./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4257581758 <...> Warning: Permanently added '10.128.1.108' (ED25519) to the list of known hosts. execve("./syz-executor4257581758", ["./syz-executor4257581758"], 0x7ffd060ad280 /* 10 vars */) = 0 brk(NULL) = 0x55557add9000 brk(0x55557add9d00) = 0x55557add9d00 arch_prctl(ARCH_SET_FS, 0x55557add9380) = 0 set_tid_address(0x55557add9650) = 5066 set_robust_list(0x55557add9660, 24) = 0 rseq(0x55557add9ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4257581758", 4096) = 28 getrandom("\xf8\x41\x76\x1e\xf1\x49\xc7\x59", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557add9d00 brk(0x55557adfad00) = 0x55557adfad00 brk(0x55557adfb000) = 0x55557adfb000 mprotect(0x7f4a7b1b4000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached , child_tidptr=0x55557add9650) = 5067 [pid 5067] set_robust_list(0x55557add9660, 24) = 0 [pid 5067] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5067] setsid() = 1 [pid 5067] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5067] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5067] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5067] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5067] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5067] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5067] unshare(CLONE_NEWNS) = 0 [pid 5067] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5067] unshare(CLONE_NEWIPC) = 0 [pid 5067] unshare(CLONE_NEWCGROUP) = 0 [pid 5067] unshare(CLONE_NEWUTS) = 0 [pid 5067] unshare(CLONE_SYSVSEM) = 0 [pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "16777216", 8) = 8 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "536870912", 9) = 9 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1024", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "8192", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1024", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1024", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5067] close(3) = 0 [pid 5067] getpid() = 1 [pid 5067] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<team_lock_key){+.+.}-{3:3}, at: team_port_change_check+0x51/0x1e0 [ 66.319364][ T5067] [ 66.319364][ T5067] but task is already holding lock: [ 66.326710][ T5067] ffff88807d6dcd20 (team->team_lock_key){+.+.}-{3:3}, at: team_add_slave+0xad/0x2750 [ 66.336190][ T5067] [ 66.336190][ T5067] other info that might help us debug this: [ 66.344230][ T5067] Possible unsafe locking scenario: [ 66.344230][ T5067] [ 66.351660][ T5067] CPU0 [ 66.354923][ T5067] ---- [ 66.358187][ T5067] lock(team->team_lock_key); [ 66.362935][ T5067] lock(team->team_lock_key); [ 66.367679][ T5067] [ 66.367679][ T5067] *** DEADLOCK *** [ 66.367679][ T5067] [ 66.375860][ T5067] May be due to missing lock nesting notation [ 66.375860][ T5067] [ 66.384172][ T5067] 2 locks held by syz-executor425/5067: [ 66.389699][ T5067] #0: ffffffff8f385a08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x10d0 [ 66.399192][ T5067] #1: ffff88807d6dcd20 (team->team_lock_key){+.+.}-{3:3}, at: team_add_slave+0xad/0x2750 [ 66.409183][ T5067] [ 66.409183][ T5067] stack backtrace: [ 66.415069][ T5067] CPU: 0 PID: 5067 Comm: syz-executor425 Not tainted 6.8.0-syzkaller-05243-g14bb1e8c8d4a #0 [ 66.425120][ T5067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 66.435168][ T5067] Call Trace: [ 66.438434][ T5067] [ 66.441353][ T5067] dump_stack_lvl+0x1e7/0x2e0 [ 66.446037][ T5067] ? __pfx_dump_stack_lvl+0x10/0x10 [ 66.451224][ T5067] ? print_deadlock_bug+0x479/0x620 [ 66.456413][ T5067] ? _find_first_zero_bit+0xd4/0x100 [ 66.461686][ T5067] validate_chain+0x15c1/0x58e0 [ 66.466527][ T5067] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 