Warning: Permanently added '10.128.0.81' (ED25519) to the list of known hosts. 1970/01/01 00:04:38 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:04:39 parsed 1 programs [ 282.311948][ T6537] cgroup: Unknown subsys name 'net' [ 282.556573][ T6537] cgroup: Unknown subsys name 'cpuset' [ 282.561058][ T6537] cgroup: Unknown subsys name 'rlimit' [ 282.907845][ T6537] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 296.901952][ T6546] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 297.116159][ T6559] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 297.116859][ T6559] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 297.117209][ T6559] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 297.117848][ T6559] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 297.118248][ T6559] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 298.422885][ T6590] chnl_net:caif_netlink_parms(): no params data found [ 298.493309][ T6590] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.494574][ T6590] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.494689][ T6590] bridge_slave_0: entered allmulticast mode [ 298.495543][ T6590] bridge_slave_0: entered promiscuous mode [ 298.502200][ T6590] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.504569][ T6590] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.506640][ T6590] bridge_slave_1: entered allmulticast mode [ 298.509186][ T6590] bridge_slave_1: entered promiscuous mode [ 298.526222][ T6590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 298.530369][ T6590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 298.546977][ T6590] team0: Port device team_slave_0 added [ 298.549832][ T6590] team0: Port device team_slave_1 added [ 298.568236][ T6590] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 298.570188][ T6590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 298.574694][ T6590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 298.576234][ T6590] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 298.576262][ T6590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 298.576301][ T6590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 298.667132][ T6590] hsr_slave_0: entered promiscuous mode [ 298.667720][ T6590] hsr_slave_1: entered promiscuous mode [ 298.746954][ T6590] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 298.751348][ T6590] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 298.756093][ T6590] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 298.760057][ T6590] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 298.775937][ T6590] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.776052][ T6590] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.776527][ T6590] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.776604][ T6590] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.808055][ T6590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.815939][ T508] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.818324][ T508] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.828144][ T6590] 8021q: adding VLAN 0 to HW filter on device team0 [ 298.832541][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.832651][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.847017][ T508] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.847104][ T508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.929872][ T6590] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 298.948629][ T6590] veth0_vlan: entered promiscuous mode [ 298.951757][ T6590] veth1_vlan: entered promiscuous mode [ 298.967368][ T6590] veth0_macvtap: entered promiscuous mode [ 298.969128][ T6590] veth1_macvtap: entered promiscuous mode [ 298.976178][ T6590] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 298.981419][ T6590] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 298.988977][ T6590] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.991859][ T6590] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.993984][ T6590] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.994017][ T6590] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.436437][ T508] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.556062][ T508] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.665911][ T508] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.757374][ T508] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.847977][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 