[ 81.713357][ T1106] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.99' (ED25519) to the list of known hosts. 2024/11/23 18:25:08 ignoring optional flag "sandboxArg"="0" 2024/11/23 18:25:08 ignoring optional flag "type"="gce" 2024/11/23 18:25:08 parsed 1 programs 2024/11/23 18:25:10 executed programs: 0 [ 84.873876][ T4433] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 85.042836][ T4478] chnl_net:caif_netlink_parms(): no params data found [ 85.088768][ T4478] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.096014][ T4478] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.104241][ T4478] device bridge_slave_0 entered promiscuous mode [ 85.112941][ T4478] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.120060][ T4478] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.128191][ T4478] device bridge_slave_1 entered promiscuous mode [ 85.151838][ T4478] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.163026][ T4478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.190057][ T4478] team0: Port device team_slave_0 added [ 85.197732][ T4478] team0: Port device team_slave_1 added [ 85.217741][ T4478] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.224957][ T4478] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.250891][ T4478] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.263082][ T4478] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.270159][ T4478] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.296364][ T4478] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.327484][ T4478] device hsr_slave_0 entered promiscuous mode [ 85.334927][ T4478] device hsr_slave_1 entered promiscuous mode [ 85.892122][ T4478] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 85.903642][ T4478] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 85.915620][ T4478] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 85.926240][ T4478] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.954209][ T4478] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.961442][ T4478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.969307][ T4478] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.976470][ T4478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.039697][ T4478] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.048686][ T1278] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.058455][ T1278] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.072623][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 86.094934][ T4478] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.103295][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.115853][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.135483][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 86.145759][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 86.155434][ T1278] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.162694][ T1278] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.174495][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 86.183500][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 86.193809][ T1278] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.201182][ T1278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.211432][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 86.231343][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 86.241263][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 86.253732][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 86.263130][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 86.273884][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 86.291212][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 86.299940][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 86.309545][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 86.319550][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 86.329068][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 86.341550][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 86.450480][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 86.458087][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 86.473659][ T4478] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.495495][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 86.506596][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 86.529969][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 86.539146][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 86.553957][ T4478] device veth0_vlan entered promiscuous mode [ 86.563333][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 86.572122][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 86.585145][ T4478] device veth1_vlan entered promiscuous mode [ 86.612308][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 