IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! ================================ WARNING: inconsistent lock state 4.14.307-syzkaller #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. swapper/0/0 [HC0[0]:SC1[1]:HE1:SE0] takes: (&(&local->client_conns_lock)->rlock){+.?.}, at: [] spin_lock include/linux/spinlock.h:317 [inline] (&(&local->client_conns_lock)->rlock){+.?.}, at: [] rxrpc_put_one_client_conn net/rxrpc/conn_client.c:905 [inline] (&(&local->client_conns_lock)->rlock){+.?.}, at: [] rxrpc_put_client_conn+0x661/0xac0 net/rxrpc/conn_client.c:957 batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 {SOFTIRQ-ON-W} state was registered at: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152 spin_lock include/linux/spinlock.h:317 [inline] rxrpc_get_client_conn net/rxrpc/conn_client.c:306 [inline] rxrpc_connect_call+0x2bb/0x3e10 net/rxrpc/conn_client.c:692 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! rxrpc_new_client_call+0x8f4/0x1a10 net/rxrpc/call_object.c:276 rxrpc_new_client_call_for_sendmsg net/rxrpc/sendmsg.c:531 [inline] rxrpc_do_sendmsg+0x8dc/0xfb0 net/rxrpc/sendmsg.c:583 rxrpc_sendmsg+0x3cf/0x5f0 net/rxrpc/af_rxrpc.c:543 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 irq event stamp: 771438 hardirqs last enabled at (771438): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] hardirqs last enabled at (771438): [] _raw_spin_unlock_irqrestore+0x79/0xe0 kernel/locking/spinlock.c:192 hardirqs last disabled at (771437): [] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline] hardirqs last disabled at (771437): [] _raw_spin_lock_irqsave+0x66/0xc0 kernel/locking/spinlock.c:160 softirqs last enabled at (771384): [] irq_enter+0xbd/0xd0 kernel/softirq.c:350 softirqs last disabled at (771385): [] invoke_softirq kernel/softirq.c:368 [inline] softirqs last disabled at (771385): [] irq_exit+0x193/0x240 kernel/softirq.c:409 other info that might help us debug this: Possible unsafe locking scenario: batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! CPU0 ---- lock(&(&local->client_conns_lock)->rlock); lock(&(&local->client_conns_lock)->rlock); *** DEADLOCK *** 1 lock held by swapper/0/0: #0: (rcu_callback){....}, at: [] __rcu_reclaim kernel/rcu/rcu.h:185 [inline] #0: (rcu_callback){....}, at: [] rcu_do_batch kernel/rcu/tree.c:2699 [inline] #0: (rcu_callback){....}, at: [] invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline] #0: (rcu_callback){....}, at: [] __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline] #0: (rcu_callback){....}, at: [] rcu_process_callbacks+0x84e/0x1180 kernel/rcu/tree.c:2946 stack backtrace: batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.14.307-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 print_usage_bug.cold+0x42e/0x570 kernel/locking/lockdep.c:2589 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! valid_state kernel/locking/lockdep.c:2602 [inline] mark_lock_irq kernel/locking/lockdep.c:2796 [inline] mark_lock+0xb4d/0x1050 kernel/locking/lockdep.c:3194 mark_irqflags kernel/locking/lockdep.c:3072 [inline] __lock_acquire+0xc81/0x3f20 kernel/locking/lockdep.c:3448 IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready batman_adv: batadv0: Interface activated: batadv_slave_1 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152 spin_lock include/linux/spinlock.h:317 [inline] rxrpc_put_one_client_conn net/rxrpc/conn_client.c:905 [inline] rxrpc_put_client_conn+0x661/0xac0 net/rxrpc/conn_client.c:957 IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready rxrpc_put_connection net/rxrpc/ar-internal.h:862 [inline] rxrpc_rcu_destroy_call+0x83/0x190 net/rxrpc/call_object.c:653 __rcu_reclaim kernel/rcu/rcu.h:195 [inline] rcu_do_batch kernel/rcu/tree.c:2699 [inline] invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline] __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline] rcu_process_callbacks+0x780/0x1180 kernel/rcu/tree.c:2946 IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 __do_softirq+0x24d/0x9ff kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x193/0x240 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:638 [inline] smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:796 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! RIP: 0010:native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:61 RSP: 0018:ffffffff88e07e78 EFLAGS: 000002c2 ORIG_RAX: ffffffffffffff10 RAX: 1ffffffff11e13dc RBX: dffffc0000000000 RCX: 0000000000000000 RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffffffff88e74d04 RBP: ffffffff88f09ed0 R08: 0000000000000000 R09: 0000000000000000 batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 R10: 0000000000000000 R11: 0000000000000000 R12: fffffbfff11ce890 R13: ffffffff88e74480 R14: 0000000000000000 R15: 0000000000000000 arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline] default_idle+0x47/0x370 arch/x86/kernel/process.c:558 cpuidle_idle_call kernel/sched/idle.c:156 [inline] do_idle+0x250/0x3c0 kernel/sched/idle.c:246 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:351 start_kernel+0x743/0x763 init/main.c:712 batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240 Bluetooth: hci0 command 0x0419 tx timeout batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! Bluetooth: hci2 command 0x0419 tx timeout batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 Bluetooth: hci4 command 0x0419 tx timeout batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! Bluetooth: hci1 command 0x0419 tx timeout batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 Bluetooth: hci5 command 0x0419 tx timeout batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! Bluetooth: hci3 command 0x0419 tx timeout IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready batman_adv: batadv0: Interface activated: batadv_slave_0 IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready batman_adv: batadv0: Interface activated: batadv_slave_1 IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready ====================================================== WARNING: the mand mount option is being deprecated and will be removed in v5.15! ====================================================== L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. BFS-fs: bfs_fill_super(): Superblock is corrupted BFS-fs: bfs_fill_super(): Superblock is corrupted BFS-fs: bfs_fill_super(): Superblock is corrupted print_req_error: I/O error, dev loop4, sector 1 Buffer I/O error on dev loop4, logical block 1, async page read print_req_error: I/O error, dev loop4, sector 2 Buffer I/O error on dev loop4, logical block 2, async page read print_req_error: I/O error, dev loop4, sector 3 Buffer I/O error on dev loop4, logical block 3, async page read print_req_error: I/O error, dev loop4, sector 4 Buffer I/O error on dev loop4, logical block 4, async page read print_req_error: I/O error, dev loop4, sector 5 Buffer I/O error on dev loop4, logical block 5, async page read print_req_error: I/O error, dev loop4, sector 6 Buffer I/O error on dev loop4, logical block 6, async page read print_req_error: I/O error, dev loop4, sector 7 Buffer I/O error on dev loop4, logical block 7, async page read BFS-fs: bfs_fill_super(): Superblock is corrupted print_req_error: I/O error, dev loop4, sector 1 Buffer I/O error on dev loop4, logical block 1, async page read print_req_error: I/O error, dev loop4, sector 2 Buffer I/O error on dev loop4, logical block 2, async page read print_req_error: I/O error, dev loop4, sector 3 Buffer I/O error on dev loop4, logical block 3, async page read rtc_cmos 00:00: Alarms can be up to one day in the future rtc_cmos 00:00: Alarms can be up to one day in the future rtc_cmos 00:00: Alarms can be up to one day in the future rtc_cmos 00:00: Alarms can be up to one day in the future rtc rtc0: __rtc_set_alarm: err=-22 netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. PF_BRIDGE: br_mdb_parse() with non-bridge IPVS: ftp: loaded support on port[0] = 21 netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. PF_BRIDGE: br_mdb_parse() with non-bridge netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. PF_BRIDGE: br_mdb_parse() with non-bridge netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. PF_BRIDGE: br_mdb_parse() with non-bridge netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. PF_BRIDGE: br_mdb_parse() with non-bridge netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. PF_BRIDGE: br_mdb_parse() with non-bridge netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. PF_BRIDGE: br_mdb_parse() with non-bridge syz-executor.1 (9958) used greatest stack depth: 25168 bytes left syz-executor.1 (9986) used greatest stack depth: 25056 bytes left netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. syz-executor.2 (10116) used greatest stack depth: 24984 bytes left netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. syz-executor.4 (10155) used greatest stack depth: 24312 bytes left