Warning: Permanently added '10.128.1.129' (ED25519) to the list of known hosts. 2023/11/03 06:28:39 ignoring optional flag "sandboxArg"="0" 2023/11/03 06:28:40 parsed 1 programs [ 107.301368][ T27] kauditd_printk_skb: 74 callbacks suppressed [ 107.301384][ T27] audit: type=1400 audit(1698992920.206:203): avc: denied { getattr } for pid=5407 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 107.333299][ T27] audit: type=1400 audit(1698992920.206:204): avc: denied { read } for pid=5407 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 107.356415][ T27] audit: type=1400 audit(1698992920.206:205): avc: denied { open } for pid=5407 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 107.380621][ T27] audit: type=1400 audit(1698992920.266:206): avc: denied { mounton } for pid=5412 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 107.411426][ T27] audit: type=1400 audit(1698992920.266:207): avc: denied { mount } for pid=5412 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 107.436017][ T27] audit: type=1400 audit(1698992920.316:208): avc: denied { read write } for pid=5412 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 107.462494][ T27] audit: type=1400 audit(1698992920.316:209): avc: denied { open } for pid=5412 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 107.495656][ T27] audit: type=1400 audit(1698992920.396:210): avc: denied { unlink } for pid=5412 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 108.011303][ T27] audit: type=1400 audit(1698992920.916:211): avc: denied { relabelto } for pid=5414 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2023/11/03 06:28:42 executed programs: 0 [ 109.389994][ T5412] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 109.455114][ T4452] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 109.463581][ T4452] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 109.471844][ T4452] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 109.480704][ T4452] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 109.489194][ T4452] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 109.496994][ T4452] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 109.512157][ T27] audit: type=1400 audit(1698992922.416:212): avc: denied { mounton } for pid=5419 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 109.670131][ T5419] chnl_net:caif_netlink_parms(): no params data found [ 109.746898][ T5419] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.754170][ T5419] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.761750][ T5419] bridge_slave_0: entered allmulticast mode [ 109.768975][ T5419] bridge_slave_0: entered promiscuous mode [ 109.777952][ T5419] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.785117][ T5419] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.792539][ T5419] bridge_slave_1: entered allmulticast mode [ 109.800018][ T5419] bridge_slave_1: entered promiscuous mode [ 109.838795][ T5419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.853388][ T5419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.890295][ T5419] team0: Port device team_slave_0 added [ 109.898939][ T5419] team0: Port device team_slave_1 added [ 109.933950][ T5419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.941037][ T5419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.967472][ T5419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.980141][ T5419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.987549][ T5419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.014009][ T5419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.062771][ T5419] hsr_slave_0: entered promiscuous mode [ 110.069488][ T5419] hsr_slave_1: entered promiscuous mode [ 110.985529][ T5419] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 111.000014][ T5419] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 111.012288][ T5419] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 111.031243][ T5419] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 111.169378][ T5419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.199923][ T5419] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.222826][ T4798] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.230191][ T4798] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.250745][ T4798] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.258022][ T4798] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.516528][ T49] Bluetooth: hci0: command 0x0409 tx timeout [ 111.567583][ T5419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.638876][ T5419] veth0_vlan: entered promiscuous mode [ 111.657586][ T5419] veth1_vlan: entered promiscuous mode [ 111.707205][ T5419] veth0_macvtap: entered promiscuous mode [ 111.720210][ T5419] veth1_macvtap: entered promiscuous mode [ 111.750594][ T5419] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.770161][ T5419] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.788568][ T5419] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.803081][ T5419] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.815044][ T5419] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.825004][ T5419] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.949607][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.966674][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.014232][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.025593][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.101961][ T5484] loop0: detected capacity change from 0 to 64 [ 112.191787][ T11] [ 112.194331][ T11] ============================================ [ 112.200663][ T11] WARNING: possible recursive locking detected [ 112.206835][ T11] 6.6.0-syzkaller-11928-gbc3012f4e3a9 #0 Not tainted [ 112.213500][ T11] -------------------------------------------- [ 112.219812][ T11] kworker/u4:1/11 is trying to acquire lock: [ 112.225788][ T11] ffff888076c780b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17f/0x220 [ 112.235231][ T11] [ 112.235231][ T11] but task is already holding lock: [ 112.242679][ T11] ffff888076c780b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17f/0x220 [ 112.252017][ T11] [ 112.252017][ T11] other info that might help us debug this: [ 112.260096][ T11] Possible unsafe locking scenario: [ 112.260096][ T11] [ 112.267639][ T11] CPU0 [ 112.270925][ T11] ---- [ 112.274212][ T11] lock(&tree->tree_lock/1); [ 112.278985][ T11] lock(&tree->tree_lock/1); [ 112.283756][ T11] [ 112.283756][ T11] *** DEADLOCK *** [ 112.283756][ T11] [ 112.292058][ T11] May be due to missing lock nesting notation [ 112.292058][ T11] [ 112.300798][ T11] 4 locks held by kworker/u4:1/11: [ 112.305981][ T11] #0: ffff88801429f538 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x787/0x15c0 [ 112.316690][ T11] #1: ffffc9000031fd80 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7e9/0x15c0 [ 112.328517][ T11] #2: ffff888076c780b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17f/0x220 [ 112.338358][ T11] #3: ffff8880228f94b8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xa2/0xb10 [ 112.349669][ T11] [ 112.349669][ T11] stack backtrace: [ 112.355640][ T11] CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted 6.6.0-syzkaller-11928-gbc3012f4e3a9 #0 [ 112.365443][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 112.376189][ T11] Workqueue: writeback wb_workfn (flush-7:0) [ 112.383750][ T11] Call Trace: [ 112.387058][ T11] [ 112.389978][ T11] dump_stack_lvl+0xd9/0x1b0 [ 112.394665][ T11] __lock_acquire+0x2971/0x5de0 [ 112.399605][ T11] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.405594][ T11] ? lockdep_hardirqs_on+0x7d/0x100 [ 112.411049][ T11] ? __stack_depot_save+0x247/0x510 [ 112.416251][ T11] lock_acquire+0x1ae/0x510 [ 112.420758][ T11] ? hfs_find_init+0x17f/0x220 [ 112.425522][ T11] ? lock_sync+0x190/0x190 [ 112.430025][ T11] ? ret_from_fork+0x45/0x80 [ 112.434872][ T11] ? ret_from_fork_asm+0x11/0x20 [ 112.440167][ T11] ? preempt_count_sub+0x150/0x150 [ 112.445366][ T11] __mutex_lock+0x181/0x1340 [ 112.450131][ T11] ? hfs_find_init+0x17f/0x220 [ 112.454982][ T11] ? hfs_find_init+0x17f/0x220 [ 112.459840][ T11] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 112.465476][ T11] ? kasan_set_track+0x25/0x30 [ 112.470244][ T11] ? hfs_find_init+0x17f/0x220 [ 112.475013][ T11] hfs_find_init+0x17f/0x220 [ 112.479737][ T11] hfs_ext_read_extent+0x19c/0x9d0 [ 112.484934][ T11] ? hfs_free_extents+0x2f0/0x2f0 [ 112.489955][ T11] ? do_raw_spin_unlock+0x173/0x230 [ 112.495159][ T11] hfs_extend_file+0x4e0/0xb10 [ 112.499920][ T11] ? hfs_free_fork+0x900/0x900 [ 112.504780][ T11] hfs_bmap_reserve+0x29c/0x370 [ 112.509627][ T11] __hfs_ext_write_extent+0x3cb/0x520 [ 112.514992][ T11] hfs_ext_write_extent+0x1b3/0x1f0 [ 112.520272][ T11] ? hfs_ext_keycmp+0x310/0x310 [ 112.525293][ T11] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.531577][ T11] hfs_write_inode+0xc4/0x9f0 [ 112.536272][ T11] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 112.542554][ T11] ? hfs_inode_write_fork+0x1c0/0x1c0 [ 112.548129][ T11] ? spin_bug+0x1d0/0x1d0 [ 112.552556][ T11] ? reacquire_held_locks+0x4b0/0x4b0 [ 112.557933][ T11] __writeback_single_inode+0xa81/0xe70 [ 112.563759][ T11] ? __mark_inode_dirty+0xd50/0xd50 [ 112.569046][ T11] ? _raw_spin_unlock+0x28/0x40 [ 112.573906][ T11] ? wbc_attach_and_unlock_inode+0x561/0x910 [ 112.580184][ T11] writeback_sb_inodes+0x599/0x1070 [ 112.585386][ T11] ? _raw_spin_unlock+0x28/0x40 [ 112.590235][ T11] ? sync_inode_metadata+0xe0/0xe0 [ 112.595441][ T11] ? rcu_is_watching+0x12/0xb0 [ 112.600490][ T11] ? queue_io+0x3ed/0x4e0 [ 112.605098][ T11] wb_writeback+0x2a5/0xa90 [ 112.609789][ T11] ? __writeback_inodes_wb+0x2d0/0x2d0 [ 112.615254][ T11] ? reacquire_held_locks+0x4b0/0x4b0 [ 112.620805][ T11] ? mark_held_locks+0x9f/0xe0 [ 112.625711][ T11] wb_workfn+0x29c/0xfd0 [ 112.630043][ T11] ? inode_wait_for_writeback+0x30/0x30 [ 112.635852][ T11] ? lock_sync+0x190/0x190 [ 112.640469][ T11] ? lock_sync+0x190/0x190 [ 112.644889][ T11] ? reacquire_held_locks+0x4b0/0x4b0 [ 112.650264][ T11] process_one_work+0x884/0x15c0 [ 112.655206][ T11] ? lock_sync+0x190/0x190 [ 112.659752][ T11] ? init_worker_pool+0x770/0x770 [ 112.664780][ T11] ? assign_work+0x1a0/0x240 [ 112.669713][ T11] worker_thread+0x8b9/0x1290 [ 112.674483][ T11] ? process_one_work+0x15c0/0x15c0 [ 112.679679][ T11] kthread+0x33c/0x440 [ 112.683743][ T11] ? _raw_spin_unlock_irq+0x23/0x50 [ 112.688947][ T11] ? kthread_complete_and_exit+0x40/0x40 [ 112.694576][ T11] ret_from_fork+0x45/0x80 [ 112.698990][ T11] ? kthread_complete_and_exit+0x40/0x40 [ 112.704723][ T11] ret_from_fork_asm+0x11/0x20 [ 112.710013][ T11] [ 113.595791][ T49] Bluetooth: hci0: command 0x041b tx timeout [ 115.675582][ T49] Bluetooth: hci0: command 0x040f tx timeout [ 117.755872][ T49] Bluetooth: hci0: command 0x0419 tx timeout