Warning: Permanently added '10.128.1.136' (ED25519) to the list of known hosts. 2024/01/11 17:22:55 ignoring optional flag "sandboxArg"="0" 2024/01/11 17:22:56 parsed 1 programs 2024/01/11 17:22:56 executed programs: 0 [ 102.021082][ T4469] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 102.029654][ T4469] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 102.038596][ T4469] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 102.048075][ T4469] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 102.056085][ T4469] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 102.063497][ T4469] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 102.227349][ T5434] chnl_net:caif_netlink_parms(): no params data found [ 102.305732][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.312948][ T5434] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.320375][ T5434] bridge_slave_0: entered allmulticast mode [ 102.327999][ T5434] bridge_slave_0: entered promiscuous mode [ 102.337448][ T5434] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.345768][ T5434] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.353405][ T5434] bridge_slave_1: entered allmulticast mode [ 102.360954][ T5434] bridge_slave_1: entered promiscuous mode [ 102.396077][ T5434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.408680][ T5434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.447133][ T5434] team0: Port device team_slave_0 added [ 102.461386][ T5434] team0: Port device team_slave_1 added [ 102.491606][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.498724][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.524932][ T5434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.537778][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.545040][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.571268][ T5434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.620290][ T5434] hsr_slave_0: entered promiscuous mode [ 102.627262][ T5434] hsr_slave_1: entered promiscuous mode [ 103.361449][ T5434] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 103.375218][ T5434] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 103.389452][ T5434] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 103.402756][ T5434] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 103.557414][ T5434] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.593597][ T5434] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.616380][ T4542] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.623591][ T4542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.647344][ T4542] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.655329][ T4542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.957354][ T5434] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.031780][ T5434] veth0_vlan: entered promiscuous mode [ 104.050512][ T5434] veth1_vlan: entered promiscuous mode [ 104.103779][ T5434] veth0_macvtap: entered promiscuous mode [ 104.117858][ T4469] Bluetooth: hci0: command 0x0409 tx timeout [ 104.120316][ T5434] veth1_macvtap: entered promiscuous mode [ 104.160740][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.183190][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.203378][ T5434] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.212930][ T5434] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.225128][ T5434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.234074][ T5434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.374666][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.382539][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.446998][ T2425] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.456092][ T2425] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.063785][ T5514] [ 105.066502][ T5514] ====================================================== [ 105.073705][ T5514] WARNING: possible circular locking dependency detected [ 105.080911][ T5514] 6.7.0-rc8-syzkaller-00126-gac631873c9e7 #0 Not tainted [ 105.087946][ T5514] ------------------------------------------------------ [ 105.095082][ T5514] syz-executor.0/5514 is trying to acquire lock: [ 105.101776][ T5514] ffff88802579c100 (&rm->m_rs_lock){....}-{2:2}, at: rds_message_put+0x1dd/0xc50 [ 105.111050][ T5514] [ 105.111050][ T5514] but task is already holding lock: [ 105.118601][ T5514] ffff8880774034b0 (&rs->rs_recv_lock){....}-{2:2}, at: rds_clear_recv_queue+0x33/0x350 [ 105.128570][ T5514] [ 105.128570][ T5514] which lock already depends on the new lock. [ 105.128570][ T5514] [ 105.139088][ T5514] [ 105.139088][ T5514] the existing dependency chain (in reverse order) is: [ 105.148116][ T5514] [ 105.148116][ T5514] -> #1 (&rs->rs_recv_lock){....