[   76.493161][    T7] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.174' (ECDSA) to the list of known hosts.
2023/04/17 09:24:05 ignoring optional flag "sandboxArg"="0"
2023/04/17 09:24:05 parsed 1 programs
[   78.783628][ T5526] cgroup: Unknown subsys name 'net'
[   78.794238][ T5526] cgroup: Unknown subsys name 'rlimit'
2023/04/17 09:24:05 executed programs: 0
[   82.171330][ T5077] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   84.256730][ T4394] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   84.264847][ T4394] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   84.273316][ T4394] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.282400][ T4394] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.290273][ T4394] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   84.297758][ T4394] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   84.374587][ T5533] chnl_net:caif_netlink_parms(): no params data found
[   84.414596][ T5533] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.421810][ T5533] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.429517][ T5533] bridge_slave_0: entered allmulticast mode
[   84.436401][ T5533] bridge_slave_0: entered promiscuous mode
[   84.444241][ T5533] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.451474][ T5533] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.458714][ T5533] bridge_slave_1: entered allmulticast mode
[   84.466099][ T5533] bridge_slave_1: entered promiscuous mode
[   84.485086][ T5533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.496514][ T5533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.519503][ T5533] team0: Port device team_slave_0 added
[   84.527264][ T5533] team0: Port device team_slave_1 added
[   84.545220][ T5533] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.552386][ T5533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.579171][ T5533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.592212][ T5533] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.599197][ T5533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.625304][ T5533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.650599][ T5533] hsr_slave_0: entered promiscuous mode
[   84.657259][ T5533] hsr_slave_1: entered promiscuous mode
[   84.716488][ T5533] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.723965][ T5533] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.731928][ T5533] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.739039][ T5533] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.776428][ T5533] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.790000][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   84.798776][ T1656] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.807392][ T1656] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.815306][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   84.828001][ T5533] 8021q: adding VLAN 0 to HW filter on device team0
[   84.838240][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.846882][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.854338][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.872101][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   84.880568][ T1656] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.887796][ T1656] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.896379][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.907249][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   84.918021][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.933982][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   84.942957][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.953690][ T5533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.970982][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   84.978841][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   84.990263][ T5533] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.331590][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   85.343646][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   85.352976][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   85.360717][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   85.371397][ T5533] veth0_vlan: entered promiscuous mode
[   85.381521][ T5533] veth1_vlan: entered promiscuous mode
[   85.398791][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   85.408040][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   85.418438][ T5533] veth0_macvtap: entered promiscuous mode
[   85.428240][ T5533] veth1_macvtap: entered promiscuous mode