86.624121][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 86.634727][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 86.644527][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 86.657462][ T4478] device veth0_macvtap entered promiscuous mode [ 86.668349][ T4478] device veth1_macvtap entered promiscuous mode [ 86.693962][ T4478] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.702494][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 86.712838][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 86.721994][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 86.733207][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 86.745603][ T4478] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.754668][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 86.765499][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 86.776382][ T4478] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.785606][ T4478] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.796068][ T4478] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.805616][ T4478] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.882028][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.890039][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.907718][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 86.927709][ T1278] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.936950][ T1278] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.949844][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 86.991669][ T4195] Bluetooth: hci0: command 0x0409 tx timeout [ 87.129267][ T4571] [ 87.131627][ T4571] ====================================================== [ 87.138931][ T4571] WARNING: possible circular locking dependency detected [ 87.146385][ T4571] 5.15.173-syzkaller #0 Not tainted [ 87.151844][ T4571] ------------------------------------------------------ [ 87.158996][ T4571] syz-executor.0/4571 is trying to acquire lock: [ 87.165453][ T4571] ffff8881484c83f0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_bmap+0x4b/0x410 [ 87.175161][ T4571] [ 87.175161][ T4571] but task is already holding lock: [ 87.182639][ T4571] ffff88807f00a3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x31c/0xc90 [ 87.193377][ T4571] [ 87.193377][ T4571] which lock already depends on the new lock. [ 87.193377][ T4571] [ 87.204422][ T4571] [ 87.204422][ T4571] the existing dependency chain (in reverse order) is: [ 87.213540][ T4571] [ 87.213540][ T4571] -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 87.222345][ T4571] lock_acquire+0x1db/0x4f0 [ 87.227397][ T4571] __mutex_lock_common+0x1da/0x25a0 [ 87.233259][ T4571] mutex_lock_io_nested+0x45/0x60 [ 87.239005][ T4571] jbd2_journal_flush+0x290/0xc90 [ 87.244578][ T4571] ext4_ioctl+0x3249/0x5b80 [ 87.249713][ T4571] __se_sys_ioctl+0xf1/0x160 [ 87.254890][ T4571] do_syscall_64+0x3b/0xb0 [ 87.260024][ T4571] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.266504][ T4571] [ 87.266504][ T4571] -> #2 (&journal->j_barrier){+.+.}-{3:3}: [ 87.274525][ T4571] lock_acquire+0x1db/0x4f0 [ 87.279613][ T4571] __mutex_lock_common+0x1da/0x25a0 [ 87.285449][ T4571] mutex_lock_nested+0x17/0x20 [ 87.290756][ T4571] jbd2_journal_lock_updates+0x2aa/0x370 [ 87.297044][ T4571] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 87.303657][ T4571] ext4_fileattr_set+0xdf4/0x1750 [ 87.309307][ T4571] vfs_fileattr_set+0x8f3/0xd30 [ 87.314733][ T4571] do_vfs_ioctl+0x1d85/0x2b70 [ 87.320129][ T4571] __se_sys_ioctl+0x81/0x160 [ 87.325293][ T4571] do_syscall_64+0x3b/0xb0 [ 87.330306][ T4571] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.336939][ T4571] [ 87.336939][ T4571] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 87.345526][ T4571] lock_acquire+0x1db/0x4f0 [ 87.350661][ T4571] percpu_down_write+0x52/0x2d0 [ 87.356060][ T4571] ext4_ind_migrate+0x254/0x760 [ 87.361457][ T4571] ext4_fileattr_set+0xe8b/0x1750 [ 87.367039][ T4571] vfs_fileattr_set+0x8f3/0xd30 [ 87.372618][ T4571] do_vfs_ioctl+0x1d85/0x2b70 [ 87.377843][ T4571] __se_sys_ioctl+0x81/0x160 [ 87.382981][ T4571] do_syscall_64+0x3b/0xb0 [ 87.387938][ T4571] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.394463][ T4571] [ 87.394463][ T4571] -> #0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}: [ 87.403262][ T4571] validate_chain+0x1649/0x5930 [ 87.408801][ T4571] __lock_acquire+0x1295/0x1ff0 [ 87.414195][ T4571] lock_acquire+0x1db/0x4f0 [ 87.419250][ T4571] down_read+0x45/0x2e0 [ 87.423949][ T4571] ext4_bmap+0x4b/0x410 [ 87.428647][ T4571] bmap+0xa1/0xd0 [ 87.432835][ T4571] jbd2_journal_flush+0x7a2/0xc90 [ 87.438416][ T4571] ext4_ioctl+0x3249/0x5b80 [ 87.443640][ T4571] __se_sys_ioctl+0xf1/0x160 [ 87.448819][ T4571] do_syscall_64+0x3b/0xb0 [ 87.453789][ T4571] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.460673][ T4571] [ 87.460673][ T4571] other