Warning: Permanently added '10.128.0.161' (ED25519) to the list of known hosts. 2023/12/13 14:18:41 ignoring optional flag "sandboxArg"="0" 2023/12/13 14:18:41 parsed 1 programs 2023/12/13 14:18:41 executed programs: 0 [ 45.267159][ T2678] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.297160][ T2064] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.305241][ T2064] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.317925][ T2699] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.337013][ T46] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.350000][ T2710] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.350918][ T2711] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.358205][ T2710] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 45.365367][ T2711] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.372471][ T2710] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 45.379318][ T2712] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.386649][ T2710] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.393431][ T2712] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.400615][ T2710] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 45.408122][ T2711] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 45.414899][ T2710] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.421917][ T2711] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.428879][ T2710] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 45.435570][ T2711] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.443546][ T2710] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 45.450358][ T2711] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 45.457250][ T2710] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.471896][ T2712] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.472183][ T2714] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.479521][ T2713] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 45.486635][ T2714] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 45.493395][ T2710] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.500747][ T2714] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 45.507369][ T2711] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 45.514696][ T2714] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.521183][ T2710] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 45.534200][ T2711] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 45.535346][ T2712] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.542527][ T2711] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.549302][ T2712] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 45.563590][ T2699] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 45.570902][ T2712] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 45.762749][ T2702] chnl_net:caif_netlink_parms(): no params data found [ 45.772391][ T2686] chnl_net:caif_netlink_parms(): no params data found [ 45.789906][ T2696] chnl_net:caif_netlink_parms(): no params data found [ 45.802349][ T2698] chnl_net:caif_netlink_parms(): no params data found [ 45.826734][ T2707] chnl_net:caif_netlink_parms(): no params data found [ 45.859195][ T2701] chnl_net:caif_netlink_parms(): no params data found [ 47.568946][ T2699] Bluetooth: hci1: command 0x0409 tx timeout [ 47.571764][ T2709] Bluetooth: hci0: command 0x0409 tx timeout [ 47.648881][ T2709] Bluetooth: hci3: command 0x0409 tx timeout [ 47.653565][ T2699] Bluetooth: hci4: command 0x0409 tx timeout [ 47.655056][ T2709] Bluetooth: hci2: command 0x0409 tx timeout [ 47.661205][ T2712] Bluetooth: hci5: command 0x0409 tx timeout [ 48.222666][ T2702] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.348127][ T2707] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.497519][ T2696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.555651][ T2698] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.577919][ T2701] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.636306][ T2686] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.649211][ T2712] Bluetooth: hci1: command 0x041b tx timeout [ 49.655495][ T2712] Bluetooth: hci0: command 0x041b tx timeout [ 49.728656][ T2699] Bluetooth: hci2: command 0x041b tx timeout [ 49.729037][ T2709] Bluetooth: hci4: command 0x041b tx timeout [ 49.734652][ T2699] Bluetooth: hci3: command 0x041b tx timeout [ 49.749430][ T2712] Bluetooth: hci5: command 0x041b tx timeout [ 50.083223][ T2702] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.328686][ T2707] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.472488][ T2698] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.500622][ T2696] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.522054][ T2701] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.689228][ T2686] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.733257][ T2712] Bluetooth: hci0: command 0x040f tx timeout [ 51.739339][ T2712] Bluetooth: hci1: command 0x040f tx timeout [ 51.808601][ T2699] Bluetooth: hci5: command 0x040f tx timeout [ 51.814622][ T2699] Bluetooth: hci3: command 0x040f tx timeout [ 51.828077][ T2712] Bluetooth: hci4: command 0x040f tx timeout [ 51.828254][ T2709] Bluetooth: hci2: command 0x040f tx timeout [ 53.809351][ T2709] Bluetooth: hci1: command 0x0419 tx timeout [ 53.815467][ T2709] Bluetooth: hci0: command 0x0419 tx timeout [ 53.898748][ T2699] Bluetooth: hci2: command 0x0419 tx timeout [ 53.904761][ T2699] Bluetooth: hci3: command 0x0419 tx timeout [ 53.911410][ T2699] Bluetooth: hci4: command 0x0419 tx timeout [ 53.911443][ T2709] Bluetooth: hci5: command 0x0419 tx timeout [ 54.287619][ T4801] [ 54.289969][ T4801] ====================================================== [ 54.297060][ T4801] WARNING: possible circular locking dependency detected [ 54.304418][ T4801] 6.7.0-rc5-syzkaller #0 Not tainted [ 54.309678][ T4801] ------------------------------------------------------ [ 54.316933][ T4801] syz-executor.3/4801 is trying to acquire lock: [ 54.323325][ T4801] ffff8881106a6dc8 (&jsk->sk_session_queue_lock){+.-.}-{2:2}, at: j1939_sk_queue_drop_all+0x22/0xc0 [ 54.334414][ T4801] [ 54.334414][ T4801] but task is already holding lock: [ 54.341754][ T4801] ffff88811386d0d0 (&priv->j1939_socks_lock){+.-.}-{2:2}, at: j1939_sk_netdev_event_netdown+0x1f/0x80 [ 54.352651][ T4801] [ 54.352651][ T4801] which lock already depends on the new lock. [ 54.352651][ T4801] [ 54.363913][ T4801] [ 54.363913][ T4801] the existing dependency chain (in reverse order) is: [ 54.372914][ T4801] [ 54.372914][ T4801] -> #2 (&priv->j1939_socks_lock){+.-.}-{2:2}: [ 54.381462][ T4801] _raw_spin_lock_bh+0x35/0x50 [ 54.387058][ T4801] j1939_sk_errqueue+0x48/0xb0 [ 54.392393][ T4801] j1939_session_put+0x55/0x160 [ 54.397740][ T4801] j1939_cancel_active_session+0x62/0x150 [ 54.403994][ T4801] j1939_netdev_notify+0xa9/0xf0 [ 54.409455][ T4801] notifier_call_chain+0x69/0xf0 [ 54.414890][ T4801] dev_close_many+0x109/0x160 [ 54.420061][ T4801] unregister_netdevice_many_notify+0x136/0x800 [ 54.426788][ T4801] rtnl_dellink+0x1e9/0x500 [ 54.431863][ T4801] rtnetlink_rcv_msg+0x398/0x670 [ 54.437549][ T4801] netlink_rcv_skb+0xd9/0x100 [ 54.442711][ T4801] netlink_unicast+0x23b/0x320 [ 54.447968][ T4801] netlink_sendmsg+0x3ad/0x440 [ 54.453217][ T4801] ____sys_sendmsg+0x19a/0x240 [ 54.458579][ T4801] ___sys_sendmsg+0x28f/0x2d0 [ 54.463740][ T4801] __se_sys_sendmsg+0xf7/0x130 [ 54.468988][ T4801] do_syscall_64+0x45/0x110 [ 54.474067][ T4801] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 54.480448][ T4801] [ 54.480448][ T4801] -> #1 (&priv->active_session_list_lock){+.-.