Warning: Permanently added '10.128.1.21' (ED25519) to the list of known hosts. 1970/01/01 00:00:58 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:00:59 parsed 1 programs 1970/01/01 00:00:59 executed programs: 0 [ 59.208648][ T5671] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.211013][ T5671] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.213608][ T5671] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.215845][ T5671] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.218154][ T5671] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.220014][ T5671] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.284891][ T6453] chnl_net:caif_netlink_parms(): no params data found [ 59.311490][ T6453] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.313574][ T6453] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.315360][ T6453] bridge_slave_0: entered allmulticast mode [ 59.317740][ T6453] bridge_slave_0: entered promiscuous mode [ 59.320452][ T6453] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.323022][ T6453] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.324824][ T6453] bridge_slave_1: entered allmulticast mode [ 59.326722][ T6453] bridge_slave_1: entered promiscuous mode [ 59.337926][ T6453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.341406][ T6453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.354918][ T6453] team0: Port device team_slave_0 added [ 59.357378][ T6453] team0: Port device team_slave_1 added [ 59.368429][ T6453] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.370112][ T6453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.376456][ T6453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.380823][ T6453] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.382580][ T6453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.388569][ T6453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.453719][ T6453] hsr_slave_0: entered promiscuous mode [ 59.492160][ T6453] hsr_slave_1: entered promiscuous mode [ 60.259484][ T6453] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 60.324055][ T6453] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 60.363331][ T6453] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 60.417356][ T6453] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 60.490352][ T6453] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.501071][ T6453] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.506488][ T5678] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.508186][ T5678] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.515033][ T6100] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.516811][ T6100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.607976][ T6453] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.629286][ T6453] veth0_vlan: entered promiscuous mode [ 60.635313][ T6453] veth1_vlan: entered promiscuous mode [ 60.651716][ T6453] veth0_macvtap: entered promiscuous mode [ 60.656868][ T6453] veth1_macvtap: entered promiscuous mode [ 60.665747][ T6453] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.671444][ T6453] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.677647][ T6453] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.679670][ T6453] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.681664][ T6453] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.685316][ T6453] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.728266][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.730277][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.747228][ T513] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.748989][ T513] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.293240][ T50] Bluetooth: hci0: command 0x0409 tx timeout [ 63.372071][ T50] Bluetooth: hci0: command 0x041b tx timeout 1970/01/01 00:01:04 executed programs: 4 [ 64.494088][ T2219] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.495724][ T2219] ieee802154 phy1 wpan1: encryption failed: -22 [ 65.452005][ T50] Bluetooth: hci0: command 0x040f tx timeout [ 67.532358][ T50] Bluetooth: hci0: command 0x0419 tx timeout 1970/01/01 00:01:09 executed programs: 10 [ 69.380359][ T6855] [ 69.380973][ T6855] ====================================================== [ 69.382534][ T6855] WARNING: possible circular locking dependency detected [ 69.384255][ T6855] 6.7.0-rc6-syzkaller-00090-gaafe7ad77b91 #0 Not tainted [ 69.385865][ T6855] ------------------------------------------------------ [ 69.387603][ T6855] syz-executor.0/6855 is trying to acquire lock: [ 69.389032][ T6855] ffff0000d9038630 (&rs->rs_recv_lock){....}-{2:2}, at: rds_wake_sk_sleep+0x34/0xc8 [ 69.391243][ T6855] [ 69.391243][ T6855] but task is already holding lock: [ 69.393061][ T6855] ffff0000d8b3c900 (&rm->m_rs_lock){....}-{2:2}, at: rds_send_remove_from_sock+0x134/0x78c [ 69.395359][ T6855] [ 69.395359][ T6855] which lock already depends on the new lock. [ 69.395359][ T6855] [ 69.397935][ T6855] [ 69.397935][ T6855] the existing dependency chain (in reverse order) is: [ 69.400095][ T6855] [ 69.400095][ T6855] -> #1 (&rm->m_rs_lock){....