Warning: Permanently added '10.128.0.90' (ED25519) to the list of known hosts. 2023/11/03 21:22:27 ignoring optional flag "sandboxArg"="0" 2023/11/03 21:22:27 parsed 1 programs [ 104.670731][ T5411] cgroup: Unknown subsys name 'net' [ 104.684955][ T5411] cgroup: Unknown subsys name 'rlimit' 2023/11/03 21:22:27 executed programs: 0 [ 105.841821][ T4466] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 105.849751][ T4466] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 105.858868][ T4466] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 105.867178][ T4466] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 105.875655][ T4466] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 105.883002][ T4466] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 106.023617][ T5416] chnl_net:caif_netlink_parms(): no params data found [ 106.095641][ T5416] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.103078][ T5416] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.110811][ T5416] bridge_slave_0: entered allmulticast mode [ 106.118582][ T5416] bridge_slave_0: entered promiscuous mode [ 106.127718][ T5416] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.135240][ T5416] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.142417][ T5416] bridge_slave_1: entered allmulticast mode [ 106.149419][ T5416] bridge_slave_1: entered promiscuous mode [ 106.182548][ T5416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.195790][ T5416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.232512][ T5416] team0: Port device team_slave_0 added [ 106.241026][ T5416] team0: Port device team_slave_1 added [ 106.269562][ T5416] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.276581][ T5416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.303303][ T5416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.316753][ T5416] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.323874][ T5416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.350227][ T5416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.391306][ T5416] hsr_slave_0: entered promiscuous mode [ 106.398067][ T5416] hsr_slave_1: entered promiscuous mode [ 106.510613][ T5416] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.517746][ T5416] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.525362][ T5416] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.532584][ T5416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.601395][ T5416] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.619363][ T27] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.627813][ T27] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.645562][ T5416] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.664326][ T27] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.671932][ T27] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.680720][ T27] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.687859][ T27] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.767641][ T5416] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.091902][ T5416] veth0_vlan: entered promiscuous mode [ 107.106965][ T5416] veth1_vlan: entered promiscuous mode [ 107.143533][ T5416] veth0_macvtap: entered promiscuous mode [ 107.153833][ T5416] veth1_macvtap: entered promiscuous mode [ 107.175827][ T5416] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.195179][ T5416] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.277207][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.286198][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.327700][ T5081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.335860][ T5081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.397841][ T5436] [ 107.400573][ T5436] ============================================ [ 107.406741][ T5436] WARNING: possible recursive locking detected [ 107.412972][ T5436] 6.6.0-syzkaller-12893-ge392ea4d4d00 #0 Not tainted [ 107.420000][ T5436] -------------------------------------------- [ 107.426273][ T5436] syz-executor.0/5436 is trying to acquire lock: [ 107.432601][ T5436] ffff8880738d24d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: __dev_queue_xmit+0x1a7f/0x3d10 [ 107.442016][ T5436] [ 107.442016][ T5436] but task is already holding lock: [ 107.449699][ T5436] ffff88801c9bd0d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x333/0xc20 [ 107.459452][ T5436] [ 107.459452][ T5436] other info that might help us debug this: [ 107.467505][ T5436] Possible unsafe locking scenario: [ 107.467505][ T5436] [ 107.475032][ T5436] CPU0 [ 107.478300][ T5436] ---- [ 107.481575][ T5436] lock(_xmit_ETHER#2); [ 107.485929][ T5436] lock(_xmit_ETHER#2); [ 107.490260][ T5436] [ 107.490260][ T5436] *** DEADLOCK *** [ 107.490260][ T5436] [ 107.498396][ T5436] May be due to missing lock nesting notation [ 107.498396][ T5436] [ 107.506799][ T5436] 6 locks held by syz-executor.0/5436: [ 107.512349][ T5436] #0: ffffffff8cfad260 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x36a/0x2550 [ 107.522376][ T5436] #1: ffffffff8cfad200 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x244/0x3d10 [ 107.532304][ T5436] #2: ffff888141260258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x104f/0x3d10 [ 107.544925][ T5436] #3: ffff88801c9bd0d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x333/0xc20 [ 107.554464][ T5436] #4: ffffffff8cfad260 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x36a/0x2550 [ 107.564404][ T5436] #5: ffffffff8cfad200 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x244/0x3d10 [ 107.574431][ T5436] [ 107.574431][ T5436] stack backtrace: [ 107.580311][ T5436] CPU: 1 PID: 5436 Comm: syz-executor.0 Not tainted 6.6.0-syzkaller-12893-ge392ea4d4d00 #0 [ 107.590280][ T5436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 107.600429][ T5436] Call Trace: [ 107.603701][ T5436] [ 107.606625][ T5436] dump_stack_lvl+0xd9/0x1b0 [ 107.611223][ T5436] __lock_acquire+0x2971/0x5de0 [ 107.616350][ T5436] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 107.622336][ T5436] ? __sys_sendmmsg+0x1a1/0x450 [ 107.627195][ T5436] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 107.633266][ T5436] lock_acquire+0x1ae/0x510 [ 107.637881][ T5436] ? __dev_queue_xmit+0x1a7f/0x3d10 [ 107.643456][ T5436] ? lock_sync+0x190/0x190 [ 107.647884][ T5436] ? validate_xmit_xfrm+0x49b/0x12d0 [ 107.653177][ T5436] ? validate_xmit_skb+0x522/0xeb0 [ 107.658818][ T5436] _raw_spin_lock+0x2e/0x40 [ 107.663333][ T5436] ? __dev_queue_xmit+0x1a7f/0x3d10 [ 107.668535][ T5436] __dev_queue_xmit+0x1a7f/0x3d10 [ 107.673583][ T5436] ? print_usage_bug.part.0+0x670/0x670 [ 107.679312][ T5436] ? ___neigh_create+0x1878/0x2a20 [ 107.684428][ T5436] ? netdev_core_pick_tx+0x390/0x390 [ 107.689720][ T5436] ? lock_acquire+0x1ae/0x510 [ 107.694491][ T5436] ? find_held_lock+0x2d/0x110 [ 107.699348][ T5436] ? ip_finish_output2+0x833/0x2550 [ 107.704666][ T5436] ? reacquire_held_locks+0x4b0/0x4b0 [ 107.710049][ T5436] ? skb_push+0x9a/0xe0 [ 107.714652][ T5436] ? eth_header+0x11c/0x1f0 [ 107.719249][ T5436] neigh_resolve_output+0x58c/0x900 [ 107.724472][ T5436] ip_finish_output2+0x833/0x2550 [ 107.729541][ T5436] ? nf_hook+0x3bd/0x6c0 [ 107.733808][ T5436] ? ip_fragment.constprop.0+0x230/0x230 [ 107.739467][ T5436] ? ip_skb_dst_mtu+0x4c5/0xca0 [ 107.744331][ T5436] ? nf_hook+0x6c0/0x6c0 [ 107.748596][ T5436] __ip_finish_output+0x38b/0x640 [ 107.753804][ T5436] ip_finish_output+0x31/0x310 [ 107.759047][ T5436] ip_output+0x13b/0x290 [ 107.763446][ T5436] ip_local_out+0xaf/0x190 [ 107.767969][ T5436] iptunnel_xmit+0x618/0x9b0 [ 107.772661][ T5436] ip_tunnel_xmit+0x1db4/0x33b0 [ 107.777785][ T5436] ? ip_md_tunnel_xmit+0x1ff0/0x1ff0 [ 107.783118][ T5436] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 107.789369][ T5436] ? skb_network_protocol+0x1f0/0x670 [ 107.794843][ T5436] ? __gre_xmit+0x4f5/0x990 [ 107.799433][ T5436] erspan_xmit+0x52b/0x1f90 [ 107.803941][ T5436] ? do_raw_spin_lock+0x12e/0x2b0 [ 107.808979][ T5436] dev_hard_start_xmit+0x13d/0x6c0 [ 107.814098][ T5436] sch_direct_xmit+0x1ac/0xc20 [ 107.818962][ T5436] ? lock_sync+0x190/0x190 [ 107.823385][ T5436] ? dev_watchdog+0x8f0/0x8f0 [ 107.828065][ T5436] ? do_raw_spin_trylock+0xb1/0x180 [ 107.833276][ T5436] ? do_raw_spin_lock+0x290/0x2b0 [ 107.838307][ T5436] ? __lock_acquire+0x250f/0x5de0 [ 107.843342][ T5436] __dev_queue_xmit+0x1273/0x3d10 [ 107.848373][ T5436] ? ___neigh_create+0x1878/0x2a20 [ 107.853490][ T5436] ? netdev_core_pick_tx+0x390/0x390 [ 107.858954][ T5436] ? find_held_lock+0x2d/0x110 [ 107.863722][ T5436] ? ip_finish_output2+0x833/0x2550 [ 107.868925][ T5436] ? reacquire_held_locks+0x4b0/0x4b0 [ 107.874389][ T5436] ? do_raw_write_lock+0x11e/0x3b0 [ 107.879597][ T5436] ? skb_push+0x9a/0xe0 [ 107.883845][ T5436] ? eth_header+0x11c/0x1f0 [ 107.888440][ T5436] neigh_resolve_output+0x58c/0x900 [ 107.893918][ T5436] ip_finish_output2+0x833/0x2550 [ 107.898959][ T5436] ? nf_hook+0x3bd/0x6c0 [ 107.903211][ T5436] ? ip_fragment.constprop.0+0x230/0x230 [ 107.908936][ T5436] ? ip_skb_dst_mtu+0x4c5/0xca0 [ 107.913827][ T5436] ? nf_hook+0x6c0/0x6c0 [ 107.918083][ T5436] __ip_finish_output+0x38b/0x640 [ 107.923122][ T5436] ip_finish_output+0x31/0x310 [ 107.927993][ T5436] ip_output+0x13b/0x290 [ 107.932248][ T5436] ip_send_skb+0xd3/0x250 [ 107.936802][ T5436] udp_send_skb+0x745/0x1530 [ 107.941407][ T5436] udp_sendmsg+0x1a17/0x2b20 [ 107.946001][ T5436] ? ip_frag_init+0x320/0x320 [ 107.950960][ T5436] ? udp_unicast_rcv_skb+0x3a0/0x3a0 [ 107.956371][ T5436] ? mark_lock+0x105/0x1950 [ 107.960985][ T5436] ? mark_lock+0x105/0x1950 [ 107.965498][ T5436] ? print_usage_bug.part.0+0x670/0x670 [ 107.971144][ T5436] ? print_usage_bug.part.0+0x670/0x670 [ 107.976795][ T5436] ? udpv6_sendmsg+0xf55/0x3010 [ 107.981821][ T5436] udpv6_sendmsg+0xf55/0x3010 [ 107.986498][ T5436] ? __lock_acquire+0x182f/0x5de0 [ 107.991540][ T5436] ? udp6_unicast_rcv_skb+0x2f0/0x2f0 [ 107.996919][ T5436] ? __lock_acquire+0x182f/0x5de0 [ 108.001967][ T5436] ? aa_af_perm+0x250/0x250 [ 108.006563][ T5436] ? inet6_sendmsg+0x9d/0xe0 [ 108.011155][ T5436] inet6_sendmsg+0x9d/0xe0 [ 108.015693][ T5436] ? inet6_compat_ioctl+0x360/0x360 [ 108.020914][ T5436] __sock_sendmsg+0xd5/0x180 [ 108.025546][ T5436] ____sys_sendmsg+0x2ac/0x940 [ 108.030335][ T5436] ? copy_msghdr_from_user+0x10b/0x160 [ 108.035900][ T5436] ? kernel_sendmsg+0x50/0x50 [ 108.040597][ T5436] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 108.046599][ T5436] ___sys_sendmsg+0x135/0x1d0 [ 108.051304][ T5436] ? do_recvmmsg+0x740/0x740 [ 108.055901][ T5436] ? find_held_lock+0x2d/0x110 [ 108.060684][ T5436] ? reacquire_held_locks+0x4b0/0x4b0 [ 108.066068][ T5436] ? __fget_light+0xe6/0x260 [ 108.070665][ T5436] __sys_sendmmsg+0x1a1/0x450 [ 108.075438][ T5436] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 108.080480][ T5436] ? rcu_is_watching+0x12/0xb0 [ 108.085857][ T5436] ? folio_memcg_unlock+0x280/0x280 [ 108.091332][ T5436] __x64_sys_sendmmsg+0x9c/0x100 [ 108.096362][ T5436] ? syscall_enter_from_user_mode+0x26/0x80 [ 108.102349][ T5436] do_syscall_64+0x3f/0x110 [ 108.106941][ T5436] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 108.113108][ T5436] RIP: 0033:0x7efd936792a9 [ 108.117654][ T5436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b4 ff ff ff f7 d8 64 89 01 48 [ 108.137262][ T5436] RSP: 002b:00007efd948860d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 108.145697][ T5436] RAX: ffffffffffffffda RBX: 00007efd9378bf60 RCX: 00007efd936792a9 [ 108.153700][ T5436] RDX: 0000000000000001 RSI: 0000000020004d80 RDI: 0000000000000004 [ 108.161685][ T5436] RBP: 00007efd936d3fde R08: 0000000000000000 R09: 0000000000000000 [ 108.170090][ T5436] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.178068][ T5436] R13: 000000000000000b R14: 00007efd9378bf60 R15: 00007ffc4198fa78 [ 108.186758][ T5436] [ 108.210138][ T5071] Bluetooth: hci0: command 0x0409 tx timeout 2023/11/03 21:22:32 executed programs: 79 [ 110.230861][ T5071] Bluetooth: hci0: command 0x041b tx timeout [ 112.310851][ T5071] Bluetooth: hci0: command 0x040f tx timeout [ 113.596380][ T6054] syz-executor.0 (6054) used greatest stack depth: 21776 bytes left [ 114.390458][ T5071] Bluetooth: hci0: command 0x0419 tx timeout 2023/11/03 21:22:37 executed programs: 376