Warning: Permanently added '10.128.0.173' (ED25519) to the list of known hosts. [ 43.048751][ T6163] chnl_net:caif_netlink_parms(): no params data found [ 43.076934][ T6163] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.078852][ T6163] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.080782][ T6163] bridge_slave_0: entered allmulticast mode [ 43.083117][ T6163] bridge_slave_0: entered promiscuous mode [ 43.086468][ T6163] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.088368][ T6163] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.090472][ T6163] bridge_slave_1: entered allmulticast mode [ 43.092548][ T6163] bridge_slave_1: entered promiscuous mode [ 43.104768][ T6163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.108413][ T6163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.120229][ T6163] team0: Port device team_slave_0 added [ 43.122899][ T6163] team0: Port device team_slave_1 added [ 43.134169][ T6163] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.135910][ T6163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.142472][ T6163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.146817][ T6163] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.148547][ T6163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.155055][ T6163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.204504][ T6163] hsr_slave_0: entered promiscuous mode [ 43.242511][ T6163] hsr_slave_1: entered promiscuous mode [ 43.339027][ T6163] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 43.374279][ T6163] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 43.424449][ T6163] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 43.483542][ T6163] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 43.536301][ T6163] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.538083][ T6163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.540249][ T6163] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.542102][ T6163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.568857][ T6163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.578055][ T6171] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.580971][ T6171] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.588655][ T6163] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.595104][ T1390] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.596794][ T1390] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.603171][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.605007][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.619172][ T6163] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 43.621773][ T6163] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 43.638513][ T6163] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.658480][ T6163] veth0_vlan: entered promiscuous mode [ 43.664264][ T6163] veth1_vlan: entered promiscuous mode [ 43.675357][ T6163] veth0_macvtap: entered promiscuous mode [ 43.678314][ T6163] veth1_macvtap: entered promiscuous mode [ 43.689447][ T6163] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.695756][ T6163] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.699149][ T6163] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.701414][ T6163] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.704012][ T6163] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.706215][ T6163] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.747890][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.749887][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.761334][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.764023][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program [ 43.770204][ T6163] netlink: 'syz-executor391': attribute type 10 has an invalid length. [ 43.773544][ T6163] netlink: 40 bytes leftover after parsing attributes in process `syz-executor391'. [ 43.854954][ T6163] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 43.868200][ T6163] team0: Port device wlan0 added [ 43.954860][ T6163] [ 43.955464][ T6163] ====================================================== [ 43.957086][ T6163] WARNING: possible circular locking dependency detected [ 43.958735][ T6163] 6.8.0-rc7-syzkaller-g707081b61156 #0 Not tainted [ 43.960309][ T6163] ------------------------------------------------------ [ 43.962006][ T6163] syz-executor391/6163 is trying to acquire lock: [ 43.963616][ T6163] ffff0000d6950d20 (team->team_lock_key){+.+.}-{3:3}, at: team_del_slave+0x38/0x1a4 [ 43.966016][ T6163] [ 43.966016][ T6163] but task is already holding lock: [ 43.967862][ T6163] ffff0000d8398768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x104/0x12c [ 43.970335][ T6163] [ 43.970335][ T6163] which lock already depends on the new lock. [ 43.970335][ T6163] [ 43.972938][ T6163] [ 43.972938][ T6163] the existing dependency chain (in reverse order) is: [ 43.975090][ T6163] [ 43.975090][ T6163] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}: [ 43.977035][ T6163] __mutex_lock_common+0x190/0x21a0 [ 43.978537][ T6163] mutex_lock_nested+0x2c/0x38 [ 43.979854][ T6163] ieee80211_open+0xe4/0x1e4 [ 43.981137][ T6163] __dev_open+0x32c/0x500 [ 43.982328][ T6163] dev_open+0xa8/0x248 [ 43.983466][ T6163] team_add_slave+0x7b0/0x2368 [ 43.984795][ T6163] do_setlink+0xc30/0x3794 [ 43.986121][ T6163] rtnl_setlink+0x3ac/0x49c [ 43.987379][ T6163] rtnetlink_rcv_msg+0x748/0xdbc [ 43.988766][ T6163] netlink_rcv_skb+0x214/0x3c4 [ 43.990119][ T6163] rtnetlink_rcv+0x28/0x38 [ 43.991396][ T6163] netlink_unicast+0x65c/0x898 [ 43.992775][ T6163] netlink_sendmsg+0x83c/0xb20 [ 43.994127][ T6163] ____sys_sendmsg+0x56c/0x840 [ 43.995466][ T6163] __sys_sendmsg+0x26c/0x33c [ 43.996763][ T6163] __arm64_sys_sendmsg+0x80/0x94 [ 43.998099][ T6163] invoke_syscall+0x98/0x2b8 [ 43.999370][ T6163] el0_svc_common+0x130/0x23c [ 44.000776][ T6163] do_el0_svc+0x48/0x58 [ 44.001988][ T6163] el0_svc+0x54/0x168 [ 44.003145][ T6163] el0t_64_sync_handler+0x84/0xfc [ 44.004586][ T6163] el0t_64_sync+0x190/0x194 [ 44.005933][ T6163] [ 44.005933][ T6163] -> #0 (team->team_lock_key){+.+.}-{3:3}: [ 44.007978][ T6163] __lock_acquire+0x3384/0x763c [ 44.009373][ T6163] lock_acquire+0x23c/0x71c [ 44.010737][ T6163] __mutex_lock_common+0x190/0x21a0 [ 44.012247][ T6163] mutex_lock_nested+0x2c/0x38 [ 44.013748][ T6163] team_del_slave+0x38/0x1a4 [ 44.014957][ T6163] team_device_event+0x25c/0x4cc [ 44.016314][ T6163] notifier_call_chain+0x1a4/0x510 [ 44.017736][ T6163] raw_notifier_call_chain+0x3c/0x50 [ 44.019165][ T6163] unregister_netdevice_many_notify+0xd4c/0x17b8 [ 44.020951][ T6163] unregister_netdevice_queue+0x2d8/0x324 [ 44.022485][ T6163] _cfg80211_unregister_wdev+0x164/0x6c4 [ 44.024018][ T6163] cfg80211_unregister_wdev+0x24/0x34 [ 44.025494][ T6163] ieee80211_if_remove+0x23c/0x37c [ 44.026877][ T6163] ieee80211_del_iface+0x20/0x34 [ 44.028193][ T6163] cfg80211_remove_virtual_intf+0x244/0x710 [ 44.029835][ T6163] nl80211_del_interface+0x110/0x12c [ 44.031267][ T6163] genl_rcv_msg+0x874/0xb6c [ 44.032523][ T6163] netlink_rcv_skb+0x214/0x3c4 [ 44.033798][ T6163] genl_rcv+0x38/0x50 [ 44.034940][ T6163] netlink_unicast+0x65c/0x898 [ 44.036260][ T6163] netlink_sendmsg+0x83c/0xb20 [ 44.037870][ T6163] ____sys_sendmsg+0x56c/0x840 [ 44.039372][ T6163] __sys_sendmsg+0x26c/0x33c [ 44.040857][ T6163] __arm64_sys_sendmsg+0x80/0x94 [ 44.042359][ T6163] invoke_syscall+0x98/0x2b8 [ 44.043809][ T6163] el0_svc_common+0x130/0x23c [ 44.045280][ T6163] do_el0_svc+0x48/0x58 [ 44.046522][ T6163] el0_svc+0x54/0x168 [ 44.047657][ T6163] el0t_64_sync_handler+0x84/0xfc [ 44.049121][ T6163] el0t_64_sync+0x190/0x194 [ 44.050418][ T6163] [ 44.050418][ T6163] other info that might help us debug this: [ 44.050418][ T6163] [ 44.052916][ T6163] Possible unsafe locking scenario: [ 44.052916][ T6163] [ 44.054972][ T6163] CPU0 CPU1 [ 44.056405][ T6163] ---- ---- [ 44.057886][ T6163] lock(&rdev->wiphy.mtx); [ 44.059199][ T6163] lock(team->team_lock_key); [ 44.061203][ T6163] lock(&rdev->wiphy.mtx); [ 44.063046][ T6163] lock(team->team_lock_key); [ 44.064370][ T6163] [ 44.064370][ T6163] *** DEADLOCK *** [ 44.064370][ T6163] [ 44.066500][ T6163] 3 locks held by syz-executor391/6163: [ 44.067911][ T6163] #0: ffff8000919aea50 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 [ 44.070143][ T6163] #1: ffff80009194f2e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c [ 44.072660][ T6163] #2: ffff0000d8398768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x104/0x12c [ 44.075338][ T6163] [ 44.075338][ T6163] stack backtrace: [ 44.076902][ T6163] CPU: 1 PID: 6163 Comm: syz-executor391 Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0 [ 44.079466][ T6163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 44.082114][ T6163] Call trace: [ 44.083068][ T6163] dump_backtrace+0x1b8/0x1e4 [ 44.084400][ T6163] show_stack+0x2c/0x3c [ 44.085558][ T6163] dump_stack_lvl+0xd0/0x124 [ 44.086784][ T6163] dump_stack+0x1c/0x28 [ 44.087899][ T6163] print_circular_bug+0x150/0x1b8 [ 44.089185][ T6163] check_noncircular+0x310/0x404 [ 44.090556][ T6163] __lock_acquire+0x3384/0x763c [ 44.091886][ T6163] lock_acquire+0x23c/0x71c [ 44.092987][ T6163] __mutex_lock_common+0x190/0x21a0 [ 44.094339][ T6163] mutex_lock_nested+0x2c/0x38 [ 44.095604][ T6163] team_del_slave+0x38/0x1a4 [ 44.096853][ T6163] team_device_event+0x25c/0x4cc [ 44.098159][ T6163] notifier_call_chain+0x1a4/0x510 [ 44.099666][ T6163] raw_notifier_call_chain+0x3c/0x50 [ 44.101170][ T6163] unregister_netdevice_many_notify+0xd4c/0x17b8 [ 44.102972][ T6163] unregister_netdevice_queue+0x2d8/0x324 [ 44.104485][ T6163] _cfg80211_unregister_wdev+0x164/0x6c4 [ 44.106117][ T6163] cfg80211_unregister_wdev+0x24/0x34 [ 44.107601][ T6163] ieee80211_if_remove+0x23c/0x37c [ 44.109025][ T6163] ieee80211_del_iface+0x20/0x34 [ 44.110269][ T6163] cfg80211_remove_virtual_intf+0x244/0x710 [ 44.111885][ T6163] nl80211_del_interface+0x110/0x12c [ 44.113289][ T6163] genl_rcv_msg+0x874/0xb6c [ 44.114596][ T6163] netlink_rcv_skb+0x214/0x3c4 [ 44.116006][ T6163] genl_rcv+0x38/0x50 [ 44.117027][ T6163] netlink_unicast+0x65c/0x898 [ 44.118278][ T6163] netlink_sendmsg+0x83c/0xb20 [ 44.119586][ T6163] ____sys_sendmsg+0x56c/0x840 [ 44.120916][ T6163] __sys_sendmsg+0x26c/0x33c [ 44.122162][ T6163] __arm64_sys_sendmsg+0x80/0x94 [ 44.123531][ T6163] invoke_syscall+0x98/0x2b8 [ 44.124726][ T6163] el0_svc_common+0x130/0x23c [ 44.125952][ T6163] do_el0_svc+0x48/0x58 [ 44.127074][ T6163] el0_svc+0x54/0x168 [ 44.128128][ T6163] el0t_64_sync_handler+0x84/0xfc [ 44.129408][ T6163] el0t_64_sync+0x190/0x194 [ 44.131857][ T6163] team0: Port device wlan0 removed