[   97.514465][  T820] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.104' (ED25519) to the list of known hosts.
2026/04/15 17:56:04 parsed 1 programs
[  106.165393][ T5837] cgroup: Unknown subsys name 'net'
[  106.405454][ T5837] cgroup: Unknown subsys name 'cpuset'
[  106.459610][ T5837] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  108.538636][ T5837] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  114.197259][ T5867] chnl_net:caif_netlink_parms(): no params data found
[  114.326991][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.328576][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.334209][ T5867] bridge_slave_0: entered allmulticast mode
[  114.342915][ T5867] bridge_slave_0: entered promiscuous mode
[  114.489348][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.489482][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.489673][ T5867] bridge_slave_1: entered allmulticast mode
[  114.491941][ T5867] bridge_slave_1: entered promiscuous mode
[  114.605709][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.619646][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.762137][ T5867] team0: Port device team_slave_0 added
[  114.765051][ T5867] team0: Port device team_slave_1 added
[  114.848465][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.848481][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  114.848502][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.981220][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.981242][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  114.981275][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.130908][ T5867] hsr_slave_0: entered promiscuous mode
[  115.134236][ T5867] hsr_slave_1: entered promiscuous mode
[  115.627384][ T5867] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  115.677144][ T5867] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  115.678172][ T5867] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  115.707805][ T5867] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  115.709062][ T5867] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  115.753994][ T5867] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  115.754829][ T5867] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  115.795028][ T5867] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  116.004026][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.042551][ T5867] 8021q: adding VLAN 0 to HW filter on device team0
[  116.087111][  T192] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.088014][  T192] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.124997][  T192] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.125145][  T192] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.454506][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.535076][ T5867] veth0_vlan: entered promiscuous mode
[  116.554980][ T5867] veth1_vlan: entered promiscuous mode
[  116.597930][ T5867] veth0_macvtap: entered promiscuous mode
[  116.613038][ T5867] veth1_macvtap: entered promiscuous mode
[  116.645870][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.694926][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.735910][  T192] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.738567][  T192] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.738618][  T192] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.790736][ T3524] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.654516][ T1409] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.933464][ T1409] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.545785][ T1409] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.454072][  T192] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.454097][  T192] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.701059][ T1409] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.737083][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.737107][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.243420][ T1409] bridge_slave_1: left allmulticast mode
[  120.243626][ T1409] bridge_slave_1: left promiscuous mode
[  120.258393][ T1409] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.382491][ T1409] bridge_slave_0: left allmulticast mode
[  120.382523][ T1409] bridge_slave_0: left promiscuous mode
[  120.382763][ T1409] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.219767][ T1409] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  121.279524][ T1409] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  121.321567][ T1409] bond0 (unregistering): Released all slaves
[  121.347876][ T5491] 8021q: adding VLAN 0 to HW filter on device eth1
[  121.658881][ T1409] hsr_slave_0: left promiscuous mode
[  121.729287][ T1409] hsr_slave_1: left promiscuous mode
[  121.763581][ T1409] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.763694][ T1409] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.856326][ T1409] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.857962][ T1409] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.051130][ T1409] veth1_macvtap: left promiscuous mode
[  122.058068][ T1409] veth0_macvtap: left promiscuous mode
[  122.058377][ T1409] veth1_vlan: left promiscuous mode
[  122.060152][ T1409] veth0_vlan: left promiscuous mode
[  123.009811][ T1409] team0 (unregistering): Port device team_slave_1 removed
[  123.049666][ T1409] team0 (unregistering): Port device team_slave_0 removed
[  123.294621][ T5491] 8021q: adding VLAN 0 to HW filter on device eth2
[  124.196445][ T5491] 8021q: adding VLAN 0 to HW filter on device eth3
[  124.868584][ T5491] 8021q: adding VLAN 0 to HW filter on device eth4
