Warning: Permanently added '10.128.0.17' (ED25519) to the list of known hosts. Setting up swapspace version 1, size = 127995904 bytes [ 42.512278][ T3967] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 42.584300][ T3969] chnl_net:caif_netlink_parms(): no params data found [ 42.621196][ T3969] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.623119][ T3969] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.625839][ T3969] device bridge_slave_0 entered promiscuous mode [ 42.629954][ T3969] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.632023][ T3969] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.634602][ T3969] device bridge_slave_1 entered promiscuous mode [ 42.650735][ T3969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.655147][ T3969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.672511][ T3969] team0: Port device team_slave_0 added [ 42.675708][ T3969] team0: Port device team_slave_1 added [ 42.689284][ T3969] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.691055][ T3969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.697795][ T3969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.702375][ T3969] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.704153][ T3969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.710772][ T3969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.783125][ T3969] device hsr_slave_0 entered promiscuous mode [ 42.841601][ T3969] device hsr_slave_1 entered promiscuous mode [ 42.950629][ T3969] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 43.013789][ T3969] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 43.052929][ T3969] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 43.103846][ T3969] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 43.168903][ T3969] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.170809][ T3969] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.173072][ T3969] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.174951][ T3969] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.215649][ T3969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.222788][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.226742][ T3554] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.229789][ T3554] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.234502][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 43.240978][ T3969] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.247097][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.249402][ T1528] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.251182][ T1528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.256604][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.258942][ T3554] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.260714][ T3554] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.275405][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.278853][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.292932][ T3969] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 43.295602][ T3969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 43.299694][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.303476][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.306260][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.308730][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 43.321665][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 43.323603][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 43.328984][ T3969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.343171][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.356607][ T3969] device veth0_vlan entered promiscuous mode [ 43.362425][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.365050][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 43.367582][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 43.372598][ T3969] device veth1_vlan entered promiscuous mode [ 43.386959][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 