[ 127.506306][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 188.931120][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 188.937426][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 191.007825][ T3628] Bluetooth: hci0: command 0x0406 tx timeout [ 250.379551][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 250.385888][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 311.811267][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 311.817647][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 373.249593][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 373.255911][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 429.520269][ T46] device hsr_slave_0 left promiscuous mode [ 429.526501][ T46] device hsr_slave_1 left promiscuous mode [ 429.533332][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 429.540967][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 429.549626][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 429.556997][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 429.565716][ T46] device bridge_slave_1 left promiscuous mode [ 429.572201][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.581196][ T46] device bridge_slave_0 left promiscuous mode [ 429.587432][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.597206][ T46] device veth1_macvtap left promiscuous mode [ 429.603908][ T46] device veth0_macvtap left promiscuous mode [ 429.610055][ T46] device veth1_vlan left promiscuous mode [ 429.616131][ T46] device veth0_vlan left promiscuous mode [ 429.726515][ T46] team0 (unregistering): Port device team_slave_1 removed [ 429.737528][ T46] team0 (unregistering): Port device team_slave_0 removed [ 429.752338][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 429.766859][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 429.810706][ T46] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.1.74' (ECDSA) to the list of known hosts. [ 431.979579][ T5358] cgroup: Unknown subsys name 'net' [ 431.987185][ T5358] cgroup: Unknown subsys name 'rlimit' [ 432.046409][ T5359] chnl_net:caif_netlink_parms(): no params data found [ 432.085843][ T5359] bridge0: port 1(bridge_slave_0) entered blocking state [ 432.093144][ T5359] bridge0: port 1(bridge_slave_0) entered disabled state [ 432.101972][ T5359] device bridge_slave_0 entered promiscuous mode [ 432.109895][ T5359] bridge0: port 2(bridge_slave_1) entered blocking state [ 432.117172][ T5359] bridge0: port 2(bridge_slave_1) entered disabled state [ 432.125819][ T5359] device bridge_slave_1 entered promiscuous mode [ 432.146621][ T5359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 432.158766][ T5359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 432.179825][ T5359] team0: Port device team_slave_0 added [ 432.187065][ T5359] team0: Port device team_slave_1 added [ 432.204530][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 432.211747][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 432.237930][ T5359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 432.249997][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 432.257016][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 432.283034][ T5359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 432.309274][ T5359] device hsr_slave_0 entered promiscuous mode [ 432.316305][ T5359] device hsr_slave_1 entered promiscuous mode [ 432.374547][ T5359] bridge0: port 2(bridge_slave_1) entered blocking state [ 432.381659][ T5359] bridge0: port 2(bridge_slave_1) entered forwarding state [ 432.389031][ T5359] bridge0: port 1(bridge_slave_0) entered blocking state [ 432.396096][ T5359] bridge0: port 1(bridge_slave_0) entered forwarding state [ 432.430520][ T5359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 432.442609][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 432.451872][ T3628] bridge0: port 1(bridge_slave_0) entered disabled state [ 432.460007][ T3628] bridge0: port 2(bridge_slave_1) entered disabled state [ 432.468113][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 432.480951][ T5359] 8021q: adding VLAN 0 to HW filter on device team0 [ 432.491788][ T5364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 432.500329][ T5364] bridge0: port 1(bridge_slave_0) entered blocking state [ 432.507389][ T5364] bridge0: port 1(bridge_slave_0) entered forwarding state [ 432.518760][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 432.527447][ T5355] bridge0: port 2(bridge_slave_1) entered blocking state [ 432.534649][ T5355] bridge0: port 2(bridge_slave_1) entered forwarding state [ 432.552346][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 