[  126.226959][ T5995] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  126.238288][ T5995] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  126.248096][ T5995] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  126.287599][ T5995] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  126.288399][ T5995] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/04/15 17:56:30 executed programs: 0
[  127.892007][ T5995] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  127.911129][ T5995] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  127.917712][ T5995] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  127.933254][ T5995] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  127.933992][ T5995] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  128.487591][ T6008] chnl_net:caif_netlink_parms(): no params data found
[  128.625521][ T6008] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.625715][ T6008] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.625892][ T6008] bridge_slave_0: entered allmulticast mode
[  128.653625][ T6008] bridge_slave_0: entered promiscuous mode
[  128.675657][ T6008] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.675892][ T6008] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.676093][ T6008] bridge_slave_1: entered allmulticast mode
[  128.678416][ T6008] bridge_slave_1: entered promiscuous mode
[  128.740047][ T6008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.744381][ T6008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.800757][ T6008] team0: Port device team_slave_0 added
[  128.804132][ T6008] team0: Port device team_slave_1 added
[  128.847130][ T6008] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.847156][ T6008] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  128.847180][ T6008] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.854686][ T6008] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.854737][ T6008] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  128.854842][ T6008] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.034122][ T6008] hsr_slave_0: entered promiscuous mode
[  129.038158][ T6008] hsr_slave_1: entered promiscuous mode
[  130.084189][ T5995] Bluetooth: hci0: command tx timeout
[  131.678188][ T6008] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  131.728444][ T6008] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  131.734567][ T6008] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  131.774391][ T6008] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  131.775375][ T6008] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  131.815774][ T6008] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  131.816741][ T6008] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  131.845150][ T6008] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  132.046511][ T6008] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.100009][ T6008] 8021q: adding VLAN 0 to HW filter on device team0
[  132.143359][ T3524] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.143797][ T3524] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.148885][ T5995] Bluetooth: hci0: command tx timeout
[  132.197288][ T3524] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.200644][ T3524] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.676185][ T6008] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.803697][ T6008] veth0_vlan: entered promiscuous mode
[  132.825633][ T6008] veth1_vlan: entered promiscuous mode
[  132.905070][ T6008] veth0_macvtap: entered promiscuous mode
[  132.923554][ T6008] veth1_macvtap: entered promiscuous mode
[  132.983307][ T6008] batman_adv: batadv0: Interface activated: batadv_slave_0
[  133.013771][ T6008] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.061683][ T3524] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.062040][ T3524] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.062525][ T3524] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.063003][ T3524] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.365695][ T1336] ieee802154 phy0 wpan0: encryption failed: -22
[  133.365788][ T1336] ieee802154 phy1 wpan1: encryption failed: -22
[  133.817580][ T1415] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.817602][ T1415] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.898442][ T1415] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.898465][ T1415] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/15 17:56:37 executed programs: 2
[  134.228810][ T5995] Bluetooth: hci0: command tx timeout
[  134.356458][ T6113] 
[  134.356471][ T6113] ======================================================
[  134.356479][ T6113] WARNING: possible circular locking dependency detected
[  134.356502][ T6113] syzkaller #0 Not tainted
[  134.356513][ T6113] ------------------------------------------------------
[  134.356522][ T6113] syz.0.17/6113 is trying to acquire lock:
[  134.356534][ T6113] ffff88803bfe2b70 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x104/0xda0
[  134.356614][ T6113] 
[  134.356614][ T6113] but task is already holding lock:
[  134.356622][ T6113] ffff88803bfe3118 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x24d/0x5a0
[  134.356673][ T6113] 
[  134.356673][ T6113] which lock already depends on the new lock.
[  134.356673][ T6113] 
[  134.356680][ T6113] 
[  134.356680][ T6113] the existing dependency chain (in reverse order) is:
[  134.356688][ T6113] 
[  134.356688][ T6113] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  134.356720][ T6113]        lock_sock_nested+0x41/0x130
[  134.356748][ T6113]        smc_listen_out+0x109/0x3e0
