Warning: Permanently added '10.128.0.34' (ECDSA) to the list of known hosts.
[   43.755620][ T4309] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   43.757769][ T4311] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   43.759896][ T4311] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   43.762287][ T4311] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   43.764451][ T4311] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   43.767166][ T4311] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   43.846619][ T4306] chnl_net:caif_netlink_parms(): no params data found
[   43.882487][ T4306] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.884208][ T4306] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.887041][ T4306] device bridge_slave_0 entered promiscuous mode
[   43.890916][ T4306] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.892630][ T4306] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.894911][ T4306] device bridge_slave_1 entered promiscuous mode
[   43.910081][ T4306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   43.913965][ T4306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   43.929388][ T4306] team0: Port device team_slave_0 added
[   43.932393][ T4306] team0: Port device team_slave_1 added
[   43.944801][ T4306] batman_adv: batadv0: Adding interface: batadv_slave_0
[   43.946510][ T4306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   43.952298][ T4306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   43.957720][ T4306] batman_adv: batadv0: Adding interface: batadv_slave_1
[   43.959287][ T4306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   43.965251][ T4306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.027214][ T4306] device hsr_slave_0 entered promiscuous mode
[   44.075302][ T4306] device hsr_slave_1 entered promiscuous mode
[   44.193130][ T4306] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   44.227358][ T4306] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   44.267366][ T4306] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   44.307184][ T4306] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   44.362023][ T4306] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.363647][ T4306] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.365676][ T4306] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.367313][ T4306] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.406908][ T4306] 8021q: adding VLAN 0 to HW filter on device bond0
[   44.413212][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.417004][  T110] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.419983][  T110] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.422606][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   44.431340][ T4306] 8021q: adding VLAN 0 to HW filter on device team0
[   44.436996][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   44.439314][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.441108][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.455645][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   44.457790][  T110] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.459385][  T110] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.461974][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   44.471457][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   44.473824][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   44.476352][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   44.481885][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.486304][ T4306] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   44.498351][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   44.500241][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   44.508722][ T4306] 8021q: adding VLAN 0 to HW filter on device batadv0
[   44.521383][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   44.533620][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   44.538352][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   44.540473][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   44.544907][ T4306] device veth0_vlan entered promiscuous mode
[   44.552462][ T4306] device veth1_vlan entered promiscuous mode
[   44.569057][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   44.571344][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   44.573872][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   44.578576][ T4306] device veth0_macvtap entered promiscuous mode
[   44.582618][ T4306] device veth1_macvtap entered promiscuous mode
[   44.592841][ T4306] batman_adv: batadv0: Interface activated: batadv_slave_0
[   44.594645][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   44.598459][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   44.603049][ T4306] batman_adv: batadv0: Interface activated: batadv_slave_1
[   44.606051][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   44.610335][ T4306] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   44.612406][ T4306] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   44.614306][ T4306] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   44.617465][ T4306] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   44.665251][  T237] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.667203][  T237] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.676085][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   44.683691][  T237] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.686007][  T237] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.688769][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
[   44.918871][ T4324] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   44.920905][ T4324] nci: nci_start_poll: failed to set local general bytes
[   48.153463][   T55] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.313086][   T55] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.381968][   T55] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.444762][   T55] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.986450][   T55] device hsr_slave_0 left promiscuous mode
[   52.025496][   T55] device hsr_slave_1 left promiscuous mode
[   52.085312][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   52.087110][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[   52.092315][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   52.094155][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[   52.099002][   T55] device bridge_slave_1 left promiscuous mode
[   52.100835][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.126206][   T55] device bridge_slave_0 left promiscuous mode
[   52.127810][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.235517][   T55] device veth1_macvtap left promiscuous mode
[   52.237199][   T55] device veth0_macvtap left promiscuous mode
[   52.238815][   T55] device veth1_vlan left promiscuous mode
[   52.240354][   T55] device veth0_vlan left promiscuous mode
[   52.431846][   T55] team0 (unregistering): Port device team_slave_1 removed
[   52.439641][   T55] team0 (unregistering): Port device team_slave_0 removed
[   52.453908][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   52.492066][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   52.651618][   T55] bond0 (unregistering): Released all slaves
[   52.888327][ T4324] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[   52.890653][ T4324] 
[   52.891225][ T4324] ======================================================
[   52.892844][ T4324] WARNING: possible circular locking dependency detected
[   52.894459][ T4324] 6.1.15-syzkaller #0 Not tainted
[   52.895701][ T4324] ------------------------------------------------------
[   52.897426][ T4324] syz-executor773/4324 is trying to acquire lock:
[   52.898987][ T4324] ffff800016d8c588 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x28/0x58
[   52.901110][ T4324] 
[   52.901110][ T4324] but task is already holding lock:
[   52.902909][ T4324] ffff0000d8131350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0xf0/0x5ac
[   52.905000][ T4324] 
[   52.905000][ T4324] which lock already depends on the new lock.
