[ 65.569789][ T141] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.586923][ T141] veth1_macvtap: left promiscuous mode [ 65.593035][ T141] veth0_macvtap: left promiscuous mode [ 65.598721][ T141] veth1_vlan: left promiscuous mode [ 65.604753][ T141] veth0_vlan: left promiscuous mode [ 65.784336][ T141] team0 (unregistering): Port device team_slave_1 removed [ 65.798576][ T141] team0 (unregistering): Port device team_slave_0 removed [ 65.813801][ T141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 65.835407][ T141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 65.894118][ T141] bond0 (unregistering): Released all slaves [ 82.302368][ T781] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.15' (ED25519) to the list of known hosts. 2024/01/04 13:18:40 ignoring optional flag "sandboxArg"="0" 2024/01/04 13:18:40 parsed 1 programs 2024/01/04 13:18:42 executed programs: 0 [ 85.161415][ T5402] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.218188][ T4454] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.226684][ T4454] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.234581][ T4454] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.242529][ T4454] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.250044][ T4454] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.257553][ T4454] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.374151][ T5409] chnl_net:caif_netlink_parms(): no params data found [ 85.427420][ T5409] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.434829][ T5409] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.442244][ T5409] bridge_slave_0: entered allmulticast mode [ 85.448948][ T5409] bridge_slave_0: entered promiscuous mode [ 85.456989][ T5409] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.464410][ T5409] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.471962][ T5409] bridge_slave_1: entered allmulticast mode [ 85.478837][ T5409] bridge_slave_1: entered promiscuous mode [ 85.505629][ T5409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.517552][ T5409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.544940][ T5409] team0: Port device team_slave_0 added [ 85.553876][ T5409] team0: Port device team_slave_1 added [ 85.575349][ T5409] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.582506][ T5409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.609091][ T5409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.622293][ T5409] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.629452][ T5409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.657063][ T5409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.694183][ T5409] hsr_slave_0: entered promiscuous mode [ 85.700506][ T5409] hsr_slave_1: entered promiscuous mode [ 86.473791][ T5409] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.486500][ T5409] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.498953][ T5409] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.512291][ T5409] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.614506][ T5409] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.638818][ T5409] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.656808][ T781] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.664684][ T781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.687007][ T781] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.694305][ T781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.919605][ T5409] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.980207][ T5409] veth0_vlan: entered promiscuous mode [ 86.999709][ T5409] veth1_vlan: entered promiscuous mode [ 87.036077][ T5409] veth0_macvtap: entered promiscuous mode [ 87.048627][ T5409] veth1_macvtap: entered promiscuous mode [ 87.070000][ T5409] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.093561][ T5409] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.109557][ T5409] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.122763][ T5409] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.134219][ T5409] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.143506][ T5409] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.232857][ T28] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.250441][ T28] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.286207][ T141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.296100][ T141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.344877][ T5058] Bluetooth: hci0: command 0x0409 tx timeout [ 87.366277][ T5476] loop0: detected capacity change from 0 to 64 [ 87.624039][ T5476] [ 87.626438][ T5476] ============================================ [ 87.632896][ T5476] WARNING: possible recursive locking detected [ 87.639246][ T5476] 6.7.0-rc8-syzkaller-00024-gac865f00af29 #0 Not tainted [ 87.646377][ T5476] -------------------------------------------- [ 87.652995][ T5476] syz-executor.0/5476 is trying to acquire lock: [ 87.659698][ T5476] ffff8880256d40b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x16e/0x1f0 [ 87.669145][ T5476] [ 87.669145][ T5476] but task is already holding lock: [ 87.676801][ T5476] ffff8880256d40b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x16e/0x1f0 [ 87.686346][ T5476] [ 87.686346][ T5476] other info that might help us debug this: [ 87.694423][ T5476] Possible unsafe locking scenario: [ 87.694423][ T5476] [ 87.702163][ T5476] CPU0 [ 87.705459][ T5476] ---- [ 87.708795][ T5476] lock(&tree->tree_lock/1); [ 87.713678][ T5476] lock(&tree->tree_lock/1); [ 87.718577][ T5476] [ 87.718577][ T5476] *** DEADLOCK *** [ 87.718577][ T5476] [ 87.726916][ T5476] May be due to missing lock nesting notation [ 87.726916][ T5476] [ 87.735258][ T5476] 6 locks held by syz-executor.0/5476: [ 87.741038][ T5476] #0: ffff88801f04a848 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2b0/0x340 [ 87.750369][ T5476] #1: ffff88801fa74418 (sb_writers#14){.+.+}-{0:0}, at: vfs_write+0x223/0xb20 [ 87.759633][ T5476] #2: ffff8880251e9628 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: generic_file_write_iter+0x83/0x310 [ 87.771259][ T5476] #3: ffff8880251e9478 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1440 [ 87.782616][ T5476] #4: ffff8880256d40b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x16e/0x1f0 [ 87.792516][ T5476] #5: ffff8880251e80f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1440 [ 87.804046][ T5476] [ 87.804046][ T5476] stack backtrace: [ 87.810038][ T5476] CPU: 1 PID: 5476 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller-00024-gac865f00af29 #0 [ 87.820394][ T5476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 87.830819][ T5476] Call Trace: [ 87.834121][ T5476] [ 87.837063][ T5476] dump_stack_lvl+0x1e7/0x2d0 [ 87.841767][ T5476] ? nf_tcp_handle_invalid+0x650/0x650 [ 87.847255][ T5476] ? print_deadlock_bug+0x46f/0x610 [ 87.852560][ T5476] ? _find_first_zero_bit+0xd4/0x100 [ 87.857871][ T5476] validate_chain+0x15dd/0x5ab0 [ 87.862756][ T5476] ? __lock_acquire+0x1345/0x1fd0 [ 87.867979][ T5476] ? reacquire_held_locks+0x690/0x690 [ 87.873482][ T5476] ? mark_lock+0x9a/0x350 [ 87.877935][ T5476] ? lockdep_hardirqs_on_prepare+0x43c/0x780 [ 87.884387][ T5476] ? print_irqtrace_events+0x220/0x220 [ 87.890189][ T5476] ? mark_lock+0x9a/0x350 [ 87.894634][ T5476] __lock_acquire+0x1345/0x1fd0 [ 87.899643][ T5476] lock_acquire+0x1e3/0x530 [ 87.904286][ T5476] ? hfs_find_init+0x16e/0x1f0 [ 87.909087][ T5476] ? read_lock_is_recursive+0x20/0x20 [ 87.914510][ T5476] ? block_write_begin+0x9b/0x1e0 [ 87.920007][ T5476] ? cont_write_begin+0x643/0x880 [ 87.925061][ T5476] ? __might_sleep+0xe0/0xe0 [ 87.929687][ T5476] ? ksys_write+0x1a0/0x2c0 [ 87.934310][ T5476] ? do_syscall_64+0x45/0x110 [ 87.941114][ T5476] ? entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 87.947657][ T5476] __mutex_lock+0x136/0xd60 [ 87.952371][ T5476] ? hfs_find_init+0x16e/0x1f0 [ 87.957349][ T5476] ? hfs_find_init+0x16e/0x1f0 [ 87.962154][ T5476] ? mutex_lock_nested+0x20/0x20 [ 87.967125][ T5476] ? hfs_find_init+0x90/0x1f0 [ 87.971857][ T5476] ? rcu_is_watching+0x15/0xb0 [ 87.976745][ T5476] ? hfs_find_init+0x90/0x1f0 [ 87.981735][ T5476] ? trace_kmalloc+0x1f/0xa0 [ 87.986704][ T5476] ? __kmalloc+0xd0/0x1a0 [ 87.991141][ T5476] hfs_find_init+0x16e/0x1f0 [ 87.995945][ T5476] hfs_extend_file+0x31b/0x1440 [ 88.000823][ T5476] ? hfs_get_block+0xb60/0xb60 [ 88.005652][ T5476] ? __mutex_trylock_common+0x182/0x2e0 [ 88.011227][ T5476] ? trace_raw_output_contention_end+0xd0/0xd0 [ 88.017498][ T5476] ? rcu_is_watching+0x15/0xb0 [ 88.022463][ T5476] ? hfs_brec_find+0x197/0x570 [ 88.027342][ T5476] hfs_bmap_reserve+0xd9/0x3f0 [ 88.032222][ T5476] __hfs_ext_write_extent+0x22e/0x4f0 [ 88.037625][ T5476] __hfs_ext_cache_extent+0x6a/0x990 [ 88.043203][ T5476] ? hfs_find_init+0x16e/0x1f0 [ 88.048005][ T5476] hfs_extend_file+0x344/0x1440 [ 88.052969][ T5476] ? filemap_get_folios_tag+0x1a9/0x900 [ 88.058651][ T5476] ? hfs_get_block+0xb60/0xb60 [ 88.063523][ T5476] ? filemap_get_folios_tag+0x1a9/0x900 [ 88.069362][ T5476] ? filemap_get_folios+0x40/0x40 [ 88.074514][ T5476] ? clean_bdev_aliases+0x66a/0x770 [ 88.079760][ T5476] hfs_get_block+0x3e4/0xb60 [ 88.084373][ T5476] ? hfs_free_extents+0x420/0x420 [ 88.089772][ T5476] ? create_empty_buffers+0x53e/0x740 [ 88.095434][ T5476] __block_write_begin_int+0x54d/0x1ad0 [ 88.101178][ T5476] ? folio_add_lru+0x27b/0x9d0 [ 88.106166][ T5476] ? hfs_free_extents+0x420/0x420 [ 88.111300][ T5476] ? folio_zero_new_buffers+0x540/0x540 [ 88.116961][ T5476] ? hfs_free_extents+0x420/0x420 [ 88.122004][ T5476] block_write_begin+0x9b/0x1e0 [ 88.126970][ T5476] cont_write_begin+0x643/0x880 [ 88.131851][ T5476] ? fault_in_readable+0x165/0x2b0 [ 88.137250][ T5476] ? generic_cont_expand_simple+0x2a0/0x2a0 [ 88.143250][ T5476] ? fault_in_readable+0x1a6/0x2b0 [ 88.148391][ T5476] ? fault_in_safe_writeable+0x260/0x260 [ 88.154051][ T5476] hfs_write_begin+0x8a/0xd0 [ 88.158659][ T5476] ? hfs_free_extents+0x420/0x420 [ 88.163701][ T5476] generic_perform_write+0x31b/0x630 [ 88.169024][ T5476] ? generic_file_direct_write+0x3f0/0x3f0 [ 88.174860][ T5476] ? __generic_file_write_iter+0x101/0x230 [ 88.180700][ T5476] generic_file_write_iter+0xaf/0x310 [ 88.186193][ T5476] vfs_write+0x792/0xb20 [ 88.191258][ T5476] ? file_end_write+0x250/0x250 [ 88.196757][ T5476] ? __fget_files+0x3fe/0x480 [ 88.201478][ T5476] ? __fget_files+0x29/0x480 [ 88.206115][ T5476] ? __fdget_pos+0x2b0/0x340 [ 88.210908][ T5476] ? ksys_write+0x7b/0x2c0 [ 88.215431][ T5476] ksys_write+0x1a0/0x2c0 [ 88.220383][ T5476] ? print_irqtrace_events+0x220/0x220 [ 88.226140][ T5476] ? __ia32_sys_read+0x90/0x90 [ 88.231018][ T5476] ? syscall_enter_from_user_mode+0xa4/0x2d0 [ 88.237030][ T5476] ? syscall_enter_from_user_mode+0xa4/0x2d0 [ 88.243120][ T5476] do_syscall_64+0x45/0x110 [ 88.247737][ T5476] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 88.253652][ T5476] RIP: 0033:0x7fa77007cb29 [ 88.258218][ T5476] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 88.278622][ T5476] RSP: 002b:00007fa770da40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 88.287321][ T5476] RAX: ffffffffffffffda RBX: 00007fa77019bf80 RCX: 00007fa77007cb29 [ 88.295518][ T5476] RDX: 000000000208e24b RSI: 0000000020000180 RDI: 0000000000000004 [ 88.303509][ T5476] RBP: 00007fa7700c847a R08: 0000000000000000 R09: 0000000000000000 [ 88.311499][ T5476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.319661][ T5476] R13: 000000000000000b R14: 00007fa77019bf80 R15: 00007ffd5f8cf928 [ 88.327842][ T5476] [ 89.431377][ T5058] Bluetooth: hci0: command 0x041b tx timeout [ 91.501255][ T5058] Bluetooth: hci0: command 0x040f tx timeout [ 92.461841][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.461841][ T2825] loop0: rw=1048577, sector=95, nr_sectors = 1 limit=64 [ 92.475901][ T2825] Buffer I/O error on dev loop0, logical block 95, lost async page write [ 92.485019][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.485019][ T2825] loop0: rw=1048577, sector=96, nr_sectors = 1 limit=64 [ 92.499674][ T2825] Buffer I/O error on dev loop0, logical block 96, lost async page write [ 92.508383][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.508383][ T2825] loop0: rw=1048577, sector=98, nr_sectors = 1 limit=64 [ 92.522436][ T2825] Buffer I/O error on dev loop0, logical block 98, lost async page write [ 92.531078][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.531078][ T2825] loop0: rw=1048577, sector=100, nr_sectors = 1 limit=64 [ 92.546038][ T2825] Buffer I/O error on dev loop0, logical block 100, lost async page write [ 92.554866][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.554866][ T2825] loop0: rw=1048577, sector=101, nr_sectors = 1 limit=64 [ 92.569054][ T2825] Buffer I/O error on dev loop0, logical block 101, lost async page write [ 92.577928][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.577928][ T2825] loop0: rw=1048577, sector=102, nr_sectors = 1 limit=64 [ 92.591710][ T2825] Buffer I/O error on dev loop0, logical block 102, lost async page write [ 92.600829][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.600829][ T2825] loop0: rw=1048577, sector=103, nr_sectors = 1 limit=64 [ 92.615214][ T2825] Buffer I/O error on dev loop0, logical block 103, lost async page write [ 92.624781][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.624781][ T2825] loop0: rw=1048577, sector=104, nr_sectors = 1 limit=64 [ 92.639008][ T2825] Buffer I/O error on dev loop0, logical block 104, lost async page write [ 92.649755][ T2825] kworker/u4:9: attempt to access beyond end of device [ 92.649755][ T2825] loop0: rw=1048577, sector=105, nr_sectors = 4064 limit=64 [ 93.581435][ T5058] Bluetooth: hci0: command 0x0419 tx timeout