[  134.356773][ T6113]        smc_listen_work+0x813/0x13f0
[  134.356798][ T6113]        process_scheduled_works+0xb68/0x1910
[  134.356817][ T6113]        worker_thread+0xa90/0x1040
[  134.356837][ T6113]        kthread+0x388/0x470
[  134.356862][ T6113]        ret_from_fork+0x514/0xb70
[  134.356882][ T6113]        ret_from_fork_asm+0x1a/0x30
[  134.356906][ T6113] 
[  134.356906][ T6113] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  134.356937][ T6113]        __lock_acquire+0x15a5/0x2cf0
[  134.356963][ T6113]        lock_acquire+0x106/0x350
[  134.356987][ T6113]        __flush_work+0x6df/0xda0
[  134.357009][ T6113]        __cancel_work_sync+0xbe/0x110
[  134.357032][ T6113]        smc_clcsock_release+0x60/0xf0
[  134.357064][ T6113]        __smc_release+0x6a0/0x810
[  134.357085][ T6113]        smc_close_non_accepted+0xd5/0x1f0
[  134.357108][ T6113]        smc_close_active+0xb9b/0xf40
[  134.357134][ T6113]        __smc_release+0xa0/0x810
[  134.357153][ T6113]        smc_release+0x2eb/0x5a0
[  134.357172][ T6113]        sock_close+0xc3/0x240
[  134.357194][ T6113]        __fput+0x461/0xa70
[  134.357216][ T6113]        task_work_run+0x1d9/0x270
[  134.357252][ T6113]        exit_to_user_mode_loop+0xed/0x480
[  134.357277][ T6113]        do_syscall_64+0x33e/0xf80
[  134.357304][ T6113]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.357325][ T6113] 
[  134.357325][ T6113] other info that might help us debug this:
[  134.357325][ T6113] 
[  134.357332][ T6113]  Possible unsafe locking scenario:
[  134.357332][ T6113] 
[  134.357339][ T6113]        CPU0                    CPU1
[  134.357346][ T6113]        ----                    ----
[  134.357352][ T6113]   lock(sk_lock-AF_SMC/1);
[  134.357372][ T6113]                                lock((work_completion)(&new_smc->smc_listen_work));
[  134.357389][ T6113]                                lock(sk_lock-AF_SMC/1);
[  134.357410][ T6113]   lock((work_completion)(&new_smc->smc_listen_work));
[  134.357426][ T6113] 
[  134.357426][ T6113]  *** DEADLOCK ***
[  134.357426][ T6113] 
[  134.357431][ T6113] 3 locks held by syz.0.17/6113:
[  134.357444][ T6113]  #0: ffff888043f72b38 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  134.357505][ T6113]  #1: ffff88803bfe3118 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x24d/0x5a0
[  134.357560][ T6113]  #2: ffffffff8e3c8100 (rcu_read_lock){....}-{1:3}, at: __flush_work+0x104/0xda0
[  134.357613][ T6113] 
[  134.357613][ T6113] stack backtrace:
[  134.357639][ T6113] CPU: 1 UID: 0 PID: 6113 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  134.357663][ T6113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  134.357686][ T6113] Call Trace:
[  134.357694][ T6113]  <TASK>
[  134.357703][ T6113]  dump_stack_lvl+0xe8/0x150
[  134.357728][ T6113]  print_circular_bug+0x2e1/0x300
[  134.357762][ T6113]  check_noncircular+0x12e/0x150
[  134.357799][ T6113]  __lock_acquire+0x15a5/0x2cf0
[  134.357830][ T6113]  ? do_raw_spin_lock+0x12b/0x2f0
[  134.357861][ T6113]  ? __flush_work+0x104/0xda0
[  134.357885][ T6113]  lock_acquire+0x106/0x350
[  134.357912][ T6113]  ? __flush_work+0x104/0xda0
[  134.357942][ T6113]  ? __flush_work+0x104/0xda0
[  134.357968][ T6113]  __flush_work+0x6df/0xda0
[  134.357993][ T6113]  ? __flush_work+0x104/0xda0
[  134.358017][ T6113]  ? __flush_work+0x104/0xda0
[  134.358044][ T6113]  ? __pfx___flush_work+0x10/0x10
[  134.358071][ T6113]  ? __pfx_wq_barrier_func+0x10/0x10
[  134.358103][ T6113]  ? __cancel_work_sync+0x5c/0x110
[  134.358132][ T6113]  __cancel_work_sync+0xbe/0x110
[  134.358159][ T6113]  smc_clcsock_release+0x60/0xf0
[  134.358189][ T6113]  __smc_release+0x6a0/0x810
[  134.358210][ T6113]  ? lockdep_hardirqs_on+0x7a/0x110
[  134.358249][ T6113]  smc_close_non_accepted+0xd5/0x1f0
[  134.358276][ T6113]  smc_close_active+0xb9b/0xf40
[  134.358307][ T6113]  ? smc_close_active+0x420/0xf40
[  134.358335][ T6113]  ? __pfx_sock_def_readable+0x10/0x10
[  134.358364][ T6113]  __smc_release+0xa0/0x810
[  134.358386][ T6113]  ? __local_bh_enable_ip+0x1c2/0x2b0
[  134.358410][ T6113]  smc_release+0x2eb/0x5a0
[  134.358485][ T6113]  sock_close+0xc3/0x240
[  134.358511][ T6113]  ? __pfx_sock_close+0x10/0x10
[  134.358536][ T6113]  __fput+0x461/0xa70
[  134.358565][ T6113]  task_work_run+0x1d9/0x270
[  134.358597][ T6113]  ? __pfx_task_work_run+0x10/0x10
[  134.358628][ T6113]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.358649][ T6113]  exit_to_user_mode_loop+0xed/0x480
[  134.358673][ T6113]  ? rcu_is_watching+0x15/0xb0
[  134.358703][ T6113]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.358725][ T6113]  do_syscall_64+0x33e/0xf80
[  134.358753][ T6113]  ? trace_irq_disable+0x3b/0x140
[  134.358778][ T6113]  ? clear_bhb_loop+0x40/0x90
[  134.358801][ T6113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.358822][ T6113] RIP: 0033:0x7f7e6b74c819
[  134.358848][ T6113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  134.358866][ T6113] RSP: 002b:00007ffff6858368 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  134.358888][ T6113] RAX: 0000000000000000 RBX: 00007ffff6858450 RCX: 00007f7e6b74c819
[  134.358904][ T6113] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  134.358916][ T6113] RBP: 00000000000209a4 R08: 0000000000000001 R09: 0000000000000000
[  134.358929][ T6113] R10: 0000001b33720000 R11: 0000000000000246 R12: 0000000000000000
[  134.358943][ T6113] R13: 00007f7e6b9c5fac R14: 00007f7e6b9c5fa8 R15: 00007f7e6b9c5fa0
[  134.358969][ T6113]  </TASK>
[  136.309054][ T5995] Bluetooth: hci0: command tx timeout
2026/04/15 17:56:42 executed programs: 180
2026/04/15 17:56:47 executed programs: 426