432.561378][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 432.575880][ T5359] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 432.586560][ T5359] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 432.599847][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 432.607481][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 432.618832][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 432.634618][ T5359] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 432.642035][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 432.649584][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 432.657216][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 432.805997][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 432.830628][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 432.839082][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 432.846679][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 432.857508][ T5359] device veth0_vlan entered promiscuous mode [ 432.867358][ T5359] device veth1_vlan entered promiscuous mode [ 432.884603][ T5359] device veth0_macvtap entered promiscuous mode [ 432.893163][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 432.901385][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 432.909739][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 432.919042][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 432.931228][ T5359] device veth1_macvtap entered promiscuous mode [ 432.945442][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 432.953712][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 432.965594][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 432.974151][ T5364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 434.689613][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 434.696349][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 473.653692][ T5917] [ 473.656042][ T5917] ====================================================== [ 473.663121][ T5917] WARNING: possible circular locking dependency detected [ 473.670110][ T5917] 6.0.0-rc2-syzkaller #0 Not tainted [ 473.675377][ T5917] ------------------------------------------------------ [ 473.682455][ T5917] syz-executor169/5917 is trying to acquire lock: [ 473.688839][ T5917] ffff888074c39660 (&rs->rs_recv_lock){...-}-{2:2}, at: rds_wake_sk_sleep+0x1a/0xc0 [ 473.698471][ T5917] [ 473.698471][ T5917] but task is already holding lock: [ 473.705824][ T5917] ffff88807740c900 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 473.715782][ T5917] [ 473.715782][ T5917] which lock already depends on the new lock. [ 473.715782][ T5917] [ 473.726158][ T5917] [ 473.726158][ T5917] the existing dependency chain (in reverse order) is: [ 473.735140][ T5917] [ 473.735140][ T5917] -> #1 (&rm->m_rs_lock){..-.}-{2:2}: [ 473.742781][ T5917] _raw_spin_lock_irqsave+0x39/0x50 [ 473.748609][ T5917] rds_message_put+0x16d/0xad0 [ 473.753867][ T5917] rds_clear_recv_queue+0x1c5/0x350 [ 473.759553][ T5917] rds_release+0xca/0x350 [ 473.764460][ T5917] __sock_release+0xbb/0x270 [ 473.769604][ T5917] sock_close+0xf/0x20 [ 473.774168][ T5917] __fput+0x1f5/0x8c0 [ 473.778771][ T5917] task_work_run+0xc0/0x160 [ 473.783836][ T5917] exit_to_user_mode_prepare+0x23c/0x250 [ 473.789995][ T5917] syscall_exit_to_user_mode+0x19/0x50 [ 473.795971][ T5917] do_syscall_64+0x42/0xb0 [ 473.800877][ T5917] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 473.807351][ T5917] [ 473.807351][ T5917] -> #0 (&rs->rs_recv_lock){...-}-{2:2}: [ 473.815163][ T5917] __lock_acquire+0x29c1/0x5640 [ 473.820639][ T5917] lock_acquire+0x1ab/0x570 [ 473.825819][ T5917] _raw_read_lock_irqsave+0x45/0x90 [ 473.831784][ T5917] rds_wake_sk_sleep+0x1a/0xc0 [ 473.837052][ T5917] rds_send_remove_from_sock+0x256/0x9a0 [ 473.843183][ T5917] rds_send_path_drop_acked+0x276/0x360 [ 473.849311][ T5917] rds_tcp_write_space+0x196/0x5a0 [ 473.854956][ T5917] tcp_check_space+0xde/0x730 [ 473.860148][ T5917] tcp_rcv_established+0x75f/0x2110 [ 473.866107][ T5917] tcp_v4_do_rcv+0x540/0x7f0 [ 473.871194][ T5917] __release_sock+0x113/0x360 [ 473.876415][ T5917] release_sock+0x4a/0x170 [ 473.881424][ T5917] rds_send_xmit+0x87e/0x2360 [ 473.886604][ T5917] rds_sendmsg+0x1d90/0x28d0 [ 473.891683][ T5917] sock_sendmsg+0xab/0xe0 [ 473.896502][ T5917] __sys_sendto+0x1bb/0x290 [ 473.901845][ T5917] __x64_sys_sendto+0xd8/0x1b0 [ 473.907185][ T5917] do_syscall_64+0x35/0xb0 [ 473.912280][ T5917] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 473.918663][ T5917] [ 473.918663][ T5917] other info that might help us debug this: [ 473.918663][ T5917] [ 473.928883][ T5917] Possible unsafe locking scenario: [ 473.928883][ T5917] [ 473.936413][ T5917] CPU0 CPU1 [ 473.941922][ T5917] ---- ---- [ 473.947532][ T5917] lock(&rm->m_rs_lock); [ 473.951850][ T5917] lock(&rs->rs_recv_lock); [ 473.958948][ T5917] lock(&rm->m_rs_lock); [ 473.965767][ T5917] lock(&rs->rs_recv_lock); [ 473.970392][ T5917] [ 473.970392][ T5917] *** DEADLOCK *** [ 473.970392][ T5917] [ 473.978694][ T5917] 3 locks held by syz-executor169/5917: [ 473.984207][ T5917] #0: ffff8880725fa2b0 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sock_set_cork+0xe/0x70 [ 473.994034][ T5917] #1: ffff8880725fa538 (k-clock-AF_INET){++.