299.848059][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 299.864478][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 299.864528][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:04:59 executed programs: 0 [ 300.218722][ T6058] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 300.219595][ T6058] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 300.219967][ T6058] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 300.220519][ T6058] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 300.220933][ T6058] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 300.322419][ T6625] chnl_net:caif_netlink_parms(): no params data found [ 300.362002][ T6625] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.362110][ T6625] bridge0: port 1(bridge_slave_0) entered disabled state [ 300.362219][ T6625] bridge_slave_0: entered allmulticast mode [ 300.363017][ T6625] bridge_slave_0: entered promiscuous mode [ 300.364595][ T6625] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.364664][ T6625] bridge0: port 2(bridge_slave_1) entered disabled state [ 300.364779][ T6625] bridge_slave_1: entered allmulticast mode [ 300.365565][ T6625] bridge_slave_1: entered promiscuous mode [ 300.388643][ T6625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 300.390354][ T6625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 300.408899][ T6625] team0: Port device team_slave_0 added [ 300.410337][ T6625] team0: Port device team_slave_1 added [ 300.424598][ T6625] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 300.424639][ T6625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 300.424674][ T6625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 300.425691][ T6625] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 300.425716][ T6625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 300.425746][ T6625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 300.459989][ T6625] hsr_slave_0: entered promiscuous mode [ 300.460493][ T6625] hsr_slave_1: entered promiscuous mode [ 300.460824][ T6625] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 300.460912][ T6625] Cannot create hsr debugfs directory [ 302.171792][ T508] bridge_slave_1: left allmulticast mode [ 302.171898][ T508] bridge_slave_1: left promiscuous mode [ 302.172372][ T508] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.178644][ T508] bridge_slave_0: left allmulticast mode [ 302.178703][ T508] bridge_slave_0: left promiscuous mode [ 302.178821][ T508] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.244687][ T6058] Bluetooth: hci0: command tx timeout [ 303.616540][ T508] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 303.656648][ T508] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 303.705370][ T508] bond0 (unregistering): Released all slaves [ 303.780168][ T508] hsr_slave_0: left promiscuous mode [ 303.782359][ T508] hsr_slave_1: left promiscuous mode [ 303.787004][ T508] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.789184][ T508] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.791939][ T508] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.795224][ T508] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.806183][ T508] veth1_macvtap: left promiscuous mode [ 303.806319][ T508] veth0_macvtap: left promiscuous mode [ 303.806413][ T508] veth1_vlan: left promiscuous mode [ 303.806499][ T508] veth0_vlan: left promiscuous mode [ 304.324084][ T6058] Bluetooth: hci0: command tx timeout [ 305.635728][ T508] team0 (unregistering): Port device team_slave_1 removed [ 305.885546][ T508] team0 (unregistering): Port device team_slave_0 removed [ 306.403920][ T6058] Bluetooth: hci0: command tx timeout [ 308.494166][ T6058] Bluetooth: hci0: command tx timeout [ 308.729987][ T6625] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 308.734511][ T6625] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 308.738609][ T6625] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 308.742534][ T6625] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 308.912829][ T6625] 8021q: adding VLAN 0 to HW filter on device bond0 [ 308.928061][ T6625] 8021q: adding VLAN 0 to HW filter on device team0 [ 308.937123][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.937193][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.938036][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.938100][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 