Warning: Permanently added '10.128.0.144' (ED25519) to the list of known hosts. 2024/01/11 18:25:46 ignoring optional flag "sandboxArg"="0" 2024/01/11 18:25:46 parsed 1 programs 2024/01/11 18:25:46 executed programs: 0 [ 102.298180][ T4465] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 102.307595][ T4465] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 102.316294][ T4465] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 102.324408][ T4465] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 102.332655][ T4465] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 102.340809][ T4465] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 102.507091][ T5429] chnl_net:caif_netlink_parms(): no params data found [ 102.584624][ T5429] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.592074][ T5429] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.599466][ T5429] bridge_slave_0: entered allmulticast mode [ 102.607312][ T5429] bridge_slave_0: entered promiscuous mode [ 102.616529][ T5429] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.623825][ T5429] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.631283][ T5429] bridge_slave_1: entered allmulticast mode [ 102.638564][ T5429] bridge_slave_1: entered promiscuous mode [ 102.674434][ T5429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.688005][ T5429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 102.726429][ T5429] team0: Port device team_slave_0 added [ 102.736967][ T5429] team0: Port device team_slave_1 added [ 102.770689][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.777745][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.804526][ T5429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.818553][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.825684][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.852089][ T5429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.900648][ T5429] hsr_slave_0: entered promiscuous mode [ 102.908302][ T5429] hsr_slave_1: entered promiscuous mode [ 103.979133][ T5429] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 103.992901][ T5429] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 104.007528][ T5429] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 104.021557][ T5429] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 104.169182][ T5429] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.201481][ T5429] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.221647][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.230125][ T5088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.269400][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.276856][ T5088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.387745][ T4465] Bluetooth: hci0: command 0x0409 tx timeout [ 104.583603][ T5429] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.676042][ T5429] veth0_vlan: entered promiscuous mode [ 104.694215][ T5429] veth1_vlan: entered promiscuous mode [ 104.756954][ T5429] veth0_macvtap: entered promiscuous mode [ 104.770958][ T5429] veth1_macvtap: entered promiscuous mode [ 104.805082][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.834974][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.852037][ T5429] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.863081][ T5429] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.880414][ T5429] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.889956][ T5429] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.027555][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.038253][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.086965][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.094845][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.465737][ T4465] Bluetooth: hci0: command 0x041b tx timeout 2024/01/11 18:25:52 executed programs: 3 [ 108.545753][ T4465] Bluetooth: hci0: command 0x040f tx timeout [ 110.625875][ T4465] Bluetooth: hci0: command 0x0419 tx timeout 2024/01/11 18:25:57 executed programs: 9 2024/01/11 18:26:03 executed programs: 16 2024/01/11 18:26:08 executed programs: 23 2024/01/11 18:26:14 executed programs: 30 [ 133.272291][ T1230] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.279331][ T1230] ieee802154 phy1 wpan1: encryption failed: -22 2024/01/11 18:26:19 executed programs: 37 [ 137.572300][ T5947] [ 137.574680][ T5947] ====================================================== [ 137.581713][ T5947] WARNING: possible circular locking dependency detected [ 137.588760][ T5947] 6.7.0-rc8-syzkaller-00126-gac631873c9e7 #0 Not tainted [ 137.595890][ T5947] ------------------------------------------------------ [ 137.602939][ T5947] syz-executor.0/5947 is trying to acquire lock: [ 137.609287][ T5947] ffff8880791c6900 (&rm->m_rs_lock){....}-{2:2}, at: rds_message_put+0x1dd/0xc50 [ 137.618564][ T5947] [ 137.618564][ T5947] but task is already holding lock: [ 137.625978][ T5947] ffff88807cfafa70 (&rs->rs_recv_lock){....}-{2:2}, at: rds_clear_recv_queue+0x33/0x350 [ 137.636038][ T5947] [ 137.636038][ T5947] which lock already depends on the new lock. [ 137.636038][ T5947] [ 137.646644][ T5947] [ 137.646644][ T5947] the existing dependency chain (in reverse order) is: [ 137.655679][ T5947] [ 137.655679][ T5947] -> #1 (&rs->rs_recv_lock){....