program: r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0) bind$can_j1939(r0, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50) r1 = socket$kcm(0x10, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}, @IFLA_BOND_USE_CARRIER={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) [ 75.025100][ T5321] Bluetooth: hci0: command tx timeout [ 75.073674][ T5340] netlink: 'syz.0.0': attribute type 10 has an invalid length. [ 75.101165][ T5340] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.105385][ T5340] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.117237][ T5340] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.120520][ T5340] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.124527][ T5340] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.127715][ T5340] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.138509][ T5340] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 75.151179][ T1039] ------------[ cut here ]------------ [ 75.153775][ T1039] RTNL: assertion failed at ./include/net/netdev_lock.h (72) [ 75.157763][ T1039] WARNING: CPU: 0 PID: 1039 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x303/0x350 [ 75.162985][ T1039] Modules linked in: [ 75.165091][ T1039] CPU: 0 UID: 0 PID: 1039 Comm: kworker/u4:7 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 75.170789][ T1039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.175714][ T1039] Workqueue: bond0 bond_mii_monitor [ 75.178285][ T1039] RIP: 0010:__linkwatch_sync_dev+0x303/0x350 [ 75.181779][ T1039] Code: 7c fe ff ff e8 7e e5 60 f8 c6 05 ca a5 2c 06 01 90 48 c7 c7 00 7b 93 8c 48 c7 c6 d1 ff 9d 8d ba 48 00 00 00 e8 9e c5 24 f8 90 <0f> 0b 90 90 e9 4d fe ff ff 44 89 f1 80 e1 07 38 c1 0f 8c 22 fd ff [ 75.190872][ T1039] RSP: 0018:ffffc9000248f670 EFLAGS: 00010246 [ 75.193983][ T1039] RAX: ebc29ff1bb96c900 RBX: ffff888033c38000 RCX: ffff8880361c0000 [ 75.197807][ T1039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 75.201571][ T1039] RBP: 0000000000000000 R08: ffff88801fc24293 R09: 1ffff11003f84852 [ 75.205077][ T1039] R10: dffffc0000000000 R11: ffffed1003f84853 R12: 1ffff1100678705d [ 75.208964][ T1039] R13: dffffc0000000000 R14: ffffffff8c1c5b48 R15: 0000000000000000 [ 75.212742][ T1039] FS: 0000000000000000(0000) GS:ffff88808d21b000(0000) knlGS:0000000000000000 [ 75.216726][ T1039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.219609][ T1039] CR2: 00007ffb22986538 CR3: 0000000011f4d000 CR4: 0000000000352ef0 [ 75.223265][ T1039] Call Trace: [ 75.224822][ T1039] [ 75.226141][ T1039] ? ethtool_op_get_link+0xd/0x70 [ 75.228412][ T1039] ethtool_op_get_link+0x15/0x70 [ 75.230732][ T1039] bond_check_dev_link+0x447/0x6c0 [ 75.233034][ T1039] ? __pfx_bond_check_dev_link+0x10/0x10 [ 75.235462][ T1039] ? netdev_lower_get_next_private_rcu+0x9f/0x100 [ 75.238270][ T1039] bond_mii_monitor+0x428/0x2e00 [ 75.240584][ T1039] ? bond_mii_monitor+0x153/0x2e00 [ 75.242911][ T1039] ? __lock_acquire+0xab9/0xd20 [ 75.245260][ T1039] ? __pfx_bond_mii_monitor+0x10/0x10 [ 75.247730][ T1039] ? register_lock_class+0x51/0x320 [ 75.250261][ T1039] ? __lock_acquire+0xab9/0xd20 [ 75.252559][ T1039] ? process_scheduled_works+0x9ef/0x17b0 [ 75.255481][ T1039] ? _raw_spin_unlock_irq+0x23/0x50 [ 75.257851][ T1039] ? process_scheduled_works+0x9ef/0x17b0 [ 75.260441][ T1039] ? process_scheduled_works+0x9ef/0x17b0 [ 75.262921][ T1039] process_scheduled_works+0xae1/0x17b0 [ 75.265629][ T1039] ? __pfx_process_scheduled_works+0x10/0x10 [ 75.268235][ T1039] worker_thread+0x8a0/0xda0 [ 75.270460][ T1039] kthread+0x70e/0x8a0 [ 75.272360][ T1039] ? __pfx_worker_thread+0x10/0x10 [ 75.274678][ T1039] ? __pfx_kthread+0x10/0x10 [ 75.276918][ T1039] ? _raw_spin_unlock_irq+0x23/0x50 [ 75.279224][ T1039] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.281853][ T1039] ? __pfx_kthread+0x10/0x10 [ 75.283899][ T1039] ret_from_fork+0x3f9/0x770 [ 75.285978][ T1039] ? __pfx_ret_from_fork+0x10/0x10 [ 75.288245][ T1039] ? __pfx_kthread+0x10/0x10 [ 75.290474][ T1039] ret_from_fork_asm+0x1a/0x30 [ 75.292645][ T1039] [ 75.294032][ T1039] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 75.297049][ T1039] CPU: 0 UID: 0 PID: 1039 Comm: kworker/u4:7 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 75.302652][ T1039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.308391][ T1039] Workqueue: bond0 bond_mii_monitor [ 75.311476][ T1039] Call Trace: [ 75.313586][ T1039] [ 75.315525][ T1039] dump_stack_lvl+0x99/0x250 [ 75.317996][ T1039] ? __asan_memcpy+0x40/0x70 [ 75.320087][ T1039] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.322572][ T1039] ? __pfx__printk+0x10/0x10 [ 75.324795][ T1039] panic+0x2db/0x790 [ 75.326626][ T1039] ? __pfx_panic+0x10/0x10 [ 75.328679][ T1039] ? ret_from_fork_asm+0x1a/0x30 [ 75.330871][ T1039] __warn+0x31b/0x4b0 [ 75.332687][ T1039] ? __linkwatch_sync_dev+0x303/0x350 [ 75.335234][ T1039] ? __linkwatch_sync_dev+0x303/0x350 [ 75.337646][ T1039] report_bug+0x2be/0x4f0 [ 75.339634][ T1039] ? __linkwatch_sync_dev+0x303/0x350 [ 75.341976][ T1039] ? __linkwatch_sync_dev+0x303/0x350 [ 75.344612][ T1039] ? __linkwatch_sync_dev+0x305/0x350 [ 75.346914][ T1039] handle_bug+0x84/0x160 [ 75.348913][ T1039] exc_invalid_op+0x1a/0x50 [ 75.350959][ T1039] asm_exc_invalid_op+0x1a/0x20 [ 75.353111][ T1039] RIP: 0010:__linkwatch_sync_dev+0x303/0x350 [ 75.355805][ T1039] Code: 7c fe ff ff e8 7e e5 60 f8 c6 05 ca a5 2c 06 01 90 48 c7 c7 00 7b 93 8c 48 c7 c6 d1 ff 9d 8d ba 48 00 00 00 e8 9e c5 24 f8 90 <0f> 0b 90 90 e9 4d fe ff ff 44 89 f1 80 e1 07 38 c1 0f 8c 22 fd ff [ 75.363816][ T1039] RSP: 0018:ffffc9000248f670 EFLAGS: 00010246 [ 75.366627][ T1039] RAX: ebc29ff1bb96c900 RBX: ffff888033c38000 RCX: ffff8880361c0000 [ 75.370131][ T1039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 75.373573][ T1039] RBP: 0000000000000000 R08: ffff88801fc24293 R09: 1ffff11003f84852 [ 75.377002][ T1039] R10: dffffc0000000000 R11: ffffed1003f84853 R12: 1ffff1100678705d [ 75.380523][ T1039] R13: dffffc0000000000 R14: ffffffff8c1c5b48 R15: 0000000000000000 [ 75.384074][ T1039] ? ethtool_op_get_link+0xd/0x70 [ 75.386689][ T1039] ethtool_op_get_link+0x15/0x70 [ 75.388900][ T1039] bond_check_dev_link+0x447/0x6c0 [ 75.391184][ T1039] ? __pfx_bond_check_dev_link+0x10/0x10 [ 75.394389][ T1039] ? netdev_lower_get_next_private_rcu+0x9f/0x100 [ 75.397243][ T1039] bond_mii_monitor+0x428/0x2e00 [ 75.399287][ T1039] ? bond_mii_monitor+0x153/0x2e00 [ 75.401334][ T1039] ? __lock_acquire+0xab9/0xd20 [ 75.403516][ T1039] ? __pfx_bond_mii_monitor+0x10/0x10 [ 75.405911][ T1039] ? register_lock_class+0x51/0x320 [ 75.408095][ T1039] ? __lock_acquire+0xab9/0xd20 [ 75.410153][ T1039] ? process_scheduled_works+0x9ef/0x17b0 [ 75.412982][ T1039] ? _raw_spin_unlock_irq+0x23/0x50 [ 75.415313][ T1039] ? process_scheduled_works+0x9ef/0x17b0 [ 75.417820][ T1039] ? process_scheduled_works+0x9ef/0x17b0 [ 75.420369][ T1039] process_scheduled_works+0xae1/0x17b0 [ 75.422868][ T1039] ? __pfx_process_scheduled_works+0x10/0x10 [ 75.425570][ T1039] worker_thread+0x8a0/0xda0 [ 75.427869][ T1039] kthread+0x70e/0x8a0 [ 75.429719][ T1039] ? __pfx_worker_thread+0x10/0x10 [ 75.432090][ T1039] ? __pfx_kthread+0x10/0x10 [ 75.434253][ T1039] ? _raw_spin_unlock_irq+0x23/0x50 [ 75.436630][ T1039] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.438939][ T1039] ? __pfx_kthread+0x10/0x10 [ 75.441068][ T1039] ret_from_fork+0x3f9/0x770 [ 75.443286][ T1039] ? __pfx_ret_from_fork+0x10/0x10 [ 75.445799][ T1039] ? __pfx_kthread+0x10/0x10 [ 75.447939][ T1039] ret_from_fork_asm+0x1a/0x30 [ 75.450074][ T1039] [ 75.451904][ T1039] Kernel Offset: disabled [ 75.453899][ T1039] Rebooting in 86400 seconds..