Warning: Permanently added '10.128.1.176' (ED25519) to the list of known hosts. 2023/12/04 05:36:57 ignoring optional flag "sandboxArg"="0" 2023/12/04 05:36:57 parsed 1 programs 2023/12/04 05:36:57 executed programs: 0 [ 42.379390][ T1904] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 42.564232][ T1913] chnl_net:caif_netlink_parms(): no params data found [ 42.598812][ T1915] chnl_net:caif_netlink_parms(): no params data found [ 42.636746][ T1935] chnl_net:caif_netlink_parms(): no params data found [ 42.644373][ T1945] chnl_net:caif_netlink_parms(): no params data found [ 42.653305][ T1917] chnl_net:caif_netlink_parms(): no params data found [ 42.661467][ T1931] chnl_net:caif_netlink_parms(): no params data found [ 44.426496][ T1913] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.491733][ T1915] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.499049][ T7] Bluetooth: hci0: command 0x0409 tx timeout [ 44.505633][ T25] Bluetooth: hci4: command 0x0409 tx timeout [ 44.511714][ T25] Bluetooth: hci3: command 0x0409 tx timeout [ 44.521873][ T1945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.535308][ T25] Bluetooth: hci2: command 0x0409 tx timeout [ 44.552672][ T25] Bluetooth: hci1: command 0x0409 tx timeout [ 44.575517][ T7] Bluetooth: hci5: command 0x0409 tx timeout [ 44.588383][ T1917] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.628209][ T1935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.695084][ T1931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.808849][ T1913] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.818047][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 45.829931][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.032063][ T1915] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.044124][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.056818][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.066006][ T1931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.073685][ T1921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.083086][ T1921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.091141][ T1921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.101429][ T1921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.110471][ T1945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.119545][ T1917] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.135329][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.147832][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.160394][ T1935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.168429][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.197679][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.575593][ T1921] Bluetooth: hci1: command 0x041b tx timeout [ 46.581637][ T1921] Bluetooth: hci2: command 0x041b tx timeout [ 46.614742][ T1921] Bluetooth: hci3: command 0x041b tx timeout [ 46.636044][ T1921] Bluetooth: hci4: command 0x041b tx timeout [ 46.655073][ T1921] Bluetooth: hci0: command 0x041b tx timeout [ 46.675737][ T1921] Bluetooth: hci5: command 0x041b tx timeout [ 48.339491][ T4034] [ 48.341834][ T4034] ====================================================== [ 48.349097][ T4034] WARNING: possible circular locking dependency detected [ 48.356620][ T4034] 5.15.141-syzkaller #0 Not tainted [ 48.362063][ T4034] ------------------------------------------------------ [ 48.369046][ T4034] syz-executor.3/4034 is trying to acquire lock: [ 48.375682][ T4034] ffff8881429c2dd0 (&jsk->sk_session_queue_lock){+.