}-{2:2}: [ 137.663545][ T5947] _raw_read_lock_irqsave+0x46/0x90 [ 137.669392][ T5947] rds_wake_sk_sleep+0x23/0xe0 [ 137.675231][ T5947] rds_send_remove_from_sock+0x1e9/0xa50 [ 137.681428][ T5947] rds_send_path_drop_acked+0x2f4/0x3c0 [ 137.687536][ T5947] rds_tcp_write_space+0x1b5/0x6d0 [ 137.693210][ T5947] tcp_check_space+0x178/0x8c0 [ 137.698621][ T5947] tcp_rcv_established+0x953/0x20e0 [ 137.704368][ T5947] tcp_v4_do_rcv+0x68c/0xa10 [ 137.709514][ T5947] __release_sock+0x132/0x3b0 [ 137.714837][ T5947] release_sock+0x5a/0x1f0 [ 137.719808][ T5947] rds_send_xmit+0x164f/0x2490 [ 137.725132][ T5947] rds_sendmsg+0x2af0/0x31e0 [ 137.730268][ T5947] __sock_sendmsg+0xd5/0x180 [ 137.735498][ T5947] ____sys_sendmsg+0x6ac/0x940 [ 137.740820][ T5947] ___sys_sendmsg+0x135/0x1d0 [ 137.746055][ T5947] __sys_sendmsg+0x117/0x1e0 [ 137.751201][ T5947] do_syscall_64+0x40/0x110 [ 137.756257][ T5947] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 137.762793][ T5947] [ 137.762793][ T5947] -> #0 (&rm->m_rs_lock){....}-{2:2}: [ 137.770554][ T5947] __lock_acquire+0x2433/0x3b20 [ 137.775964][ T5947] lock_acquire+0x1ae/0x520 [ 137.781118][ T5947] _raw_spin_lock_irqsave+0x3a/0x50 [ 137.786918][ T5947] rds_message_put+0x1dd/0xc50 [ 137.792240][ T5947] rds_inc_put+0x13c/0x1a0 [ 137.797306][ T5947] rds_clear_recv_queue+0x14c/0x350 [ 137.803150][ T5947] rds_release+0xdb/0x3c0 [ 137.808033][ T5947] __sock_release+0xae/0x260 [ 137.813440][ T5947] sock_close+0x1c/0x20 [ 137.818247][ T5947] __fput+0x270/0xb70 [ 137.823150][ T5947] __fput_sync+0x47/0x50 [ 137.827955][ T5947] __x64_sys_close+0x87/0xf0 [ 137.833109][ T5947] do_syscall_64+0x40/0x110 [ 137.838177][ T5947] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 137.844649][ T5947] [ 137.844649][ T5947] other info that might help us debug this: [ 137.844649][ T5947] [ 137.855067][ T5947] Possible unsafe locking scenario: [ 137.855067][ T5947] [ 137.862791][ T5947] CPU0 CPU1 [ 137.868176][ T5947] ---- ---- [ 137.873657][ T5947] lock(&rs->rs_recv_lock); [ 137.878283][ T5947] lock(&rm->m_rs_lock); [ 137.885159][ T5947] lock(&rs->rs_recv_lock); [ 137.892297][ T5947] lock(&rm->m_rs_lock); [ 137.896745][ T5947] [ 137.896745][ T5947] *** DEADLOCK *** [ 137.896745][ T5947] [ 137.904925][ T5947] 2 locks held by syz-executor.0/5947: [ 137.910400][ T5947] #0: ffff888062d0c410 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x260 [ 137.921168][ T5947] #1: ffff88807cfafa70 (&rs->rs_recv_lock){....}-{2:2}, at: rds_clear_recv_queue+0x33/0x350 [ 137.931495][ T5947] [ 137.931495][ T5947] stack backtrace: [ 137.937409][ T5947] CPU: 1 PID: 5947 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller-00126-gac631873c9e7 #0 [ 137.947768][ T5947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 137.958109][ T5947] Call Trace: [ 137.961408][ T5947] [ 137.964365][ T5947] dump_stack_lvl+0xd9/0x1b0 [ 137.969080][ T5947] check_noncircular+0x317/0x400 [ 137.974072][ T5947] ? print_circular_bug+0x5c0/0x5c0 [ 137.979495][ T5947] ? hlock_class+0x4e/0x130 [ 137.984122][ T5947] ? mark_lock+0xb5/0xc50 [ 137.988493][ T5947] ? lockdep_lock+0xc6/0x200 [ 137.993119][ T5947] ? hlock_class+0x130/0x130 [ 137.997833][ T5947] __lock_acquire+0x2433/0x3b20 [ 138.002913][ T5947] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 138.008935][ T5947] lock_acquire+0x1ae/0x520 [ 138.013482][ T5947] ? rds_message_put+0x1dd/0xc50 [ 138.018454][ T5947] ? lock_sync+0x190/0x190 [ 138.023012][ T5947] ? lock_acquire+0x1ae/0x520 [ 138.027737][ T5947] _raw_spin_lock_irqsave+0x3a/0x50 [ 138.033062][ T5947] ? rds_message_put+0x1dd/0xc50 [ 138.038123][ T5947] rds_message_put+0x1dd/0xc50 [ 138.043199][ T5947] rds_inc_put+0x13c/0x1a0 [ 138.047740][ T5947] rds_clear_recv_queue+0x14c/0x350 [ 138.053097][ T5947] ? __local_bh_enable_ip+0xa4/0x120 [ 138.058510][ T5947] ? __sock_release+0x260/0x260 [ 138.063405][ T5947] rds_release+0xdb/0x3c0 [ 138.067775][ T5947] ? __sock_release+0x260/0x260 [ 138.072834][ T5947] __sock_release+0xae/0x260 [ 138.077468][ T5947] sock_close+0x1c/0x20 [ 138.081754][ T5947] __fput+0x270/0xb70 [ 138.085865][ T5947] __fput_sync+0x47/0x50 [ 138.090191][ T5947] __x64_sys_close+0x87/0xf0 [ 138.095103][ T5947] do_syscall_64+0x40/0x110 [ 138.099643][ T5947] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 138.105750][ T5947] RIP: 0033:0x7fd9e707b95a [ 138.110362][ T5947] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 f3 7d 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 53 7e 02 00 8b 44 24 [ 138.129999][ T5947] RSP: 002b:00007ffd0bcbff00 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 138.138720][ T5947] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fd9e707b95a [ 138.146814][ T5947] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 138.154831][ T5947] RBP: 00007fd9e719d980 R08: 0000001b2ef60000 R09: 0000000000000001 [ 138.162835][ T5947] R10: 00007ffd0bdce080 R11: 0000000000000293 R12: 000000000002193f [ 138.170929][ T5947] R13: ffffffffffffffff R14: 00007fd9e6c00000 R15: 00000000000215fe [ 138.178936][ T5947] 2024/01/11 18:26:24 executed programs: 43 2024/01/11 18:26:29 executed programs: 52