601995][ T4287] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.611145][ T4287] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.620406][ T4287] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.648769][ T4287] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.656139][ T4287] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.664180][ T4287] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.671383][ T4287] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.716755][ T4287] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.731411][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.742102][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.751397][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.771167][ T4287] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.784521][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.793558][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.800703][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.818166][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.826602][ T1205] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.833743][ T1205] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.858886][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 75.869991][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 75.879809][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 75.889694][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 75.900871][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 75.912905][ T4287] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 76.045141][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 76.053151][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 76.065755][ T4287] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.082999][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 76.101340][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 76.110016][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 76.119848][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 76.128252][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 76.139293][ T4287] device veth0_vlan entered promiscuous mode [ 76.150148][ T4287] device veth1_vlan entered promiscuous mode [ 76.168773][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.176996][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.185577][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.194898][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.206127][ T4287] device veth0_macvtap entered promiscuous mode [ 76.216522][ T4287] device veth1_macvtap entered promiscuous mode [ 76.232140][ T4287] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.240764][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.249259][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.258682][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.267485][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.279713][ T4287] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.287043][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.296136][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.308125][ T4287] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.316996][ T4287] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.326111][ T4287] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.335183][ T4287] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.449505][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.786985][ T4323] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.795733][ T4323] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.803924][ T4323] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.811856][ T4323] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.819896][ T4323] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.827317][ T4323] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.172590][ T4313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.185790][ T4313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.200485][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.210014][ T1205] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.219389][ T1205] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.229672][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2025/11/06 05:24:13 executed programs: 0 [ 79.044758][ T4325] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.053196][ T4325] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.061606][ T4325] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.070871][ T4325] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.078742][ T4325] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 79.086464][ T4325] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.189596][ T4367] chnl_net:caif_netlink_parms(): no params data found [ 79.226785][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.253670][ T4367] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.261109][ T4367] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.269903][ T4367] device bridge_slave_0 entered promiscuous mode [ 79.277916][ T4367] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.285025][ T4367] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.293239][ T4367] device bridge_slave_1 entered promiscuous mode [ 79.313491][ T4367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.324436][ T4367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.346910][ T4367] team0: Port device team_slave_0 added [ 79.354775][ T4367] team0: Port device team_slave_1 added [ 79.371853][ T4367] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.379477][ T4367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.405899][ T4367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.418491][ T4367] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.425474][ T4367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.454252][ T4367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.482721][ T4367] device hsr_slave_0 entered promiscuous mode [ 79.489737][ T4367] device hsr_slave_1 entered