[ 15.183211][ T5645] 8021q: adding VLAN 0 to HW filter on device bond0 [ 15.187240][ T5645] eql: remember to turn off Van-Jacobson compression on your slave devices [ 15.237265][ T473] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 15.247369][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller syzkaller login: [ 69.599834][ T3493] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.101' (ECDSA) to the list of known hosts. 1970/01/01 00:17:12 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:17:12 parsed 1 programs [ 1032.333216][ T6035] cgroup: Unknown subsys name 'net' [ 1032.721498][ T6035] cgroup: Unknown subsys name 'rlimit' [ 1032.874109][ T6030] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=6030 'syz-execprog' 1970/01/01 00:17:12 executed programs: 0 [ 1032.919540][ T6043] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1032.921743][ T6043] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1032.923741][ T6043] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1032.926004][ T6043] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1032.927847][ T6043] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1032.930051][ T6043] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1033.011428][ T6042] chnl_net:caif_netlink_parms(): no params data found [ 1033.042313][ T6042] bridge0: port 1(bridge_slave_0) entered blocking state [ 1033.044008][ T6042] bridge0: port 1(bridge_slave_0) entered disabled state [ 1033.045474][ T6042] bridge_slave_0: entered allmulticast mode [ 1033.047163][ T6042] bridge_slave_0: entered promiscuous mode [ 1033.051315][ T6042] bridge0: port 2(bridge_slave_1) entered blocking state [ 1033.053007][ T6042] bridge0: port 2(bridge_slave_1) entered disabled state [ 1033.054588][ T6042] bridge_slave_1: entered allmulticast mode [ 1033.056294][ T6042] bridge_slave_1: entered promiscuous mode [ 1033.067975][ T6042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1033.071508][ T6042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1033.084128][ T6042] team0: Port device team_slave_0 added [ 1033.086641][ T6042] team0: Port device team_slave_1 added [ 1033.096705][ T6042] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1033.098234][ T6042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1033.104291][ T6042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1033.109437][ T6042] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1033.110946][ T6042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1033.116578][ T6042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1033.180290][ T6042] hsr_slave_0: entered promiscuous mode [ 1033.218895][ T6042] hsr_slave_1: entered promiscuous mode [ 1033.325413][ T6042] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1033.371138][ T6042] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1033.420618][ T6042] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1033.480318][ T6042] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1033.530627][ T6042] bridge0: port 2(bridge_slave_1) entered blocking state [ 1033.532307][ T6042] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1033.534208][ T6042] bridge0: port 1(bridge_slave_0) entered blocking state [ 1033.535750][ T6042] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1033.565161][ T6042] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1033.570832][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1033.574168][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state [ 1033.576809][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state [ 1033.580795][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1033.586423][ T6042] 8021q: adding VLAN 0 to HW filter on device team0 [ 1033.591298][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1033.593424][ T5556] bridge0: port 1(bridge_slave_0) entered blocking state [ 1033.594960][ T5556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1033.601573][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1033.603960][ T6052] bridge0: port 2(bridge_slave_1) entered blocking state [ 1033.605471][ T6052] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1033.615744][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1033.618345][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1033.627847][ T6042] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1033.631297][ T6042] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1033.634455][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1033.636517][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1033.640503][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1033.642860][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1033.717569][ T6042] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1033.721880][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1033.723545][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1033.732167][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1033.742941][ T6042] veth0_vlan: entered promiscuous mode [ 1033.747229][ T6042] veth1_vlan: entered promiscuous mode [ 1033.750808][ T1601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1033.752854][ T1601] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1033.755084][ T1601] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1033.757016][ T1601] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1033.768454][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1033.771373][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1033.774508][ T6042] veth0_macvtap: entered promiscuous mode [ 1033.777606][ T6042] veth1_macvtap: entered promiscuous mode [ 1033.786535][ T6042] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1033.788246][ T1601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1033.792724][ T1601] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1033.798113][ T6042] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1033.800986][ T5556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1033.804461][ T6042] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.806382][ T6042] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.808173][ T6042] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.810480][ T6042] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.852136][ T1773] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1033.853985][ T1773] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1033.856476][ T1601] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1033.867726][ T1773] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1033.870081][ T1773] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1033.872448][ T6036] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1034.959838][ T6043] Bluetooth: hci0: command 0x0409 tx timeout [ 1037.038614][ T6043] Bluetooth: hci0: command 0x041b tx timeout [ 1039.118938][ T6043] Bluetooth: hci0: command 0x040f tx timeout [ 1041.198604][ T6043] Bluetooth: hci0: command 0x0419 tx timeout [ 1047.519254][ T2152] ieee802154 phy0 wpan0: encryption failed: -22 [ 1047.520782][ T2152] ieee802154 phy1 wpan1: encryption failed: -22 [ 1108.959106][ T2152] ieee802154 phy0 wpan0: encryption failed: -22 [ 1108.960473][ T2152] ieee802154 phy1 wpan1: encryption failed: -22 [ 1157.118635][ T6043] Bluetooth: hci0: command 0x0406 tx timeout [ 1170.399860][ T2152] ieee802154 phy0 wpan0: encryption failed: -22 [ 1170.401235][ T2152] ieee802154 phy1 wpan1: encryption failed: -22 [ 1195.998709][ T28] INFO: task syz-executor.0:6042 blocked for more than 143 seconds. [ 1196.000599][ T28] Not tainted 6.4.0-rc4-syzkaller-gcd6bd67ad7ab #0 [ 1196.002078][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1196.003889][ T28] task:syz-executor.0 state:D stack:0 pid:6042 ppid:1 flags:0x00000001 [ 1196.005818][ T28] Call trace: [ 1196.006512][ T28] __switch_to+0x320/0x754 [ 1196.007405][ T28] __schedule+0x1368/0x23b8 [ 1196.008415][ T28] schedule+0xc4/0x170 [ 1196.010365][ T28] schedule_preempt_disabled+0x18/0x2c [ 1196.011542][ T28] __mutex_lock_common+0xbd8/0x21a0 [ 1196.012565][ T28] mutex_lock_nested+0x2c/0x38 [ 1196.013564][ T28] fuse_lock_inode+0xd4/0x11c [ 1196.014544][ T28] fuse_lookup+0xf0/0x4b0 [ 1196.015497][ T28] __lookup_slow+0x250/0x374 [ 1196.016461][ T28] lookup_slow+0x60/0x84 [ 1196.017402][ T28] link_path_walk+0x7c8/0xc5c [ 1196.018424][ T28] path_openat+0x1cc/0x27f8 [ 1196.019498][ T28] do_filp_open+0x1bc/0x3cc [ 1196.020462][ T28] do_sys_openat2+0x128/0x3d8 [ 1196.021407][ T28] __arm64_sys_openat+0x1f0/0x240 [ 1196.022549][ T28] invoke_syscall+0x98/0x2c0 [ 1196.023516][ T28] el0_svc_common+0x138/0x258 [ 1196.024558][ T28] do_el0_svc+0x64/0x198 [ 1196.025482][ T28] el0_svc+0x4c/0x160 [ 1196.026287][ T28] el0t_64_sync_handler+0x84/0xfc [ 1196.027449][ T28] el0t_64_sync+0x190/0x194 [ 1196.028449][ T28] INFO: task syz-executor.0:6062 blocked for more than 143 seconds. [ 1196.031224][ T28] Not tainted 6.4.0-rc4-syzkaller-gcd6bd67ad7ab #0 [ 1196.032770][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1196.034662][ T28] task:syz-executor.0 state:D stack:0 pid:6062 ppid:6042 flags:0x00000009 [ 1196.036598][ T28] Call trace: [ 1196.037381][ T28] __switch_to+0x320/0x754 [ 1196.038310][ T28] __schedule+0x1368/0x23b8 [ 1196.039434][ T28] schedule+0xc4/0x170 [ 1196.040261][ T28] fuse_simple_request+0xea8/0x17b0 [ 1196.041544][ T28] fuse_lookup_name+0x27c/0x6a4 [ 1196.042590][ T28] fuse_lookup+0x13c/0x4b0 [ 1196.043503][ T28] __lookup_slow+0x250/0x374 [ 1196.044505][ T28] lookup_slow+0x60/0x84 [ 1196.045440][ T28] link_path_walk+0x7c8/0xc5c [ 1196.046390][ T28] path_openat+0x1cc/0x27f8 [ 1196.047292][ T28] do_filp_open+0x1bc/0x3cc [ 1196.048255][ T28] do_sys_openat2+0x128/0x3d8 [ 1196.049343][ T28] __arm64_sys_openat+0x1f0/0x240 [ 1196.050452][ T28] invoke_syscall+0x98/0x2c0 [ 1196.051465][ T28] el0_svc_common+0x138/0x258 [ 1196.052520][ T28] do_el0_svc+0x64/0x198 [ 1196.053446][ T28] el0_svc+0x4c/0x160 [ 1196.054352][ T28] el0t_64_sync_handler+0x84/0xfc [ 1196.055464][ T28] el0t_64_sync+0x190/0x194 [ 1196.056524][ T28] [ 1196.056524][ T28] Showing all locks held in the system: [ 1196.058198][ T28] 1 lock held by rcu_tasks_kthre/13: [ 1196.059416][ T28] #0: ffff80008e0915d0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 [ 1196.061810][ T28] 1 lock held by rcu_tasks_trace/14: [ 1196.062879][ T28] #0: ffff80008e091990 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 [ 1196.065200][ T28] 1 lock held by khungtaskd/28: [ 1196.066210][ T28] #0: ffff80008e091400 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 [ 1196.068286][ T28] 2 locks held by getty/5733: [ 1196.069353][ T28] #0: ffff0000ce354098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 1196.071420][ T28] #1: ffff800092e002f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1210 [ 1196.073670][ T28] 2 locks held by syz-executor.0/6042: [ 1196.074871][ T28] #0: ffff0000e07c8150 (&type->i_mutex_dir_key#8){++++}-{3:3}, at: lookup_slow+0x50/0x84 [ 1196.077045][ T28] #1: ffff0000e07c85b8 (&fi->mutex){+.+.}-{3:3}, at: fuse_lock_inode+0xd4/0x11c [ 1196.079169][ T28] 2 locks held by syz-executor.0/6062: [ 1196.080335][ T28] #0: ffff0000e07c8150 (&type->i_mutex_dir_key#8){++++}-{3:3}, at: lookup_slow+0x50/0x84 [ 1196.082513][ T28] #1: ffff0000e07c85b8 (&fi->mutex){+.+.}-{3:3}, at: fuse_lock_inode+0xd4/0x11c [ 1196.084474][ T28] [ 1196.084984][ T28] ============================================= [ 1196.084984][ T28] [ 1196.086799][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 1196.088271][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.4.0-rc4-syzkaller-gcd6bd67ad7ab #0 [ 1196.090420][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 1196.092664][ T28] Call trace: [ 1196.093365][ T28] dump_backtrace+0x1b8/0x1e4 [ 1196.094367][ T28] show_stack+0x2c/0x44 [ 1196.095277][ T28] dump_stack_lvl+0xd0/0x124 [ 1196.096286][ T28] dump_stack+0x1c/0x28 [ 1196.097265][ T28] panic+0x2d0/0x7b4 [ 1196.098114][ T28] hung_task_panic+0x0/0x2c [ 1196.099125][ T28] kthread+0x288/0x310 [ 1196.100060][ T28] ret_from_fork+0x10/0x20 [ 1196.101082][ T28] SMP: stopping secondary CPUs [ 1196.102125][ T28] Kernel Offset: disabled [ 1196.103080][ T28] CPU features: 0x0000004,0e008010,c4017203 [ 1196.104398][ T28] Memory Limit: none [ 1196.455950][ T28] Rebooting in 86400 seconds..