-.}-{2:2}, at: j1939_sk_queue_drop_all+0x2b/0xd0 [ 48.386512][ T4034] [ 48.386512][ T4034] but task is already holding lock: [ 48.394686][ T4034] ffff88811250b0d0 (&priv->j1939_socks_lock){+.-.}-{2:2}, at: j1939_sk_netdev_event_netdown+0x1f/0x90 [ 48.406420][ T4034] [ 48.406420][ T4034] which lock already depends on the new lock. [ 48.406420][ T4034] [ 48.416877][ T4034] [ 48.416877][ T4034] the existing dependency chain (in reverse order) is: [ 48.426079][ T4034] [ 48.426079][ T4034] -> #2 (&priv->j1939_socks_lock){+.-.}-{2:2}: [ 48.434560][ T4034] _raw_spin_lock_bh+0x2f/0x40 [ 48.439811][ T4034] j1939_sk_errqueue+0x49/0xa0 [ 48.445318][ T4034] j1939_session_destroy+0xb1/0x160 [ 48.450995][ T4034] j1939_session_deactivate_locked+0xa6/0xb0 [ 48.457571][ T4034] j1939_cancel_active_session+0x9e/0x140 [ 48.463890][ T4034] j1939_netdev_notify+0x109/0x140 [ 48.469487][ T4034] notifier_call_chain+0x57/0x90 [ 48.474907][ T4034] dev_close_many+0x11f/0x170 [ 48.480082][ T4034] unregister_netdevice_many+0x149/0x660 [ 48.486216][ T4034] rtnl_dellink+0x135/0x360 [ 48.491403][ T4034] rtnetlink_rcv_msg+0x15b/0x540 [ 48.496908][ T4034] netlink_rcv_skb+0x49/0xf0 [ 48.502281][ T4034] netlink_unicast+0x1b2/0x270 [ 48.507675][ T4034] netlink_sendmsg+0x257/0x4b0 [ 48.513011][ T4034] __sock_sendmsg+0x2e/0x40 [ 48.518003][ T4034] ____sys_sendmsg+0x234/0x250 [ 48.523334][ T4034] ___sys_sendmsg+0x6e/0xb0 [ 48.528333][ T4034] __sys_sendmsg+0x54/0xa0 [ 48.533317][ T4034] do_syscall_64+0x35/0xb0 [ 48.539002][ T4034] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.545734][ T4034] [ 48.545734][ T4034] -> #1 (&priv->active_session_list_lock){+.-.}-{2:2}: [ 48.554893][ T4034] _raw_spin_lock_bh+0x2f/0x40 [ 48.560245][ T4034] j1939_session_activate+0x26/0x140 [ 48.567160][ T4034] j1939_sk_queue_activate_next+0x92/0x140 [ 48.573796][ T4034] j1939_xtp_rx_eoma+0xc8/0x170 [ 48.579499][ T4034] j1939_tp_recv+0x2ed/0x430 [ 48.584778][ T4034] j1939_can_recv+0x181/0x250 [ 48.590225][ T4034] can_rcv_filter+0x7e/0x1a0 [ 48.595322][ T4034] can_receive+0xbd/0x1b0 [ 48.600144][ T4034] can_rcv+0x3e/0x70 [ 48.604535][ T4034] __netif_receive_skb_one_core+0x50/0x70 [ 48.610747][ T4034] process_backlog+0xa0/0x2a0 [ 48.616019][ T4034] __napi_poll+0x1f/0x170 [ 48.621019][ T4034] net_rx_action+0x284/0x350 [ 48.626214][ T4034] __do_softirq+0x15b/0x3e0 [ 48.631395][ T4034] run_ksoftirqd+0x2d/0x40 [ 48.636584][ T4034] smpboot_thread_fn+0x171/0x210 [ 48.642485][ T4034] kthread+0x133/0x150 [ 48.647142][ T4034] ret_from_fork+0x1f/0x30 [ 48.652316][ T4034] [ 48.652316][ T4034] -> #0 (&jsk->sk_session_queue_lock){+.-.