[   52.905000][ T4324] 
[   52.907461][ T4324] 
[   52.907461][ T4324] the existing dependency chain (in reverse order) is:
[   52.909592][ T4324] 
[   52.909592][ T4324] -> #3 (&ndev->req_lock){+.+.}-{3:3}:
[   52.911526][ T4324]        __mutex_lock_common+0x190/0x21a0
[   52.912920][ T4324]        mutex_lock_nested+0x38/0x44
[   52.914228][ T4324]        nci_start_poll+0x498/0x1204
[   52.915471][ T4324]        nfc_start_poll+0x164/0x2a4
[   52.916737][ T4324]        nfc_genl_start_poll+0x1b8/0x308
[   52.918072][ T4324]        genl_rcv_msg+0x948/0xc2c
[   52.919260][ T4324]        netlink_rcv_skb+0x20c/0x3b8
[   52.920487][ T4324]        genl_rcv+0x38/0x50
[   52.921568][ T4324]        netlink_unicast+0x660/0x8d4
[   52.922817][ T4324]        netlink_sendmsg+0x800/0xae0
[   52.924109][ T4324]        ____sys_sendmsg+0x558/0x844
[   52.925372][ T4324]        __sys_sendmsg+0x26c/0x33c
[   52.926542][ T4324]        __arm64_sys_sendmsg+0x80/0x94
[   52.927890][ T4324]        invoke_syscall+0x98/0x2c0
[   52.929157][ T4324]        el0_svc_common+0x138/0x258
[   52.930435][ T4324]        do_el0_svc+0x64/0x218
[   52.931502][ T4324]        el0_svc+0x58/0x168
[   52.932595][ T4324]        el0t_64_sync_handler+0x84/0xf0
[   52.933848][ T4324]        el0t_64_sync+0x18c/0x190
[   52.935075][ T4324] 
[   52.935075][ T4324] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[   52.937071][ T4324]        __mutex_lock_common+0x190/0x21a0
[   52.938415][ T4324]        mutex_lock_nested+0x38/0x44
[   52.939685][ T4324]        nfc_urelease_event_work+0xfc/0x2a8
[   52.941009][ T4324]        process_one_work+0x848/0x16b4
[   52.942315][ T4324]        worker_thread+0x8e4/0xfec
[   52.943547][ T4324]        kthread+0x24c/0x2d4
[   52.944623][ T4324]        ret_from_fork+0x10/0x20
[   52.945807][ T4324] 
[   52.945807][ T4324] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}:
[   52.947695][ T4324]        __mutex_lock_common+0x190/0x21a0
[   52.949081][ T4324]        mutex_lock_nested+0x38/0x44
[   52.950431][ T4324]        nfc_register_device+0x4c/0x310
[   52.951802][ T4324]        nci_register_device+0x6ac/0x7c4
[   52.953099][ T4324]        virtual_ncidev_open+0x6c/0xd8
[   52.954482][ T4324]        misc_open+0x2f0/0x368
[   52.955589][ T4324]        chrdev_open+0x3e8/0x4fc
[   52.956783][ T4324]        do_dentry_open+0x734/0xfa0
[   52.958025][ T4324]        vfs_open+0x7c/0x90
[   52.959073][ T4324]        path_openat+0x1e10/0x2540
[   52.960270][ T4324]        do_filp_open+0x1bc/0x3cc
[   52.961434][ T4324]        do_sys_openat2+0x128/0x3d8
[   52.962732][ T4324]        __arm64_sys_openat+0x1f0/0x240
[   52.964182][ T4324]        invoke_syscall+0x98/0x2c0
[   52.965411][ T4324]        el0_svc_common+0x138/0x258
[   52.966659][ T4324]        do_el0_svc+0x64/0x218
[   52.967764][ T4324]        el0_svc+0x58/0x168
[   52.968910][ T4324]        el0t_64_sync_handler+0x84/0xf0
[   52.970298][ T4324]        el0t_64_sync+0x18c/0x190
[   52.971515][ T4324] 
[   52.971515][ T4324] -> #0 (nci_mutex){+.+.}-{3:3}:
[   52.973264][ T4324]        __lock_acquire+0x3338/0x764c
[   52.974536][ T4324]        lock_acquire+0x2f8/0x8dc
[   52.975738][ T4324]        __mutex_lock_common+0x190/0x21a0
[   52.977137][ T4324]        mutex_lock_nested+0x38/0x44