}-{2:2}: [ 69.401844][ T6855] _raw_spin_lock_irqsave+0x5c/0x7c [ 69.403172][ T6855] rds_message_put+0x130/0xb30 [ 69.404327][ T6855] rds_loop_inc_free+0x20/0x30 [ 69.405700][ T6855] rds_clear_recv_queue+0x288/0x384 [ 69.407126][ T6855] rds_release+0xbc/0x2d0 [ 69.408308][ T6855] sock_close+0xa4/0x1e8 [ 69.409396][ T6855] __fput+0x308/0x8e4 [ 69.410449][ T6855] __fput_sync+0x60/0x9c [ 69.411611][ T6855] __arm64_sys_close+0x150/0x1e0 [ 69.412919][ T6855] invoke_syscall+0x98/0x2b8 [ 69.414271][ T6855] el0_svc_common+0x130/0x23c [ 69.415434][ T6855] do_el0_svc+0x48/0x58 [ 69.416504][ T6855] el0_svc+0x54/0x158 [ 69.417580][ T6855] el0t_64_sync_handler+0x84/0xfc [ 69.418861][ T6855] el0t_64_sync+0x190/0x194 [ 69.420013][ T6855] [ 69.420013][ T6855] -> #0 (&rs->rs_recv_lock){....}-{2:2}: [ 69.421920][ T6855] __lock_acquire+0x3384/0x763c [ 69.423052][ T6855] lock_acquire+0x23c/0x71c [ 69.424302][ T6855] _raw_read_lock_irqsave+0x6c/0x8c [ 69.425654][ T6855] rds_wake_sk_sleep+0x34/0xc8 [ 69.426908][ T6855] rds_send_remove_from_sock+0x1a4/0x78c [ 69.428316][ T6855] rds_send_path_drop_acked+0x390/0x3f0 [ 69.429678][ T6855] rds_tcp_write_space+0x1a8/0x598 [ 69.431054][ T6855] tcp_check_space+0x150/0x888 [ 69.432293][ T6855] tcp_rcv_established+0xe5c/0x1ff0 [ 69.433676][ T6855] tcp_v4_do_rcv+0x3b0/0xe08 [ 69.434942][ T6855] __release_sock+0x1a8/0x408 [ 69.436096][ T6855] release_sock+0x68/0x1b8 [ 69.437142][ T6855] tcp_sock_set_cork+0x100/0x188 [ 69.438335][ T6855] rds_tcp_xmit_path_complete+0x7c/0x8c [ 69.439800][ T6855] rds_send_xmit+0x197c/0x22a8 [ 69.440962][ T6855] rds_sendmsg+0x1674/0x1c34 [ 69.442205][ T6855] ____sys_sendmsg+0x56c/0x840 [ 69.443513][ T6855] __sys_sendmsg+0x26c/0x33c [ 69.444782][ T6855] __arm64_sys_sendmsg+0x80/0x94 [ 69.446136][ T6855] invoke_syscall+0x98/0x2b8 [ 69.447389][ T6855] el0_svc_common+0x130/0x23c [ 69.448627][ T6855] do_el0_svc+0x48/0x58 [ 69.449747][ T6855] el0_svc+0x54/0x158 [ 69.450824][ T6855] el0t_64_sync_handler+0x84/0xfc [ 69.452154][ T6855] el0t_64_sync+0x190/0x194 [ 69.453361][ T6855] [ 69.453361][ T6855] other info that might help us debug this: [ 69.453361][ T6855] [ 69.455769][ T6855] Possible unsafe locking scenario: [ 69.455769][ T6855] [ 69.457615][ T6855] CPU0 CPU1 [ 69.458808][ T6855] ---- ---- [ 69.460014][ T6855] lock(&rm->m_rs_lock); [ 69.461122][ T6855] lock(&rs->rs_recv_lock); [ 69.462899][ T6855] lock(&rm->m_rs_lock); [ 69.464446][ T6855] rlock(&rs->rs_recv_lock); [ 69.465576][ T6855] [ 69.465576][ T6855] *** DEADLOCK *** [ 69.465576][ T6855] [ 69.467455][ T6855] 3 locks held by syz-executor.0/6855: [ 69.468715][ T6855] #0: ffff0000c725a5f0 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sock_set_cork+0x38/0x188 [ 69.471120][ T6855] #1: ffff0000c725a878 (k-clock-AF_INET){++.-}-{2:2}, at: rds_tcp_write_space+0x38/0x598 [ 69.473452][ T6855] #2: ffff0000d8b3c900 (&rm->m_rs_lock){....}-{2:2}, at: rds_send_remove_from_sock+0x134/0x78c [ 69.475850][ T6855] [ 69.475850][ T6855] stack backtrace: [ 69.477193][ T6855] CPU: 0 PID: 6855 Comm: syz-executor.0 Not tainted 6.7.0-rc6-syzkaller-00090-gaafe7ad77b91 #0 [ 69.479651][ T6855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 69.482111][ T6855] Call trace: [ 69.482800][ T6855] dump_backtrace+0x1b8/0x1e4 [ 69.483970][ T6855] show_stack+0x2c/0x3c [ 69.484937][ T6855] dump_stack_lvl+0xd0/0x124 [ 69.486085][ T6855] dump_stack+0x1c/0x28 [ 69.487109][ T6855] print_circular_bug+0x150/0x1b8 [ 69.488365][ T6855] check_noncircular+0x310/0x404 [ 69.489525][ T6855] __lock_acquire+0x3384/0x763c [ 69.490599][ T6855] lock_acquire+0x23c/0x71c [ 69.491608][ T6855] _raw_read_lock_irqsave+0x6c/0x8c [ 69.492743][ T6855] rds_wake_sk_sleep+0x34/0xc8 [ 69.493809][ T6855] rds_send_remove_from_sock+0x1a4/0x78c [ 69.495014][ T6855] rds_send_path_drop_acked+0x390/0x3f0 [ 69.496368][ T6855] rds_tcp_write_space+0x1a8/0x598 [ 69.497548][ T6855] tcp_check_space+0x150/0x888 [ 69.498683][ T6855] tcp_rcv_established+0xe5c/0x1ff0 [ 69.499789][ T6855] tcp_v4_do_rcv+0x3b0/0xe08 [ 69.500861][ T6855] __release_sock+0x1a8/0x408 [ 69.502010][ T6855] release_sock+0x68/0x1b8 [ 69.503055][ T6855] tcp_sock_set_cork+0x100/0x188 [ 69.504175][ T6855] rds_tcp_xmit_path_complete+0x7c/0x8c [ 69.505503][ T6855] rds_send_xmit+0x197c/0x22a8 [ 69.506574][ T6855] rds_sendmsg+0x1674/0x1c34 [ 69.507651][ T6855] ____sys_sendmsg+0x56c/0x840 [ 69.508912][ T6855] __sys_sendmsg+0x26c/0x33c [ 69.509887][ T6855] __arm64_sys_sendmsg+0x80/0x94 [ 69.510778][ T6855] invoke_syscall+0x98/0x2b8 [ 69.511563][ T6855] el0_svc_common+0x130/0x23c [ 69.512368][ T6855] do_el0_svc+0x48/0x58 [ 69.513063][ T6855] el0_svc+0x54/0x158 [ 69.513758][ T6855] el0t_64_sync_handler+0x84/0xfc [ 69.514885][ T6855] el0t_64_sync+0x190/0x194 [ 69.612288][ T23] cfg80211: failed to load regulatory.db 1970/01/01 00:01:14 executed programs: 17