[   85.442737][ T5533] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.450154][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   85.459380][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   85.467601][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   85.476733][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.487597][ T5533] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.495956][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   85.504893][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   85.557940][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.575632][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.585860][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.594115][ T1656] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   85.595134][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.611930][ T5085] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   85.654751][ T5555] 
[   85.657311][ T5555] ============================================
[   85.663592][ T5555] WARNING: possible recursive locking detected
[   85.669756][ T5555] 6.3.0-rc6-syzkaller-01689-g99676a576641 #0 Not tainted
[   85.676869][ T5555] --------------------------------------------
[   85.683031][ T5555] syz-executor.0/5555 is trying to acquire lock:
[   85.689429][ T5555] ffff888076bef8d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: __dev_queue_xmit+0x2ccf/0x3b30
[   85.698856][ T5555] 
[   85.698856][ T5555] but task is already holding lock:
[   85.706224][ T5555] ffff888023c1c4d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x31c/0xc30
[   85.715366][ T5555] 
[   85.715366][ T5555] other info that might help us debug this:
[   85.723437][ T5555]  Possible unsafe locking scenario:
[   85.723437][ T5555] 
[   85.731167][ T5555]        CPU0
[   85.734468][ T5555]        ----
[   85.737739][ T5555]   lock(_xmit_ETHER#2);
[   85.742160][ T5555]   lock(_xmit_ETHER#2);
[   85.746517][ T5555] 
[   85.746517][ T5555]  *** DEADLOCK ***
[   85.746517][ T5555] 
[   85.754741][ T5555]  May be due to missing lock nesting notation
[   85.754741][ T5555] 
[   85.763051][ T5555] 6 locks held by syz-executor.0/5555:
[   85.768517][ T5555]  #0: ffffffff8c7955c0 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x29c/0x22d0
[   85.778262][ T5555]  #1: ffffffff8c795560 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x22c/0x3b30
[   85.788195][ T5555]  #2: ffff888020a8f258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x12c5/0x3b30
[   85.800720][ T5555]  #3: ffff888023c1c4d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x31c/0xc30
[   85.810232][ T5555]  #4: ffffffff8c7955c0 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x29c/0x22d0
[   85.820012][ T5555]  #5: ffffffff8c795560 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x22c/0x3b30
[   85.830111][ T5555] 
[   85.830111][ T5555] stack backtrace:
[   85.835993][ T5555] CPU: 1 PID: 5555 Comm: syz-executor.0 Not tainted 6.3.0-rc6-syzkaller-01689-g99676a576641 #0
[   85.846570][ T5555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[   85.856938][ T5555] Call Trace:
[   85.860218][ T5555]  <TASK>
[   85.863146][ T5555]  dump_stack_lvl+0xd9/0x150
[   85.867740][ T5555]  __lock_acquire+0x1362/0x5d40
[   85.872614][ T5555]  ? udp_sendmsg+0x1b86/0x27e0
[   85.877384][ T5555]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   85.883380][ T5555]  ? skb_checksum+0x94/0xc0
[   85.887971][ T5555]  lock_acquire+0x1af/0x520
[   85.892583][ T5555]  ? __dev_queue_xmit+0x2ccf/0x3b30
[   85.897815][ T5555]  ? lock_release+0x670/0x670
[   85.902519][ T5555]  ? validate_xmit_skb+0x816/0xea0
[   85.907749][ T5555]  _raw_spin_lock+0x2e/0x40
[   85.912473][ T5555]  ? __dev_queue_xmit+0x2ccf/0x3b30
[   85.917703][ T5555]  __dev_queue_xmit+0x2ccf/0x3b30
[   85.922836][ T5555]  ? print_usage_bug.part.0+0x660/0x660
[   85.928575][ T5555]  ? netdev_core_pick_tx+0x3b0/0x3b0
[   85.933957][ T5555]  ? find_held_lock+0x2d/0x110
[   85.938995][ T5555]  ? ip_finish_output2+0x695/0x22d0
[   85.944555][ T5555]  ? lock_downgrade+0x690/0x690
[   85.949410][ T5555]  ? mark_held_locks+0x9f/0xe0
[   85.954183][ T5555]  ? skb_push+0x9b/0xe0
[   85.958342][ T5555]  neigh_resolve_output+0x51b/0x870
[   85.963575][ T5555]  ip_finish_output2+0x695/0x22d0
[   85.968603][ T5555]  ? nf_hook+0x20d/0x640
[   85.972869][ T5555]  ? ip_fragment.constprop.0+0x240/0x240
[   85.978503][ T5555]  ? nf_hook+0x640/0x640
[   85.982744][ T5555]  ? lockdep_hardirqs_on+0x7d/0x100
[   85.987962][ T5555]  __ip_finish_output+0x396/0x650
[   85.993091][ T5555]  ip_finish_output+0x31/0x280
[   85.997859][ T5555]  ip_output+0x1a3/0x320
[   86.002112][ T5555]  ip_local_out+0xb3/0x1a0
[   86.006627][ T5555]  iptunnel_xmit+0x622/0xa50
[   86.011254][ T5555]  ip_tunnel_xmit+0xfc9/0x3170
[   86.016039][ T5555]  ? ip_md_tunnel_xmit+0x1f80/0x1f80
