Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts. 2025/05/12 23:49:05 ignoring optional flag "sandboxArg"="0" 2025/05/12 23:49:05 ignoring optional flag "type"="gce" 2025/05/12 23:49:05 parsed 1 programs 2025/05/12 23:49:08 executed programs: 0 [ 84.718128][ T4405] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 84.880950][ T4488] chnl_net:caif_netlink_parms(): no params data found [ 84.926490][ T4488] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.934522][ T4488] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.942791][ T4488] device bridge_slave_0 entered promiscuous mode [ 84.951884][ T4488] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.959805][ T4488] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.968233][ T4488] device bridge_slave_1 entered promiscuous mode [ 84.991242][ T4488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.003761][ T4488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.030440][ T4488] team0: Port device team_slave_0 added [ 85.038652][ T4488] team0: Port device team_slave_1 added [ 85.058805][ T4488] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.066111][ T4488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.093810][ T4488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.106468][ T4488] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.113722][ T4488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.141319][ T4488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.173990][ T4488] device hsr_slave_0 entered promiscuous mode [ 85.181801][ T4488] device hsr_slave_1 entered promiscuous mode [ 85.682486][ T4488] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 85.692813][ T4488] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 85.703389][ T4488] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 85.713654][ T4488] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.738389][ T4488] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.745624][ T4488] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.753266][ T4488] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.760409][ T4488] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.822041][ T4488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.837558][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 85.846559][ T155] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.856521][ T155] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.866755][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 85.885649][ T4488] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.897711][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 85.907240][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 85.918023][ T155] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.925438][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.950052][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 85.961050][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 85.971330][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.979165][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.000601][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 86.010476][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 86.021705][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 86.033091][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 86.054392][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 86.064986][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 86.076056][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 86.088003][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 86.098106][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 86.109151][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 86.118238][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 86.131863][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 86.270472][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 86.278075][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 86.294260][ T4488] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.317419][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 86.326935][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 86.352254][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 86.360964][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 86.372931][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 86.381726][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 86.393298][ T4488] device veth0_vlan entered promiscuous mode [ 86.405763][ T4488] device veth1_vlan entered promiscuous mode [ 86.431614][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 86.442080][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 