[ 127.564880][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 188.998813][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 189.005139][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.196965][ T4353] Bluetooth: hci0: command 0x0406 tx timeout [ 250.438287][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 250.444606][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 311.880746][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 311.887205][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 373.318737][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 373.325051][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 429.508427][ T2405] hsr_slave_0: left promiscuous mode [ 429.515614][ T2405] hsr_slave_1: left promiscuous mode [ 429.522851][ T2405] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 429.530690][ T2405] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 429.539503][ T2405] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 429.547839][ T2405] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 429.556012][ T2405] bridge_slave_1: left allmulticast mode [ 429.562030][ T2405] bridge_slave_1: left promiscuous mode [ 429.567816][ T2405] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.575658][ T2405] bridge_slave_0: left allmulticast mode [ 429.581685][ T2405] bridge_slave_0: left promiscuous mode [ 429.587585][ T2405] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.597494][ T2405] veth1_macvtap: left promiscuous mode [ 429.603200][ T2405] veth0_macvtap: left promiscuous mode [ 429.609075][ T2405] veth1_vlan: left promiscuous mode [ 429.614417][ T2405] veth0_vlan: left promiscuous mode [ 429.762435][ T2405] team0 (unregistering): Port device team_slave_1 removed [ 429.776411][ T2405] team0 (unregistering): Port device team_slave_0 removed [ 429.792185][ T2405] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 429.814055][ T2405] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 429.878333][ T2405] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.10.28' (ECDSA) to the list of known hosts. [ 430.852505][ T6757] cgroup: Unknown subsys name 'net' [ 430.864663][ T6757] cgroup: Unknown subsys name 'rlimit' [ 430.935637][ T6758] chnl_net:caif_netlink_parms(): no params data found [ 430.971165][ T6758] bridge0: port 1(bridge_slave_0) entered blocking state [ 430.978336][ T6758] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.985505][ T6758] bridge_slave_0: entered allmulticast mode [ 430.992367][ T6758] bridge_slave_0: entered promiscuous mode [ 430.999636][ T6758] bridge0: port 2(bridge_slave_1) entered blocking state [ 431.007140][ T6758] bridge0: port 2(bridge_slave_1) entered disabled state [ 431.014434][ T6758] bridge_slave_1: entered allmulticast mode [ 431.021938][ T6758] bridge_slave_1: entered promiscuous mode [ 431.041450][ T6758] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 431.052338][ T6758] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 431.074719][ T6758] team0: Port device team_slave_0 added [ 431.081860][ T6758] team0: Port device team_slave_1 added [ 431.097002][ T6758] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 431.104075][ T6758] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 431.130651][ T6758] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 431.143525][ T6758] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 431.150713][ T6758] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 431.177090][ T6758] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 431.201703][ T6758] hsr_slave_0: entered promiscuous mode [ 431.207895][ T6758] hsr_slave_1: entered promiscuous mode [ 431.261644][ T6758] bridge0: port 2(bridge_slave_1) entered blocking state [ 431.268773][ T6758] bridge0: port 2(bridge_slave_1) entered forwarding state [ 431.276045][ T6758] bridge0: port 1(bridge_slave_0) entered blocking state [ 431.283316][ T6758] bridge0: port 1(bridge_slave_0) entered forwarding state [ 431.313539][ T6758] 8021q: adding VLAN 0 to HW filter on device bond0 [ 431.326302][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 431.334641][ T5042] bridge0: port 1(bridge_slave_0) entered disabled state [ 431.342727][ T5042] bridge0: port 2(bridge_slave_1) entered disabled state [ 431.350659][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 431.362112][ T6758] 8021q: adding VLAN 0 to HW filter on device team0 [ 431.372133][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 431.380528][ T5042] bridge0: port 1(bridge_slave_0) entered blocking state [ 431.387665][ T5042] bridge0: port 1(bridge_slave_0) entered forwarding state [ 431.397709][ T2463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 431.406312][ T2463] bridge0: port 2(bridge_slave_1) entered blocking state [ 431.413414][ T2463] bridge0: port 2(bridge_slave_1) entered forwarding state [ 431.429827][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 431.440421][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 431.453614][ T6758] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 431.464383][ T6758] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 431.476460][ T2463] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 431.485275][ T2463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 431.493553][ T2463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 431.502678][ T2463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 431.519577][ T6758] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 431.527224][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 431.534773][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 431.695660][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 431.712366][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 431.721389][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 431.729107][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 431.738917][ T6758] veth0_vlan: entered promiscuous mode [ 431.748964][ T6758] veth1_vlan: entered promiscuous mode [ 431.765163][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 431.773471][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 431.781942][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 431.792089][ T6758] veth0_macvtap: entered promiscuous mode [ 431.800611][ T6758] veth1_macvtap: entered promiscuous mode [ 431.813903][ T6758] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 431.821898][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 431.831914][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 431.842398][ T6758] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 431.851100][ T5030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 434.768058][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 434.774373][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 496.208114][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 496.214430][ T1211] ieee802154 phy1 wpan1: encryption failed: -22 [ 554.711382][ T8407] [ 554.713810][ T8407] ====================================================== [ 554.721088][ T8407] WARNING: possible circular locking dependency detected [ 554.728175][ T8407] 6.3.0-rc4-syzkaller #0 Not tainted [ 554.733528][ T8407] ------------------------------------------------------ [ 554.740600][ T8407] syz-executor227/8407 is trying to acquire lock: [ 554.746981][ T8407] ffff8880288ed670 (&rs->rs_recv_lock){...