Warning: Permanently added '10.128.10.38' (ED25519) to the list of known hosts. 2024/01/31 15:03:43 ignoring optional flag "sandboxArg"="0" 2024/01/31 15:03:43 parsed 1 programs [ 99.527819][ T28] kauditd_printk_skb: 74 callbacks suppressed [ 99.527829][ T28] audit: type=1400 audit(1706713423.580:205): avc: denied { getattr } for pid=5400 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 99.559378][ T28] audit: type=1400 audit(1706713423.590:206): avc: denied { read } for pid=5400 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 99.581433][ T28] audit: type=1400 audit(1706713423.590:207): avc: denied { open } for pid=5400 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 99.625142][ T28] audit: type=1400 audit(1706713423.680:208): avc: denied { mounton } for pid=5405 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 99.650864][ T28] audit: type=1400 audit(1706713423.680:209): avc: denied { mount } for pid=5405 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 99.675725][ T28] audit: type=1400 audit(1706713423.680:210): avc: denied { setattr } for pid=5405 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 99.699217][ T28] audit: type=1400 audit(1706713423.680:211): avc: denied { read write } for pid=5405 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 99.725927][ T28] audit: type=1400 audit(1706713423.680:212): avc: denied { open } for pid=5405 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 99.762376][ T28] audit: type=1400 audit(1706713423.820:213): avc: denied { unlink } for pid=5405 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 100.277386][ T28] audit: type=1400 audit(1706713424.330:214): avc: denied { relabelto } for pid=5407 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/01/31 15:03:45 executed programs: 0 [ 101.657598][ T5405] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 101.727614][ T4447] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.736241][ T4447] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.744336][ T4447] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.752761][ T4447] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.760903][ T4447] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 101.768336][ T4447] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.927676][ T5412] chnl_net:caif_netlink_parms(): no params data found [ 102.002429][ T5412] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.009908][ T5412] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.017217][ T5412] bridge_slave_0: entered allmulticast mode [ 102.024569][ T5412] bridge_slave_0: entered promiscuous mode [ 102.033267][ T5412] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.040628][ T5412] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.048029][ T5412] bridge_slave_1: entered allmulticast mode [ 102.055267][ T5412] bridge_slave_1: entered promiscuous mode [ 102.088343][ T5412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.101303][ T5412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.137588][ T5412] team0: Port device team_slave_0 added [ 102.147418][ T5412] team0: Port device team_slave_1 added [ 102.178010][ T5412] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.185083][ T5412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.211095][ T5412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.224705][ T5412] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.231822][ T5412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.257921][ T5412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.304180][ T5412] hsr_slave_0: entered promiscuous mode [ 102.310966][ T5412] hsr_slave_1: entered promiscuous mode [ 103.084695][ T5412] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 103.098056][ T5412] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 103.112214][ T5412] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 103.127140][ T5412] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 103.281852][ T5412] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.317243][ T5412] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.336653][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.343938][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.368787][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.376261][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.665132][ T5412] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.734161][ T5412] veth0_vlan: entered promiscuous mode [ 103.753430][ T5412] veth1_vlan: entered promiscuous mode [ 103.804768][ T5412] veth0_macvtap: entered promiscuous mode [ 103.817844][ T5412] veth1_macvtap: entered promiscuous mode [ 103.826216][ T4447] Bluetooth: hci0: command 0x0409 tx timeout [ 103.861637][ T5412] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.883345][ T5412] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.901634][ T5412] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.911354][ T5412] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.920601][ T5412] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.930027][ T5412] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.052632][ T2841] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.074914][ T2841] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.121013][ T2841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.129996][ T2841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.232175][ T5475] loop0: detected capacity change from 0 to 64 [ 104.506048][ T5475] [ 104.508418][ T5475] ============================================ [ 104.514668][ T5475] WARNING: possible recursive locking detected [ 104.521088][ T5475] 6.8.0-rc2-syzkaller-g1bbb19b6eb1b #0 Not tainted [ 104.527677][ T5475] -------------------------------------------- [ 104.533843][ T5475] syz-executor.0/5475 is trying to acquire lock: [ 104.540193][ T5475] ffff8880788fc0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17f/0x220 [ 104.549726][ T5475] [ 104.549726][ T5475] but task is already holding lock: [ 104.557277][ T5475] ffff8880788fc0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17f/0x220 [ 104.566633][ T5475] [ 104.566633][ T5475] other info that might help us debug this: [ 104.574984][ T5475] Possible unsafe locking scenario: [ 104.574984][ T5475] [ 104.582512][ T5475] CPU0 [ 104.585809][ T5475] ---- [ 104.589188][ T5475] lock(&tree->tree_lock/1); [ 104.593892][ T5475] lock(&tree->tree_lock/1); [ 104.598599][ T5475] [ 104.598599][ T5475] *** DEADLOCK *** [ 104.598599][ T5475] [ 104.606754][ T5475] May be due to missing lock nesting notation [ 104.606754][ T5475] [ 104.615261][ T5475] 6 locks held by syz-executor.0/5475: [ 104.620744][ T5475] #0: ffff88802aaf14c8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe7/0x170 [ 104.630112][ T5475] #1: ffff8880788fa420 (sb_writers#14){.+.+}-{0:0}, at: ksys_write+0x12f/0x250 [ 104.639210][ T5475] #2: ffff88807e7e1628 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: generic_file_write_iter+0x92/0x350 [ 104.651190][ T5475] #3: ffff88807e7e1478 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xa2/0xb10 [ 104.661849][ T5475] #4: ffff8880788fc0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17f/0x220 [ 104.671647][ T5475] #5: ffff88807e7e00f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xa2/0xb10 [ 104.682841][ T5475] [ 104.682841][ T5475] stack backtrace: [ 104.688747][ T5475] CPU: 0 PID: 5475 Comm: syz-executor.0 Not tainted 6.8.0-rc2-syzkaller-g1bbb19b6eb1b #0 [ 104.698568][ T5475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 104.708638][ T5475] Call Trace: [ 104.711930][ T5475] [ 104.714873][ T5475] dump_stack_lvl+0xd9/0x1b0 [ 104.719489][ T5475] __lock_acquire+0x210a/0x3b30 [ 104.724372][ T5475] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 104.730393][ T5475] ? hfs_find_init+0x95/0x220 [ 104.735487][ T5475] ? kasan_save_stack+0x42/0x50 [ 104.740362][ T5475] ? kasan_save_stack+0x33/0x50 [ 104.745235][ T5475] ? kasan_save_track+0x14/0x30 [ 104.750113][ T5475] ? __kasan_kmalloc+0xa2/0xb0 [ 104.754982][ T5475] ? __kmalloc+0x1f9/0x440 [ 104.759509][ T5475] lock_acquire+0x1ae/0x520 [ 104.764128][ T5475] ? hfs_find_init+0x17f/0x220 [ 104.768914][ T5475] ? lock_sync+0x190/0x190 [ 104.773441][ T5475] ? preempt_count_sub+0x160/0x160 [ 104.778601][ T5475] __mutex_lock+0x175/0x9d0 [ 104.783152][ T5475] ? hfs_find_init+0x17f/0x220 [ 104.787939][ T5475] ? hfs_find_init+0x17f/0x220 [ 104.792730][ T5475] ? mutex_trylock+0x130/0x130 [ 104.797512][ T5475] ? rcu_is_watching+0x12/0xb0 [ 104.802299][ T5475] ? trace_kmalloc+0x26/0xa0 [ 104.806914][ T5475] ? __kmalloc+0x218/0x440 [ 104.811347][ T5475] ? hfs_find_init+0x17f/0x220 [ 104.816136][ T5475] hfs_find_init+0x17f/0x220 [ 104.820764][ T5475] hfs_ext_read_extent+0x19c/0x9d0 [ 104.825902][ T5475] ? hfs_free_extents+0x2f0/0x2f0 [ 104.830954][ T5475] ? do_raw_spin_unlock+0x173/0x230 [ 104.836340][ T5475] hfs_extend_file+0x4e0/0xb10 [ 104.841134][ T5475] ? hfs_free_fork+0x900/0x900 [ 104.845921][ T5475] ? hfs_find_init+0x17f/0x220 [ 104.850713][ T5475] hfs_bmap_reserve+0x29c/0x370 [ 104.855590][ T5475] __hfs_ext_write_extent+0x3cb/0x520 [ 104.860996][ T5475] hfs_ext_read_extent+0x805/0x9d0 [ 104.866395][ T5475] ? mutex_trylock+0x130/0x130 [ 104.871178][ T5475] ? hfs_free_extents+0x2f0/0x2f0 [ 104.876227][ T5475] ? clean_bdev_aliases+0x51a/0x620 [ 104.881444][ T5475] hfs_extend_file+0x4e0/0xb10 [ 104.886241][ T5475] ? reacquire_held_locks+0x4c0/0x4c0 [ 104.891655][ T5475] ? hfs_free_fork+0x900/0x900 [ 104.896644][ T5475] hfs_get_block+0x17f/0x820 [ 104.901351][ T5475] ? hfs_extend_file+0xb10/0xb10 [ 104.906748][ T5475] __block_write_begin_int+0x4fb/0x16e0 [ 104.912317][ T5475] ? hfs_extend_file+0xb10/0xb10 [ 104.917282][ T5475] ? invalidate_bh_lrus_cpu+0x170/0x170 [ 104.922962][ T5475] block_write_begin+0xb1/0x490 [ 104.928187][ T5475] ? hfs_extend_file+0xb10/0xb10 [ 104.933156][ T5475] cont_write_begin+0x530/0x730 [ 104.938033][ T5475] ? hfs_extend_file+0xb10/0xb10 [ 104.943267][ T5475] ? block_write_begin+0x490/0x490 [ 104.948404][ T5475] ? fault_in_readable+0x106/0x200 [ 104.953541][ T5475] ? fault_in_readable+0x150/0x200 [ 104.958671][ T5475] ? fault_in_subpage_writeable+0x20/0x20 [ 104.964414][ T5475] hfs_write_begin+0x87/0x140 [ 104.969206][ T5475] ? hfs_extend_file+0xb10/0xb10 [ 104.974166][ T5475] generic_perform_write+0x278/0x600 [ 104.979657][ T5475] ? folio_add_wait_queue+0x1c0/0x1c0 [ 104.985072][ T5475] ? generic_write_checks+0x2b0/0x3f0 [ 104.990912][ T5475] __generic_file_write_iter+0x1f9/0x240 [ 104.996668][ T5475] generic_file_write_iter+0xe3/0x350 [ 105.002085][ T5475] vfs_write+0x6d5/0x1100 [ 105.006440][ T5475] ? kernel_write+0x6c0/0x6c0 [ 105.011142][ T5475] ? mutex_trylock+0x130/0x130 [ 105.015933][ T5475] ? __fget_files+0x256/0x400 [ 105.020646][ T5475] ksys_write+0x12f/0x250 [ 105.025001][ T5475] ? __ia32_sys_read+0xb0/0xb0 [ 105.029958][ T5475] do_syscall_64+0xd3/0x250 [ 105.034519][ T5475] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 105.040437][ T5475] RIP: 0033:0x7fb51dc7cda9 [ 105.044870][ T5475] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 105.064582][ T5475] RSP: 002b:00007fb51e91a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 105.073017][ T5475] RAX: ffffffffffffffda RBX: 00007fb51ddabf80 RCX: 00007fb51dc7cda9 [ 105.081178][ T5475] RDX: 000000000208e24b RSI: 0000000020000180 RDI: 0000000000000004 [ 105.089252][ T5475] RBP: 00007fb51dcc947a R08: 0000000000000000 R09: 0000000000000000 [ 105.097337][ T5475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.105299][ T5475] R13: 000000000000000b R14: 00007fb51ddabf80 R15: 00007ffc66fb9008 [ 105.113266][ T5475] [ 105.142346][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 105.142360][ T28] audit: type=1400 audit(1706713429.180:219): avc: denied { search } for pid=4485 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 105.909216][ T4447] Bluetooth: hci0: command 0x041b tx timeout [ 107.979158][ T4447] Bluetooth: hci0: command 0x040f tx timeout [ 109.340083][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.340083][ T2408] loop0: rw=1048577, sector=95, nr_sectors = 1 limit=64 [ 109.354423][ T2408] Buffer I/O error on dev loop0, logical block 95, lost async page write [ 109.363181][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.363181][ T2408] loop0: rw=1048577, sector=96, nr_sectors = 1 limit=64 [ 109.377397][ T2408] Buffer I/O error on dev loop0, logical block 96, lost async page write [ 109.386017][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.386017][ T2408] loop0: rw=1048577, sector=98, nr_sectors = 1 limit=64 [ 109.399937][ T2408] Buffer I/O error on dev loop0, logical block 98, lost async page write [ 109.408368][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.408368][ T2408] loop0: rw=1048577, sector=100, nr_sectors = 1 limit=64 [ 109.422847][ T2408] Buffer I/O error on dev loop0, logical block 100, lost async page write [ 109.432293][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.432293][ T2408] loop0: rw=1048577, sector=101, nr_sectors = 1 limit=64 [ 109.446132][ T2408] Buffer I/O error on dev loop0, logical block 101, lost async page write [ 109.454825][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.454825][ T2408] loop0: rw=1048577, sector=102, nr_sectors = 1 limit=64 [ 109.468677][ T2408] Buffer I/O error on dev loop0, logical block 102, lost async page write [ 109.481004][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.481004][ T2408] loop0: rw=1048577, sector=103, nr_sectors = 1 limit=64 [ 109.495169][ T2408] Buffer I/O error on dev loop0, logical block 103, lost async page write [ 109.505063][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.505063][ T2408] loop0: rw=1048577, sector=104, nr_sectors = 1 limit=64 [ 109.519552][ T2408] Buffer I/O error on dev loop0, logical block 104, lost async page write [ 109.531069][ T2408] kworker/u4:7: attempt to access beyond end of device [ 109.531069][ T2408] loop0: rw=1048577, sector=105, nr_sectors = 4064 limit=64 [ 110.059270][ T4447] Bluetooth: hci0: command 0x0419 tx timeout