-}-{2:2}, at: rds_tcp_write_space+0x20/0x5a0 [ 474.004190][ T5917] #2: ffff88807740c900 (&rm->m_rs_lock){..-.}-{2:2}, at: rds_send_remove_from_sock+0x1e7/0x9a0 [ 474.014582][ T5917] [ 474.014582][ T5917] stack backtrace: [ 474.020530][ T5917] CPU: 1 PID: 5917 Comm: syz-executor169 Not tainted 6.0.0-rc2-syzkaller #0 [ 474.029342][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 474.039421][ T5917] Call Trace: [ 474.042711][ T5917] [ 474.045629][ T5917] dump_stack_lvl+0x57/0x7d [ 474.050877][ T5917] check_noncircular+0x25f/0x2e0 [ 474.055807][ T5917] ? register_lock_class+0xbe/0x1120 [ 474.061061][ T5917] ? print_circular_bug+0x1e0/0x1e0 [ 474.066229][ T5917] ? register_lock_class+0xbe/0x1120 [ 474.071484][ T5917] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 474.077259][ T5917] ? is_dynamic_key.part.0+0x130/0x130 [ 474.082685][ T5917] __lock_acquire+0x29c1/0x5640 [ 474.087515][ T5917] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 474.093463][ T5917] lock_acquire+0x1ab/0x570 [ 474.097946][ T5917] ? rds_wake_sk_sleep+0x1a/0xc0 [ 474.102958][ T5917] ? lock_release+0x780/0x780 [ 474.107609][ T5917] ? lock_release+0x780/0x780 [ 474.112255][ T5917] ? do_raw_spin_lock+0x120/0x2a0 [ 474.117336][ T5917] ? rwlock_bug.part.0+0x90/0x90 [ 474.122240][ T5917] _raw_read_lock_irqsave+0x45/0x90 [ 474.127405][ T5917] ? rds_wake_sk_sleep+0x1a/0xc0 [ 474.132329][ T5917] rds_wake_sk_sleep+0x1a/0xc0 [ 474.137081][ T5917] rds_send_remove_from_sock+0x256/0x9a0 [ 474.142683][ T5917] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 474.148478][ T5917] rds_send_path_drop_acked+0x276/0x360 [ 474.154010][ T5917] ? rds_tcp_recv_exit+0x10/0x10 [ 474.158929][ T5917] ? rds_send_remove_from_sock+0x9a0/0x9a0 [ 474.164705][ T5917] ? mark_held_locks+0x9f/0xe0 [ 474.169439][ T5917] ? sk_stream_wait_close+0x300/0x300 [ 474.174809][ T5917] rds_tcp_write_space+0x196/0x5a0 [ 474.179891][ T5917] tcp_check_space+0xde/0x730 [ 474.184538][ T5917] tcp_rcv_established+0x75f/0x2110 [ 474.189711][ T5917] ? __release_sock+0xc2/0x360 [ 474.194448][ T5917] ? tcp_check_space+0x730/0x730 [ 474.199366][ T5917] tcp_v4_do_rcv+0x540/0x7f0 [ 474.204359][ T5917] __release_sock+0x113/0x360 [ 474.209015][ T5917] release_sock+0x4a/0x170 [ 474.213400][ T5917] rds_send_xmit+0x87e/0x2360 [ 474.218047][ T5917] ? lockdep_hardirqs_on_prepare+0x17b/0x400 [ 474.224358][ T5917] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 474.230158][ T5917] ? lockdep_hardirqs_on+0x79/0x100 [ 474.235426][ T5917] ? rds_rdma_send_complete+0x470/0x470 [ 474.241038][ T5917] ? rds_send_queue_rm+0x4bc/0x6c0 [ 474.246134][ T5917] rds_sendmsg+0x1d90/0x28d0 [ 474.250919][ T5917] ? rds_send_drop_to+0x1380/0x1380 [ 474.256434][ T5917] ? selinux_socket_shutdown+0x2a0/0x2a0 [ 474.262109][ T5917] ? tomoyo_socket_bind_permission+0x2c0/0x2c0 [ 474.268440][ T5917] ? __fget_files+0x1bf/0x3a0 [ 474.273111][ T5917] ? rds_send_drop_to+0x1380/0x1380 [ 474.278280][ T5917] sock_sendmsg+0xab/0xe0 [ 474.282581][ T5917] __sys_sendto+0x1bb/0x290 [ 474.287052][ T5917] ? __ia32_sys_getpeername+0xa0/0xa0 [ 474.292396][ T5917] ? lock_downgrade+0x6e0/0x6e0 [ 474.297231][ T5917] ? lock_downgrade+0x6e0/0x6e0 [ 474.302066][ T5917] __x64_sys_sendto+0xd8/0x1b0 [ 474.306812][ T5917] ? syscall_enter_from_user_mode+0x22/0xb0 [ 474.312682][ T5917] do_syscall_64+0x35/0xb0 [ 474.317095][ T5917] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 474.322957][ T5917] RIP: 0033:0x7f17fb68d139 [ 474.327442][ T5917] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 474.347281][ T5917] RSP: 002b:00007f17fb63a308 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 474.355751][ T5917] RAX: ffffffffffffffda RBX: 00007f17fb7164c8 RCX: 00007f17fb68d139 [ 474.363693][ T5917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 474.371646][ T5917] RBP: 00007f17fb7164c0 R08: 0000000000000000 R09: 0000000000000000 [ 474.379696][ T5917] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f17fb6e35d0 [ 474.387637][ T5917] R13: 00007ffecf24d9ef R14: 00007f17fb63a400 R15: 0000000000022000 [ 474.395586][ T5917]