43.389362][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 43.392109][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 43.396585][ T3969] device veth0_macvtap entered promiscuous mode [ 43.401059][ T3969] device veth1_macvtap entered promiscuous mode [ 43.414159][ T3969] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.416087][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.419167][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 43.425681][ T3969] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.428426][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 43.432403][ T3969] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.434580][ T3969] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.436755][ T3969] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.438878][ T3969] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.484807][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.486888][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.489566][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 43.507686][ T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.509695][ T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.513617][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program [ 43.742427][ T3983] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 43.744762][ T3983] nci: nci_start_poll: failed to set local general bytes [ 44.022766][ T136] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.827511][ T136] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.822187][ T3983] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 [ 48.824633][ T3983] [ 48.825184][ T3983] ====================================================== [ 48.826956][ T3983] WARNING: possible circular locking dependency detected [ 48.828836][ T3983] 5.15.133-syzkaller #0 Not tainted [ 48.830143][ T3983] ------------------------------------------------------ [ 48.831943][ T3983] syz-executor107/3983 is trying to acquire lock: [ 48.833610][ T3983] ffff800015c9bfe8 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x28/0x58 [ 48.835946][ T3983] [ 48.835946][ T3983] but task is already holding lock: [ 48.837870][ T3983] ffff0000cb0ec350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0xf0/0x5dc [ 48.840292][ T3983] [ 48.840292][ T3983] which lock already depends on the new lock. [ 48.840292][ T3983] [ 48.842932][ T3983] [ 48.842932][ T3983] the existing dependency chain (in reverse order) is: [ 48.845254][ T3983] [ 48.845254][ T3983] -> #3 (&ndev->req_lock){+.+.}-{3:3}: [ 48.847240][ T3983] __mutex_lock_common+0x194/0x2154 [ 48.848722][ T3983] mutex_lock_nested+0xa4/0xf8 [ 48.850107][ T3983] nci_start_poll+0x498/0x1204 [ 48.851458][ T3983] nfc_start_poll+0x164/0x2a4 [ 48.852827][ T3983] nfc_genl_start_poll+0x1b8/0x308 [ 48.854238][ T3983] genl_rcv_msg+0xc18/0x1018 [ 48.855575][ T3983] netlink_rcv_skb+0x20c/0x3b8 [ 48.856896][ T3983] genl_rcv+0x38/0x50 [ 48.858021][ T3983] netlink_unicast+0x664/0x938 [ 48.859368][ T3983] netlink_sendmsg+0x844/0xb38 [ 48.860695][ T3983] ____sys_sendmsg+0x584/0x870 [ 48.862068][ T3983] ___sys_sendmsg+0x214/0x294 [ 48.863473][ T3983] __arm64_sys_sendmsg+0x1ac/0x25c [ 48.864958][ T3983] invoke_syscall+0x98/0x2b8 [ 48.866312][ T3983] el0_svc_common+0x138/0x258 [ 48.867643][ T3983] do_el0_svc+0x58/0x14c [ 48.868861][ T3983] el0_svc+0x7c/0x1f0 [ 48.870041][ T3983] el0t_64_sync_handler+0x84/0xe4 [ 48.871481][ T3983] el0t_64_sync+0x1a0/0x1a4 [ 48.872765][ T3983] [ 48.872765][ T3983] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}: [ 48.874983][ T3983] __mutex_lock_common+0x194/0x2154 [ 48.876469][ T3983] mutex_lock_nested+0xa4/0xf8 [ 48.877841][ T3983] nfc_urelease_event_work+0xfc/0x2a8 [ 48.879320][ T3983] process_one_work+0x790/0x11b8 [ 48.880715][ T3983] worker_thread+0x910/0x1034 [ 48.882113][ T3983] kthread+0x37c/0x45c [ 48.883347][ T3983] ret_from_fork+0x10/0x20 [ 48.884608][ T3983] [ 48.884608][ T3983] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}: [ 48.886611][ T3983] __mutex_lock_common+0x194/0x2154 [ 48.888072][ T3983] mutex_lock_nested+0xa4/0xf8 [ 48.889413][ T3983] nfc_register_device+0x4c/0x310 [ 48.890880][ T3983] nci_register_device+0x6ac/0x7c4 [ 48.892353][ T3983] virtual_ncidev_open+0x6c/0xd8 [ 48.893818][ T3983] misc_open+0x2f0/0x368 [ 48.895029][ T3983] chrdev_open+0x3e8/0x4fc [ 48.896312][ T3983] do_dentry_open+0x780/0xed8 [ 48.897698][ T3983] vfs_open+0x7c/0x90 [ 48.898846][ T3983] path_openat+0x1f28/0x26f0 [ 48.900140][ T3983] do_filp_open+0x1a8/0x3b4 [ 48.901457][ T3983] do_sys_openat2+0x128/0x3d8 [ 48.902840][ T3983] __arm64_sys_openat+0x1f0/0x240 [ 48.904228][ T3983] invoke_syscall+0x98/0x2b8 [ 48.905567][ T3983] el0_svc_common+0x138/0x258 [ 48.906858][ T3983] do_el0_svc+0x58/0x14c [ 48.908092][ T3983] el0_svc+0x7c/0x1f0 [ 48.909262][ T3983] el0t_64_sync_handler+0x84/0xe4 [ 48.910723][ T3983] el0t_64_sync+0x1a0/0x1a4 [ 48.912032][ T3983] [ 48.912032][ T3983] -> #0 (nci_mutex){+.+.}-{3:3}: [ 48.913871][ T3983] __lock_acquire+0x32cc/0x7620 [ 48.915233][ T3983] lock_acquire+0x240/0x77c [ 48.916528][ T3983] __mutex_lock_common+0x194/0x2154 [ 48.917997][ T3983] mutex_lock_nested+0xa4/0xf8 [ 48.919330][ T3983] virtual_nci_close+0x28/0x58 [ 48.920706][ T3983] nci_close_device+0x304/0x5dc [ 48.922111][ T3983] nci_unregister_device+0x5c/0x22c [ 48.923584][ T3983] virtual_ncidev_close+0x70/0xb0 [ 48.925072][ T3983] __fput+0x30c/0x7f0 [ 48.926276][ T3983] ____fput+0x20/0x30 [ 48.927484][ T3983] task_work_run+0x130/0x1e4 [ 48.928801][ T3983] do_exit+0x688/0x2134 [ 48.930002][ T3983] do_group_exit+0x110/0x268 [ 48.931348][ T3983] get_signal+0x634/0x1550 [ 48.932635][ T3983] do_notify_resume+0x3d0/0x32b8 [ 48.934026][ T3983] el0_svc+0xfc/0x1f0 [ 48.935190][ T3983] el0t_64_sync_handler+0x84/0xe4 [ 48.936629][ T3983] el0t_64_sync+0x1a0/0x1a4 [ 48.937883][ T3983] [ 48.937883][ T3983] other info that might help us debug this: [ 48.937883][ T3983] [ 48.940549][ T3983] Chain exists of: [ 48.940549][ T3983] nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock [ 48.940549][ T3983] [ 48.944075][ T3983] Possible unsafe locking scenario: [ 48.944075][ T3983] [ 48.945986][ T3983] CPU0 CPU1 [ 48.947356][ T3983] ---- ---- [ 48.948691][ T3983] lock(&ndev->req_lock); [ 48.949793][ T3983] lock(&genl_data->genl_data_mutex); [ 48.951830][ T3983] lock(&ndev->req_lock); [ 48.953610][ T3983] lock(nci_mutex); [ 48.954622][ T3983] [ 48.954622][ T3983] *** DEADLOCK *** [ 48.954622][ T3983] [ 48.956731][ T3983] 1 lock held by syz-executor107/3983: [ 48.958129][ T3983] #0: ffff0000cb0ec350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0xf0/0x5dc [ 48.960605][ T3983] [ 48.960605][ T3983] stack backtrace: [ 48.962108][ T3983] CPU: 0 PID: 3983 Comm: syz-executor107 Not tainted 5.15.133-syzkaller #0 [ 48.964352][ T3983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 48.966946][ T3983] Call trace: [ 48.967817][ T3983] dump_backtrace+0x0/0x530 [ 48.968986][ T3983] show_stack+0x2c/0x3c [ 48.970053][ T3983] dump_stack_lvl+0x108/0x170 [ 48.971258][ T3983] dump_stack+0x1c/0x58 [ 48.972291][ T3983] print_circular_bug+0x150/0x1b8 [ 48.973623][ T3983] check_noncircular+0x2cc/0x378 [ 48.974902][ T3983] __lock_acquire+0x32cc/0x7620 [ 48.976161][ T3983] lock_acquire+0x240/0x77c [ 48.977278][ T3983] __mutex_lock_common+0x194/0x2154 [ 48.978648][ T3983] mutex_lock_nested+0xa4/0xf8 [ 48.979842][ T3983] virtual_nci_close+0x28/0x58 [ 48.981084][ T3983] nci_close_device+0x304/0x5dc [ 48.982348][ T3983] nci_unregister_device+0x5c/0x22c [ 48.983657][ T3983] virtual_ncidev_close+0x70/0xb0 [ 48.984939][ T3983] __fput+0x30c/0x7f0 [ 48.985937][ T3983] ____fput+0x20/0x30 [ 48.986969][ T3983] task_work_run+0x130/0x1e4 [ 48.988146][ T3983] do_exit+0x688/0x2134 [ 48.989193][ T3983] do_group_exit+0x110/0x268 [ 48.990361][ T3983] get_signal+0x634/0x1550 [ 48.991509][ T3983] do_notify_resume+0x3d0/0x32b8 [ 48.992780][ T3983] el0_svc+0xfc/0x1f0 [ 48.993833][ T3983] el0t_64_sync_handler+0x84/0xe4 [ 48.995110][ T3983] el0t_64_sync+0x1a0/0x1a4