309.120708][ T6625] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 309.183693][ T6625] veth0_vlan: entered promiscuous mode [ 309.194594][ T6625] veth1_vlan: entered promiscuous mode [ 309.207262][ T6625] veth0_macvtap: entered promiscuous mode [ 309.212407][ T6625] veth1_macvtap: entered promiscuous mode [ 309.228529][ T6625] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.363499][ T6625] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.373438][ T6625] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.373514][ T6625] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.373544][ T6625] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.373573][ T6625] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.445933][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.445991][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 309.479932][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.479985][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:05:09 executed programs: 2 [ 309.543193][ T6736] netlink: 'syz.0.16': attribute type 10 has an invalid length. [ 309.679730][ T6736] team0: Port device wlan1 added [ 309.692947][ T6738] netlink: 'syz.0.17': attribute type 10 has an invalid length. [ 309.780283][ T6739] netlink: 'syz.0.18': attribute type 10 has an invalid length. [ 309.821723][ T6740] netlink: 'syz.0.19': attribute type 10 has an invalid length. [ 309.832155][ T6741] netlink: 'syz.0.20': attribute type 10 has an invalid length. [ 309.841975][ T6742] netlink: 'syz.0.21': attribute type 10 has an invalid length. [ 309.880748][ T6743] netlink: 'syz.0.22': attribute type 10 has an invalid length. [ 309.897114][ T6744] netlink: 'syz.0.23': attribute type 10 has an invalid length. [ 309.906674][ T6745] netlink: 'syz.0.24': attribute type 10 has an invalid length. [ 309.940063][ T6746] netlink: 'syz.0.25': attribute type 10 has an invalid length. [ 310.485666][ T2393] ieee802154 phy0 wpan0: encryption failed: -22 [ 310.488589][ T2393] ieee802154 phy1 wpan1: encryption failed: -22 1970/01/01 00:05:14 executed programs: 276 [ 314.547313][ T7015] validate_nla: 268 callbacks suppressed [ 314.547394][ T7015] netlink: 'syz.0.294': attribute type 10 has an invalid length. [ 314.582366][ T7016] netlink: 'syz.0.295': attribute type 10 has an invalid length. [ 314.592783][ T7017] netlink: 'syz.0.296': attribute type 10 has an invalid length. [ 314.602190][ T7018] netlink: 'syz.0.297': attribute type 10 has an invalid length. [ 314.639202][ T7019] netlink: 'syz.0.298': attribute type 10 has an invalid length. [ 314.649864][ T7020] netlink: 'syz.0.299': attribute type 10 has an invalid length. [ 314.661661][ T7021] netlink: 'syz.0.300': attribute type 10 has an invalid length. [ 314.690542][ T7022] netlink: 'syz.0.301': attribute type 10 has an invalid length. [ 314.702040][ T7023] netlink: 'syz.0.302': attribute type 10 has an invalid length. [ 314.711821][ T7024] netlink: 'syz.0.303': attribute type 10 has an invalid length. 1970/01/01 00:05:19 executed programs: 567 [ 319.579015][ T7307] validate_nla: 282 callbacks suppressed [ 319.579224][ T7307] netlink: 'syz.0.586': attribute type 10 has an invalid length. [ 319.589885][ T7308] netlink: 'syz.0.587': attribute type 10 has an invalid length. [ 319.601566][ T7309] netlink: 'syz.0.588': attribute type 10 has an invalid length. [ 319.629726][ T7310] netlink: 'syz.0.589': attribute type 10 has an invalid length. [ 319.639596][ T7311] netlink: 'syz.0.590': attribute type 10 has an invalid length. [ 319.649779][ T7312] netlink: 'syz.0.591': attribute type 10 has an invalid length. [ 319.680657][ T7313] netlink: 'syz.0.592': attribute type 10 has an invalid length. [ 319.692077][ T7314] netlink: 'syz.0.593': attribute type 10 has an invalid length. [ 319.702471][ T7315] netlink: 'syz.0.594': attribute type 10 has an invalid length. [ 319.729086][ T7316] netlink: 'syz.0.595': attribute type 10 has an invalid length. [ 320.096664][ T6559] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 320.097347][ T6559] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 320.097739][ T6559] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 320.098360][ T6559] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 320.098915][ T6559] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 320.188582][ T7338] chnl_net:caif_netlink_parms(): no