[   86.021327][ T5555]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   86.027343][ T5555]  ? __gre_xmit+0x4f4/0x980
[   86.032032][ T5555]  erspan_xmit+0x1130/0x2760
[   86.036629][ T5555]  dev_hard_start_xmit+0x187/0x700
[   86.041760][ T5555]  sch_direct_xmit+0x1a3/0xc30
[   86.046555][ T5555]  ? lock_release+0x670/0x670
[   86.051345][ T5555]  ? dev_watchdog+0x830/0x830
[   86.056050][ T5555]  ? do_raw_spin_trylock+0xb4/0x180
[   86.061259][ T5555]  ? do_raw_spin_lock+0x210/0x2b0
[   86.066395][ T5555]  __dev_queue_xmit+0x14ed/0x3b30
[   86.071432][ T5555]  ? netdev_core_pick_tx+0x3b0/0x3b0
[   86.076724][ T5555]  ? find_held_lock+0x2d/0x110
[   86.081507][ T5555]  ? ip_finish_output2+0x695/0x22d0
[   86.086851][ T5555]  ? lock_downgrade+0x690/0x690
[   86.091726][ T5555]  ? do_raw_write_lock+0x11e/0x3b0
[   86.096959][ T5555]  ? neigh_resolve_output+0x669/0x870
[   86.102346][ T5555]  ? skb_push+0x9b/0xe0
[   86.106521][ T5555]  neigh_resolve_output+0x51b/0x870
[   86.111824][ T5555]  ip_finish_output2+0x695/0x22d0
[   86.116952][ T5555]  ? nf_hook+0x20d/0x640
[   86.121220][ T5555]  ? ip_fragment.constprop.0+0x240/0x240
[   86.127484][ T5555]  ? nf_hook+0x640/0x640
[   86.131742][ T5555]  ? ip_vs_ftp_out.part.0+0xa33/0x1070
[   86.137339][ T5555]  __ip_finish_output+0x396/0x650
[   86.142507][ T5555]  ip_finish_output+0x31/0x280
[   86.147323][ T5555]  ip_output+0x1a3/0x320
[   86.151580][ T5555]  ip_send_skb+0xd8/0x260
[   86.155961][ T5555]  udp_send_skb+0x73a/0x1490
[   86.160562][ T5555]  udp_sendmsg+0x1b86/0x27e0
[   86.165858][ T5555]  ? ip_frag_init+0x320/0x320
[   86.170555][ T5555]  ? udp_recvmsg+0x12d0/0x12d0
[   86.175340][ T5555]  ? mark_lock.part.0+0xee/0x1970
[   86.180377][ T5555]  ? print_usage_bug.part.0+0x660/0x660
[   86.185940][ T5555]  ? print_usage_bug.part.0+0x660/0x660
[   86.191591][ T5555]  ? __lock_acquire+0x18bc/0x5d40
[   86.196644][ T5555]  udpv6_sendmsg+0x180a/0x2d50
[   86.201439][ T5555]  ? udp_v6_push_pending_frames+0x200/0x200
[   86.207372][ T5555]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   86.213386][ T5555]  ? find_held_lock+0x2d/0x110
[   86.218176][ T5555]  ? aa_sk_perm+0x31d/0xb10
[   86.222723][ T5555]  ? aa_af_perm+0x240/0x240
[   86.227318][ T5555]  inet6_sendmsg+0x9d/0xe0
[   86.231735][ T5555]  ? inet6_compat_ioctl+0x320/0x320
[   86.236960][ T5555]  sock_sendmsg+0xde/0x190
[   86.241390][ T5555]  ____sys_sendmsg+0x334/0x900
[   86.246200][ T5555]  ? copy_msghdr_from_user+0xfc/0x150
[   86.251867][ T5555]  ? kernel_sendmsg+0x50/0x50
[   86.256683][ T5555]  ___sys_sendmsg+0x110/0x1b0
[   86.261380][ T5555]  ? do_recvmmsg+0x6e0/0x6e0
[   86.265992][ T5555]  ? __fget_files+0x248/0x480
[   86.270692][ T5555]  ? lock_downgrade+0x690/0x690
[   86.275571][ T5555]  ? schedule+0xe8/0x1a0
[   86.279822][ T5555]  ? futex_unqueue+0xb7/0x120
[   86.284510][ T5555]  ? __fget_files+0x26a/0x480
[   86.289184][ T5555]  ? __fget_light+0xe5/0x270
[   86.293767][ T5555]  __sys_sendmmsg+0x18f/0x460
[   86.298551][ T5555]  ? __ia32_sys_sendmsg+0xb0/0xb0
[   86.303571][ T5555]  ? __local_bh_enable_ip+0xa4/0x130
[   86.308960][ T5555]  ? __ia32_sys_get_robust_list+0x400/0x400
[   86.314943][ T5555]  ? fput+0x2f/0x1a0
[   86.318868][ T5555]  ? xfd_validate_state+0x5d/0x180
[   86.324184][ T5555]  ? restore_fpregs_from_fpstate+0xc1/0x1c0
[   86.330277][ T5555]  ? __sys_socket+0x8e/0x250
[   86.332093][ T4394] Bluetooth: hci0: command 0x0409 tx timeout
[   86.335045][ T5555]  ? do_futex+0x360/0x360
[   86.345617][ T5555]  __x64_sys_sendmmsg+0x9d/0x100
[   86.350567][ T5555]  ? syscall_enter_from_user_mode+0x26/0x80
[   86.356560][ T5555]  do_syscall_64+0x39/0xb0
[   86.361013][ T5555]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   86.367001][ T5555] RIP: 0033:0x7fdae7c88a39
[   86.371428][ T5555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   86.391246][ T5555] RSP: 002b:00007fdae8d37188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   86.400004][ T5555] RAX: ffffffffffffffda RBX: 00007fdae7d9bf60 RCX: 00007fdae7c88a39
2023/04/17 09:24:13 executed programs: 1
[   86.408056][ T5555] RDX: 0000000000000001 RSI: 0000000020004d80 RDI: 0000000000000004
[   86.416460][ T5555] RBP: 00007fdae7ce2e8f R08: 0000000000000000 R09: 0000000000000000
[   86.424458][ T5555] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000000
[   86.432447][ T5555] R13: 00007ffcbf8da85f R14: 00007fdae8d37300 R15: 0000000000022000
[   86.442708][ T5555]  </TASK>
[   88.411423][ T4394] Bluetooth: hci0: command 0x041b tx timeout
[   90.491433][ T4394] Bluetooth: hci0: command 0x040f tx timeout
2023/04/17 09:24:18 executed programs: 336
[   92.571409][ T4394] Bluetooth: hci0: command 0x0419 tx timeout