Warning: Permanently added '10.128.0.22' (ED25519) to the list of known hosts.
2023/11/11 02:39:34 ignoring optional flag "sandboxArg"="0"
2023/11/11 02:39:34 parsed 1 programs
2023/11/11 02:39:34 executed programs: 0
[  104.609241][ T4467] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.617805][ T4467] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  104.626890][ T4467] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  104.637191][ T4467] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.646071][ T4467] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  104.654023][ T4467] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  104.819494][ T5429] chnl_net:caif_netlink_parms(): no params data found
[  104.897714][ T5429] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.906048][ T5429] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.914949][ T5429] bridge_slave_0: entered allmulticast mode
[  104.922512][ T5429] bridge_slave_0: entered promiscuous mode
[  104.932505][ T5429] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.942379][ T5429] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.950160][ T5429] bridge_slave_1: entered allmulticast mode
[  104.957822][ T5429] bridge_slave_1: entered promiscuous mode
[  104.994461][ T5429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.008711][ T5429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.046518][ T5429] team0: Port device team_slave_0 added
[  105.056948][ T5429] team0: Port device team_slave_1 added
[  105.088372][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.095621][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.123542][ T5429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.136363][ T5429] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.143610][ T5429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.171699][ T5429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.220299][ T5429] hsr_slave_0: entered promiscuous mode
[  105.227725][ T5429] hsr_slave_1: entered promiscuous mode
[  106.171563][ T5429] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.188208][ T5429] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.202165][ T5429] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.220895][ T5429] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.373228][ T5429] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.410955][ T5429] 8021q: adding VLAN 0 to HW filter on device team0
[  106.432721][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.440259][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.472813][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.480739][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.685391][ T4467] Bluetooth: hci0: command 0x0409 tx timeout
[  106.785511][ T5429] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.869131][ T5429] veth0_vlan: entered promiscuous mode
[  106.890606][ T5429] veth1_vlan: entered promiscuous mode
[  106.950392][ T5429] veth0_macvtap: entered promiscuous mode
[  106.976970][ T5429] veth1_macvtap: entered promiscuous mode
[  107.017280][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.039692][ T5429] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.062702][ T5429] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.077081][ T5429] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.091384][ T5429] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.102234][ T5429] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.238698][ T2387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.276004][ T2387] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.332855][ T2387] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.342816][ T2387] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.986344][ T5521] 
[  107.989207][ T5521] ======================================================
[  107.996413][ T5521] WARNING: possible circular locking dependency detected
[  108.003644][ T5521] 6.6.0-syzkaller-15859-g89cdf9d55601 #0 Not tainted
[  108.010461][ T5521] ------------------------------------------------------
[  108.017764][ T5521] syz-executor.0/5521 is trying to acquire lock:
[  108.024385][ T5521] ffff88807ecb2100 (&rm->m_rs_lock){....}-{2:2}, at: rds_message_put+0x1dd/0xc40
[  108.033902][ T5521] 
[  108.033902][ T5521] but task is already holding lock:
[  108.042055][ T5521] ffff8880216e2530 (&rs->rs_recv_lock){....}-{2:2}, at: rds_clear_recv_queue+0x33/0x350
[  108.052119][ T5521] 
[  108.052119][ T5521] which lock already depends on the new lock.
[  108.052119][ T5521] 
[  108.062871][ T5521] 
[  108.062871][ T5521] the existing dependency chain (in reverse order) is:
[  108.072067][ T5521] 
[  108.072067][ T5521] -> #1 (&rs->rs_recv_lock){....}-{2:2}:
[  108.079992][ T5521]        _raw_read_lock_irqsave+0x46/0x90
[  108.086432][ T5521]        rds_wake_sk_sleep+0x23/0xe0
[  108.091722][ T5521]        rds_send_remove_from_sock+0x1e9/0xa50
[  108.098870][ T5521]        rds_send_path_drop_acked+0x2f4/0x3c0
[  108.104940][ T5521]        rds_tcp_write_space+0x1b5/0x6d0
[  108.111101][ T5521]        tcp_check_space+0x178/0x8c0
[  108.116591][ T5521]        tcp_rcv_established+0x953/0x20d0
[  108.122574][ T5521]        tcp_v4_do_rcv+0x68c/0xa10