}-{2:2}: [ 48.655441][ T7] Bluetooth: hci4: command 0x040f tx timeout [ 48.661048][ T4034] __lock_acquire+0x10ee/0x1aa0 [ 48.661055][ T4034] lock_acquire+0xc9/0x2c0 [ 48.661058][ T4034] _raw_spin_lock_bh+0x2f/0x40 [ 48.667285][ T7] Bluetooth: hci3: command 0x040f tx timeout [ 48.672523][ T4034] j1939_sk_queue_drop_all+0x2b/0xd0 [ 48.672529][ T4034] j1939_sk_netdev_event_netdown+0x44/0x90 [ 48.672532][ T4034] j1939_netdev_notify+0x111/0x140 [ 48.678732][ T7] Bluetooth: hci2: command 0x040f tx timeout [ 48.682866][ T4034] notifier_call_chain+0x57/0x90 [ 48.689222][ T7] Bluetooth: hci1: command 0x040f tx timeout [ 48.694676][ T4034] dev_close_many+0x11f/0x170 [ 48.694684][ T4034] unregister_netdevice_many+0x149/0x660 [ 48.735444][ T7] Bluetooth: hci5: command 0x040f tx timeout [ 48.735501][ T4034] rtnl_dellink+0x135/0x360 [ 48.741629][ T7] Bluetooth: hci0: command 0x040f tx timeout [ 48.746528][ T4034] rtnetlink_rcv_msg+0x15b/0x540 [ 48.746533][ T4034] netlink_rcv_skb+0x49/0xf0 [ 48.746538][ T4034] netlink_unicast+0x1b2/0x270 [ 48.746540][ T4034] netlink_sendmsg+0x257/0x4b0 [ 48.746542][ T4034] __sock_sendmsg+0x2e/0x40 [ 48.746546][ T4034] ____sys_sendmsg+0x234/0x250 [ 48.746549][ T4034] ___sys_sendmsg+0x6e/0xb0 [ 48.746552][ T4034] __sys_sendmsg+0x54/0xa0 [ 48.746554][ T4034] do_syscall_64+0x35/0xb0 [ 48.746558][ T4034] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.746563][ T4034] [ 48.746563][ T4034] other info that might help us debug this: [ 48.746563][ T4034] [ 48.746565][ T4034] Chain exists of: [ 48.746565][ T4034] &jsk->sk_session_queue_lock --> &priv->active_session_list_lock --> &priv->j1939_socks_lock [ 48.746565][ T4034] [ 48.832911][ T4034] Possible unsafe locking scenario: [ 48.832911][ T4034] [ 48.840533][ T4034] CPU0 CPU1 [ 48.846388][ T4034] ---- ---- [ 48.852821][ T4034] lock(&priv->j1939_socks_lock); [ 48.857941][ T4034] lock(&priv->active_session_list_lock); [ 48.866595][ T4034] lock(&priv->j1939_socks_lock); [ 48.874366][ T4034] lock(&jsk->sk_session_queue_lock); [ 48.879881][ T4034] [ 48.879881][ T4034] *** DEADLOCK *** [ 48.879881][ T4034] [ 48.888002][ T4034] 2 locks held by syz-executor.3/4034: [ 48.893431][ T4034] #0: ffffffff8417bd88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x132/0x540 [ 48.904013][ T4034] #1: ffff88811250b0d0 (&priv->j1939_socks_lock){+.-.}-{2:2}, at: j1939_sk_netdev_event_netdown+0x1f/0x90 [ 48.915868][ T4034] [ 48.915868][ T4034] stack backtrace: [ 48.922182][ T4034] CPU: 1 PID: 4034 Comm: syz-executor.3 Not tainted 5.15.141-syzkaller #0 [ 48.930657][ T4034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 48.940885][ T4034] Call Trace: [ 48.944331][ T4034] [ 48.947237][ T4034] dump_stack_lvl+0x57/0x7d [ 48.951827][ T4034] check_noncircular+0xcc/0xe0 [ 48.956660][ T4034] __lock_acquire+0x10ee/0x1aa0 [ 48.961573][ T4034] lock_acquire+0xc9/0x2c0 [ 48.966343][ T4034] ? j1939_sk_queue_drop_all+0x2b/0xd0 [ 48.971876][ T4034] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 48.977742][ T4034] _raw_spin_lock_bh+0x2f/0x40 [ 48.982577][ T4034] ? j1939_sk_queue_drop_all+0x2b/0xd0 [ 48.988002][ T4034] j1939_sk_queue_drop_all+0x2b/0xd0 [ 48.993258][ T4034] j1939_sk_netdev_event_netdown+0x44/0x90 [ 48.999027][ T4034] j1939_netdev_notify+0x111/0x140 [ 49.004107][ T4034] notifier_call_chain+0x57/0x90 [ 49.009022][ T4034] dev_close_many+0x11f/0x170 [ 49.013671][ T4034] unregister_netdevice_many+0x149/0x660 [ 49.019271][ T4034] ? unregister_netdevice_queue+0x5b/0xd0 [ 49.024955][ T4034] ? rtnl_is_locked+0xc/0x10 [ 49.029528][ T4034] ? unregister_netdevice_queue+0x5b/0xd0 [ 49.035213][ T4034] rtnl_dellink+0x135/0x360 [ 49.039768][ T4034] ? __mutex_lock+0x6f/0x6c0 [ 49.044508][ T4034] ? __mutex_lock+0xcd/0x6c0 [ 49.049080][ T4034] ? rtnetlink_rcv_msg+0x132/0x540 [ 49.054160][ T4034] rtnetlink_rcv_msg+0x15b/0x540 [ 49.059167][ T4034] ? ndo_dflt_bridge_getlink+0x620/0x620 [ 49.064938][ T4034] netlink_rcv_skb+0x49/0xf0 [ 49.069582][ T4034] netlink_unicast+0x1b2/0x270 [ 49.074575][ T4034] netlink_sendmsg+0x257/0x4b0 [ 49.079317][ T4034] __sock_sendmsg+0x2e/0x40 [ 49.084248][ T4034] ____sys_sendmsg+0x234/0x250 [ 49.088984][ T4034] ? import_iovec+0x2d/0x30 [ 49.093560][ T4034] ? sendmsg_copy_msghdr+0x77/0xa0 [ 49.098648][ T4034] ___sys_sendmsg+0x6e/0xb0 [ 49.103388][ T4034] ? lock_acquire+0xc9/0x2c0 [ 49.108036][ T4034] ? find_held_lock+0x2b/0x80 [ 49.112688][ T4034] ? __fget_files+0xd1/0x190 [ 49.117248][ T4034] __sys_sendmsg+0x54/0xa0 [ 49.121745][ T4034] ? syscall_enter_from_user_mode+0x21/0x60 [ 49.127698][ T4034] do_syscall_64+0x35/0xb0 [ 49.132089][ T4034] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 49.137966][ T4034] RIP: 0033:0x7f9055b7fb29 [ 49.142529][ T4034] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 49.162807][ T4034] RSP: 002b:00007f9054ee00c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 49.171731][ T4034] RAX: ffffffffffffffda RBX: 00007f9055c9f050 RCX: 00007f9055b7fb29 [ 49.179762][ T4034] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000007 [ 49.187792][ T4034] RBP: 00007f9055bcb47a R08: 0000000000000000 R09: 0000000000000000 [ 49.196615][ T4034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 49.204658][ T4034] R13: 000000000000006e R14: 00007f9055c9f050 R15: 00007fff8bcea2d8 [ 49.213057][ T4034] [ 49.216512][ C1] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 49.223186][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 49.231172][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 49.239054][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 49.247132][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 49.255081][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 49.263059][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 49.271204][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 49.279936][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 49.287891][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 49.295770][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 49.303628][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 49.311880][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 49.319778][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 49.327947][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 49.336006][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found 2023/12/04 05:37:04 executed programs: 6 [ 50.735435][ T1921] Bluetooth: hci1: command 0x0419 tx timeout [ 50.742975][ T1921] Bluetooth: hci2: command 0x0419 tx timeout [ 50.760516][ T1921] Bluetooth: hci3: command 0x0419 tx timeout [ 50.770643][ T1921] Bluetooth: hci4: command 0x0419 tx timeout [ 50.815468][ T1921] Bluetooth: hci0: command 0x0419 tx timeout [ 50.822667][ T1921] Bluetooth: hci5: command 0x0419 tx timeout 2023/12/04 05:37:09 executed programs: 460