Warning: Permanently added '10.128.1.179' (ED25519) to the list of known hosts. 2024/03/30 15:33:16 ignoring optional flag "sandboxArg"="0" 2024/03/30 15:33:16 parsed 1 programs 2024/03/30 15:33:18 executed programs: 0 [ 87.914221][ T5418] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.964837][ T5073] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.973229][ T5073] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.981213][ T5073] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.990571][ T5073] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.998243][ T5073] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.006576][ T5073] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.122093][ T5425] chnl_net:caif_netlink_parms(): no params data found [ 88.174092][ T5425] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.181423][ T5425] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.188625][ T5425] bridge_slave_0: entered allmulticast mode [ 88.195803][ T5425] bridge_slave_0: entered promiscuous mode [ 88.203544][ T5425] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.210921][ T5425] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.218116][ T5425] bridge_slave_1: entered allmulticast mode [ 88.225145][ T5425] bridge_slave_1: entered promiscuous mode [ 88.248436][ T5425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.260143][ T5425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.288313][ T5425] team0: Port device team_slave_0 added [ 88.295970][ T5425] team0: Port device team_slave_1 added [ 88.317500][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.324990][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.351598][ T5425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.365059][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.372067][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.398141][ T5425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.431627][ T5425] hsr_slave_0: entered promiscuous mode [ 88.438363][ T5425] hsr_slave_1: entered promiscuous mode [ 88.978989][ T5425] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.994160][ T5425] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.004832][ T5425] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.015560][ T5425] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 89.047889][ T5425] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.055311][ T5425] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.063862][ T5425] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.071098][ T5425] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.115499][ T5081] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.124036][ T5081] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.172879][ T5425] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.195915][ T5425] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.212283][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.219536][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.242788][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.250140][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.458450][ T5425] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.511440][ T5425] veth0_vlan: entered promiscuous mode [ 89.526432][ T5425] veth1_vlan: entered promiscuous mode [ 89.562401][ T5425] veth0_macvtap: entered promiscuous mode [ 89.574691][ T5425] veth1_macvtap: entered promiscuous mode [ 89.598043][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.618004][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.635662][ T5425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.647429][ T5425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.658199][ T5425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.669038][ T5425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.765702][ T1268] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.786334][ T1268] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.816206][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.824922][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.875921][ T5491] [ 89.878310][ T5491] ====================================================== [ 89.885344][ T5491] WARNING: possible circular locking dependency detected [ 89.892532][ T5491] 6.8.0-syzkaller-08951-gfe46a7dd189e-dirty #0 Not tainted [ 89.899822][ T5491] ------------------------------------------------------ [ 89.906869][ T5491] syz-executor.0/5491 is trying to acquire lock: [ 89.913178][ T5491] ffff8880b9529470 (#2){..-.}-{2:2}, at: kvfree_call_rcu+0x18a/0x790 [ 89.921270][ T5491] [ 89.921270][ T5491] but task is already holding lock: [ 89.928623][ T5491] ffff88806aa8d9f8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xcb/0xc10 [ 89.937834][ T5491] [ 89.937834][ T5491] which lock already depends on the new lock. [ 89.937834][ T5491] [ 89.948217][ T5491] [ 89.948217][ T5491] the existing dependency chain (in reverse order) is: [ 89.957214][ T5491] [ 89.957214][ T5491] -> #2 (&trie->lock){....}-{2:2}: [ 89.964511][ T5491] lock_acquire+0x1e4/0x530 [ 89.969523][ T5491] _raw_spin_lock_irqsave+0xd5/0x120 [ 89.975341][ T5491] trie_delete_elem+0x96/0x6a0 [ 89.980705][ T5491] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 89.986692][ T5491] bpf_trace_run2+0x204/0x420 [ 89.991889][ T5491] enqueue_hrtimer+0x335/0x3a0 [ 89.997178][ T5491] hrtimer_start_range_ns+0xaa0/0xc60 [ 90.003063][ T5491] futex_wait_queue+0xb0/0x1d0 [ 90.009291][ T5491] __futex_wait+0x17f/0x320 [ 90.014300][ T5491] futex_wait+0x101/0x360 [ 90.019136][ T5491] do_futex+0x33b/0x560 [ 90.024082][ T5491] __se_sys_futex+0x3f9/0x480 [ 90.029290][ T5491] do_syscall_64+0xfb/0x240 [ 90.034342][ T5491] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 90.040759][ T5491] [ 90.040759][ T5491] -> #1 (hrtimer_bases.lock){-.-.}-{2:2}: [ 90.048828][ T5491] lock_acquire+0x1e4/0x530 [ 90.053840][ T5491] _raw_spin_lock_irqsave+0xd5/0x120 [ 90.059637][ T5491] hrtimer_start_range_ns+0xdf/0xc60 [ 90.065517][ T5491] kvfree_call_rcu+0x5e6/0x790 [ 90.070876][ T5491] ops_init+0x2c6/0x610 [ 90.075544][ T5491] register_pernet_operations+0x2cb/0x660 [ 90.081776][ T5491] register_pernet_device+0x33/0x80 [ 90.087496][ T5491] init_mac80211_hwsim+0x12f/0xa90 [ 90.093221][ T5491] do_one_initcall+0x238/0x830 [ 90.098493][ T5491] do_initcall_level+0x157/0x210 [ 90.103941][ T5491] do_initcalls+0x3f/0x80 [ 90.108778][ T5491] kernel_init_freeable+0x435/0x5d0 [ 90.114491][ T5491] kernel_init+0x1d/0x2a0 [ 90.119330][ T5491] ret_from_fork+0x4b/0x80 [ 90.124257][ T5491] ret_from_fork_asm+0x1a/0x30 [ 90.129620][ T5491] [ 90.129620][ T5491] -> #0 (#2){..-.}-{2:2}: [ 90.136156][ T5491] validate_chain+0x18cb/0x58e0 [ 90.141517][ T5491] __lock_acquire+0x1346/0x1fd0 [ 90.146874][ T5491] lock_acquire+0x1e4/0x530 [ 90.151884][ T5491] _raw_spin_lock+0x2e/0x40 [ 90.156901][ T5491] kvfree_call_rcu+0x18a/0x790 [ 90.162205][ T5491] trie_update_elem+0x819/0xc10 [ 90.167567][ T5491] bpf_map_update_value+0x4d3/0x540 [ 90.173290][ T5491] generic_map_update_batch+0x60d/0x900 [ 90.179345][ T5491] bpf_map_do_batch+0x3e0/0x690 [ 90.184792][ T5491] __sys_bpf+0x377/0x810 [ 90.189635][ T5491] __x64_sys_bpf+0x7c/0x90 [ 90.194590][ T5491] do_syscall_64+0xfb/0x240 [ 90.199691][ T5491] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 90.206113][ T5491] [ 90.206113][ T5491] other info that might help us debug this: [ 90.206113][ T5491] [ 90.216355][ T5491] Chain exists of: [ 90.216355][ T5491] #2 --> hrtimer_bases.lock --> &trie->lock [ 90.216355][ T5491] [ 90.228189][ T5491] Possible unsafe locking scenario: [ 90.228189][ T5491] [ 90.235884][ T5491] CPU0 CPU1 [ 90.241234][ T5491] ---- ---- [ 90.246753][ T5491] lock(&trie->lock); [ 90.250813][ T5491] lock(hrtimer_bases.lock); [ 90.258082][ T5491] lock(&trie->lock); [ 90.264748][ T5491] lock(#2); [ 90.268028][ T5491] [ 