-}-{2:2}, at: rds_wake_sk_sleep+0x1a/0xc0 [ 554.756544][ T8407] [ 554.756544][ T8407] but task is already holding lock: [ 554.763893][ T8407] ffff88807b543100 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 554.773914][ T8407] [ 554.773914][ T8407] which lock already depends on the new lock. [ 554.773914][ T8407] [ 554.784390][ T8407] [ 554.784390][ T8407] the existing dependency chain (in reverse order) is: [ 554.793836][ T8407] [ 554.793836][ T8407] -> #1 (&rm->m_rs_lock){..-.}-{2:2}: [ 554.804045][ T8407] _raw_spin_lock_irqsave+0x39/0x50 [ 554.809779][ T8407] rds_message_put+0x16d/0xab0 [ 554.815038][ T8407] rds_clear_recv_queue+0x1c5/0x350 [ 554.820723][ T8407] rds_release+0xca/0x350 [ 554.825762][ T8407] __sock_release+0xbb/0x280 [ 554.830929][ T8407] sock_close+0xf/0x20 [ 554.835771][ T8407] __fput+0x1fa/0x9a0 [ 554.840390][ T8407] task_work_run+0x12b/0x220 [ 554.846271][ T8407] exit_to_user_mode_prepare+0x210/0x240 [ 554.852445][ T8407] syscall_exit_to_user_mode+0x19/0x50 [ 554.858407][ T8407] do_syscall_64+0x42/0xb0 [ 554.863343][ T8407] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 554.869846][ T8407] [ 554.869846][ T8407] -> #0 (&rs->rs_recv_lock){...-}-{2:2}: [ 554.877635][ T8407] __lock_acquire+0x2ec7/0x5d40 [ 554.883100][ T8407] lock_acquire+0x1ab/0x520 [ 554.888181][ T8407] _raw_read_lock_irqsave+0x45/0x90 [ 554.893957][ T8407] rds_wake_sk_sleep+0x1a/0xc0 [ 554.899223][ T8407] rds_send_remove_from_sock+0x256/0x9a0 [ 554.905356][ T8407] rds_send_path_drop_acked+0x276/0x360 [ 554.911390][ T8407] rds_tcp_write_space+0x196/0x5c0 [ 554.917077][ T8407] tcp_check_space+0xde/0x730 [ 554.922269][ T8407] tcp_rcv_established+0x75f/0x2020 [ 554.927978][ T8407] tcp_v4_do_rcv+0x537/0x800 [ 554.933141][ T8407] __release_sock+0x113/0x360 [ 554.938315][ T8407] release_sock+0x4a/0x170 [ 554.943222][ T8407] rds_send_xmit+0x87e/0x2370 [ 554.948576][ T8407] rds_sendmsg+0x1d90/0x29f0 [ 554.953745][ T8407] sock_sendmsg+0xbc/0x150 [ 554.958668][ T8407] __sys_sendto+0x1bb/0x290 [ 554.963679][ T8407] __x64_sys_sendto+0xd8/0x1b0 [ 554.968936][ T8407] do_syscall_64+0x35/0xb0 [ 554.973842][ T8407] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 554.980247][ T8407] [ 554.980247][ T8407] other info that might help us debug this: [ 554.980247][ T8407] [ 554.990532][ T8407] Possible unsafe locking scenario: [ 554.990532][ T8407] [ 554.998127][ T8407] CPU0 CPU1 [ 555.003552][ T8407] ---- ---- [ 555.009003][ T8407] lock(&rm->m_rs_lock); [ 555.013313][ T8407] lock(&rs->rs_recv_lock); [ 555.020395][ T8407] lock(&rm->m_rs_lock); [ 555.027314][ T8407] lock(&rs->rs_recv_lock); [ 555.031896][ T8407] [ 555.031896][ T8407] *** DEADLOCK *** [ 555.031896][ T8407] [ 555.040109][ T8407] 3 locks held by syz-executor227/8407: [ 555.045628][ T8407] #0: ffff88801710c2f0 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sock_set_cork+0xe/0x70 [ 555.055341][ T8407] #1: ffff88801710c578 (k-clock-AF_INET){++.-}-{2:2}, at: rds_tcp_write_space+0x20/0x5c0 [ 555.065237][ T8407] #2: ffff88807b543100 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 555.075714][ T8407] [ 555.075714][ T8407] stack backtrace: [ 555.081572][ T8407] CPU: 1 PID: 8407 Comm: syz-executor227 Not tainted 6.3.0-rc4-syzkaller #0 [ 555.090393][ T8407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 555.100697][ T8407] Call Trace: [ 555.103957][ T8407] [ 555.106864][ T8407] dump_stack_lvl+0x60/0xa0 [ 555.111407][ T8407] check_noncircular+0x25f/0x2e0 [ 555.116316][ T8407] ? register_lock_class+0xbe/0x1120 [ 555.121667][ T8407] ? print_circular_bug+0x5c0/0x5c0 [ 555.126854][ T8407] ? register_lock_class+0xbe/0x1120 [ 555.132258][ T8407] ? __stack_depot_save+0x237/0x510 [ 555.137460][ T8407] ? is_dynamic_key.part.0+0x190/0x190 [ 555.142895][ T8407] __lock_acquire+0x2ec7/0x5d40 [ 555.147804][ T8407] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 555.153851][ T8407] ? debug_check_no_obj_freed+0x20c/0x420 [ 555.159636][ T8407] ? lock_downgrade+0x690/0x690 [ 555.164465][ T8407] lock_acquire+0x1ab/0x520 [ 555.169123][ T8407] ? rds_wake_sk_sleep+0x1a/0xc0 [ 555.174042][ T8407] ? lock_release+0x670/0x670 [ 555.178703][ T8407] ? lock_release+0x670/0x670 [ 555.183345][ T8407] ? do_raw_spin_lock+0x120/0x2a0 [ 555.188338][ T8407] ? spin_bug+0x1c0/0x1c0 [ 555.192893][ T8407] _raw_read_lock_irqsave+0x45/0x90 [ 555.198175][ T8407] ? rds_wake_sk_sleep+0x1a/0xc0 [ 555.203090][ T8407] rds_wake_sk_sleep+0x1a/0xc0 [ 555.207932][ T8407] rds_send_remove_from_sock+0x256/0x9a0 [ 555.215244][ T8407] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 555.221034][ T8407] rds_send_path_drop_acked+0x276/0x360 [ 555.226638][ T8407] ? rds_tcp_recv_exit+0x10/0x10 [ 555.231633][ T8407] ? rds_send_remove_from_sock+0x9a0/0x9a0 [ 555.237612][ T8407] ? sk_stream_wait_close+0x300/0x300 [ 555.242988][ T8407] rds_tcp_write_space+0x196/0x5c0 [ 555.248084][ T8407] tcp_check_space+0xde/0x730 [ 555.252732][ T8407] tcp_rcv_established+0x75f/0x2020 [ 555.257898][ T8407] ? __release_sock+0xc2/0x360 [ 555.262803][ T8407] ? tcp_check_space+0x730/0x730 [ 555.267721][ T8407] tcp_v4_do_rcv+0x537/0x800 [ 555.272300][ T8407] __release_sock+0x113/0x360 [ 555.276974][ T8407] release_sock+0x4a/0x170 [ 555.281553][ T8407] rds_send_xmit+0x87e/0x2370 [ 555.286289][ T8407] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 555.292154][ T8407] ? lockdep_hardirqs_on+0x79/0x100 [ 555.297336][ T8407] ? rds_send_mprds_hash+0x3e0/0x3e0 [ 555.302590][ T8407] ? rds_send_queue_rm+0x4bc/0x6c0 [ 555.307670][ T8407] rds_sendmsg+0x1d90/0x29f0 [ 555.312232][ T8407] ? rds_send_drop_to+0x1380/0x1380 [ 555.317414][ T8407] ? tomoyo_socket_bind_permission+0x2c0/0x2c0 [ 555.323603][ T8407] ? __fget_files+0x1bf/0x3c0 [ 555.328371][ T8407] ? rds_send_drop_to+0x1380/0x1380 [ 555.333543][ T8407] sock_sendmsg+0xbc/0x150 [ 555.338122][ T8407] __sys_sendto+0x1bb/0x290 [ 555.342595][ T8407] ? __ia32_sys_getpeername+0xa0/0xa0 [ 555.347971][ T8407] ? lock_downgrade+0x690/0x690 [ 555.352969][ T8407] ? __ct_user_enter+0xf9/0x130 [ 555.357791][ T8407] ? lock_downgrade+0x690/0x690 [ 555.362610][ T8407] ? vtime_user_exit+0x218/0x6c0 [ 555.367591][ T8407] __x64_sys_sendto+0xd8/0x1b0 [ 555.372338][ T8407] ? syscall_enter_from_user_mode+0x22/0x80 [ 555.378211][ T8407] do_syscall_64+0x35/0xb0 [ 555.382766][ T8407] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 555.388889][ T8407] RIP: 0033:0x7f968d0d7139 [ 555.393368][ T8407] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 555.413141][ T8407] RSP: 002b:00007f968d084308 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 555.421611][ T8407] RAX: ffffffffffffffda RBX: 00007f968d1604c8 RCX: 00007f968d0d7139 [ 555.429659][ T8407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 555.437603][ T8407] RBP: 00007f968d1604c0 R08: 0000000000000000 R09: 0000000000000000 [ 555.445562][ T8407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f968d12d5d0 [ 555.453872][ T8407] R13: 00007ffceb72c85f R14: 00007f968d084400 R15: 0000000000022000 [ 555.461816][ T8407] [ 557.638608][ T1211] ieee802154 phy0 wpan0: encryption failed: -22 [ 557.644915][ T1211] ieee802154 phy1 wpan1: encryption failed: -22