86.451489][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 86.461535][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 86.474847][ T4488] device veth0_macvtap entered promiscuous mode [ 86.486494][ T4488] device veth1_macvtap entered promiscuous mode [ 86.505380][ T4488] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.514917][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 86.524446][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 86.533659][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 86.542839][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 86.554922][ T4488] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.564382][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 86.575386][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 86.586715][ T4488] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.595920][ T4488] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.605010][ T4488] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.614243][ T4488] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.694775][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.717492][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.738096][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 86.754538][ T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.763450][ T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.775620][ T1244] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 86.803856][ T7] cfg80211: failed to load regulatory.db [ 86.860198][ T1109] Bluetooth: hci0: command 0x0409 tx timeout [ 86.972476][ T4564] [ 86.974835][ T4564] ====================================================== [ 86.981945][ T4564] WARNING: possible circular locking dependency detected [ 86.989168][ T4564] 5.15.182-syzkaller #0 Not tainted [ 86.994653][ T4564] ------------------------------------------------------ [ 87.001768][ T4564] syz-executor.0/4564 is trying to acquire lock: [ 87.008587][ T4564] ffff8881409183f0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_bmap+0x4d/0x3f0 [ 87.019144][ T4564] [ 87.019144][ T4564] but task is already holding lock: [ 87.026864][ T4564] ffff88802bb0e3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x316/0xca0 [ 87.038240][ T4564] [ 87.038240][ T4564] which lock already depends on the new lock. [ 87.038240][ T4564] [ 87.049214][ T4564] [ 87.049214][ T4564] the existing dependency chain (in reverse order) is: [ 87.058540][ T4564] [ 87.058540][ T4564] -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 87.067444][ T4564] __mutex_lock_common+0x1eb/0x2390 [ 87.073207][ T4564] mutex_lock_io_nested+0x43/0x60 [ 87.079055][ T4564] jbd2_journal_flush+0x287/0xca0 [ 87.084637][ T4564] ext4_ioctl+0x2e75/0x3570 [ 87.089873][ T4564] __se_sys_ioctl+0xfa/0x170 [ 87.095204][ T4564] do_syscall_64+0x4c/0xa0 [ 87.100421][ T4564] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.107134][ T4564] [ 87.107134][ T4564] -> #2 (&journal->j_barrier){+.+.}-{3:3}: [ 87.115339][ T4564] __mutex_lock_common+0x1eb/0x2390 [ 87.121136][ T4564] mutex_lock_nested+0x17/0x20 [ 87.126881][ T4564] jbd2_journal_lock_updates+0x2ba/0x380 [ 87.133324][ T4564] ext4_change_inode_journal_flag+0x19c/0x6b0 [ 87.140170][ T4564] ext4_fileattr_set+0xddc/0x16a0 [ 87.145742][ T4564] vfs_fileattr_set+0x842/0xaf0 [ 87.151323][ T4564] do_vfs_ioctl+0x1767/0x1de0 [ 87.156557][ T4564] __se_sys_ioctl+0x83/0x170 [ 87.161929][ T4564] do_syscall_64+0x4c/0xa0 [ 87.167077][ T4564] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.173603][ T4564] [ 87.173603][ T4564] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 87.182455][ T4564] percpu_down_write+0x52/0x2f0 [ 87.188322][ T4564] ext4_ind_migrate+0x259/0x910 [ 87.193896][ T4564] ext4_fileattr_set+0xece/0x16a0 [ 87.199814][ T4564] vfs_fileattr_set+0x842/0xaf0 [ 87.205568][ T4564] do_vfs_ioctl+0x1767/0x1de0 [ 87.211086][ T4564] __se_sys_ioctl+0x83/0x170 [ 87.216577][ T4564] do_syscall_64+0x4c/0xa0 [ 87.221813][ T4564] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.228435][ T4564] [ 87.228435][ T4564] -> #0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}: [ 87.237427][ T4564] __lock_acquire+0x2c33/0x7c60 [ 87.242843][ T4564] lock_acquire+0x197/0x3f0 [ 87.248001][ T4564] down_read+0x44/0x2e0 [ 87.252909][ T4564] ext4_bmap+0x4d/0x3f0 [ 87.257701][ T4564] bmap+0xa2/0xd0 [ 87.261973][ T4564] jbd2_journal_flush+0x648/0xca0 [ 87.267768][ T4564] ext4_ioctl+0x2e75/0x3570 [ 87.273236][ T4564] __se_sys_ioctl+0xfa/0x170 [ 87.278541][ T4564] do_syscall_64+0x4c/0xa0 [ 87.283849][ T4564] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.290964][ T4564] [ 87.290964][ T4564] other info