[  108.127781][ T5521]        __release_sock+0x132/0x3a0
[  108.133077][ T5521]        release_sock+0x5a/0x1f0
[  108.138021][ T5521]        rds_send_xmit+0x164f/0x2490
[  108.144280][ T5521]        rds_sendmsg+0x2af0/0x31e0
[  108.149488][ T5521]        __sock_sendmsg+0xd5/0x180
[  108.154970][ T5521]        __sys_sendto+0x255/0x340
[  108.160884][ T5521]        __x64_sys_sendto+0xe0/0x1b0
[  108.166177][ T5521]        do_syscall_64+0x3f/0x110
[  108.171207][ T5521]        entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  108.177624][ T5521] 
[  108.177624][ T5521] -> #0 (&rm->m_rs_lock){....}-{2:2}:
[  108.185272][ T5521]        __lock_acquire+0x2e3d/0x5de0
[  108.190757][ T5521]        lock_acquire+0x1ae/0x510
[  108.195885][ T5521]        _raw_spin_lock_irqsave+0x3a/0x50
[  108.201609][ T5521]        rds_message_put+0x1dd/0xc40
[  108.206909][ T5521]        rds_inc_put+0x13c/0x1a0
[  108.211852][ T5521]        rds_clear_recv_queue+0x14c/0x350
[  108.217665][ T5521]        rds_release+0xdb/0x3c0
[  108.222814][ T5521]        __sock_release+0xae/0x260
[  108.228109][ T5521]        sock_close+0x1c/0x20
[  108.233136][ T5521]        __fput+0x270/0xbb0
[  108.237846][ T5521]        __fput_sync+0x47/0x50
[  108.242810][ T5521]        __x64_sys_close+0x87/0xf0
[  108.247981][ T5521]        do_syscall_64+0x3f/0x110
[  108.253274][ T5521]        entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  108.260039][ T5521] 
[  108.260039][ T5521] other info that might help us debug this:
[  108.260039][ T5521] 
[  108.270693][ T5521]  Possible unsafe locking scenario:
[  108.270693][ T5521] 
[  108.278162][ T5521]        CPU0                    CPU1
[  108.283557][ T5521]        ----                    ----
[  108.288935][ T5521]   lock(&rs->rs_recv_lock);
[  108.293715][ T5521]                                lock(&rm->m_rs_lock);
[  108.300675][ T5521]                                lock(&rs->rs_recv_lock);
[  108.308211][ T5521]   lock(&rm->m_rs_lock);
[  108.313446][ T5521] 
[  108.313446][ T5521]  *** DEADLOCK ***
[  108.313446][ T5521] 
[  108.321850][ T5521] 2 locks held by syz-executor.0/5521:
[  108.327560][ T5521]  #0: ffff88807836dc10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x260
[  108.338747][ T5521]  #1: ffff8880216e2530 (&rs->rs_recv_lock){....}-{2:2}, at: rds_clear_recv_queue+0x33/0x350
[  108.350014][ T5521] 
[  108.350014][ T5521] stack backtrace:
[  108.356260][ T5521] CPU: 0 PID: 5521 Comm: syz-executor.0 Not tainted 6.6.0-syzkaller-15859-g89cdf9d55601 #0
[  108.366595][ T5521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[  108.376932][ T5521] Call Trace:
[  108.380302][ T5521]  <TASK>
[  108.383579][ T5521]  dump_stack_lvl+0xd9/0x1b0
[  108.388881][ T5521]  check_noncircular+0x311/0x3f0
[  108.394117][ T5521]  ? print_circular_bug+0x750/0x750
[  108.399422][ T5521]  ? __pv_queued_spin_lock_slowpath+0x272/0xc70
[  108.405685][ T5521]  ? mark_lock+0x105/0x1950
[  108.410989][ T5521]  ? print_usage_bug.part.0+0x670/0x670
[  108.416738][ T5521]  __lock_acquire+0x2e3d/0x5de0
[  108.421791][ T5521]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  108.427971][ T5521]  lock_acquire+0x1ae/0x510
[  108.433274][ T5521]  ? rds_message_put+0x1dd/0xc40
[  108.438429][ T5521]  ? lock_sync+0x190/0x190
[  108.443129][ T5521]  ? lock_acquire+0x1ae/0x510
[  108.448371][ T5521]  _raw_spin_lock_irqsave+0x3a/0x50
[  108.454043][ T5521]  ? rds_message_put+0x1dd/0xc40
[  108.459119][ T5521]  rds_message_put+0x1dd/0xc40
[  108.464042][ T5521]  rds_inc_put+0x13c/0x1a0
[  108.468483][ T5521]  rds_clear_recv_queue+0x14c/0x350
[  108.473976][ T5521]  ? __local_bh_enable_ip+0xa4/0x120
[  108.479663][ T5521]  ? __sock_release+0x260/0x260
[  108.484879][ T5521]  rds_release+0xdb/0x3c0
[  108.489324][ T5521]  ? __sock_release+0x260/0x260
[  108.494276][ T5521]  __sock_release+0xae/0x260
[  108.499406][ T5521]  sock_close+0x1c/0x20
[  108.504442][ T5521]  __fput+0x270/0xbb0
[  108.508532][ T5521]  __fput_sync+0x47/0x50
[  108.512878][ T5521]  __x64_sys_close+0x87/0xf0
[  108.517875][ T5521]  do_syscall_64+0x3f/0x110
[  108.522738][ T5521]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  108.528750][ T5521] RIP: 0033:0x7f76a647b85a
[  108.533426][ T5521] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 f3 7d 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 53 7e 02 00 8b 44 24
[  108.553239][ T5521] RSP: 002b:00007fff47962430 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  108.562200][ T5521] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f76a647b85a
[  108.570289][ T5521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  108.580289][ T5521] RBP: 0000000000000032 R08: 0000001b2f060000 R09: 00007f76a659c12c
[  108.588732][ T5521] R10: 00007fff47962580 R11: 0000000000000293 R12: 00007f76a6000a20
[  108.597056][ T5521] R13: ffffffffffffffff R14: 00007f76a6000000 R15: 000000000001a581
[  108.605295][ T5521]  </TASK>
[  108.764212][ T4467] Bluetooth: hci0: command 0x041b tx timeout
2023/11/11 02:39:39 executed programs: 19
[  110.844433][ T4467] Bluetooth: hci0: command 0x040f tx timeout
[  112.924610][ T4467] Bluetooth: hci0: command 0x0419 tx timeout
2023/11/11 02:39:44 executed programs: 87