Warning: Permanently added '[localhost]:45089' (ED25519) to the list of known hosts. 2024/02/15 14:50:10 ignoring optional flag "sandboxArg"="0" 2024/02/15 14:50:10 parsed 1 programs [ 77.048458][ T38] kauditd_printk_skb: 73 callbacks suppressed [ 77.048471][ T38] audit: type=1400 audit(1708008610.322:206): avc: denied { getattr } for pid=5388 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 77.083856][ T38] audit: type=1400 audit(1708008610.362:207): avc: denied { mounton } for pid=5404 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 77.098286][ T38] audit: type=1400 audit(1708008610.362:208): avc: denied { mount } for pid=5404 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 77.107633][ T38] audit: type=1400 audit(1708008610.382:209): avc: denied { read write } for pid=5404 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 77.119195][ T38] audit: type=1400 audit(1708008610.382:210): avc: denied { open } for pid=5404 comm="syz-executor" path="/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 77.191509][ T38] audit: type=1400 audit(1708008610.472:211): avc: denied { unlink } for pid=5404 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 77.604333][ T38] audit: type=1400 audit(1708008610.882:212): avc: denied { relabelto } for pid=5407 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 78.579807][ T5404] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/02/15 14:50:12 executed programs: 0 [ 79.634386][ T4613] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.638234][ T4613] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.642131][ T4613] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.646369][ T4613] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.650865][ T4613] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 79.653777][ T4613] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.661471][ T38] audit: type=1400 audit(1708008612.942:213): avc: denied { mounton } for pid=5414 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 79.769019][ T5414] chnl_net:caif_netlink_parms(): no params data found [ 79.779206][ T38] audit: type=1400 audit(1708008613.062:214): avc: denied { search } for pid=4651 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 79.868298][ T5414] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.872362][ T5414] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.876153][ T5414] bridge_slave_0: entered allmulticast mode [ 79.880620][ T5414] bridge_slave_0: entered promiscuous mode [ 79.888112][ T5414] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.891909][ T5414] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.894912][ T5414] bridge_slave_1: entered allmulticast mode [ 79.899124][ T5414] bridge_slave_1: entered promiscuous mode [ 79.973120][ T5414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.982648][ T5414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.039624][ T5414] team0: Port device team_slave_0 added [ 80.044728][ T5414] team0: Port device team_slave_1 added [ 80.091642][ T5414] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.094788][ T5414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.105505][ T5414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.111946][ T5414] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.115510][ T5414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.126579][ T5414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.178901][ T5414] hsr_slave_0: entered promiscuous mode [ 80.182904][ T5414] hsr_slave_1: entered promiscuous mode [ 80.792904][ T5414] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.803609][ T5414] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.812811][ T5414] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.819389][ T5414] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.915565][ T5414] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.940174][ T5414] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.949952][ T815] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.953333][ T815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.966703][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.970191][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.007110][ T5414] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.043703][ T38] audit: type=1400 audit(1708008614.322:215): avc: denied { sys_module } for pid=5414 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 81.139914][ T5414] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.179355][ T5414] veth0_vlan: entered promiscuous mode [ 81.187466][ T5414] veth1_vlan: entered promiscuous mode [ 81.214731][ T5414] veth0_macvtap: entered promiscuous mode [ 81.221364][ T5414] veth1_macvtap: entered promiscuous mode [ 81.236297][ T5414] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.248280][ T5414] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.254232][ T5414] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.257684][ T5414] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.261391][ T5414] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.265500][ T5414] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.323029][ T1117] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.326694][ T1117] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.361040][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.364722][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.421111][ C2] [ 81.422073][ C2] ================================ [ 81.424235][ C2] WARNING: inconsistent lock state [ 81.426476][ C2] 6.8.0-rc4-syzkaller-g8d3dea210042 #0 Not tainted [ 81.431264][ C2] -------------------------------- [ 81.433788][ C2] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage. [ 81.436441][ C2] syz-executor.0/5467 [HC1[1]:SC0[0]:HE0:SE1] takes: [ 81.439307][ C2] ffffffff8e602398 (sync_timeline_list_lock){?.+.}-{2:2}, at: sync_timeline_debug_remove+0x29/0x1a0 [ 81.443809][ C2] {HARDIRQ-ON-W} state was registered at: [ 81.446190][ C2] lockdep_hardirqs_on_prepare+0x139/0x420 [ 81.448377][ C2] trace_hardirqs_on+0x36/0x40 [ 81.450241][ C2] _raw_spin_unlock_irq+0x23/0x50 [ 81.452569][ C2] sync_info_debugfs_show+0xef/0x200 [ 81.454991][ C2] seq_read_iter+0x4fa/0x12c0 [ 81.456807][ C2] seq_read+0x392/0x4e0 [ 81.458498][ C2] vfs_read+0x1d4/0xb80 [ 81.460177][ C2] ksys_read+0x12f/0x260 [ 81.461955][ C2] do_syscall_64+0xd5/0x270 [ 81.463671][ C2] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 81.465891][ C2] irq event stamp: 4360 [ 81.467501][ C2] hardirqs last enabled at (4359): [] _raw_spin_unlock_irq+0x23/0x50 [ 81.471291][ C2] hardirqs last disabled at (4360): [] sysvec_irq_work+0xe/0xb0 [ 81.476114][ C2] softirqs last enabled at (3032): [] __do_softirq+0x59c/0x8e7 [ 81.479999][ C2] softirqs last disabled at (2927): [] irq_exit_rcu+0xbb/0x120 [ 81.483373][ C2] [ 81.483373][ C2] other info that might help us debug this: [ 81.486305][ C2] Possible unsafe locking scenario: [ 81.486305][ C2] [ 81.489073][ C2] CPU0 [ 81.490335][ C2] ---- [ 81.491729][ C2] lock(sync_timeline_list_lock); [ 81.493638][ C2] [ 81.494980][ C2] lock(sync_timeline_list_lock); [ 81.497104][ C2] [ 81.497104][ C2] *** DEADLOCK *** [ 81.497104][ C2] [ 81.500380][ C2] no locks held by syz-executor.0/5467. [ 81.502671][ C2] [ 81.502671][ C2] stack backtrace: [ 81.505031][ C2] CPU: 2 PID: 5467 Comm: syz-executor.0 Not tainted 6.8.0-rc4-syzkaller-g8d3dea210042 #0 [ 81.508736][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 81.512553][ C2] Call Trace: [ 81.514180][ C2] [ 81.515392][ C2] dump_stack_lvl+0xd9/0x1b0 [ 81.517483][ C2] mark_lock+0x923/0xc60 [ 81.519316][ C2] ? __pfx_mark_lock+0x10/0x10 [ 81.521544][ C2] ? __pfx_lock_release+0x10/0x10 [ 81.523568][ C2] ? __pfx_mark_lock+0x10/0x10 [ 81.525372][ C2] ? __lock_acquire+0x2d63/0x3b40 [ 81.527248][ C2] __lock_acquire+0x137e/0x3b40 [ 81.529146][ C2] ? __pfx___lock_acquire+0x10/0x10 [ 81.531126][ C2] ? __pfx___lock_acquire+0x10/0x10 [ 81.533271][ C2] lock_acquire+0x1ae/0x520 [ 81.535389][ C2] ? sync_timeline_debug_remove+0x29/0x1a0 [ 81.537825][ C2] ? __pfx_lock_acquire+0x10/0x10 [ 81.539700][ C2] ? timeline_fence_release+0x1f1/0x340 [ 81.541751][ C2] ? __pfx_lock_release+0x10/0x10 [ 81.543643][ C2] _raw_spin_lock_irqsave+0x3a/0x60 [ 81.545537][ C2] ? sync_timeline_debug_remove+0x29/0x1a0 [ 81.548267][ C2] sync_timeline_debug_remove+0x29/0x1a0 [ 81.550608][ C2] timeline_fence_release+0x262/0x340 [ 81.552624][ C2] ? __pfx_timeline_fence_release+0x10/0x10 [ 81.555640][ C2] dma_fence_release+0x2ff/0x520 [ 81.557874][ C2] ? __pfx_lock_release+0x10/0x10 [ 81.559954][ C2] dma_fence_array_release+0x1fa/0x2e0 [ 81.562635][ C2] ? __pfx_dma_fence_array_release+0x10/0x10 [ 81.565510][ C2] dma_fence_release+0x2ff/0x520 [ 81.567334][ C2] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 81.569529][ C2] irq_dma_fence_array_work+0xa9/0xd0 [ 81.572258][ C2] irq_work_single+0x1be/0x260 [ 81.574413][ C2] irq_work_run_list+0x92/0xc0 [ 81.576735][ C2] irq_work_run+0x58/0xd0 [ 81.578829][ C2] __sysvec_irq_work+0x82/0x3a0 [ 81.581119][ C2] sysvec_irq_work+0x90/0xb0 [ 81.583187][ C2] [ 81.584505][ C2] [ 81.585970][ C2] asm_sysvec_irq_work+0x1a/0x20 [ 81.588342][ C2] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 81.591424][ C2] Code: 90 f3 0f 1e fa 53 48 8b 74 24 08 48 89 fb 48 83 c7 18 e8 1a 6c a3 f6 48 89 df e8 02 e7 a3 f6 e8 fd 14 cb f6 fb bf 01 00 00 00 b2 33 95 f6 65 8b 05 33 7a 3c 75 85 c0 74 06 5b c3 cc cc cc cc [ 81.599538][ C2] RSP: 0018:ffffc900039afcb0 EFLAGS: 00000202 [ 81.601750][ C2] RAX: 0000000000001107 RBX: ffff888015f1e6b0 RCX: 1ffffffff1f3a379 [ 81.604729][ C2] RDX: 0000000000000000 RSI: ffffffff8b0cb340 RDI: 0000000000000001 [ 81.607646][ C2] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 81.610585][ C2] R10: ffffffff8f9d4e57 R11: 0000000000000001 R12: ffff888015f1e660 [ 81.614283][ C2] R13: dffffc0000000000 R14: ffff888015f1e660 R15: ffff888015f1e6b0 [ 81.617671][ C2] sw_sync_debugfs_release+0x164/0x240 [ 81.619830][ C2] ? __pfx_sw_sync_debugfs_release+0x10/0x10 [ 81.622035][ C2] __fput+0x270/0xb80 [ 81.623526][ C2] task_work_run+0x14f/0x250 [ 81.625398][ C2] ? __pfx_task_work_run+0x10/0x10 [ 81.627324][ C2] ? do_raw_spin_unlock+0x173/0x230 [ 81.629276][ C2] do_exit+0xa8a/0x2ad0 [ 81.630816][ C2] ? do_group_exit+0x1c5/0x2a0 [ 81.632869][ C2] ? __pfx_lock_release+0x10/0x10 [ 81.634895][ C2] ? __pfx_do_exit+0x10/0x10 [ 81.636495][ C2] do_group_exit+0xd4/0x2a0 [ 81.638336][ C2] __x64_sys_exit_group+0x3e/0x50 [ 81.640196][ C2] do_syscall_64+0xd5/0x270 [ 81.641965][ C2] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 81.644405][ C2] RIP: 0033:0x7fe65547cae9 [ 81.646225][ C2] Code: Unable to access opcode bytes at 0x7fe65547cabf. [ 81.649351][ C2] RSP: 002b:00007ffcc608bf68 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.652594][ C2] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe65547cae9 [ 81.655558][ C2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 81.658515][ C2] RBP: 0000000000000001 R08: 00007fe65559bf8c R09: 0000000000000000 [ 81.661636][ C2] R10: 0000001b2e160000 R11: 0000000000000246 R12: 0000000000000000 [ 81.664516][ C2] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 81.667475][ C2] [ 81.698225][ T4613] Bluetooth: hci0: command 0x0409 tx timeout [ 81.944396][ T28] cfg80211: failed to load regulatory.db [ 83.788143][ T4613] Bluetooth: hci0: command 0x041b tx timeout 2024/02/15 14:50:17 executed programs: 81 [ 85.858053][ T4613] Bluetooth: hci0: command 0x040f tx timeout [ 87.938023][ T4613] Bluetooth: hci0: command 0x0419 tx timeout 2024/02/15 14:50:22 executed programs: 230