info that might help us debug this: [ 87.460673][ T4571] [ 87.471096][ T4571] Chain exists of: [ 87.471096][ T4571] &sb->s_type->i_mutex_key#9 --> &journal->j_barrier --> &journal->j_checkpoint_mutex [ 87.471096][ T4571] [ 87.486904][ T4571] Possible unsafe locking scenario: [ 87.486904][ T4571] [ 87.494637][ T4571] CPU0 CPU1 [ 87.500097][ T4571] ---- ---- [ 87.505563][ T4571] lock(&journal->j_checkpoint_mutex); [ 87.511129][ T4571] lock(&journal->j_barrier); [ 87.518439][ T4571] lock(&journal->j_checkpoint_mutex); [ 87.526528][ T4571] lock(&sb->s_type->i_mutex_key#9); [ 87.532014][ T4571] [ 87.532014][ T4571] *** DEADLOCK *** [ 87.532014][ T4571] [ 87.540395][ T4571] 2 locks held by syz-executor.0/4571: [ 87.545875][ T4571] #0: ffff88807f00a170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2aa/0x370 [ 87.556993][ T4571] #1: ffff88807f00a3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x31c/0xc90 [ 87.568171][ T4571] [ 87.568171][ T4571] stack backtrace: [ 87.574227][ T4571] CPU: 1 PID: 4571 Comm: syz-executor.0 Not tainted 5.15.173-syzkaller #0 [ 87.582751][ T4571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 87.592922][ T4571] Call Trace: [ 87.596218][ T4571] [ 87.599290][ T4571] dump_stack_lvl+0x1e3/0x2d0 [ 87.604001][ T4571] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 87.609754][ T4571] ? print_circular_bug+0x12b/0x1a0 [ 87.615063][ T4571] check_noncircular+0x2f8/0x3b0 [ 87.620024][ T4571] ? add_chain_block+0x850/0x850 [ 87.624991][ T4571] ? lockdep_lock+0x11f/0x2a0 [ 87.629711][ T4571] ? do_raw_spin_unlock+0x137/0x8b0 [ 87.634947][ T4571] validate_chain+0x1649/0x5930 [ 87.639912][ T4571] ? finish_lock_switch+0x8f/0x100 [ 87.645062][ T4571] ? reacquire_held_locks+0x660/0x660 [ 87.650473][ T4571] ? mark_lock+0x98/0x340 [ 87.655373][ T4571] ? reacquire_held_locks+0x660/0x660 [ 87.660776][ T4571] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 87.666787][ T4571] ? release_firmware_map_entry+0x190/0x190 [ 87.672795][ T4571] ? do_raw_spin_unlock+0x137/0x8b0 [ 87.678202][ T4571] ? mark_lock+0x98/0x340 [ 87.682586][ T4571] ? schedule+0x132/0x1f0 [ 87.686953][ T4571] __lock_acquire+0x1295/0x1ff0 [ 87.691854][ T4571] lock_acquire+0x1db/0x4f0 [ 87.696549][ T4571] ? ext4_bmap+0x4b/0x410 [ 87.701516][ T4571] ? read_lock_is_recursive+0x10/0x10 [ 87.707174][ T4571] ? __might_sleep+0xc0/0xc0 [ 87.711817][ T4571] ? ext4_journalled_write_end+0xee0/0xee0 [ 87.717958][ T4571] down_read+0x45/0x2e0 [ 87.722189][ T4571] ? ext4_bmap+0x4b/0x410 [ 87.726550][ T4571] ? ext4_journalled_write_end+0xee0/0xee0 [ 87.732387][ T4571] ext4_bmap+0x4b/0x410 [ 87.736612][ T4571] ? ext4_journalled_write_end+0xee0/0xee0 [ 87.742580][ T4571] bmap+0xa1/0xd0 [ 87.746338][ T4571] jbd2_journal_flush+0x7a2/0xc90 [ 87.751408][ T4571] ? __bpf_trace_jbd2_shrink_checkpoint_list+0x50/0x50 [ 87.758513][ T4571] ? bpf_lsm_capable+0x5/0x10 [ 87.763229][ T4571] ? security_capable+0x86/0xb0 [ 87.768555][ T4571] ext4_ioctl+0x3249/0x5b80 [ 87.773229][ T4571] ? do_vfs_ioctl+0x1b66/0x2b70 [ 87.778110][ T4571] ? ext4_fileattr_set+0x1750/0x1750 [ 87.783590][ T4571] ? __x64_compat_sys_ioctl+0x80/0x80 [ 87.789170][ T4571] ? __lock_acquire+0x1ff0/0x1ff0 [ 87.794258][ T4571] ? slab_free_freelist_hook+0xdd/0x160 [ 87.799838][ T4571] ? tomoyo_path_number_perm+0x648/0x810 [ 87.805514][ T4571] ? kfree+0xf1/0x270 [ 87.809532][ T4571] ? tomoyo_path_number_perm+0x6ab/0x810 [ 87.815210][ T4571] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 87.820719][ T4571] ? __fget_files+0x413/0x480 [ 87.825427][ T4571] ? bpf_lsm_file_ioctl+0x5/0x10 [ 87.830431][ T4571] ? security_file_ioctl+0x7d/0xa0 [ 87.835580][ T4571] ? ext4_fileattr_set+0x1750/0x1750 [ 87.840980][ T4571] __se_sys_ioctl+0xf1/0x160 [ 87.845703][ T4571] do_syscall_64+0x3b/0xb0 [ 87.850152][ T4571] ? clear_bhb_loop+0x15/0x70 [ 87.854980][ T4571] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 87.860904][ T4571] RIP: 0033:0x7f1be2d22d29 [ 87.865356][ T4571] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 87.884985][ T4571] RSP: 002b:00007f1be20a40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.893424][ T4571] RAX: ffffffffffffffda RBX: 00007f1be2e51f80 RCX: 00007f1be2d22d29 [ 87.901422][ T4571] RDX: 00000000200005c0 RSI: 000000004004662b RDI: 0000000000000004 [ 87.909637][ T4571] RBP: 00007f1be2d6f47a R08: 0000000000000000 R09: 0000000000000000 [ 87.917803][ T4571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 87.925809][ T4571] R13: 000000000000000b R14: 00007f1be2e51f80 R15: 00007ffe19d61df8 [ 87.933816][ T4571] [ 89.070328][ T4195] Bluetooth: hci0: command 0x041b tx timeout 2024/11/23 18:25:15 executed programs: 27 [ 91.150357][ T4195] Bluetooth: hci0: command 0x040f tx timeout [ 93.230357][ T1109] Bluetooth: hci0: command 0x0419 tx timeout 2024/11/23 18:25:20 executed programs: 120