promiscuous mode [ 79.496331][ T4367] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.504740][ T4367] Cannot create hsr debugfs directory [ 81.138923][ T4325] Bluetooth: hci0: command 0x0409 tx timeout [ 81.536406][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.639175][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.869676][ T127] cfg80211: failed to load regulatory.db [ 82.492907][ T4367] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.510462][ T4367] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.528230][ T46] device hsr_slave_0 left promiscuous mode [ 82.534704][ T46] device hsr_slave_1 left promiscuous mode [ 82.542101][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.550053][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.558844][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.566255][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 82.574537][ T46] device bridge_slave_1 left promiscuous mode [ 82.582750][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.593441][ T46] device bridge_slave_0 left promiscuous mode [ 82.599839][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.619004][ T46] device veth1_macvtap left promiscuous mode [ 82.625646][ T46] device veth0_macvtap left promiscuous mode [ 82.631990][ T46] device veth1_vlan left promiscuous mode [ 82.638220][ T46] device veth0_vlan left promiscuous mode [ 82.945689][ T46] team0 (unregistering): Port device team_slave_1 removed [ 82.975025][ T46] team0 (unregistering): Port device team_slave_0 removed [ 83.003586][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.033816][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 83.228095][ T4323] Bluetooth: hci0: command 0x041b tx timeout [ 83.301958][ T46] bond0 (unregistering): Released all slaves [ 83.385276][ T4367] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 83.395846][ T4367] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 83.469887][ T4367] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.491017][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.499649][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.510768][ T4367] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.521187][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.530476][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.540157][ T1205] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.547246][ T1205] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.555460][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 83.576864][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.587162][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.596242][ T1205] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.603408][ T1205] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.614936][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 83.632583][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 83.643708][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 83.652791][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.662042][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 83.683533][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 83.694444][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.704930][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 83.714334][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.732051][ T4367] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.743991][ T4367] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 83.752631][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 83.762556][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.955355][ T4367] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.963433][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 83.972062][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 83.999192][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 84.014189][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 84.038688][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 84.048154][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 84.067099][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 84.075525][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 84.086949][ T4367] device veth0_vlan entered promiscuous mode [ 84.104143][ T4367] device veth1_vlan entered promiscuous mode [ 84.136534][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 84.145198][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 84.153981][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 84.164128][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 84.176178][ T4367] device veth0_macvtap entered promiscuous mode [ 84.192542][ T4367] device veth1_macvtap entered promiscuous mode [ 84.227920][ T4367] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.235391][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 84.244973][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 84.254512][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 84.266327][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 84.282302][ T4367] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.295959][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 84.305266][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 84.317185][ T4367] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.326726][ T4367] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.335513][ T4367] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.344658][ T4367] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.397108][ T4313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.415426][ T4313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.425009][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.428018][ T1205] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 84.433534][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.450548][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 84.529250][ T4440] loop0: detected capacity change from 0 to 4096 [ 84.651073][ T4440] [ 84.653571][ T4440] ====================================================== [ 84.660634][ T4440] WARNING: possible circular locking dependency detected [ 84.667685][ T4440] syzkaller #0 Not tainted [ 84.672207][ T4440] ------------------------------------------------------ [ 84.679251][ T4440] syz.0.17/4440 is trying to acquire lock: [ 84.685408][ T4440] ffff88805985a5e0 (&ni->ni_lock/5){+.