}-{2:2}: [ 105.156317][ T5514] _raw_read_lock_irqsave+0x46/0x90 [ 105.162073][ T5514] rds_wake_sk_sleep+0x23/0xe0 [ 105.167388][ T5514] rds_send_remove_from_sock+0x1e9/0xa50 [ 105.173671][ T5514] rds_send_path_drop_acked+0x2f4/0x3c0 [ 105.179855][ T5514] rds_tcp_write_space+0x1b5/0x6d0 [ 105.185525][ T5514] tcp_check_space+0x178/0x8c0 [ 105.190929][ T5514] tcp_rcv_established+0x953/0x20e0 [ 105.196686][ T5514] tcp_v4_do_rcv+0x68c/0xa10 [ 105.202009][ T5514] __release_sock+0x132/0x3b0 [ 105.207233][ T5514] release_sock+0x5a/0x1f0 [ 105.212202][ T5514] rds_send_xmit+0x164f/0x2490 [ 105.217517][ T5514] rds_send_worker+0x8f/0x2e0 [ 105.222746][ T5514] process_one_work+0x886/0x15d0 [ 105.228236][ T5514] worker_thread+0x8b9/0x1290 [ 105.233475][ T5514] kthread+0x2c6/0x3a0 [ 105.238094][ T5514] ret_from_fork+0x45/0x80 [ 105.243068][ T5514] ret_from_fork_asm+0x11/0x20 [ 105.248417][ T5514] [ 105.248417][ T5514] -> #0 (&rm->m_rs_lock){....}-{2:2}: [ 105.256001][ T5514] __lock_acquire+0x2433/0x3b20 [ 105.261406][ T5514] lock_acquire+0x1ae/0x520 [ 105.267331][ T5514] _raw_spin_lock_irqsave+0x3a/0x50 [ 105.273165][ T5514] rds_message_put+0x1dd/0xc50 [ 105.278569][ T5514] rds_inc_put+0x13c/0x1a0 [ 105.283621][ T5514] rds_clear_recv_queue+0x14c/0x350 [ 105.289542][ T5514] rds_release+0xdb/0x3c0 [ 105.294421][ T5514] __sock_release+0xae/0x260 [ 105.300092][ T5514] sock_close+0x1c/0x20 [ 105.304805][ T5514] __fput+0x270/0xb70 [ 105.309504][ T5514] __fput_sync+0x47/0x50 [ 105.314390][ T5514] __x64_sys_close+0x87/0xf0 [ 105.319542][ T5514] do_syscall_64+0x40/0x110 [ 105.324959][ T5514] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 105.331577][ T5514] [ 105.331577][ T5514] other info that might help us debug this: [ 105.331577][ T5514] [ 105.342080][ T5514] Possible unsafe locking scenario: [ 105.342080][ T5514] [ 105.349553][ T5514] CPU0 CPU1 [ 105.355108][ T5514] ---- ---- [ 105.360833][ T5514] lock(&rs->rs_recv_lock); [ 105.365709][ T5514] lock(&rm->m_rs_lock); [ 105.372840][ T5514] lock(&rs->rs_recv_lock); [ 105.380065][ T5514] lock(&rm->m_rs_lock); [ 105.384414][ T5514] [ 105.384414][ T5514] *** DEADLOCK *** [ 105.384414][ T5514] [ 105.392915][ T5514] 2 locks held by syz-executor.0/5514: [ 105.398480][ T5514] #0: ffff88806f9c9a10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x260 [ 105.409118][ T5514] #1: ffff8880774034b0 (&rs->rs_recv_lock){....}-{2:2}, at: rds_clear_recv_queue+0x33/0x350 [ 105.419359][ T5514] [ 105.419359][ T5514] stack backtrace: [ 105.425258][ T5514] CPU: 0 PID: 5514 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller-00126-gac631873c9e7 #0 [ 105.435614][ T5514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 105.445779][ T5514] Call Trace: [ 105.449076][ T5514] [ 105.452026][ T5514] dump_stack_lvl+0xd9/0x1b0 [ 105.456723][ T5514] check_noncircular+0x317/0x400 [ 105.461705][ T5514] ? print_circular_bug+0x5c0/0x5c0 [ 105.466938][ T5514] ? hlock_class+0x4e/0x130 [ 105.471472][ T5514] ? mark_lock+0xb5/0xc50 [ 105.475839][ T5514] ? lockdep_lock+0xc6/0x200 [ 105.480457][ T5514] ? hlock_class+0x130/0x130 [ 105.485077][ T5514] __lock_acquire+0x2433/0x3b20 [ 105.489963][ T5514] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 105.495979][ T5514] lock_acquire+0x1ae/0x520 [ 105.500517][ T5514] ? rds_message_put+0x1dd/0xc50 [ 105.505572][ T5514] ? lock_sync+0x190/0x190 [ 105.510030][ T5514] ? lock_acquire+0x1ae/0x520 [ 105.514843][ T5514] _raw_spin_lock_irqsave+0x3a/0x50 [ 105.520340][ T5514] ? rds_message_put+0x1dd/0xc50 [ 105.525404][ T5514] rds_message_put+0x1dd/0xc50 [ 105.530402][ T5514] rds_inc_put+0x13c/0x1a0 [ 105.535044][ T5514] rds_clear_recv_queue+0x14c/0x350 [ 105.540279][ T5514] ? __local_bh_enable_ip+0xa4/0x120 [ 105.545688][ T5514] ? __sock_release+0x260/0x260 [ 105.550745][ T5514] rds_release+0xdb/0x3c0 [ 105.555197][ T5514] ? __sock_release+0x260/0x260 [ 105.560175][ T5514] __sock_release+0xae/0x260 [ 105.564802][ T5514] sock_close+0x1c/0x20 [ 105.569424][ T5514] __fput+0x270/0xb70 [ 105.573489][ T5514] __fput_sync+0x47/0x50 [ 105.578564][ T5514] __x64_sys_close+0x87/0xf0 [ 105.583194][ T5514] do_syscall_64+0x40/0x110 [ 105.587738][ T5514] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 105.593684][ T5514] RIP: 0033:0x7f3a4847b85a [ 105.598297][ T5514] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 f3 7d 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 53 7e 02 00 8b 44 24 [ 105.618803][ T5514] RSP: 002b:00007ffc3240ce70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 105.627338][ T5514] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f3a4847b85a [ 105.635352][ T5514] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 105.643782][ T5514] RBP: 0000000000000032 R08: 0000001b2f560000 R09: 00007f3a4859c12c [ 105.651951][ T5514] R10: 00007ffc3240cfc0 R11: 0000000000000293 R12: 00007f3a48000a20 [ 105.660558][ T5514] R13: ffffffffffffffff R14: 00007f3a48000000 R15: 0000000000019a37 [ 105.669008][ T5514] [ 106.194829][ T4469] Bluetooth: hci0: command 0x041b tx timeout 2024/01/11 17:23:01 executed programs: 21 [ 108.267138][ T4469] Bluetooth: hci0: command 0x040f tx timeout [ 110.344880][ T4469] Bluetooth: hci0: command 0x0419 tx timeout 2024/01/11 17:23:06 executed programs: 99