that might help us debug this: [ 87.290964][ T4564] [ 87.302174][ T4564] Chain exists of: [ 87.302174][ T4564] &sb->s_type->i_mutex_key#9 --> &journal->j_barrier --> &journal->j_checkpoint_mutex [ 87.302174][ T4564] [ 87.318200][ T4564] Possible unsafe locking scenario: [ 87.318200][ T4564] [ 87.326209][ T4564] CPU0 CPU1 [ 87.331857][ T4564] ---- ---- [ 87.337424][ T4564] lock(&journal->j_checkpoint_mutex); [ 87.343749][ T4564] lock(&journal->j_barrier); [ 87.351700][ T4564] lock(&journal->j_checkpoint_mutex); [ 87.360005][ T4564] lock(&sb->s_type->i_mutex_key#9); [ 87.365932][ T4564] [ 87.365932][ T4564] *** DEADLOCK *** [ 87.365932][ T4564] [ 87.374829][ T4564] 2 locks held by syz-executor.0/4564: [ 87.380559][ T4564] #0: ffff88802bb0e170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2ba/0x380 [ 87.392090][ T4564] #1: ffff88802bb0e3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x316/0xca0 [ 87.403521][ T4564] [ 87.403521][ T4564] stack backtrace: [ 87.409439][ T4564] CPU: 0 PID: 4564 Comm: syz-executor.0 Not tainted 5.15.182-syzkaller #0 [ 87.418403][ T4564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 87.428790][ T4564] Call Trace: [ 87.432093][ T4564] [ 87.435215][ T4564] dump_stack_lvl+0x168/0x230 [ 87.440271][ T4564] ? load_image+0x3b0/0x3b0 [ 87.445007][ T4564] ? show_regs_print_info+0x20/0x20 [ 87.450344][ T4564] ? print_circular_bug+0x12b/0x1a0 [ 87.455568][ T4564] check_noncircular+0x274/0x310 [ 87.460530][ T4564] ? add_chain_block+0x940/0x940 [ 87.465587][ T4564] ? lockdep_lock+0xdc/0x1e0 [ 87.470396][ T4564] ? mark_lock+0x94/0x320 [ 87.474929][ T4564] __lock_acquire+0x2c33/0x7c60 [ 87.479915][ T4564] ? _raw_spin_lock_irqsave+0xb0/0xf0 [ 87.485492][ T4564] ? verify_lock_unused+0x140/0x140 [ 87.491083][ T4564] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 87.497337][ T4564] ? lockdep_hardirqs_on+0x94/0x140 [ 87.502822][ T4564] ? verify_lock_unused+0x140/0x140 [ 87.508315][ T4564] ? schedule+0x132/0x1e0 [ 87.512857][ T4564] ? io_schedule+0x7c/0xd0 [ 87.517489][ T4564] lock_acquire+0x197/0x3f0 [ 87.522425][ T4564] ? ext4_bmap+0x4d/0x3f0 [ 87.527835][ T4564] ? __might_sleep+0xf0/0xf0 [ 87.532710][ T4564] ? read_lock_is_recursive+0x10/0x10 [ 87.538685][ T4564] ? jbd2_journal_flush+0x372/0xca0 [ 87.544213][ T4564] ? ext4_journalled_write_end+0xf30/0xf30 [ 87.550240][ T4564] down_read+0x44/0x2e0 [ 87.554425][ T4564] ? ext4_bmap+0x4d/0x3f0 [ 87.558864][ T4564] ? ext4_journalled_write_end+0xf30/0xf30 [ 87.564811][ T4564] ext4_bmap+0x4d/0x3f0 [ 87.569007][ T4564] ? ext4_journalled_write_end+0xf30/0xf30 [ 87.575029][ T4564] bmap+0xa2/0xd0 [ 87.578704][ T4564] jbd2_journal_flush+0x648/0xca0 [ 87.584025][ T4564] ? __bpf_trace_jbd2_shrink_checkpoint_list+0x50/0x50 [ 87.591095][ T4564] ? bpf_lsm_capable+0x5/0x10 [ 87.595886][ T4564] ? security_capable+0x85/0xb0 [ 87.600879][ T4564] ext4_ioctl+0x2e75/0x3570 [ 87.605721][ T4564] ? ext4_fileattr_set+0x16a0/0x16a0 [ 87.611779][ T4564] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 87.618502][ T4564] ? rcu_lock_release+0x5/0x20 [ 87.624356][ T4564] ? __lock_acquire+0x7c60/0x7c60 [ 87.629630][ T4564] ? kfree+0xef/0x2a0 [ 87.633822][ T4564] ? tomoyo_path_number_perm+0x4d4/0x5d0 [ 87.639581][ T4564] ? verify_lock_unused+0x140/0x140 [ 87.645423][ T4564] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 87.651470][ T4564] ? bpf_lsm_file_ioctl+0x5/0x10 [ 87.656659][ T4564] ? security_file_ioctl+0x7c/0xa0 [ 87.661824][ T4564] ? ext4_fileattr_set+0x16a0/0x16a0 [ 87.667582][ T4564] __se_sys_ioctl+0xfa/0x170 [ 87.672206][ T4564] do_syscall_64+0x4c/0xa0 [ 87.676752][ T4564] ? clear_bhb_loop+0x15/0x70 [ 87.682211][ T4564] ? clear_bhb_loop+0x15/0x70 [ 87.687088][ T4564] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.693297][ T4564] RIP: 0033:0x7fc66b1e9b29 [ 87.698111][ T4564] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 87.718539][ T4564] RSP: 002b:00007fc66a56b0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.727453][ T4564] RAX: ffffffffffffffda RBX: 00007fc66b308f80 RCX: 00007fc66b1e9b29 [ 87.736243][ T4564] RDX: 00000000200005c0 RSI: 000000004004662b RDI: 0000000000000004 [ 87.744870][ T4564] RBP: 00007fc66b23547a R08: 0000000000000000 R09: 0000000000000000 [ 87.752962][ T4564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 87.761062][ T4564] R13: 000000000000000b R14: 00007fc66b308f80 R15: 00007fff4c8e2638 [ 87.769409][ T4564] [ 88.939280][ T1109] Bluetooth: hci0: command 0x041b tx timeout 2025/05/12 23:49:13 executed programs: 23 [ 91.019276][ T4191] Bluetooth: hci0: command 0x040f tx timeout [ 93.099038][ T4191] Bluetooth: hci0: command 0x0419 tx timeout 2025/05/12 23:49:18 executed programs: 92