Warning: Permanently added '10.128.1.54' (ECDSA) to the list of known hosts. 2023/04/14 22:44:53 ignoring optional flag "sandboxArg"="0" 2023/04/14 22:44:53 parsed 1 programs 2023/04/14 22:44:53 executed programs: 0 [ 69.415659][ T5083] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.429982][ T5083] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.437856][ T5083] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.446155][ T5083] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.457662][ T5083] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.465308][ T5083] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.582025][ T5499] chnl_net:caif_netlink_parms(): no params data found [ 69.622706][ T5499] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.630351][ T5499] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.637557][ T5499] bridge_slave_0: entered allmulticast mode [ 69.644398][ T5499] bridge_slave_0: entered promiscuous mode [ 69.652294][ T5499] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.659429][ T5499] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.666568][ T5499] bridge_slave_1: entered allmulticast mode [ 69.673640][ T5499] bridge_slave_1: entered promiscuous mode [ 69.695090][ T5499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.706025][ T5499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.726723][ T5499] team0: Port device team_slave_0 added [ 69.733980][ T5499] team0: Port device team_slave_1 added [ 69.750572][ T5499] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.757550][ T5499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.784004][ T5499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.796299][ T5499] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.803929][ T5499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.831088][ T5499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.866756][ T5499] hsr_slave_0: entered promiscuous mode [ 69.873294][ T5499] hsr_slave_1: entered promiscuous mode [ 70.359133][ T5499] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.369567][ T5499] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.379519][ T5499] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.389415][ T5499] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.412176][ T5499] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.419352][ T5499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.426715][ T5499] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.433872][ T5499] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.484824][ T5499] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.500338][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.510076][ T898] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.517682][ T898] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.526027][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 70.540236][ T5499] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.552249][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.561325][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.568512][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.592814][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.602282][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.612196][ T5095] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.619347][ T5095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.627580][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.640291][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.650355][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 70.660212][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.670383][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.679407][ T5095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.693250][ T5499] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 70.706437][ T5499] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.719830][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.727720][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.737515][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.748170][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.757452][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.769541][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.907762][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.916895][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.928372][ T5499] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.950712][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 