66.472412][ T5067] ? __wake_up_common_lock+0x18c/0x1e0 [ 66.477859][ T5067] ? __pfx_validate_chain+0x10/0x10 [ 66.483055][ T5067] ? consume_skb+0xc6/0x160 [ 66.487569][ T5067] ? netlink_broadcast_filtered+0x1259/0x1290 [ 66.493660][ T5067] ? nlmsg_notify+0xfb/0x1c0 [ 66.498234][ T5067] ? nlmsg_notify+0x15a/0x1c0 [ 66.502900][ T5067] ? rtmsg_fib+0x3a3/0x630 [ 66.507334][ T5067] ? mark_lock+0x9a/0x350 [ 66.511652][ T5067] ? __pfx_rtmsg_fib+0x10/0x10 [ 66.516408][ T5067] __lock_acquire+0x1346/0x1fd0 [ 66.521252][ T5067] lock_acquire+0x1e4/0x530 [ 66.525740][ T5067] ? team_port_change_check+0x51/0x1e0 [ 66.531186][ T5067] ? __pfx_lock_acquire+0x10/0x10 [ 66.536195][ T5067] ? neigh_lookup+0xb1/0x500 [ 66.540789][ T5067] ? __pfx___might_resched+0x10/0x10 [ 66.546161][ T5067] ? __pfx_cfg80211_netdev_notifier_call+0x10/0x10 [ 66.552673][ T5067] ? __pfx_arp_key_eq+0x10/0x10 [ 66.557535][ T5067] __mutex_lock+0x136/0xd70 [ 66.562106][ T5067] ? team_port_change_check+0x51/0x1e0 [ 66.567578][ T5067] ? neigh_lookup+0xb1/0x500 [ 66.572181][ T5067] ? __pfx_neigh_lookup+0x10/0x10 [ 66.577207][ T5067] ? bond_netdev_event+0xdd/0xf20 [ 66.582222][ T5067] ? team_port_change_check+0x51/0x1e0 [ 66.587692][ T5067] ? __pfx___mutex_lock+0x10/0x10 [ 66.592708][ T5067] ? __asan_memset+0x23/0x50 [ 66.597304][ T5067] team_port_change_check+0x51/0x1e0 [ 66.602595][ T5067] team_device_event+0x4e6/0x5b0 [ 66.607522][ T5067] ? notifier_call_chain+0x166/0x3b0 [ 66.612792][ T5067] notifier_call_chain+0x18f/0x3b0 [ 66.617890][ T5067] __dev_notify_flags+0x207/0x400 [ 66.622902][ T5067] ? dev_set_rx_mode+0xb8/0x2e0 [ 66.627737][ T5067] ? __pfx___dev_notify_flags+0x10/0x10 [ 66.633273][ T5067] ? __dev_change_flags+0x515/0x6f0 [ 66.638484][ T5067] ? __pfx___dev_change_flags+0x10/0x10 [ 66.644019][ T5067] ? dsa_user_netdevice_event+0x714/0x2970 [ 66.649835][ T5067] dev_change_flags+0xf0/0x1a0 [ 66.654591][ T5067] vlan_device_event+0x1b81/0x1de0 [ 66.659693][ T5067] ? rt6_multipath_rebalance+0x840/0x880 [ 66.665334][ T5067] ? br_device_event+0x148/0x970 [ 66.670254][ T5067] ? __pfx_phonet_device_notify+0x10/0x10 [ 66.675964][ T5067] ? __pfx_vlan_device_event+0x10/0x10 [ 66.681412][ T5067] ? __pfx_br_device_event+0x10/0x10 [ 66.686692][ T5067] ? raw_notifier+0x9d/0x740 [ 66.691270][ T5067] ? isotp_notifier+0xa4/0x6b0 [ 66.696019][ T5067] ? cgw_notifier+0xd8/0x3b0 [ 66.700591][ T5067] ? packet_notifier+0x76/0xa30 [ 66.705431][ T5067] notifier_call_chain+0x18f/0x3b0 [ 66.710533][ T5067] dev_open+0x13a/0x1b0 [ 66.714682][ T5067] ? __pfx_dev_open+0x10/0x10 [ 66.719348][ T5067] ? team_add_slave+0x8a0/0x2750 [ 66.724280][ T5067] team_add_slave+0x9b3/0x2750 [ 66.729034][ T5067] ? __pfx___dev_notify_flags+0x10/0x10 [ 66.734570][ T5067] ? __dev_change_flags+0x515/0x6f0 [ 66.739751][ T5067] ? __pfx_team_add_slave+0x10/0x10 [ 66.744936][ T5067] ? __pfx___dev_change_flags+0x10/0x10 [ 66.750467][ T5067] ? vprintk_emit+0x608/0x720 [ 66.755132][ T5067] ? mutex_is_locked+0x12/0x50 [ 66.759881][ T5067] do_setlink+0xe70/0x41f0 [ 66.764287][ T5067] ? _printk+0xd5/0x120 [ 66.768431][ T5067] ? __nla_validate_parse+0x4e4/0x2f70 [ 66.773884][ T5067] ? __pfx__printk+0x10/0x10 [ 66.778459][ T5067] ? __pfx_do_setlink+0x10/0x10 [ 66.783303][ T5067] ? __nla_validate_parse+0x259b/0x2f70 [ 66.788835][ T5067] ? netlink_unicast+0x7ea/0x980 [ 66.793762][ T5067] ? __pfx___nla_validate_parse+0x10/0x10 [ 66.799469][ T5067] ? __kasan_kmalloc+0x98/0xb0 [ 66.804218][ T5067] ? validate_linkmsg+0x71e/0x900 [ 66.809230][ T5067] rtnl_newlink+0x180b/0x20a0 [ 66.813896][ T5067] ? kernel_text_address+0xa7/0xe0 [ 66.818998][ T5067] ? rtnl_newlink+0x4c1/0x20a0 [ 66.823776][ T5067] ? __pfx_rtnl_newlink+0x10/0x10 [ 66.828809][ T5067] ? __pfx___mutex_trylock_common+0x10/0x10 [ 66.834697][ T5067] ? rcu_is_watching+0x15/0xb0 [ 66.839448][ T5067] ? trace_contention_end+0x3c/0x100 [ 66.844721][ T5067] ? __mutex_lock+0x2ef/0xd70 [ 66.849393][ T5067] ? rcu_read_unlock+0x8c/0xa0 [ 66.854152][ T5067] ? __pfx_rtnl_newlink+0x10/0x10 [ 66.859183][ T5067] rtnetlink_rcv_msg+0x89b/0x10d0 [ 66.864202][ T5067] ? rtnetlink_rcv_msg+0x208/0x10d0 [ 66.869388][ T5067] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 66.875702][ T5067] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 66.881153][ T5067] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 66.887131][ T5067] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 66.893447][ T5067] ? __local_bh_enable_ip+0x168/0x200 [ 66.898800][ T5067] ? lockdep_hardirqs_on+0x99/0x150 [ 66.903986][ T5067] ? __local_bh_enable_ip+0x168/0x200 [ 66.909340][ T5067] ? dev_hard_start_xmit+0x724/0x790 [ 66.914614][ T5067] ? __dev_queue_xmit+0x2c4/0x3b10 [ 66.919718][ T5067] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 66.925425][ T5067] ? __dev_queue_xmit+0x2c4/0x3b10 [ 66.930525][ T5067] ? __dev_queue_xmit+0x15fd/0x3b10 [ 66.935726][ T5067] ? __dev_queue_xmit+0x2c4/0x3b10 [ 66.940831][ T5067] ? ref_tracker_free+0x643/0x7e0 [ 66.945843][ T5067] netlink_rcv_skb+0x1e3/0x430 [ 66.950595][ T5067] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 66.956050][ T5067] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 66.961330][ T5067] ? netlink_deliver_tap+0x2e/0x1b0 [ 66.966518][ T5067] netlink_unicast+0x7ea/0x980 [ 66.971278][ T5067] ? __pfx_netlink_unicast+0x10/0x10 [ 66.976551][ T5067] ? __virt_addr_valid+0x44e/0x520 [ 66.981654][ T5067] ? __phys_addr_symbol+0x2f/0x70 [ 66.986675][ T5067] ? __check_object_size+0x4bc/0xa00 [ 66.991950][ T5067] ? bpf_lsm_netlink_send+0x9/0x10 [ 66.997078][ T5067] netlink_sendmsg+0x8e1/0xcb0 [ 67.001840][ T5067] ? __pfx_netlink_sendmsg+0x10/0x10 [ 67.007135][ T5067] ? __import_iovec+0x536/0x820 [ 67.011970][ T5067] ? aa_sock_msg_perm+0x91/0x160 [ 67.016895][ T5067] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 67.022194][ T5067] ? security_socket_sendmsg+0x87/0xb0 [ 67.027651][ T5067] ? __pfx_netlink_sendmsg+0x10/0x10 [ 67.032925][ T5067] __sock_sendmsg+0x221/0x270 [ 67.037591][ T5067] ____sys_sendmsg+0x525/0x7d0 [ 67.042347][ T5067] ? __pfx_____sys_sendmsg+0x10/0x10 [ 67.047625][ T5067] ? do_raw_spin_lock+0x14f/0x370 [ 67.052646][ T5067] __sys_sendmsg+0x2b0/0x3a0 [ 67.057225][ T5067] ? __pfx___sys_sendmsg+0x10/0x10 [ 67.062326][ T5067] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.068645][ T5067] ? _raw_spin_unlock_irq+0x2e/0x50 [ 67.073834][ T5067] ? ptrace_notify+0x279/0x380 [ 67.078588][ T5067] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.084906][ T5067] ? do_syscall_64+0x10a/0x240 [ 67.089662][ T5067] ? syscall_trace_enter+0x5f/0x150 [ 67.094875][ T5067] do_syscall_64+0xfb/0x240 [ 67.099364][ T5067] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 67.105267][ T5067] RIP: 0033:0x7f4a7b13bb09 [ 67.109669][ T5067] Code: 48 83 c4 28 c3 e8 d7 19 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 67.129265][ T5067] RSP: 002b:00007fffa1aaa738 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 67.137669][ T5067] RAX: ffffffffffffffda RBX: 00007f4a7b1893d3 RCX: 00007f4a7b13bb09 [ 67.145635][ T5067] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000004 [ 67.153592][ T5067] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 67.161551][ T5067] R10: 0000000000000001 R11: 0000000000000246 R12: 00007fffa1aaa770 [ 67.169511][ T5067] R13: 00007f4a7b189004 R14: 00007fffa1aaa75c R15: 0000000000000003 [ 67.177475][ T5067]