[ 127.323279][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 188.756465][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 188.762820][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.964217][ T5026] Bluetooth: hci0: command 0x0406 tx timeout [ 250.195599][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 250.201937][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 311.635908][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 311.642282][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 373.076507][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 373.082832][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 434.516047][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 434.522380][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 436.448868][ T10] device hsr_slave_0 left promiscuous mode [ 436.455229][ T10] device hsr_slave_1 left promiscuous mode [ 436.461448][ T10] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 436.469618][ T10] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 436.478639][ T10] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 436.486346][ T10] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 436.495121][ T10] device bridge_slave_1 left promiscuous mode [ 436.501746][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.510164][ T10] device bridge_slave_0 left promiscuous mode [ 436.516486][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 436.527841][ T10] device veth1_macvtap left promiscuous mode [ 436.533884][ T10] device veth0_macvtap left promiscuous mode [ 436.540148][ T10] device veth1_vlan left promiscuous mode [ 436.546918][ T10] device veth0_vlan left promiscuous mode [ 436.686137][ T10] team0 (unregistering): Port device team_slave_1 removed [ 436.698676][ T10] team0 (unregistering): Port device team_slave_0 removed [ 436.716670][ T10] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 436.729704][ T10] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 436.795785][ T10] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.10.25' (ECDSA) to the list of known hosts. [ 437.070771][ T6753] cgroup: Unknown subsys name 'net' [ 437.080845][ T6753] cgroup: Unknown subsys name 'rlimit' [ 437.166054][ T6754] chnl_net:caif_netlink_parms(): no params data found [ 437.220418][ T6754] bridge0: port 1(bridge_slave_0) entered blocking state [ 437.227689][ T6754] bridge0: port 1(bridge_slave_0) entered disabled state [ 437.237548][ T6754] device bridge_slave_0 entered promiscuous mode [ 437.246370][ T6754] bridge0: port 2(bridge_slave_1) entered blocking state [ 437.253529][ T6754] bridge0: port 2(bridge_slave_1) entered disabled state [ 437.262106][ T6754] device bridge_slave_1 entered promiscuous mode [ 437.289707][ T6754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 437.301514][ T6754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 437.335316][ T6754] team0: Port device team_slave_0 added [ 437.343373][ T6754] team0: Port device team_slave_1 added [ 437.370775][ T6754] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 437.377777][ T6754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 437.404424][ T6754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 437.417762][ T6754] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 437.425021][ T6754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 437.451236][ T6754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 437.491319][ T6754] device hsr_slave_0 entered promiscuous mode [ 437.498287][ T6754] device hsr_slave_1 entered promiscuous mode [ 437.604997][ T6754] bridge0: port 2(bridge_slave_1) entered blocking state [ 437.612124][ T6754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 437.619542][ T6754] bridge0: port 1(bridge_slave_0) entered blocking state [ 437.626761][ T6754] bridge0: port 1(bridge_slave_0) entered forwarding state [ 437.683968][ T6754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 437.698895][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 437.708832][ T5037] bridge0: port 1(bridge_slave_0) entered disabled state [ 437.717854][ T5037] bridge0: port 2(bridge_slave_1) entered disabled state [ 437.731250][ T6754] 8021q: adding VLAN 0 to HW filter on device team0 [ 437.745896][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 437.755218][ T5037] bridge0: port 1(bridge_slave_0) entered blocking state [ 437.762304][ T5037] bridge0: port 1(bridge_slave_0) entered forwarding state [ 437.785070][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 437.793675][ T5037] bridge0: port 2(bridge_slave_1) entered blocking state [ 437.800807][ T5037] bridge0: port 2(bridge_slave_1) entered forwarding state [ 437.820536][ T6754] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 437.836282][ T6754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 437.850501][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 