70.960244][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.980709][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 70.990502][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 71.000610][ T5499] veth0_vlan: entered promiscuous mode [ 71.010541][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 71.018306][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 71.029612][ T5499] veth1_vlan: entered promiscuous mode [ 71.051613][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 71.060346][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 71.068612][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 71.077696][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 71.087926][ T5499] veth0_macvtap: entered promiscuous mode [ 71.100775][ T5499] veth1_macvtap: entered promiscuous mode [ 71.117071][ T5499] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.125913][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 71.135847][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 71.144486][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 71.154803][ T898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 71.166173][ T5499] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.175493][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 71.184985][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.196683][ T5499] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.206684][ T5499] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.216591][ T5499] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.225831][ T5499] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.296163][ T928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.310783][ T928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.331848][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 71.347832][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.356264][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.367245][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 71.499847][ T5083] Bluetooth: hci0: command 0x0409 tx timeout [ 73.589056][ T5083] Bluetooth: hci0: command 0x041b tx timeout 2023/04/14 22:44:58 executed programs: 56 [ 75.322163][ T928] [ 75.324520][ T928] ====================================================== [ 75.331525][ T928] WARNING: possible circular locking dependency detected [ 75.338534][ T928] 6.3.0-rc6-syzkaller #0 Not tainted [ 75.343783][ T928] ------------------------------------------------------ [ 75.350769][ T928] kworker/u4:4/928 is trying to acquire lock: [ 75.356885][ T928] ffff8880786f8df0 (&rs->rs_recv_lock){...-}-{2:2}, at: rds_wake_sk_sleep+0x1e/0xc0 [ 75.366232][ T928] [ 75.366232][ T928] but task is already holding lock: [ 75.373615][ T928] ffff888146a53900 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 75.383577][ T928] [ 75.383577][ T928] which lock already depends on the new lock. [ 75.383577][ T928] [ 75.393971][ T928] [ 75.393971][ T928] the existing dependency chain (in reverse order) is: [ 75.403218][ T928] [ 75.403218][ T928] -> #1 (&rm->m_rs_lock){..-.}-{2:2}: [ 75.410919][ T928] _raw_spin_lock_irqsave+0x3d/0x60 [ 75.416626][ T928] rds_message_put+0x171/0xab0 [ 75.421893][ T928] rds_clear_recv_queue+0x1c9/0x350 [ 75.427577][ T928] rds_release+0xce/0x360 [ 75.432403][ T928] __sock_release+0xbb/0x280 [ 75.437568][ T928] sock_close+0x13/0x20 [ 75.442209][ T928] __fput+0x1fa/0x9a0 [ 75.446680][ T928] task_work_run+0x12f/0x220 [ 75.451760][ T928] exit_to_user_mode_prepare+0x210/0x240 [ 75.457879][ T928] syscall_exit_to_user_mode+0x1d/0x50 [ 75.463825][ T928] do_syscall_64+0x46/0xb0 [ 75.468729][ T928] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 75.475109][ T928] [ 75.475109][ T928] -> #0 (&rs->rs_recv_lock){...-}-{2:2}: [ 75.483002][ T928] __lock_acquire+0x2ec7/0x5d40 [ 75.488369][ T928] lock_acquire+0x1af/0x520 [ 75.493378][ T928] _raw_read_lock_irqsave+0x49/0x90 [ 75.499078][ T928] rds_wake_sk_sleep+0x1e/0xc0 [ 75.504513][ T928] rds_send_remove_from_sock+0x256/0x9a0 [ 75.510636][ T928] rds_send_path_drop_acked+0x27a/0x360 [ 75.516671][ T928] rds_tcp_write_space+0x19a/0x5c0 [ 75.522271][ T928] tcp_check_space+0xe2/0x730 [ 75.527444][ T928] tcp_rcv_established+0x763/0x2030 [ 75.533153][ T928] tcp_v4_do_rcv+0x53b/0x800 [ 75.538231][ T928] __release_sock+0x117/0x360 [ 75.543393][ T928] release_sock+0x4e/0x170 [ 75.548308][ T928] rds_send_xmit+0x882/0x2380 [ 75.553485][ T928] rds_send_worker+0x7b/0x270 [ 75.558703][ T928] process_one_work+0x865/0x1400 [ 