[   52.978373][ T4324]        virtual_nci_close+0x28/0x58
[   52.979655][ T4324]        nci_close_device+0x2fc/0x5ac
[   52.980894][ T4324]        nci_unregister_device+0x58/0x21c
[   52.982327][ T4324]        virtual_ncidev_close+0x70/0xb0
[   52.983699][ T4324]        __fput+0x30c/0x7bc
[   52.984810][ T4324]        ____fput+0x20/0x30
[   52.985920][ T4324]        task_work_run+0x240/0x2f0
[   52.987187][ T4324]        do_exit+0x538/0x1af8
[   52.988328][ T4324]        do_group_exit+0x194/0x22c
[   52.989536][ T4324]        get_signal+0x14a0/0x158c
[   52.990756][ T4324]        do_notify_resume+0x3ac/0x3470
[   52.992113][ T4324]        el0_svc+0x9c/0x168
[   52.993217][ T4324]        el0t_64_sync_handler+0x84/0xf0
[   52.994563][ T4324]        el0t_64_sync+0x18c/0x190
[   52.995778][ T4324] 
[   52.995778][ T4324] other info that might help us debug this:
[   52.995778][ T4324] 
[   52.998205][ T4324] Chain exists of:
[   52.998205][ T4324]   nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock
[   52.998205][ T4324] 
[   53.001672][ T4324]  Possible unsafe locking scenario:
[   53.001672][ T4324] 
[   53.003479][ T4324]        CPU0                    CPU1
[   53.004784][ T4324]        ----                    ----
[   53.006057][ T4324]   lock(&ndev->req_lock);
[   53.007131][ T4324]                                lock(&genl_data->genl_data_mutex);
[   53.009080][ T4324]                                lock(&ndev->req_lock);
[   53.010747][ T4324]   lock(nci_mutex);
[   53.011676][ T4324] 
[   53.011676][ T4324]  *** DEADLOCK ***
[   53.011676][ T4324] 
[   53.013614][ T4324] 1 lock held by syz-executor773/4324:
[   53.014859][ T4324]  #0: ffff0000d8131350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0xf0/0x5ac
[   53.017461][ T4324] 
[   53.017461][ T4324] stack backtrace:
[   53.018873][ T4324] CPU: 1 PID: 4324 Comm: syz-executor773 Not tainted 6.1.15-syzkaller #0
[   53.020953][ T4324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   53.023457][ T4324] Call trace:
[   53.024231][ T4324]  dump_backtrace+0x1c8/0x1f4
[   53.025320][ T4324]  show_stack+0x2c/0x3c
[   53.026317][ T4324]  dump_stack_lvl+0x108/0x170
[   53.027507][ T4324]  dump_stack+0x1c/0x58
[   53.028544][ T4324]  print_circular_bug+0x150/0x1b8
[   53.029787][ T4324]  check_noncircular+0x2cc/0x378
[   53.031057][ T4324]  __lock_acquire+0x3338/0x764c
[   53.032263][ T4324]  lock_acquire+0x2f8/0x8dc
[   53.033333][ T4324]  __mutex_lock_common+0x190/0x21a0
[   53.034615][ T4324]  mutex_lock_nested+0x38/0x44
[   53.035766][ T4324]  virtual_nci_close+0x28/0x58
[   53.036946][ T4324]  nci_close_device+0x2fc/0x5ac
[   53.038177][ T4324]  nci_unregister_device+0x58/0x21c
[   53.039419][ T4324]  virtual_ncidev_close+0x70/0xb0
[   53.040638][ T4324]  __fput+0x30c/0x7bc
[   53.041600][ T4324]  ____fput+0x20/0x30
[   53.042527][ T4324]  task_work_run+0x240/0x2f0
[   53.043716][ T4324]  do_exit+0x538/0x1af8
[   53.044750][ T4324]  do_group_exit+0x194/0x22c
[   53.045911][ T4324]  get_signal+0x14a0/0x158c
[   53.047048][ T4324]  do_notify_resume+0x3ac/0x3470
[   53.048267][ T4324]  el0_svc+0x9c/0x168
[   53.049201][ T4324]  el0t_64_sync_handler+0x84/0xf0
[   53.050426][ T4324]  el0t_64_sync+0x18c/0x190