Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts. 2024/09/01 16:48:07 ignoring optional flag "sandboxArg"="0" 2024/09/01 16:48:07 parsed 1 programs [ 87.138507][ T5676] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.566970][ T5312] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.575346][ T5312] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.584035][ T5312] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.594905][ T5312] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.603369][ T5312] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.610958][ T5312] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.963417][ T2465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.975555][ T2465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.044599][ T2465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.052670][ T2465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.394956][ T5735] chnl_net:caif_netlink_parms(): no params data found [ 89.460414][ T5735] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.467677][ T5735] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.474844][ T5735] bridge_slave_0: entered allmulticast mode [ 89.482019][ T5735] bridge_slave_0: entered promiscuous mode [ 89.489699][ T5735] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.496804][ T5735] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.504072][ T5735] bridge_slave_1: entered allmulticast mode [ 89.512974][ T5735] bridge_slave_1: entered promiscuous mode [ 89.560186][ T5735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.571932][ T5735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.618499][ T5735] team0: Port device team_slave_0 added [ 89.625965][ T5735] team0: Port device team_slave_1 added [ 89.646944][ T5735] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.653973][ T5735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.680658][ T5735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.693530][ T5735] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.702428][ T5735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.728464][ T5735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.768527][ T5735] hsr_slave_0: entered promiscuous mode [ 89.774795][ T5735] hsr_slave_1: entered promiscuous mode [ 90.370972][ T5735] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.383773][ T5735] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.404575][ T5735] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.416086][ T5735] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.529135][ T5735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.557431][ T5735] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.572277][ T2465] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.579489][ T2465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.606387][ T2465] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.613612][ T2465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.652700][ T5735] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 90.668872][ T5735] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 90.851485][ T5735] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.907265][ T5735] veth0_vlan: entered promiscuous mode [ 90.926446][ T5735] veth1_vlan: entered promiscuous mode [ 90.965562][ T5735] veth0_macvtap: entered promiscuous mode [ 90.983196][ T5735] veth1_macvtap: entered promiscuous mode [ 91.011739][ T5735] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.027075][ T5735] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.043321][ T5735] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.054770][ T5735] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.064087][ T5735] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.076216][ T5735] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.281990][ T3008] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.359888][ T3008] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2024/09/01 16:48:13 executed programs: 0 [ 91.471677][ T3008] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.565942][ T4625] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.572146][ T3008] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.589722][ T4625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.598002][ T4625] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.606305][ T4625] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.619785][ T4625] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 91.628794][ T4625] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 91.832226][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 91.916926][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.925415][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.933484][ T5819] bridge_slave_0: entered allmulticast mode [ 91.941138][ T5819] bridge_slave_0: entered promiscuous mode [ 91.950895][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.958231][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.965559][ T5819] bridge_slave_1: entered allmulticast mode [ 91.973179][ T5819] bridge_slave_1: entered promiscuous mode [ 92.013585][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.029387][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.072181][ T5819] team0: Port device team_slave_0 added [ 92.091651][ T5819] team0: Port device team_slave_1 added [ 92.125012][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.132259][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.160265][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.177115][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.185204][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.214063][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.274501][ T5819] hsr_slave_0: entered promiscuous mode [ 92.281814][ T5819] hsr_slave_1: entered promiscuous mode [ 92.292057][ T5819] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.299874][ T5819] Cannot create hsr debugfs directory [ 93.659002][ T5312] Bluetooth: hci0: command tx timeout [ 95.738149][ T5312] Bluetooth: hci0: command tx timeout [ 95.840430][ T3008] bridge_slave_1: left allmulticast mode [ 95.846137][ T3008] bridge_slave_1: left promiscuous mode [ 95.856077][ T3008] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.866751][ T3008] bridge_slave_0: left allmulticast mode [ 95.875363][ T3008] bridge_slave_0: left promiscuous mode [ 95.881843][ T3008] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.139949][ T3008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.152166][ T3008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.162343][ T3008] bond0 (unregistering): Released all slaves [ 96.283264][ T3008] hsr_slave_0: left promiscuous mode [ 96.292004][ T3008] hsr_slave_1: left promiscuous mode [ 96.306968][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.316435][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 96.327384][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.335359][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 96.357163][ T3008] veth1_macvtap: left promiscuous mode [ 96.364878][ T3008] veth0_macvtap: left promiscuous mode [ 96.371340][ T3008] veth1_vlan: left promiscuous mode [ 96.376699][ T3008] veth0_vlan: left promiscuous mode [ 96.920088][ T3008] team0 (unregistering): Port device team_slave_1 removed [ 96.965284][ T3008] team0 (unregistering): Port device team_slave_0 removed [ 97.680747][ T5819] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.692054][ T5819] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.702456][ T5819] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.717270][ T5819] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.818994][ T5312] Bluetooth: hci0: command tx timeout [ 97.845298][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.891062][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.905197][ T2465] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.912353][ T2465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.927364][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.934558][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.186899][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.242168][ T5819] veth0_vlan: entered promiscuous mode [ 98.254973][ T5819] veth1_vlan: entered promiscuous mode [ 98.291828][ T5819] veth0_macvtap: entered promiscuous mode [ 98.304874][ T5819] veth1_macvtap: entered promiscuous mode [ 98.332250][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.349157][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.365380][ T5819] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.374923][ T5819] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.384209][ T5819] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.394647][ T5819] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.451715][ T3030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.460303][ T3030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.490101][ T3008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.499039][ T3008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2024/09/01 16:48:20 executed programs: 1 [ 98.710058][ T12] [ 98.712425][ T12] ====================================================== [ 98.719430][ T12] WARNING: possible circular locking dependency detected [ 98.726542][ T12] 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0 Not tainted [ 98.733631][ T12] ------------------------------------------------------ [ 98.740639][ T12] kworker/u8:1/12 is trying to acquire lock: [ 98.746616][ T12] ffff8880b8829430 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0x18a/0x790 [ 98.755345][ T12] [ 98.755345][ T12] but task is already holding lock: [ 98.762703][ T12] ffff8880b882a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240 [ 98.771576][ T12] [ 98.771576][ T12] which lock already depends on the new lock. [ 98.771576][ T12] [ 98.782047][ T12] [ 98.782047][ T12] the existing dependency chain (in reverse order) is: [ 98.791057][ T12] [ 98.791057][ T12] -> #1 (&base->lock){-.-.}-{2:2}: [ 98.798503][ T12] lock_acquire+0x1ed/0x550 [ 98.803528][ T12] _raw_spin_lock_irqsave+0xd5/0x120 [ 98.809345][ T12] lock_timer_base+0x112/0x240 [ 98.814621][ T12] __mod_timer+0x1ca/0xeb0 [ 98.819547][ T12] queue_delayed_work_on+0x1ca/0x390 [ 98.825346][ T12] kvfree_call_rcu+0x47f/0x790 [ 98.830662][ T12] pwq_release_workfn+0x6d1/0x860 [ 98.836208][ T12] kthread_worker_fn+0x500/0xaf0 [ 98.841763][ T12] kthread+0x2f0/0x390 [ 98.846355][ T12] ret_from_fork+0x4b/0x80 [ 98.851291][ T12] ret_from_fork_asm+0x1a/0x30 [ 98.856568][ T12] [ 98.856568][ T12] -> #0 (krc.lock){..