90.268028][ T5491] *** DEADLOCK *** [ 90.268028][ T5491] [ 90.276369][ T5491] 2 locks held by syz-executor.0/5491: [ 90.282000][ T5491] #0: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: bpf_map_update_value+0x3c4/0x540 [ 90.291918][ T5491] #1: ffff88806aa8d9f8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xcb/0xc10 [ 90.301389][ T5491] [ 90.301389][ T5491] stack backtrace: [ 90.307364][ T5491] CPU: 1 PID: 5491 Comm: syz-executor.0 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e-dirty #0 [ 90.317948][ T5491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 90.327993][ T5491] Call Trace: [ 90.331264][ T5491] [ 90.334206][ T5491] dump_stack_lvl+0x241/0x360 [ 90.338882][ T5491] ? __pfx_dump_stack_lvl+0x10/0x10 [ 90.344282][ T5491] ? print_circular_bug+0x130/0x1a0 [ 90.349497][ T5491] check_noncircular+0x36a/0x4a0 [ 90.354461][ T5491] ? __pfx_check_noncircular+0x10/0x10 [ 90.365040][ T5491] ? lockdep_lock+0x123/0x2b0 [ 90.369729][ T5491] ? mark_lock+0x9a/0x350 [ 90.374061][ T5491] ? _find_first_zero_bit+0xd4/0x100 [ 90.379438][ T5491] validate_chain+0x18cb/0x58e0 [ 90.384410][ T5491] ? __pfx_validate_chain+0x10/0x10 [ 90.389692][ T5491] ? stack_depot_save_flags+0x37d/0x860 [ 90.395327][ T5491] ? do_raw_spin_lock+0x14f/0x370 [ 90.400343][ T5491] ? __pfx_lock_release+0x10/0x10 [ 90.405362][ T5491] ? do_raw_spin_unlock+0x13c/0x8b0 [ 90.410557][ T5491] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 90.416760][ T5491] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 90.423254][ T5491] ? stack_trace_save+0x118/0x1d0 [ 90.428274][ T5491] ? mark_lock+0x9a/0x350 [ 90.432602][ T5491] __lock_acquire+0x1346/0x1fd0 [ 90.437536][ T5491] lock_acquire+0x1e4/0x530 [ 90.442027][ T5491] ? kvfree_call_rcu+0x18a/0x790 [ 90.446957][ T5491] ? __pfx_lock_acquire+0x10/0x10 [ 90.452067][ T5491] ? __phys_addr+0xba/0x170 [ 90.456564][ T5491] _raw_spin_lock+0x2e/0x40 [ 90.461500][ T5491] ? kvfree_call_rcu+0x18a/0x790 [ 90.466599][ T5491] kvfree_call_rcu+0x18a/0x790 [ 90.471468][ T5491] ? __pfx_kvfree_call_rcu+0x10/0x10 [ 90.476826][ T5491] ? percpu_ref_put+0x181/0x250 [ 90.481661][ T5491] ? longest_prefix_match+0x2eb/0x670 [ 90.487025][ T5491] trie_update_elem+0x819/0xc10 [ 90.491870][ T5491] bpf_map_update_value+0x4d3/0x540 [ 90.497148][ T5491] generic_map_update_batch+0x60d/0x900 [ 90.502689][ T5491] ? __pfx_generic_map_update_batch+0x10/0x10 [ 90.508746][ T5491] ? __pfx_generic_map_update_batch+0x10/0x10 [ 90.514801][ T5491] bpf_map_do_batch+0x3e0/0x690 [ 90.519647][ T5491] __sys_bpf+0x377/0x810 [ 90.523891][ T5491] ? __pfx___sys_bpf+0x10/0x10 [ 90.528636][ T5491] ? xfd_validate_state+0x6e/0x150 [ 90.533742][ T5491] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 90.539712][ T5491] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 90.546027][ T5491] ? do_syscall_64+0x10a/0x240 [ 90.550785][ T5491] __x64_sys_bpf+0x7c/0x90 [ 90.555189][ T5491] do_syscall_64+0xfb/0x240 [ 90.559682][ T5491] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 90.565578][ T5491] RIP: 0033:0x7f4922e7dda9 [ 90.569979][ T5491] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 90.590441][ T5491] RSP: 002b:00007f4923b110c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 90.598845][ T5491] RAX: ffffffffffffffda RBX: 00007f4922fabf80 RCX: 00007f4922e7dda9 [ 90.606804][ T5491] RDX: 0000000000000038 RSI: 0000000020000000 RDI: 000000000000001a [ 90.614762][ T5491] RBP: 00007f4922eca47a R08: 0000000000000000 R09: 0000000000000000 [ 90.622726][ T5491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 90.630690][ T5491] R13: 000000000000000b R14: 00007f4922fabf80 R15: 00007ffdff5b6398 [ 90.638827][ T5491] [ 90.651977][ T4466] Bluetooth: hci0: command tx timeout [ 92.710037][ T4466] Bluetooth: hci0: command tx timeout [ 94.790104][ T4466] Bluetooth: hci0: command tx timeout 2024/03/30 15:33:25 executed programs: 2 [ 96.869748][ T4466] Bluetooth: hci0: command tx timeout