75.564242][ T928] worker_thread+0x59c/0xec0 [ 75.569318][ T928] kthread+0x298/0x340 [ 75.574310][ T928] ret_from_fork+0x1f/0x30 [ 75.579216][ T928] [ 75.579216][ T928] other info that might help us debug this: [ 75.579216][ T928] [ 75.589415][ T928] Possible unsafe locking scenario: [ 75.589415][ T928] [ 75.596849][ T928] CPU0 CPU1 [ 75.602881][ T928] ---- ---- [ 75.608490][ T928] lock(&rm->m_rs_lock); [ 75.612891][ T928] lock(&rs->rs_recv_lock); [ 75.621008][ T928] lock(&rm->m_rs_lock); [ 75.627931][ T928] lock(&rs->rs_recv_lock); [ 75.632509][ T928] [ 75.632509][ T928] *** DEADLOCK *** [ 75.632509][ T928] [ 75.640764][ T928] 5 locks held by kworker/u4:4/928: [ 75.645936][ T928] #0: ffff888026b9c138 ((wq_completion)krdsd){+.+.}-{0:0}, at: process_one_work+0x78a/0x1400 [ 75.656156][ T928] #1: ffffc90004bbfdb8 ((work_completion)(&(&cp->cp_send_w)->work)){+.+.}-{0:0}, at: process_one_work+0x7b7/0x1400 [ 75.668540][ T928] #2: ffff888028d219b0 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sock_set_cork+0x12/0x70 [ 75.678323][ T928] #3: ffff888028d21c38 (k-clock-AF_INET){++.-}-{2:2}, at: rds_tcp_write_space+0x24/0x5c0 [ 75.688200][ T928] #4: ffff888146a53900 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 75.698787][ T928] [ 75.698787][ T928] stack backtrace: [ 75.704682][ T928] CPU: 1 PID: 928 Comm: kworker/u4:4 Not tainted 6.3.0-rc6-syzkaller #0 [ 75.713151][ T928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023 [ 75.723201][ T928] Workqueue: krdsd rds_send_worker [ 75.728319][ T928] Call Trace: [ 75.731599][ T928] [ 75.734516][ T928] dump_stack_lvl+0x64/0xb0 [ 75.739028][ T928] check_noncircular+0x25f/0x2e0 [ 75.743947][ T928] ? register_lock_class+0xbe/0x1120 [ 75.749235][ T928] ? print_circular_bug+0x5c0/0x5c0 [ 75.754664][ T928] ? register_lock_class+0xbe/0x1120 [ 75.759922][ T928] ? is_dynamic_key.part.0+0x190/0x190 [ 75.765406][ T928] ? kasan_set_track+0x25/0x30 [ 75.770341][ T928] ? kasan_save_free_info+0x2e/0x40 [ 75.775603][ T928] ? ____kasan_slab_free+0x160/0x1c0 [ 75.780894][ T928] ? slab_free_freelist_hook+0x8b/0x1c0 [ 75.786480][ T928] ? __kmem_cache_free+0xaf/0x2d0 [ 75.791603][ T928] ? rds_send_remove_from_sock+0x451/0x9a0 [ 75.797487][ T928] __lock_acquire+0x2ec7/0x5d40 [ 75.802337][ T928] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 75.808291][ T928] ? lock_downgrade+0x690/0x690 [ 75.813128][ T928] ? mark_held_locks+0x9f/0xe0 [ 75.817870][ T928] lock_acquire+0x1af/0x520 [ 75.822374][ T928] ? rds_wake_sk_sleep+0x1e/0xc0 [ 75.827299][ T928] ? lock_release+0x670/0x670 [ 75.832028][ T928] ? lock_release+0x670/0x670 [ 75.836681][ T928] ? do_raw_spin_lock+0x124/0x2b0 [ 75.841762][ T928] ? spin_bug+0x1c0/0x1c0 [ 75.846146][ T928] _raw_read_lock_irqsave+0x49/0x90 [ 75.851343][ T928] ? rds_wake_sk_sleep+0x1e/0xc0 [ 75.856555][ T928] rds_wake_sk_sleep+0x1e/0xc0 [ 75.861302][ T928] rds_send_remove_from_sock+0x256/0x9a0 [ 75.867008][ T928] ? _raw_spin_unlock_irqrestore+0x54/0x70 [ 75.872899][ T928] rds_send_path_drop_acked+0x27a/0x360 [ 75.878672][ T928] ? rds_tcp_recv_exit+0x10/0x10 [ 75.883590][ T928] ? rds_send_remove_from_sock+0x9a0/0x9a0 [ 75.889379][ T928] ? sk_stream_wait_close+0x310/0x310 [ 75.894978][ T928] rds_tcp_write_space+0x19a/0x5c0 [ 75.900057][ T928] tcp_check_space+0xe2/0x730 [ 75.904707][ T928] tcp_rcv_established+0x763/0x2030 [ 75.909871][ T928] ? __release_sock+0xc6/0x360 [ 75.914615][ T928] ? tcp_check_space+0x730/0x730 [ 75.919519][ T928] tcp_v4_do_rcv+0x53b/0x800 [ 75.924192][ T928] __release_sock+0x117/0x360 [ 75.928839][ T928] release_sock+0x4e/0x170 [ 75.933225][ T928] rds_send_xmit+0x882/0x2380 [ 75.937973][ T928] ? lock_release+0x670/0x670 [ 75.942721][ T928] ? rds_send_mprds_hash+0x3e0/0x3e0 [ 75.947990][ T928] rds_send_worker+0x7b/0x270 [ 75.952740][ T928] process_one_work+0x865/0x1400 [ 75.957648][ T928] ? lock_release+0x670/0x670 [ 75.962305][ T928] ? pwq_dec_nr_in_flight+0x230/0x230 [ 75.967672][ T928] ? spin_bug+0x1c0/0x1c0 [ 75.971971][ T928] worker_thread+0x59c/0xec0 [ 75.976524][ T928] ? __kthread_parkme+0xc1/0x1f0 [ 75.981427][ T928] ? process_one_work+0x1400/0x1400 [ 75.986978][ T928] kthread+0x298/0x340 [ 75.991236][ T928] ? kthread_complete_and_exit+0x20/0x20 [ 75.996947][ T928] ret_from_fork+0x1f/0x30 [ 76.001523][ T928] [ 76.006970][ T5083] Bluetooth: hci0: command 0x040f tx timeout [ 77.749171][ T895] cfg80211: failed to load regulatory.db [ 78.059460][ T5083] Bluetooth: hci0: command 0x0419 tx timeout 2023/04/14 22:45:03 executed programs: 184 2023/04/14 22:45:08 executed programs: 361