-.}-{2:2}: [ 98.863595][ T12] validate_chain+0x18e0/0x5900 [ 98.868980][ T12] __lock_acquire+0x137a/0x2040 [ 98.874378][ T12] lock_acquire+0x1ed/0x550 [ 98.879404][ T12] _raw_spin_lock+0x2e/0x40 [ 98.884424][ T12] kvfree_call_rcu+0x18a/0x790 [ 98.889754][ T12] trie_delete_elem+0x546/0x6a0 [ 98.895118][ T12] bpf_prog_2c29ac5cdc6b1842+0x43/0x47 [ 98.901180][ T12] bpf_trace_run2+0x2ec/0x540 [ 98.906363][ T12] enqueue_timer+0x3ce/0x570 [ 98.911465][ T12] __mod_timer+0xa0e/0xeb0 [ 98.916393][ T12] queue_delayed_work_on+0x1ca/0x390 [ 98.922186][ T12] process_scheduled_works+0xa2c/0x1830 [ 98.928239][ T12] worker_thread+0x86d/0xd40 [ 98.933336][ T12] kthread+0x2f0/0x390 [ 98.937924][ T12] ret_from_fork+0x4b/0x80 [ 98.942844][ T12] ret_from_fork_asm+0x1a/0x30 [ 98.948121][ T12] [ 98.948121][ T12] other info that might help us debug this: [ 98.948121][ T12] [ 98.958333][ T12] Possible unsafe locking scenario: [ 98.958333][ T12] [ 98.965777][ T12] CPU0 CPU1 [ 98.971131][ T12] ---- ---- [ 98.976560][ T12] lock(&base->lock); [ 98.980615][ T12] lock(krc.lock); [ 98.986925][ T12] lock(&base->lock); [ 98.993498][ T12] lock(krc.lock); [ 98.997287][ T12] [ 98.997287][ T12] *** DEADLOCK *** [ 98.997287][ T12] [ 99.005411][ T12] 4 locks held by kworker/u8:1/12: [ 99.010504][ T12] #0: ffff88803056c948 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 99.021804][ T12] #1: ffffc90000117d00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 99.034924][ T12] #2: ffff8880b882a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240 [ 99.044220][ T12] #3: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x540 [ 99.054068][ T12] [ 99.054068][ T12] stack backtrace: [ 99.060050][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0 [ 99.070807][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 99.081052][ T12] Workqueue: bat_events batadv_nc_worker [ 99.086715][ T12] Call Trace: [ 99.089982][ T12] [ 99.092897][ T12] dump_stack_lvl+0x241/0x360 [ 99.097593][ T12] ? __pfx_dump_stack_lvl+0x10/0x10 [ 99.102814][ T12] ? print_circular_bug+0x130/0x1a0 [ 99.108042][ T12] check_noncircular+0x36a/0x4a0 [ 99.112974][ T12] ? __pfx_check_noncircular+0x10/0x10 [ 99.118430][ T12] ? lockdep_lock+0x123/0x2b0 [ 99.123109][ T12] ? mark_lock+0x9a/0x350 [ 99.127436][ T12] ? _find_first_zero_bit+0xd3/0x100 [ 99.132731][ T12] validate_chain+0x18e0/0x5900 [ 99.137757][ T12] ? __pfx_validate_chain+0x10/0x10 [ 99.142946][ T12] ? stack_depot_save_flags+0x6e4/0x830 [ 99.148479][ T12] ? do_raw_spin_lock+0x14f/0x370 [ 99.153489][ T12] ? __pfx_lock_release+0x10/0x10 [ 99.158503][ T12] ? do_raw_spin_unlock+0x13c/0x8b0 [ 99.163699][ T12] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 99.169580][ T12] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 99.175899][ T12] ? stack_trace_save+0x118/0x1d0 [ 99.180936][ T12] ? mark_lock+0x9a/0x350 [ 99.185355][ T12] __lock_acquire+0x137a/0x2040 [ 99.190208][ T12] lock_acquire+0x1ed/0x550 [ 99.194705][ T12] ? kvfree_call_rcu+0x18a/0x790 [ 99.199724][ T12] ? __pfx_lock_acquire+0x10/0x10 [ 99.204741][ T12] ? __phys_addr+0xba/0x170 [ 99.209412][ T12] _raw_spin_lock+0x2e/0x40 [ 99.213914][ T12] ? kvfree_call_rcu+0x18a/0x790 [ 99.218871][ T12] kvfree_call_rcu+0x18a/0x790 [ 99.223631][ T12] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 99.229693][ T12] ? __pfx_kvfree_call_rcu+0x10/0x10 [ 99.235058][ T12] ? longest_prefix_match+0x49f/0x650 [ 99.240426][ T12] trie_delete_elem+0x546/0x6a0 [ 99.245386][ T12] ? bpf_trace_run2+0x1fc/0x540 [ 99.250240][ T12] bpf_prog_2c29ac5cdc6b1842+0x43/0x47 [ 99.255714][ T12] bpf_trace_run2+0x2ec/0x540 [ 99.260479][ T12] ? __pfx_bpf_trace_run2+0x10/0x10 [ 99.265672][ T12] ? __pfx_debug_object_activate+0x10/0x10 [ 99.271487][ T12] enqueue_timer+0x3ce/0x570 [ 99.276246][ T12] __mod_timer+0xa0e/0xeb0 [ 99.280862][ T12] ? __pfx___mod_timer+0x10/0x10 [ 99.285803][ T12] ? __local_bh_enable_ip+0x168/0x200 [ 99.291181][ T12] ? __pfx_lock_release+0x10/0x10 [ 99.296240][ T12] ? batadv_nc_purge_paths+0x312/0x3b0 [ 99.301709][ T12] ? __queue_delayed_work+0x1ae/0x250 [ 99.307222][ T12] queue_delayed_work_on+0x1ca/0x390 [ 99.312555][ T12] ? __pfx_queue_delayed_work_on+0x10/0x10 [ 99.318394][ T12] ? batadv_nc_process_nc_paths+0xb5/0x3a0 [ 99.324196][ T12] ? batadv_nc_worker+0x4fa/0x610 [ 99.329219][ T12] ? process_scheduled_works+0x945/0x1830 [ 99.334932][ T12] process_scheduled_works+0xa2c/0x1830 [ 99.340485][ T12] ? __pfx_process_scheduled_works+0x10/0x10 [ 99.346457][ T12] ? assign_work+0x364/0x3d0 [ 99.351123][ T12] worker_thread+0x86d/0xd40 [ 99.355706][ T12] ? __kthread_parkme+0x169/0x1d0 [ 99.360728][ T12] ? __pfx_worker_thread+0x10/0x10 [ 99.365922][ T12] kthread+0x2f0/0x390 [ 99.369997][ T12] ? __pfx_worker_thread+0x10/0x10 [ 99.375096][ T12] ? __pfx_kthread+0x10/0x10 [ 99.379699][ T12] ret_from_fork+0x4b/0x80 [ 99.384108][ T12] ? __pfx_kthread+0x10/0x10 [ 99.388701][ T12] ret_from_fork_asm+0x1a/0x30 [ 99.393466][ T12] [ 99.907790][ T5312] Bluetooth: hci0: command tx timeout