Warning: Permanently added '10.128.0.234' (ED25519) to the list of known hosts. 2023/10/06 22:32:10 ignoring optional flag "sandboxArg"="0" 2023/10/06 22:32:10 parsed 1 programs [ 109.384425][ T5387] cgroup: Unknown subsys name 'net' [ 109.397361][ T5387] cgroup: Unknown subsys name 'rlimit' 2023/10/06 22:32:10 executed programs: 0 [ 110.517025][ T5049] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 110.525540][ T5049] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 110.534333][ T5049] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 110.543480][ T5049] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 110.552148][ T5049] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 110.559552][ T5049] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 110.705087][ T5392] chnl_net:caif_netlink_parms(): no params data found [ 110.784896][ T5392] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.792319][ T5392] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.799755][ T5392] bridge_slave_0: entered allmulticast mode [ 110.806898][ T5392] bridge_slave_0: entered promiscuous mode [ 110.815992][ T5392] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.823462][ T5392] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.831838][ T5392] bridge_slave_1: entered allmulticast mode [ 110.839969][ T5392] bridge_slave_1: entered promiscuous mode [ 110.874817][ T5392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 110.887276][ T5392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 110.926442][ T5392] team0: Port device team_slave_0 added [ 110.936080][ T5392] team0: Port device team_slave_1 added [ 110.967495][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.974543][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.001492][ T5392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 111.015756][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 111.022988][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.051339][ T5392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 111.096608][ T5392] hsr_slave_0: entered promiscuous mode [ 111.103720][ T5392] hsr_slave_1: entered promiscuous mode [ 111.225178][ T5392] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.233091][ T5392] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.240787][ T5392] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.248142][ T5392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.319871][ T5392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.338036][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.345851][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.366118][ T5392] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.381440][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.388733][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.401854][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.409286][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.493602][ T5392] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.832585][ T5392] veth0_vlan: entered promiscuous mode [ 111.847069][ T5392] veth1_vlan: entered promiscuous mode [ 111.882552][ T5392] veth0_macvtap: entered promiscuous mode [ 111.892660][ T5392] veth1_macvtap: entered promiscuous mode [ 111.914392][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.933213][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.015223][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.029344][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.071084][ T5062] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.079244][ T5062] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.140623][ T5412] netlink: 244 bytes leftover after parsing attributes in process `syz-executor.0'. [ 112.340837][ T5416] [ 112.343222][ T5416] ============================================ [ 112.349554][ T5416] WARNING: possible recursive locking detected [ 112.355702][ T5416] 6.6.0-rc4-syzkaller-00218-gaf95dc6fdc25 #0 Not tainted [ 112.362722][ T5416] -------------------------------------------- [ 112.368951][ T5416] syz-executor.0/5416 is trying to acquire lock: [ 112.375272][ T5416] ffff8880214ec218 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x2e8f/0x3d60 [ 112.387402][ T5416] [ 112.387402][ T5416] but task is already holding lock: [ 112.394844][ T5416] ffff88802047e258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x104a/0x3d60 [ 112.407128][ T5416] [ 112.407128][ T5416] other info that might help us debug this: [ 112.415195][ T5416] Possible unsafe locking scenario: [ 112.415195][ T5416] [ 112.422729][ T5416] CPU0 [ 112.426001][ T5416] ---- [ 112.429272][ T5416] lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock); [ 112.436299][ T5416] lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock); [ 112.443243][ T5416] [ 112.443243][ T5416] *** DEADLOCK *** [ 112.443243][ T5416] [ 112.451489][ T5416] May be due to missing lock nesting notation [ 112.451489][ T5416] [ 112.460069][ T5416] 6 locks held by syz-executor.0/5416: [ 112.465540][ T5416] #0: ffffffff8cbab2a0 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x367/0x2550 [ 112.475600][ T5416] #1: ffffffff8cbab240 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x244/0x3d60 [ 112.485919][ T5416] #2: ffff88802047e258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x104a/0x3d60 [ 112.498579][ T5416] #3: ffff88807a3efcd8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x333/0xc20 [ 112.508271][ T5416] #4: ffffffff8cbab2a0 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x367/0x2550 [ 112.518481][ T5416] #5: ffffffff8cbab240 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x244/0x3d60 [ 112.528692][ T5416] [ 112.528692][ T5416] stack backtrace: [ 112.534576][ T5416] CPU: 1 PID: 5416 Comm: syz-executor.0 Not tainted 6.6.0-rc4-syzkaller-00218-gaf95dc6fdc25 #0 [ 112.545078][ T5416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 112.555131][ T5416] Call Trace: [ 112.558503][ T5416] [ 112.561524][ T5416] dump_stack_lvl+0xd9/0x1b0 [ 112.566212][ T5416] __lock_acquire+0x2971/0x5de0 [ 112.571351][ T5416] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.577523][ T5416] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.583866][ T5416] ? print_usage_bug.part.0+0x670/0x670 [ 112.589605][ T5416] lock_acquire+0x1ae/0x510 [ 112.594558][ T5416] ? __dev_queue_xmit+0x2e8f/0x3d60 [ 112.599957][ T5416] ? lock_sync+0x190/0x190 [ 112.604736][ T5416] ? lock_sync+0x190/0x190 [ 112.609166][ T5416] ? __lock_acquire+0x182f/0x5de0 [ 112.614244][ T5416] _raw_spin_lock+0x2e/0x40 [ 112.618752][ T5416] ? __dev_queue_xmit+0x2e8f/0x3d60 [ 112.624256][ T5416] __dev_queue_xmit+0x2e8f/0x3d60 [ 112.629479][ T5416] ? print_usage_bug.part.0+0x670/0x670 [ 112.635244][ T5416] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.641497][ T5416] ? ipt_do_table+0xd63/0x1a80 [ 112.646279][ T5416] ? netdev_core_pick_tx+0x390/0x390 [ 112.651680][ T5416] ? lock_acquire+0x1ae/0x510 [ 112.656381][ T5416] ? find_held_lock+0x2d/0x110 [ 112.661197][ T5416] ? __ip_finish_output+0x38b/0x640 [ 112.666400][ T5416] ? reacquire_held_locks+0x4b0/0x4b0 [ 112.671786][ T5416] ? mark_held_locks+0x9f/0xe0 [ 112.676653][ T5416] ip_finish_output2+0x169f/0x2550 [ 112.681874][ T5416] ? ip_fragment.constprop.0+0x230/0x230 [ 112.687532][ T5416] ? nf_hook+0x6c0/0x6c0 [ 112.691801][ T5416] __ip_finish_output+0x38b/0x640 [ 112.696963][ T5416] ip_finish_output+0x31/0x310 [ 112.701748][ T5416] ip_output+0x13b/0x290 [ 112.706278][ T5416] ip_local_out+0xaf/0x190 [ 112.710723][ T5416] iptunnel_xmit+0x61a/0x9e0 [ 112.715534][ T5416] ip_tunnel_xmit+0x1e4f/0x3370 [ 112.720496][ T5416] ? ip_md_tunnel_xmit+0x1fc0/0x1fc0 [ 112.725809][ T5416] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.731818][ T5416] ? skb_network_protocol+0x1f0/0x670 [ 112.737441][ T5416] ? __gre_xmit+0x4f5/0x990 [ 112.742045][ T5416] erspan_xmit+0x52b/0x1f90 [ 112.746559][ T5416] ? do_raw_spin_lock+0x12e/0x2b0 [ 112.751775][ T5416] dev_hard_start_xmit+0x13d/0x6c0 [ 112.757425][ T5416] sch_direct_xmit+0x1ac/0xc20 [ 112.762209][ T5416] ? lock_sync+0x190/0x190 [ 112.766726][ T5416] ? dev_watchdog+0x8f0/0x8f0 [ 112.771415][ T5416] ? do_raw_spin_trylock+0xb1/0x180 [ 112.779961][ T5416] ? do_raw_spin_lock+0x1e0/0x2b0 [ 112.785130][ T5416] ? __lock_acquire+0x182f/0x5de0 [ 112.790195][ T5416] __dev_queue_xmit+0x126e/0x3d60 [ 112.795343][ T5416] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.801348][ T5416] ? ipt_do_table+0xd63/0x1a80 [ 112.806130][ T5416] ? netdev_core_pick_tx+0x390/0x390 [ 112.811523][ T5416] ? find_held_lock+0x2d/0x110 [ 112.816394][ T5416] ? __ip_finish_output+0x38b/0x640 [ 112.821596][ T5416] ? reacquire_held_locks+0x4b0/0x4b0 [ 112.826986][ T5416] ? nf_hook+0x3b8/0x6c0 [ 112.832038][ T5416] ip_finish_output2+0x169f/0x2550 [ 112.837176][ T5416] ? ip_fragment.constprop.0+0x230/0x230 [ 112.842836][ T5416] ? nf_hook+0x6c0/0x6c0 [ 112.847104][ T5416] __ip_finish_output+0x38b/0x640 [ 112.852144][ T5416] ip_finish_output+0x31/0x310 [ 112.856921][ T5416] ip_output+0x13b/0x290 [ 112.861260][ T5416] ip_send_skb+0xd3/0x250 [ 112.865598][ T5416] udp_send_skb+0x73a/0x1490 [ 112.870289][ T5416] udp_sendmsg+0x1a83/0x2b40 [ 112.875087][ T5416] ? aa_label_sk_perm+0x154/0x540 [ 112.880139][ T5416] ? ip_frag_init+0x320/0x320 [ 112.884850][ T5416] ? udp_unicast_rcv_skb+0x3a0/0x3a0 [ 112.890178][ T5416] ? preempt_count_sub+0x150/0x150 [ 112.895398][ T5416] ? aa_sk_perm+0x2c1/0xad0 [ 112.900089][ T5416] ? print_usage_bug.part.0+0x670/0x670 [ 112.905929][ T5416] ? inet_sendmsg+0x9d/0xe0 [ 112.910711][ T5416] inet_sendmsg+0x9d/0xe0 [ 112.915481][ T5416] ? inet_send_prepare+0x530/0x530 [ 112.920683][ T5416] __sock_sendmsg+0xd5/0x180 [ 112.925288][ T5416] ____sys_sendmsg+0x2ac/0x940 [ 112.930081][ T5416] ? copy_msghdr_from_user+0x10b/0x160 [ 112.935544][ T5416] ? kernel_sendmsg+0x50/0x50 [ 112.940418][ T5416] ___sys_sendmsg+0x135/0x1d0 [ 112.945101][ T5416] ? do_recvmmsg+0x740/0x740 [ 112.949802][ T5416] ? __might_fault+0x63/0x1a0 [ 112.954492][ T5416] ? preempt_count_sub+0x150/0x150 [ 112.959713][ T5416] ? __might_fault+0xe6/0x1a0 [ 112.964398][ T5416] __sys_sendmmsg+0x1a1/0x450 [ 112.969083][ T5416] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 112.974117][ T5416] ? rcu_is_watching+0x12/0xb0 [ 112.978894][ T5416] ? folio_memcg_unlock+0x2d0/0x2d0 [ 112.984296][ T5416] __x64_sys_sendmmsg+0x9c/0x100 [ 112.989249][ T5416] ? syscall_enter_from_user_mode+0x26/0x80 [ 112.995162][ T5416] do_syscall_64+0x38/0xb0 [ 112.999591][ T5416] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 113.005668][ T5416] RIP: 0033:0x7f3979c79669 [ 113.010088][ T5416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b4 ff ff ff f7 d8 64 89 01 48 [ 113.030067][ T5416] RSP: 002b:00007f39793fe0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 113.039549][ T5416] RAX: ffffffffffffffda RBX: 00007f3979d8bf60 RCX: 00007f3979c79669 [ 113.048054][ T5416] RDX: 0400000000000075 RSI: 0000000020007fc0 RDI: 0000000000000003 [ 113.056065][ T5416] RBP: 00007f3979cd4fd8 R08: 0000000000000000 R09: 0000000000000000 [ 113.064642][ T5416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.072788][ T5416] R13: 000000000000000b R14: 00007f3979d8bf60 R15: 00007ffe9a2429e8 [ 113.080951][ T5416] [ 113.085149][ T4448] Bluetooth: hci0: command 0x0409 tx timeout 2023/10/06 22:32:15 executed programs: 24 [ 115.158627][ T4448] Bluetooth: hci0: command 0x041b tx timeout [ 117.228753][ T4448] Bluetooth: hci0: command 0x040f tx timeout [ 119.318784][ T4448] Bluetooth: hci0: command 0x0419 tx timeout 2023/10/06 22:32:20 executed programs: 115