Warning: Permanently added '10.128.1.37' (ED25519) to the list of known hosts. 2023/11/03 22:04:58 ignoring optional flag "sandboxArg"="0" 2023/11/03 22:04:59 parsed 1 programs [ 102.687085][ T5401] cgroup: Unknown subsys name 'net' [ 102.700168][ T5401] cgroup: Unknown subsys name 'rlimit' 2023/11/03 22:04:59 executed programs: 0 [ 104.026581][ T4461] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.034523][ T4461] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 104.042905][ T4461] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 104.051638][ T4461] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 104.059401][ T4461] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 104.067353][ T4461] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.208677][ T5407] chnl_net:caif_netlink_parms(): no params data found [ 104.281329][ T5407] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.288813][ T5407] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.296142][ T5407] bridge_slave_0: entered allmulticast mode [ 104.303246][ T5407] bridge_slave_0: entered promiscuous mode [ 104.312021][ T5407] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.319294][ T5407] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.326666][ T5407] bridge_slave_1: entered allmulticast mode [ 104.333712][ T5407] bridge_slave_1: entered promiscuous mode [ 104.367563][ T5407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.380736][ T5407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.416808][ T5407] team0: Port device team_slave_0 added [ 104.426440][ T5407] team0: Port device team_slave_1 added [ 104.457420][ T5407] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.465888][ T5407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.491880][ T5407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.504535][ T5407] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.511603][ T5407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.537883][ T5407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.578735][ T5407] hsr_slave_0: entered promiscuous mode [ 104.585916][ T5407] hsr_slave_1: entered promiscuous mode [ 104.697552][ T5407] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.705154][ T5407] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.712570][ T5407] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.719898][ T5407] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.783567][ T5407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.801298][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.809329][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.824181][ T5407] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.838399][ T924] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.845685][ T924] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.868336][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.875506][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.915005][ T5407] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 104.952382][ T5407] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.263791][ T5407] veth0_vlan: entered promiscuous mode [ 105.274289][ T5407] veth1_vlan: entered promiscuous mode [ 105.313395][ T5407] veth0_macvtap: entered promiscuous mode [ 105.323672][ T5407] veth1_macvtap: entered promiscuous mode [ 105.347341][ T5407] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.363852][ T5407] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.443728][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.452270][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.483635][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.491807][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.552493][ T5427] [ 105.555036][ T5427] ============================================ [ 105.561278][ T5427] WARNING: possible recursive locking detected [ 105.567416][ T5427] 6.6.0-syzkaller-10135-g016b9332a334 #0 Not tainted [ 105.574076][ T5427] -------------------------------------------- [ 105.580230][ T5427] syz-executor.0/5427 is trying to acquire lock: [ 105.586543][ T5427] ffff88807c9150d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: __dev_queue_xmit+0x1a7f/0x3d10 [ 105.596204][ T5427] [ 105.596204][ T5427] but task is already holding lock: [ 105.603556][ T5427] ffff88806f37d0d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x333/0xc20 [ 105.612866][ T5427] [ 105.612866][ T5427] other info that might help us debug this: [ 105.620917][ T5427] Possible unsafe locking scenario: [ 105.620917][ T5427] [ 105.628444][ T5427] CPU0 [ 105.631709][ T5427] ---- [ 105.634975][ T5427] lock(_xmit_ETHER#2); [ 105.639206][ T5427] lock(_xmit_ETHER#2); [ 105.643447][ T5427] [ 105.643447][ T5427] *** DEADLOCK *** [ 105.643447][ T5427] [ 105.651592][ T5427] May be due to missing lock nesting notation [ 105.651592][ T5427] [ 105.659910][ T5427] 6 locks held by syz-executor.0/5427: [ 105.665374][ T5427] #0: ffffffff8cfad3a0 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x36a/0x2550 [ 105.675108][ T5427] #1: ffffffff8cfad340 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x244/0x3d10 [ 105.685018][ T5427] #2: ffff88807b309258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x104f/0x3d10 [ 105.697460][ T5427] #3: ffff88806f37d0d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x333/0xc20 [ 105.707097][ T5427] #4: ffffffff8cfad3a0 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x36a/0x2550 [ 105.716928][ T5427] #5: ffffffff8cfad340 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x244/0x3d10 [ 105.726847][ T5427] [ 105.726847][ T5427] stack backtrace: [ 105.732727][ T5427] CPU: 1 PID: 5427 Comm: syz-executor.0 Not tainted 6.6.0-syzkaller-10135-g016b9332a334 #0 [ 105.742705][ T5427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 105.752761][ T5427] Call Trace: [ 105.756040][ T5427] [ 105.758961][ T5427] dump_stack_lvl+0xd9/0x1b0 [ 105.763545][ T5427] __lock_acquire+0x2971/0x5de0 [ 105.768398][ T5427] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 105.774415][ T5427] ? __sys_sendmmsg+0x1a1/0x450 [ 105.779341][ T5427] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 105.785323][ T5427] lock_acquire+0x1ae/0x510 [ 105.789827][ T5427] ? __dev_queue_xmit+0x1a7f/0x3d10 [ 105.795024][ T5427] ? lock_sync+0x190/0x190 [ 105.799801][ T5427] ? validate_xmit_xfrm+0x49b/0x12d0 [ 105.805100][ T5427] ? validate_xmit_skb+0x522/0xeb0 [ 105.810239][ T5427] _raw_spin_lock+0x2e/0x40 [ 105.814736][ T5427] ? __dev_queue_xmit+0x1a7f/0x3d10 [ 105.819939][ T5427] __dev_queue_xmit+0x1a7f/0x3d10 [ 105.825068][ T5427] ? print_usage_bug.part.0+0x670/0x670 [ 105.830623][ T5427] ? ___neigh_create+0x1878/0x2a20 [ 105.835822][ T5427] ? netdev_core_pick_tx+0x390/0x390 [ 105.841106][ T5427] ? lock_acquire+0x1ae/0x510 [ 105.846045][ T5427] ? find_held_lock+0x2d/0x110 [ 105.850889][ T5427] ? ip_finish_output2+0x833/0x2550 [ 105.856196][ T5427] ? reacquire_held_locks+0x4b0/0x4b0 [ 105.861593][ T5427] ? skb_push+0x9a/0xe0 [ 105.865745][ T5427] ? eth_header+0x11c/0x1f0 [ 105.870697][ T5427] neigh_resolve_output+0x58c/0x900 [ 105.875901][ T5427] ip_finish_output2+0x833/0x2550 [ 105.880916][ T5427] ? nf_hook+0x3bd/0x6c0 [ 105.885157][ T5427] ? ip_fragment.constprop.0+0x230/0x230 [ 105.890780][ T5427] ? ip_skb_dst_mtu+0x4c5/0xca0 [ 105.895625][ T5427] ? nf_hook+0x6c0/0x6c0 [ 105.899874][ T5427] __ip_finish_output+0x38b/0x640 [ 105.904913][ T5427] ip_finish_output+0x31/0x310 [ 105.909686][ T5427] ip_output+0x13b/0x290 [ 105.913926][ T5427] ip_local_out+0xaf/0x190 [ 105.918446][ T5427] iptunnel_xmit+0x618/0x9b0 [ 105.923028][ T5427] ip_tunnel_xmit+0x1dbc/0x33b0 [ 105.928020][ T5427] ? ip_md_tunnel_xmit+0x2000/0x2000 [ 105.933315][ T5427] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 105.940782][ T5427] ? skb_network_protocol+0x1f0/0x670 [ 105.946171][ T5427] ? __gre_xmit+0x4f5/0x990 [ 105.950703][ T5427] erspan_xmit+0x52b/0x1f90 [ 105.955471][ T5427] ? do_raw_spin_lock+0x12e/0x2b0 [ 105.960685][ T5427] dev_hard_start_xmit+0x13d/0x6c0 [ 105.965881][ T5427] sch_direct_xmit+0x1ac/0xc20 [ 105.970632][ T5427] ? lock_sync+0x190/0x190 [ 105.975128][ T5427] ? dev_watchdog+0x8f0/0x8f0 [ 105.979890][ T5427] ? do_raw_spin_trylock+0xb1/0x180 [ 105.985260][ T5427] ? do_raw_spin_lock+0x290/0x2b0 [ 105.990367][ T5427] ? __lock_acquire+0x250f/0x5de0 [ 105.995422][ T5427] __dev_queue_xmit+0x1273/0x3d10 [ 106.000623][ T5427] ? ___neigh_create+0x1878/0x2a20 [ 106.005827][ T5427] ? netdev_core_pick_tx+0x390/0x390 [ 106.011133][ T5427] ? find_held_lock+0x2d/0x110 [ 106.015927][ T5427] ? ip_finish_output2+0x833/0x2550 [ 106.021149][ T5427] ? reacquire_held_locks+0x4b0/0x4b0 [ 106.026517][ T5427] ? do_raw_write_lock+0x11e/0x3b0 [ 106.031637][ T5427] ? skb_push+0x9a/0xe0 [ 106.035798][ T5427] ? eth_header+0x11c/0x1f0 [ 106.040311][ T5427] neigh_resolve_output+0x58c/0x900 [ 106.045559][ T5427] ip_finish_output2+0x833/0x2550 [ 106.050611][ T5427] ? nf_hook+0x3bd/0x6c0 [ 106.055034][ T5427] ? ip_fragment.constprop.0+0x230/0x230 [ 106.060680][ T5427] ? ip_skb_dst_mtu+0x4c5/0xca0 [ 106.065648][ T5427] ? nf_hook+0x6c0/0x6c0 [ 106.069889][ T5427] __ip_finish_output+0x38b/0x640 [ 106.075218][ T5427] ip_finish_output+0x31/0x310 [ 106.079978][ T5427] ip_output+0x13b/0x290 [ 106.084300][ T5427] ip_send_skb+0xd3/0x250 [ 106.088718][ T5427] udp_send_skb+0x745/0x1530 [ 106.093424][ T5427] udp_sendmsg+0x1a17/0x2b20 [ 106.098013][ T5427] ? ip_frag_init+0x320/0x320 [ 106.102694][ T5427] ? udp_unicast_rcv_skb+0x3a0/0x3a0 [ 106.107591][ T4461] Bluetooth: hci0: command 0x0409 tx timeout [ 106.107983][ T5427] ? mark_lock+0x105/0x1950 [ 106.118562][ T5427] ? mark_lock+0x105/0x1950 [ 106.123100][ T5427] ? print_usage_bug.part.0+0x670/0x670 [ 106.128682][ T5427] ? print_usage_bug.part.0+0x670/0x670 [ 106.134655][ T5427] ? udpv6_sendmsg+0xf65/0x3020 [ 106.139678][ T5427] udpv6_sendmsg+0xf65/0x3020 [ 106.144348][ T5427] ? __lock_acquire+0x182f/0x5de0 [ 106.149384][ T5427] ? aa_label_sk_perm+0x154/0x540 [ 106.154405][ T5427] ? udp6_unicast_rcv_skb+0x2f0/0x2f0 [ 106.159861][ T5427] ? __lock_acquire+0x182f/0x5de0 [ 106.164901][ T5427] ? preempt_count_sub+0x150/0x150 [ 106.170015][ T5427] ? aa_af_perm+0x260/0x260 [ 106.174525][ T5427] ? inet6_sendmsg+0x9d/0xe0 [ 106.179113][ T5427] inet6_sendmsg+0x9d/0xe0 [ 106.183524][ T5427] ? inet6_compat_ioctl+0x360/0x360 [ 106.188799][ T5427] __sock_sendmsg+0xd5/0x180 [ 106.193393][ T5427] ____sys_sendmsg+0x2ac/0x940 [ 106.198153][ T5427] ? copy_msghdr_from_user+0x10b/0x160 [ 106.203601][ T5427] ? kernel_sendmsg+0x50/0x50 [ 106.208454][ T5427] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 106.214434][ T5427] ___sys_sendmsg+0x135/0x1d0 [ 106.219190][ T5427] ? do_recvmmsg+0x740/0x740 [ 106.223869][ T5427] ? find_held_lock+0x2d/0x110 [ 106.228650][ T5427] ? reacquire_held_locks+0x4b0/0x4b0 [ 106.234147][ T5427] ? __fget_light+0xe6/0x260 [ 106.238735][ T5427] __sys_sendmmsg+0x1a1/0x450 [ 106.243403][ T5427] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 106.248419][ T5427] ? rcu_is_watching+0x12/0xb0 [ 106.253175][ T5427] ? folio_memcg_unlock+0x280/0x280 [ 106.258548][ T5427] __x64_sys_sendmmsg+0x9c/0x100 [ 106.263474][ T5427] ? syscall_enter_from_user_mode+0x26/0x80 [ 106.269361][ T5427] do_syscall_64+0x3f/0x110 [ 106.273862][ T5427] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 106.279758][ T5427] RIP: 0033:0x7f301f2791e9 [ 106.284157][ T5427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b4 ff ff ff f7 d8 64 89 01 48 [ 106.303845][ T5427] RSP: 002b:00007f301e9fe0d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 106.312421][ T5427] RAX: ffffffffffffffda RBX: 00007f301f38bf60 RCX: 00007f301f2791e9 [ 106.320376][ T5427] RDX: 0000000000000001 RSI: 0000000020004d80 RDI: 0000000000000004 [ 106.328338][ T5427] RBP: 00007f301f2d3e76 R08: 0000000000000000 R09: 0000000000000000 [ 106.336295][ T5427] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.344339][ T5427] R13: 000000000000000b R14: 00007f301f38bf60 R15: 00007fff06bca878 [ 106.352388][ T5427] [ 106.365662][ T5427] syz-executor.0 (5427) used greatest stack depth: 22048 bytes left 2023/11/03 22:05:04 executed programs: 99 [ 108.184777][ T4461] Bluetooth: hci0: command 0x041b tx timeout [ 110.267100][ T4461] Bluetooth: hci0: command 0x040f tx timeout [ 111.003698][ T6019] syz-executor.0 (6019) used greatest stack depth: 21960 bytes left [ 112.351065][ T4461] Bluetooth: hci0: command 0x0419 tx timeout 2023/11/03 22:05:09 executed programs: 426