params data found [ 320.229537][ T7338] bridge0: port 1(bridge_slave_0) entered blocking state [ 320.231637][ T7338] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.233711][ T7338] bridge_slave_0: entered allmulticast mode [ 320.236290][ T7338] bridge_slave_0: entered promiscuous mode [ 320.239545][ T7338] bridge0: port 2(bridge_slave_1) entered blocking state [ 320.241597][ T7338] bridge0: port 2(bridge_slave_1) entered disabled state [ 320.243683][ T7338] bridge_slave_1: entered allmulticast mode [ 320.246385][ T7338] bridge_slave_1: entered promiscuous mode [ 320.264826][ T7338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 320.270047][ T7338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 320.328112][ T7338] team0: Port device team_slave_0 added [ 320.329725][ T7338] team0: Port device team_slave_1 added [ 320.342266][ T7338] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 320.342306][ T7338] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.342342][ T7338] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 320.343370][ T7338] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 320.343394][ T7338] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.343424][ T7338] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 320.376302][ T7338] hsr_slave_0: entered promiscuous mode [ 320.376752][ T7338] hsr_slave_1: entered promiscuous mode [ 320.465812][ T7338] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.786082][ T7338] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.866531][ T7338] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.967260][ T7338] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.131622][ T508] bridge_slave_1: left allmulticast mode [ 321.131689][ T508] bridge_slave_1: left promiscuous mode [ 321.131831][ T508] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.135592][ T508] bridge_slave_0: left allmulticast mode [ 321.135627][ T508] bridge_slave_0: left promiscuous mode [ 321.135733][ T508] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.165823][ T6058] Bluetooth: hci1: command tx timeout [ 322.706061][ T508] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 322.756017][ T508] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 322.825368][ T508] bond0 (unregistering): Released all slaves [ 322.854659][ T7338] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 322.858395][ T7338] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 322.861874][ T7338] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 322.866408][ T7338] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 322.907177][ T7338] 8021q: adding VLAN 0 to HW filter on device bond0 [ 322.913006][ T7338] 8021q: adding VLAN 0 to HW filter on device team0 [ 322.918020][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.918094][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 322.925626][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.925692][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 322.984350][ T508] [ 322.985065][ T508] ====================================================== [ 322.986908][ T508] WARNING: possible circular locking dependency detected [ 322.988777][ T508] 6.15.0-rc7-syzkaller-g187899f4124a #0 Not tainted [ 322.990467][ T508] ------------------------------------------------------ [ 322.992347][ T508] kworker/u8:5/508 is trying to acquire lock: [ 322.994004][ T508] ffff0000d50c4e00 (team->team_lock_key#2){+.+.}-{4:4}, at: team_del_slave+0x30/0x180 [ 322.996530][ T508] [ 322.996530][ T508] but task is already holding lock: [ 322.998358][ T508] ffff0000ccb70768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0x128/0x570 [ 323.001186][ T508] [ 323.001186][ T508] which lock already depends on the new lock. [ 323.001186][ T508] [ 323.003846][ T508] [ 323.003846][ T508] the existing dependency chain (in reverse order) is: [ 323.006219][ T508] [ 323.006219][ T508] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 323.008361][ T508] __mutex_lock_common+0x1d0/0x2190 [ 323.009904][ T508] mutex_lock_nested+0x2c/0x38 [ 323.011368][ T508] ieee80211_open+0xe4/0x1cc [ 323.012732][ T508] __dev_open+0x42c/0x830 [ 323.014013][ T508] netif_open+0xa8/0x220 [ 323.015260][ T508] dev_open+0x104/0x1fc [ 323.016553][ T508] team_add_slave+0x85c/0x20a4 [ 323.017945][ T508] do_set_master+0x410/0x594 [ 323.019268][ T508] do_setlink+0xb2c/0x3860 [ 323.020553][ T508] rtnl_newlink+0x10f8/0x15dc [ 323.022033][ T508] rtnetlink_rcv_msg+0x664/0x97c [ 323.023531][ T508] netlink_rcv_skb+0x230/0x414 [ 323.024942][ T508] rtnetlink_rcv+0x28/0x38 [ 323.026274][ T508] netlink_unicast+0x60c/0x824 [ 323.027674][ T508] netlink_sendmsg+0x648/0x930 [ 323.029099][ T508] ____sys_sendmsg+0x490/0x7b8 [ 323.030545][ T508] ___sys_sendmsg+0x204/0x278 [ 323.031954][ T508] __arm64_sys_sendmsg+0x184/0x238 [ 323.033518][ T508] invoke_syscall+0x98/0x2b8 [ 323.034920][ T508] el0_svc_common+0x130/0x23c [ 323.036285][ T508] do_el0_svc+0x48/0x58 [ 323.037545][ T508] el0_svc+0x58/0x17c [ 323.038712][ T508] el0t_64_sync_handler+0x78/0x108 [ 323.040214][ T508] el0t_64_sync+0x198/0x19c [ 323.041552][ T508] [ 323.041552][ T508] -> #0 (team->team_lock_key#2){+.+.}-{4:4}: [ 323.043699][ T508] __lock_acquire+0x1728/0x3058 [ 323.045118][ T508] lock_acquire+0x14c/0x2e0 [ 323.046494][ T508] __mutex_lock_common+0x1d0/0x2190 [ 323.048058][ T508] mutex_lock_nested+0x2c/0x38 [ 323.049509][ T508] team_del_slave+0x30/0x180 [ 323.050912][ T508] team_device_event+0x274/0x950 [ 323.052350][ T508] notifier_call_chain+0x1b8/0x4e4 [ 323.053801][ T508] raw_notifier_call_chain+0x3c/0x50 [ 323.055354][ T508] unregister_netdevice_many_notify+0x125c/0x1fbc [ 323.057222][ T508] unregister_netdevice_queue+0x2b4/0x300 [ 323.058952][ T508] _cfg80211_unregister_wdev+0x154/0x52c [ 323.060567][ T508] cfg80211_unregister_wdev+0x24/0x34 [ 323.062141][ T508] ieee80211_remove_interfaces+0x3a0/0x570 [ 323.063895][ T508] ieee80211_unregister_hw+0x60/0x29c [ 323.065489][ T508] mac80211_hwsim_del_radio+0x214/0x3b4 [ 323.067190][ T508] hwsim_exit_net+0x49c/0x558 [ 323.068539][ T508] cleanup_net+0x5d0/0x9c0 [ 323.069830][ T508] process_one_work+0x7e8/0x156c [ 323.071302][ T508] worker_thread+0x958/0xed8 [ 323.072658][ T508] kthread+0x5fc/0x75c [ 323.073928][ T508] ret_from_fork+0x10/0x20 [ 323.075305][ T508] [ 323.075305][ T508] other info that might help us debug this: [ 323.075305][ T508] [ 323.078054][ T508] Possible unsafe locking scenario: [ 323.078054][ T508] [ 323.080059][ T508] CPU0 CPU1 [ 323.081479][ T508] ---- ---- [ 323.082954][ T508] lock(&rdev->wiphy.mtx); [ 323.084211][ T508] lock(team->team_lock_key#2); [ 323.086207][ T508] lock(&rdev->wiphy.mtx); [ 323.088149][ T508] lock(team->team_lock_key#2); [ 323.089464][ T508] [ 323.089464][ T508] *** DEADLOCK *** [ 323.089464][ T508] [ 323.091659][ T508] 5 locks held by kworker/u8:5/508: [ 323.093211][ T508] #0: ffff0000c183a148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x658/0x156c [ 323.096084][ T508] #1: ffff80009c387bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x6ec/0x156c [ 323.098749][ T508] #2: ffff800092481e50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x138/0x9c0 [ 323.101290][ T508] #3: ffff80009248e928 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c [ 323.103589][ T508] #4: ffff0000ccb70768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0x128/0x570 [ 323.106580][ T508] [ 323.106580][ T508] stack backtrace: [ 323.108307][ T508] CPU: 0 UID: 0 PID: 508 Comm: kworker/u8:5 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT [ 323.111295][ T508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 323.113983][ T508] Workqueue: netns cleanup_net [ 323.115269][ T508] Call trace: [ 323.116153][ T508] show_stack+0x2c/0x3c (C) [ 323.117357][ T508] __dump_stack+0x30/0x40 [ 323.118502][ T508] dump_stack_lvl+0xd8/0x12c [ 323.119772][ T508] dump_stack+0x1c/0x28 [ 323.120895][ T508] print_circular_bug+0x324/0x32c [ 323.122275][ T508] check_noncircular+0x154/0x174 [ 323.123582][ T508] __lock_acquire+0x1728/0x3058 [ 323.124912][ T508] lock_acquire+0x14c/0x2e0 [ 323.126105][ T508] __mutex_lock_common+0x1d0/0x2190 [ 323.127502][ T508] mutex_lock_nested+0x2c/0x38 [ 323.128806][ T508] team_del_slave+0x30/0x180 [ 323.130088][ T508] team_device_event+0x274/0x950 [ 323.131398][ T508] notifier_call_chain+0x1b8/0x4e4 [ 323.132729][ T508] raw_notifier_call_chain+0x3c/0x50 [ 323.134197][ T508] unregister_netdevice_many_notify+0x125c/0x1fbc [ 323.135931][ T508] unregister_netdevice_queue+0x2b4/0x300 [ 323.137469][ T508] _cfg80211_unregister_wdev+0x154/0x52c [ 323.138991][ T508] cfg80211_unregister_wdev+0x24/0x34 [ 323.140479][ T508] ieee80211_remove_interfaces+0x3a0/0x570 [ 323.142057][ T508] ieee80211_unregister_hw+0x60/0x29c [ 323.143552][ T508] mac80211_hwsim_del_radio+0x214/0x3b4 [ 323.145056][ T508] hwsim_exit_net+0x49c/0x558 [ 323.146298][ T508] cleanup_net+0x5d0/0x9c0 [ 323.147589][ T508] process_one_work+0x7e8/0x156c [ 323.148893][ T508] worker_thread+0x958/0xed8 [ 323.150120][ T508] kthread+0x5fc/0x75c [ 323.151211][ T508] ret_from_fork+0x10/0x20 [ 323.153759][ T508] team0: Port device wlan1 removed [ 323.182558][ T7338] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 323.198073][ T7338] veth0_vlan: entered promiscuous mode [ 323.218282][ T7338] veth1_vlan: entered promiscuous mode [ 323.227695][ T7338] veth0_macvtap: entered promiscuous mode [ 323.229064][ T7338] veth1_macvtap: entered promiscuous mode [ 323.233442][ T7338] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 323.235806][ T7338] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 323.236926][ T7338] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.236959][ T7338] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.236985][ T7338] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.237011][ T7338] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.398670][ T7338] ieee80211 phy7: Selected rate control algorithm 'minstrel_ht' [ 323.405102][ T4393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.405841][ T7338] ieee80211 phy8: Selected rate control algorithm 'minstrel_ht' [ 323.409479][ T4393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.417644][ T4393] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.419327][ T4393] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.546808][ T7353] team0: Port device wlan1 added [ 323.549804][ T508] hsr_slave_0: left promiscuous mode [ 323.551855][ T508] hsr_slave_1: left promiscuous mode [ 323.552159][ T508] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 323.552189][ T508] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 323.556931][ T508] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 323.556961][ T508] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 323.562578][ T508] veth1_macvtap: left promiscuous mode [ 323.562648][ T508] veth0_macvtap: left promiscuous mode [ 323.562842][ T508] veth1_vlan: left promiscuous mode [ 323.562909][ T508] veth0_vlan: left promiscuous mode [ 324.243927][ T6058] Bluetooth: hci1: command tx timeout [ 325.224581][ T508] team0 (unregistering): Port device team_slave_1 removed [ 325.434687][ T508] team0 (unregistering): Port device team_slave_0 removed [ 326.323914][ T6058] Bluetooth: hci1: command tx timeout [ 327.749337][ T7356] validate_nla: 22 callbacks suppressed [ 327.751071][ T7356] netlink: 'syz.0.618': attribute type 10 has an invalid length. [ 327.758799][ T7357] netlink: 'syz.0.619': attribute type 10 has an invalid length. 1970/01/01 00:05:27 executed programs: 604 [ 327.798692][ T7358] netlink: 'syz.0.620': attribute type 10 has an invalid length. [ 327.806888][ T7359] netlink: 'syz.0.621': attribute type 10 has an invalid length. [ 327.815350][ T7360] netlink: 'syz.0.622': attribute type 10 has an invalid length. [ 327.849926][ T7361] netlink: 'syz.0.623': attribute type 10 has an invalid length. [ 327.859831][ T7362] netlink: 'syz.0.624': attribute type 10 has an invalid length. [ 327.867118][ T7363] netlink: 'syz.0.625': attribute type 10 has an invalid length. [ 327.908275][ T7364] netlink: 'syz.0.626': attribute type 10 has an invalid length. [ 327.942504][ T7365] netlink: 'syz.0.627': attribute type 10 has an invalid length. [ 328.403890][ T6058] Bluetooth: hci1: command tx timeout [ 332.757502][ T7651] validate_nla: 283 callbacks suppressed [ 332.757704][ T7651] netlink: 'syz.0.911': attribute type 10 has an invalid length. [ 332.764971][ T7652] netlink: 'syz.0.912': attribute type 10 has an invalid length. [ 332.771334][ T7653] netlink: 'syz.0.913': attribute type 10 has an invalid length. 1970/01/01 00:05:32 executed programs: 898 [ 332.807642][ T7654] netlink: 'syz.0.914': attribute type 10 has an invalid length. [ 332.814355][ T7655] netlink: 'syz.0.915': attribute type 10 has an invalid length. [ 332.820831][ T7656] netlink: 'syz.0.916': attribute type 10 has an invalid length. [ 332.857748][ T7657] netlink: 'syz.0.917': attribute type 10 has an invalid length. [ 332.864304][ T7658] netlink: 'syz.0.918': attribute type 10 has an invalid length. [ 332.871228][ T7659] netlink: 'syz.0.919': attribute type 10 has an invalid length. [ 332.907374][ T7660] netlink: 'syz.0.920': attribute type 10 has an invalid length.