}-{2:2}: [ 54.489792][ T4801] _raw_spin_lock_bh+0x35/0x50 [ 54.495062][ T4801] j1939_session_activate+0x23/0x110 [ 54.500829][ T4801] j1939_sk_queue_activate_next+0xd6/0x150 [ 54.507243][ T4801] j1939_xtp_rx_eoma+0x14b/0x1c0 [ 54.512664][ T4801] j1939_tp_recv+0x2ea/0x4a0 [ 54.517744][ T4801] j1939_can_recv+0x1e4/0x290 [ 54.523089][ T4801] can_rcv_filter+0x76/0x160 [ 54.528252][ T4801] can_receive+0x107/0x190 [ 54.533238][ T4801] can_rcv+0x4b/0x90 [ 54.537615][ T4801] __netif_receive_skb+0x50/0xe0 [ 54.543300][ T4801] process_backlog+0x1b6/0x2d0 [ 54.548571][ T4801] __napi_poll+0x24/0x1c0 [ 54.553388][ T4801] net_rx_action+0x1b9/0x390 [ 54.558466][ T4801] __do_softirq+0x146/0x3c8 [ 54.563498][ T4801] do_softirq+0x93/0x100 [ 54.568589][ T4801] __local_bh_enable_ip+0xe9/0xf0 [ 54.574190][ T4801] pppoe_release+0x28/0x210 [ 54.579265][ T4801] sock_close+0x42/0xd0 [ 54.583914][ T4801] __fput+0xf6/0x2c0 [ 54.588322][ T4801] __se_sys_close+0x67/0xb0 [ 54.593515][ T4801] do_syscall_64+0x45/0x110 [ 54.598593][ T4801] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 54.605002][ T4801] [ 54.605002][ T4801] -> #0 (&jsk->sk_session_queue_lock){+.-.}-{2:2}: [ 54.613649][ T4801] __lock_acquire+0x11f6/0x2480 [ 54.618987][ T4801] lock_acquire+0xea/0x260 [ 54.624007][ T4801] _raw_spin_lock_bh+0x35/0x50 [ 54.629255][ T4801] j1939_sk_queue_drop_all+0x22/0xc0 [ 54.635036][ T4801] j1939_sk_netdev_event_netdown+0x3f/0x80 [ 54.641333][ T4801] j1939_netdev_notify+0xb1/0xf0 [ 54.646755][ T4801] notifier_call_chain+0x69/0xf0 [ 54.652443][ T4801] dev_close_many+0x109/0x160 [ 54.657692][ T4801] unregister_netdevice_many_notify+0x136/0x800 [ 54.664569][ T4801] rtnl_dellink+0x1e9/0x500 [ 54.669643][ T4801] rtnetlink_rcv_msg+0x398/0x670 [ 54.675066][ T4801] netlink_rcv_skb+0xd9/0x100 [ 54.680319][ T4801] netlink_unicast+0x23b/0x320 [ 54.685827][ T4801] netlink_sendmsg+0x3ad/0x440 [ 54.691163][ T4801] ____sys_sendmsg+0x19a/0x240 [ 54.696590][ T4801] ___sys_sendmsg+0x28f/0x2d0 [ 54.702021][ T4801] __se_sys_sendmsg+0xf7/0x130 [ 54.707369][ T4801] do_syscall_64+0x45/0x110 [ 54.712482][ T4801] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 54.718858][ T4801] [ 54.718858][ T4801] other info that might help us debug this: [ 54.718858][ T4801] [ 54.729052][ T4801] Chain exists of: [ 54.729052][ T4801] &jsk->sk_session_queue_lock --> &priv->active_session_list_lock --> &priv->j1939_socks_lock [ 54.729052][ T4801] [ 54.745696][ T4801] Possible unsafe locking scenario: [ 54.745696][ T4801] [ 54.756432][ T4801] CPU0 CPU1 [ 54.762118][ T4801] ---- ---- [ 54.767450][ T4801] lock(&priv->j1939_socks_lock); [ 54.772873][ T4801] lock(&priv->active_session_list_lock); [ 54.781964][ T4801] lock(&priv->j1939_socks_lock); [ 54.789833][ T4801] lock(&jsk->sk_session_queue_lock); [ 54.795255][ T4801] [ 54.795255][ T4801] *** DEADLOCK *** [ 54.795255][ T4801] [ 54.803466][ T4801] 2 locks held by syz-executor.3/4801: [ 54.809755][ T4801] #0: ffffffff84187af8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x36a/0x670 [ 54.819378][ T4801] #1: ffff88811386d0d0 (&priv->j1939_socks_lock){+.-.}-{2:2}, at: j1939_sk_netdev_event_netdown+0x1f/0x80 [ 54.830798][ T4801] [ 54.830798][ T4801] stack backtrace: [ 54.836687][ T4801] CPU: 0 PID: 4801 Comm: syz-executor.3 Not tainted 6.7.0-rc5-syzkaller #0 [ 54.845349][ T4801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 54.855566][ T4801] Call Trace: [ 54.858918][ T4801] [ 54.862000][ T4801] dump_stack_lvl+0x8d/0xe0 [ 54.866493][ T4801] check_noncircular+0x115/0x140 [ 54.871420][ T4801] __lock_acquire+0x11f6/0x2480 [ 54.876420][ T4801] ? irqentry_exit+0x57/0x80 [ 54.881065][ T4801] ? lockdep_hardirqs_on+0x98/0xf0 [ 54.886144][ T4801] ? j1939_sk_queue_drop_all+0x22/0xc0 [ 54.891571][ T4801] lock_acquire+0xea/0x260 [ 54.895951][ T4801] ? j1939_sk_queue_drop_all+0x22/0xc0 [ 54.901555][ T4801] ? _raw_spin_unlock_irqrestore+0x6c/0xb0 [ 54.907453][ T4801] ? j1939_sk_queue_drop_all+0x22/0xc0 [ 54.912959][ T4801] _raw_spin_lock_bh+0x35/0x50 [ 54.917685][ T4801] ? j1939_sk_queue_drop_all+0x22/0xc0 [ 54.923113][ T4801] j1939_sk_queue_drop_all+0x22/0xc0 [ 54.928362][ T4801] j1939_sk_netdev_event_netdown+0x3f/0x80 [ 54.934227][ T4801] j1939_netdev_notify+0xb1/0xf0 [ 54.939386][ T4801] notifier_call_chain+0x69/0xf0 [ 54.944464][ T4801] dev_close_many+0x109/0x160 [ 54.949137][ T4801] unregister_netdevice_many_notify+0x136/0x800 [ 54.955614][ T4801] ? rtnl_is_locked+0x10/0x20 [ 54.960346][ T4801] ? unregister_netdevice_queue+0x5e/0xe0 [ 54.966125][ T4801] rtnl_dellink+0x1e9/0x500 [ 54.970603][ T4801] ? rtnetlink_rcv_msg+0x36a/0x670 [ 54.975679][ T4801] ? _raw_spin_unlock+0x28/0x40 [ 54.980772][ T4801] rtnetlink_rcv_msg+0x398/0x670 [ 54.985761][ T4801] ? rtnetlink_rcv_msg+0xab/0x670 [ 54.990748][ T4801] ? finish_task_switch+0x138/0x360 [ 54.995910][ T4801] ? lockdep_hardirqs_on+0x98/0xf0 [ 55.001334][ T4801] ? finish_task_switch+0x138/0x360 [ 55.006586][ T4801] ? __lock_acquire+0x4ef/0x2480 [ 55.011488][ T4801] ? debug_check_no_obj_freed+0x20a/0x270 [ 55.017170][ T4801] ? preempt_schedule+0x53/0x60 [ 55.021980][ T4801] ? __dev_queue_xmit+0x78/0x1170 [ 55.026964][ T4801] ? preempt_schedule_common+0x1c/0x80 [ 55.032389][ T4801] ? rcu_preempt_deferred_qs_irqrestore+0xb4/0x390 [ 55.039040][ T4801] ? _raw_spin_unlock_irqrestore+0x43/0xb0 [ 55.044816][ T4801] ? lockdep_hardirqs_on+0x98/0xf0 [ 55.049978][ T4801] ? rtnetlink_bind+0x30/0x30 [ 55.054792][ T4801] netlink_rcv_skb+0xd9/0x100 [ 55.059435][ T4801] netlink_unicast+0x23b/0x320 [ 55.064174][ T4801] netlink_sendmsg+0x3ad/0x440 [ 55.069165][ T4801] ____sys_sendmsg+0x19a/0x240 [ 55.073900][ T4801] ___sys_sendmsg+0x28f/0x2d0 [ 55.078547][ T4801] __se_sys_sendmsg+0xf7/0x130 [ 55.083482][ T4801] do_syscall_64+0x45/0x110 [ 55.088016][ T4801] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 55.093872][ T4801] RIP: 0033:0x7f1796e7cae9 [ 55.098253][ T4801] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 55.117920][ T4801] RSP: 002b:00007f1797b0d0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 55.126327][ T4801] RAX: ffffffffffffffda RBX: 00007f1796f9c120 RCX: 00007f1796e7cae9 2023/12/13 14:18:51 executed programs: 6 [ 55.134265][ T4801] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000008 [ 55.142286][ T4801] RBP: 00007f1796ec847a R08: 0000000000000000 R09: 0000000000000000 [ 55.150223][ T4801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 55.158159][ T4801] R13: 000000000000006e R14: 00007f1796f9c120 R15: 00007ffe61992568 [ 55.166097][ T4801] [ 55.171786][ C1] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 55.928317][ C1] vxcan0 (unregistered): j1939_tp_rxtimer: 0xffff888104bf8600: rx timeout, send abort [ 55.975925][ C1] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 55.982553][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 55.990771][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 55.998670][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 56.006540][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 56.014622][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 56.022520][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 56.030433][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 56.038403][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 56.046309][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 56.054277][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 56.062646][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 56.070527][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 56.078509][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 56.086460][ C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 56.437938][ C1] vxcan0 (unregistered): j1939_tp_rxtimer: 0xffff888104bf8600: abort rx timeout. Force session deactivation 2023/12/13 14:18:56 executed programs: 308