+.}-{3:3}, at: attr_data_get_block+0x33b/0x1b70 [ 84.695027][ T4440] [ 84.695027][ T4440] but task is already holding lock: [ 84.702418][ T4440] ffff88807cd90158 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x15d/0x2b0 [ 84.711417][ T4440] [ 84.711417][ T4440] which lock already depends on the new lock. [ 84.711417][ T4440] [ 84.721827][ T4440] [ 84.721827][ T4440] the existing dependency chain (in reverse order) is: [ 84.730854][ T4440] [ 84.730854][ T4440] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 84.738425][ T4440] __might_fault+0xc2/0x120 [ 84.743549][ T4440] _copy_to_user+0x27/0x130 [ 84.748662][ T4440] ni_fiemap+0x4ec/0x1300 [ 84.753510][ T4440] ntfs_fiemap+0xd7/0x130 [ 84.758453][ T4440] do_vfs_ioctl+0x1425/0x1d10 [ 84.763672][ T4440] __se_sys_ioctl+0x83/0x170 [ 84.768888][ T4440] do_syscall_64+0x4c/0xa0 [ 84.773904][ T4440] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 84.780351][ T4440] [ 84.780351][ T4440] -> #0 (&ni->ni_lock/5){+.+.}-{3:3}: [ 84.788085][ T4440] __lock_acquire+0x2cf8/0x7c50 [ 84.793554][ T4440] lock_acquire+0x1b4/0x490 [ 84.798590][ T4440] __mutex_lock+0x120/0xaf0 [ 84.803633][ T4440] attr_data_get_block+0x33b/0x1b70 [ 84.809351][ T4440] ntfs_file_mmap+0x448/0x6d0 [ 84.814542][ T4440] mmap_file+0x5d/0xb0 [ 84.819130][ T4440] mmap_region+0xe2c/0x1c70 [ 84.824147][ T4440] do_mmap+0x958/0xfd0 [ 84.828735][ T4440] vm_mmap_pgoff+0x1b2/0x2b0 [ 84.834021][ T4440] ksys_mmap_pgoff+0x516/0x6f0 [ 84.839298][ T4440] do_syscall_64+0x4c/0xa0 [ 84.844230][ T4440] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 84.850809][ T4440] [ 84.850809][ T4440] other info that might help us debug this: [ 84.850809][ T4440] [ 84.861122][ T4440] Possible unsafe locking scenario: [ 84.861122][ T4440] [ 84.868736][ T4440] CPU0 CPU1 [ 84.874094][ T4440] ---- ---- [ 84.879450][ T4440] lock(&mm->mmap_lock); [ 84.883865][ T4440] lock(&ni->ni_lock/5); [ 84.890744][ T4440] lock(&mm->mmap_lock); [ 84.897595][ T4440] lock(&ni->ni_lock/5); [ 84.901925][ T4440] [ 84.901925][ T4440] *** DEADLOCK *** [ 84.901925][ T4440] [ 84.910083][ T4440] 1 lock held by syz.0.17/4440: [ 84.914923][ T4440] #0: ffff88807cd90158 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x15d/0x2b0 [ 84.924409][ T4440] [ 84.924409][ T4440] stack backtrace: [ 84.930365][ T4440] CPU: 0 PID: 4440 Comm: syz.0.17 Not tainted syzkaller #0 [ 84.937564][ T4440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 84.947634][ T4440] Call Trace: [ 84.950916][ T4440] [ 84.953847][ T4440] dump_stack_lvl+0x168/0x22e [ 84.958524][ T4440] ? load_image+0x3b0/0x3b0 [ 84.963045][ T4440] ? show_regs_print_info+0x12/0x12 [ 84.968332][ T4440] ? print_circular_bug+0x12b/0x1a0 [ 84.973534][ T4440] check_noncircular+0x274/0x310 [ 84.978589][ T4440] ? add_chain_block+0x940/0x940 [ 84.983625][ T4440] ? lockdep_lock+0xdc/0x1e0 [ 84.988216][ T4440] ? _find_first_zero_bit+0xcf/0x100 [ 84.993614][ T4440] __lock_acquire+0x2cf8/0x7c50 [ 84.998462][ T4440] ? lockdep_lock+0x1e0/0x1e0 [ 85.003130][ T4440] ? __lock_acquire+0x13c0/0x7c50 [ 85.008237][ T4440] ? verify_lock_unused+0x140/0x140 [ 85.013536][ T4440] lock_acquire+0x1b4/0x490 [ 85.018118][ T4440] ? attr_data_get_block+0x33b/0x1b70 [ 85.023487][ T4440] ? is_bpf_text_address+0x22/0x2a0 [ 85.028788][ T4440] ? __might_sleep+0xd0/0xd0 [ 85.033377][ T4440] ? read_lock_is_recursive+0x10/0x10 [ 85.038748][ T4440] ? __kernel_text_address+0x9/0x30 [ 85.043943][ T4440] __mutex_lock+0x120/0xaf0 [ 85.048441][ T4440] ? attr_data_get_block+0x33b/0x1b70 [ 85.053810][ T4440] ? attr_data_get_block+0x175/0x1b70 [ 85.059181][ T4440] ? attr_data_get_block+0x33b/0x1b70 [ 85.064553][ T4440] ? mutex_lock_nested+0x10/0x10 [ 85.069496][ T4440] ? __up_read+0x27c/0x660 [ 85.073916][ T4440] ? up_read+0x20/0x20 [ 85.077983][ T4440] ? run_lookup_entry+0x3ec/0x560 [ 85.083495][ T4440] attr_data_get_block+0x33b/0x1b70 [ 85.088823][ T4440] ? get_pre_allocated+0x130/0x130 [ 85.093946][ T4440] ntfs_file_mmap+0x448/0x6d0 [ 85.098619][ T4440] ? ntfs_compat_ioctl+0x30/0x30 [ 85.103554][ T4440] ? mas_alloc_nodes+0x6f0/0x890 [ 85.108531][ T4440] mmap_file+0x5d/0xb0 [ 85.112609][ T4440] mmap_region+0xe2c/0x1c70 [ 85.117201][ T4440] ? file_mmap_ok+0x170/0x170 [ 85.121873][ T4440] ? cap_mmap_addr+0x165/0x2e0 [ 85.126633][ T4440] ? file_mmap_ok+0x11c/0x170 [ 85.131308][ T4440] do_mmap+0x958/0xfd0 [ 85.135375][ T4440] ? mlock_future_check+0x100/0x100 [ 85.140576][ T4440] ? ima_file_mmap+0x8e/0x150 [ 85.145252][ T4440] ? ima_file_free+0x3e0/0x3e0 [ 85.150019][ T4440] ? common_file_perm+0x171/0x1c0 [ 85.155132][ T4440] vm_mmap_pgoff+0x1b2/0x2b0 [ 85.159719][ T4440] ? account_locked_vm+0xe0/0xe0 [ 85.164658][ T4440] ksys_mmap_pgoff+0x516/0x6f0 [ 85.169422][ T4440] ? lockdep_hardirqs_on+0x94/0x140 [ 85.174706][ T4440] do_syscall_64+0x4c/0xa0 [ 85.179130][ T4440] ? clear_bhb_loop+0x60/0xb0 [ 85.183801][ T4440] ? clear_bhb_loop+0x60/0xb0 [ 85.188569][ T4440] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 85.194464][ T4440] RIP: 0033:0x7f196058f6c9 [ 85.198885][ T4440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.218493][ T4440] RSP: 002b:00007ffe5a4f3f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 85.227194][ T4440] RAX: ffffffffffffffda RBX: 00007f19607e5fa0 RCX: 00007f196058f6c9 [ 85.235166][ T4440] RDX: 0000000000000002 RSI: 0000000000b36000 RDI: 0000200000000000 [ 85.243148][ T4440] RBP: 00007f1960611f91 R08: 0000000000000005 R09: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 85.251117][ T4440] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000000 [ 85.259173][ T4440] R13: 00007f19607e5fa0 R14: 00007f19607e5fa0 R15: 0000000000000006 [ 85.267144][ T4440] [ 85.297804][ T4323] Bluetooth: hci0: command 0x040f tx timeout