437.859697][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 437.868539][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 437.889490][ T6750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 437.903494][ T6754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 437.913288][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 437.921435][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 438.316671][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 438.326143][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 438.349013][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 438.358393][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 438.368347][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 438.376234][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 438.385794][ T6754] device veth0_vlan entered promiscuous mode [ 438.399164][ T6754] device veth1_vlan entered promiscuous mode [ 438.420645][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 438.429344][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 438.438160][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 438.449454][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 438.459882][ T6754] device veth0_macvtap entered promiscuous mode [ 438.472521][ T6754] device veth1_macvtap entered promiscuous mode [ 438.489705][ T6754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 438.498173][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 438.506902][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 438.515952][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 438.524621][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 438.536554][ T6754] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 438.544728][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 438.553373][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 495.956209][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 495.962565][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 557.395859][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 557.402312][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 580.999263][ T8641] [ 581.001613][ T8641] ====================================================== [ 581.008613][ T8641] WARNING: possible circular locking dependency detected [ 581.015604][ T8641] 6.2.0-rc1-syzkaller #0 Not tainted [ 581.020864][ T8641] ------------------------------------------------------ [ 581.027862][ T8641] syz-executor422/8641 is trying to acquire lock: [ 581.034245][ T8641] ffff88807a8e8e30 (&rs->rs_recv_lock){...-}-{2:2}, at: rds_wake_sk_sleep+0x1a/0xc0 [ 581.043681][ T8641] [ 581.043681][ T8641] but task is already holding lock: [ 581.051019][ T8641] ffff88807a63f900 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 581.060998][ T8641] [ 581.060998][ T8641] which lock already depends on the new lock. [ 581.060998][ T8641] [ 581.071375][ T8641] [ 581.071375][ T8641] the existing dependency chain (in reverse order) is: [ 581.080362][ T8641] [ 581.080362][ T8641] -> #1 (&rm->m_rs_lock){..-.}-{2:2}: [ 581.087967][ T8641] _raw_spin_lock_irqsave+0x39/0x50 [ 581.093769][ T8641] rds_message_put+0x16d/0xad0 [ 581.099038][ T8641] rds_clear_recv_queue+0x1c5/0x350 [ 581.104823][ T8641] rds_release+0xca/0x350 [ 581.109649][ T8641] __sock_release+0xbb/0x270 [ 581.114797][ T8641] sock_close+0xf/0x20 [ 581.119452][ T8641] __fput+0x1fa/0x9a0 [ 581.123970][ T8641] task_work_run+0x12b/0x220 [ 581.129192][ T8641] exit_to_user_mode_prepare+0x23c/0x250 [ 581.135432][ T8641] syscall_exit_to_user_mode+0x19/0x50 [ 581.141405][ T8641] do_syscall_64+0x42/0xb0 [ 581.146319][ T8641] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 581.152744][ T8641] [ 581.152744][ T8641] -> #0 (&rs->rs_recv_lock){...-}-{2:2}: [ 581.160558][ T8641] __lock_acquire+0x2a43/0x56d0 [ 581.165961][ T8641] lock_acquire+0x1df/0x630 [ 581.170964][ T8641] _raw_read_lock_irqsave+0x45/0x90 [ 581.176673][ T8641] rds_wake_sk_sleep+0x1a/0xc0 [ 581.181963][ T8641] rds_send_remove_from_sock+0x256/0x9a0 [ 581.188096][ T8641] rds_send_path_drop_acked+0x276/0x360 [ 581.194136][ T8641] rds_tcp_write_space+0x196/0x5a0 [ 581.199808][ T8641] tcp_check_space+0xde/0x730 [ 581.205000][ T8641] tcp_rcv_established+0x7b5/0x2250 [ 581.210693][ T8641] tcp_v4_do_rcv+0x540/0x7f0 [ 581.215796][ T8641] __release_sock+0x113/0x360 [ 581.220975][ T8641] release_sock+0x4a/0x170 [ 581.225898][ T8641] rds_send_xmit+0x87e/0x2360 [ 581.231069][ T8641] rds_sendmsg+0x1d90/0x28d0 [ 581.236153][ T8641] sock_sendmsg+0xab/0xe0 [ 581.240989][ T8641] __sys_sendto+0x1bb/0x290 [ 581.245986][ T8641] __x64_sys_sendto+0xd8/0x1b0 [ 581.251247][ T8641] do_syscall_64+0x35/0xb0 [ 581.256159][ T8641] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 581.262549][ T8641] [ 581.262549][ T8641] other info that might help us debug this: [ 581.262549][ T8641] [ 581.272769][ T8641] Possible unsafe locking scenario: [ 581.272769][ T8641] [ 581.280368][ T8641] CPU0 CPU1 [ 581.285708][ T8641] ---- ---- [ 581.291049][ T8641] lock(&rm->m_rs_lock); [ 581.295358][ T8641] lock(&rs->rs_recv_lock); [ 581.302439][ T8641] lock(&rm->m_rs_lock); [ 581.309260][ T8641] lock(&rs->rs_recv_lock); [ 581.313826][ T8641] [ 581.313826][ T8641] *** DEADLOCK *** [ 581.313826][ T8641] [ 581.322033][ T8641] 3 locks held by syz-executor422/8641: [ 581.327578][ T8641] #0: ffff88807e4dcff0 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sock_set_cork+0xe/0x70 [ 581.337382][ T8641] #1: ffff88807e4dd278 (k-clock-AF_INET){++.-}-{2:2}, at: rds_tcp_write_space+0x20/0x5a0 [ 581.347271][ T8641] #2: ffff88807a63f900 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 581.357691][ T8641] [ 581.357691][ T8641] stack backtrace: [ 581.363563][ T8641] CPU: 0 PID: 8641 Comm: syz-executor422 Not tainted 6.2.0-rc1-syzkaller #0 [ 581.372213][ T8641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 581.382247][ T8641] Call Trace: [ 581.385511][ T8641] [ 581.388426][ T8641] dump_stack_lvl+0x57/0x7d [ 581.392922][ T8641] check_noncircular+0x25f/0x2e0 [ 581.397842][ T8641] ? print_circular_bug+0x1e0/0x1e0 [ 581.403018][ T8641] ? register_lock_class+0xbe/0x1120 [ 581.408278][ T8641] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 581.414062][ T8641] ? __stack_depot_save+0x260/0x560 [ 581.419259][ T8641] ? is_dynamic_key.part.0+0x130/0x130 [ 581.424692][ T8641] __lock_acquire+0x2a43/0x56d0 [ 581.429517][ T8641] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 581.435482][ T8641] ? zlib_inflate+0x4e5d/0x6560 [ 581.440357][ T8641] ? lock_chain_count+0x20/0x20 [ 581.445204][ T8641] ? debug_check_no_obj_freed+0x20c/0x420 [ 581.450900][ T8641] lock_acquire+0x1df/0x630 [ 581.455390][ T8641] ? rds_wake_sk_sleep+0x1a/0xc0 [ 581.460317][ T8641] ? lock_release+0x810/0x810 [ 581.464980][ T8641] ? lock_release+0x810/0x810 [ 581.469634][ T8641] ? do_raw_spin_lock+0x120/0x2a0 [ 581.474651][ T8641] ? rwlock_bug.part.0+0x90/0x90 [ 581.479563][ T8641] ? lockdep_hardirqs_on_prepare+0x17b/0x400 [ 581.485521][ T8641] _raw_read_lock_irqsave+0x45/0x90 [ 581.490698][ T8641] ? rds_wake_sk_sleep+0x1a/0xc0 [ 581.495611][ T8641] rds_wake_sk_sleep+0x1a/0xc0 [ 581.500353][ T8641] rds_send_remove_from_sock+0x256/0x9a0 [ 581.506065][ T8641] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 581.511846][ T8641] rds_send_path_drop_acked+0x276/0x360 [ 581.517393][ T8641] ? rds_tcp_recv_exit+0x10/0x10 [ 581.522308][ T8641] ? rds_send_remove_from_sock+0x9a0/0x9a0 [ 581.528089][ T8641] ? mark_held_locks+0x9f/0xe0 [ 581.532848][ T8641] ? sk_stream_wait_close+0x300/0x300 [ 581.538197][ T8641] rds_tcp_write_space+0x196/0x5a0 [ 581.543282][ T8641] tcp_check_space+0xde/0x730 [ 581.547936][ T8641] tcp_rcv_established+0x7b5/0x2250 [ 581.553109][ T8641] ? __release_sock+0xc2/0x360 [ 581.557849][ T8641] ? tcp_check_space+0x730/0x730 [ 581.562763][ T8641] tcp_v4_do_rcv+0x540/0x7f0 [ 581.567326][ T8641] __release_sock+0x113/0x360 [ 581.571980][ T8641] release_sock+0x4a/0x170 [ 581.576372][ T8641] rds_send_xmit+0x87e/0x2360 [ 581.581029][ T8641] ? lockdep_hardirqs_on_prepare+0x17b/0x400 [ 581.587070][ T8641] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 581.592852][ T8641] ? lockdep_hardirqs_on+0x79/0x100 [ 581.598025][ T8641] ? rds_rdma_send_complete+0x470/0x470 [ 581.603545][ T8641] ? rds_send_queue_rm+0x4bc/0x6c0 [ 581.608630][ T8641] rds_sendmsg+0x1d90/0x28d0 [ 581.613196][ T8641] ? rds_send_drop_to+0x1380/0x1380 [ 581.618366][ T8641] ? selinux_socket_getpeername+0x2a0/0x2a0 [ 581.624305][ T8641] ? tomoyo_socket_bind_permission+0x2c0/0x2c0 [ 581.630460][ T8641] ? __fget_files+0x1bf/0x3a0 [ 581.635119][ T8641] ? rds_send_drop_to+0x1380/0x1380 [ 581.640289][ T8641] sock_sendmsg+0xab/0xe0 [ 581.644598][ T8641] __sys_sendto+0x1bb/0x290 [ 581.649076][ T8641] ? __ia32_sys_getpeername+0xa0/0xa0 [ 581.654422][ T8641] ? lock_downgrade+0x6e0/0x6e0 [ 581.659247][ T8641] ? lock_downgrade+0x6e0/0x6e0 [ 581.664078][ T8641] __x64_sys_sendto+0xd8/0x1b0 [ 581.668815][ T8641] ? syscall_enter_from_user_mode+0x22/0xb0 [ 581.674681][ T8641] do_syscall_64+0x35/0xb0 [ 581.679067][ T8641] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 581.684935][ T8641] RIP: 0033:0x7f2b67794139 [ 581.689326][ T8641] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 581.708926][ T8641] RSP: 002b:00007f2b67741308 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 581.717313][ T8641] RAX: ffffffffffffffda RBX: 00007f2b6781d4c8 RCX: 00007f2b67794139 [ 581.725262][ T8641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 581.733210][ T8641] RBP: 00007f2b6781d4c0 R08: 0000000000000000 R09: 0000000000000000 [ 581.741159][ T8641] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2b677ea5d0 [ 581.749109][ T8641] R13: 00007ffcbc233aaf R14: 00007f2b67741400 R15: 0000000000022000 [ 581.757059][ T8641]