last executing test programs: 2m45.580558592s ago: executing program 0 (id=123): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002c00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_POLICY={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) setsockopt$inet6_int(r1, 0x29, 0xb, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x1}}}}}}}, 0x0) 2m45.223117566s ago: executing program 0 (id=125): r0 = socket(0x2, 0x3, 0xff) setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000080)=0x4, 0x4) sendmmsg$inet(r0, &(0x7f0000002140)=[{{&(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x20000800) 2m45.10230807s ago: executing program 0 (id=126): syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f00000004c0)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x8, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, 0x42, 0xa01, 0x0, 0x8000000, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x40c0}, 0x40840) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, 0x0, 0x4000000) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) gettid() r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r4, 0x4058534c, &(0x7f0000000640)={0x80, 0x8, 0x1, 0x3ffffffd, 0x40023, 0x7}) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0) 2m40.870071668s ago: executing program 0 (id=133): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000b80)='./file0/file0\x00', 0x100) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x221) 2m37.590292454s ago: executing program 0 (id=154): setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000280)=@gcm_256={{0x303}, "6cf06d9ba2e60955", "265edf884ceedb9945652974b5a2f0e3fce136b5c2ed9621da9d9c0dad68263d", "75f04d8c", "64d8e670329787bb"}, 0x38) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4) r0 = socket(0x10, 0x803, 0x0) getsockopt$sock_cred(r0, 0x1, 0x45, 0x0, &(0x7f0000000280)) 2m30.138421732s ago: executing program 0 (id=177): r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) 2m29.228472384s ago: executing program 32 (id=177): r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) 2m16.457526009s ago: executing program 2 (id=205): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_buf(r0, 0x1, 0x3, &(0x7f0000000140)=""/196, &(0x7f0000000240)=0xc4) 2m16.457199116s ago: executing program 4 (id=206): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x1, 0x0, @ioapic={0x8082801, 0x5fa, 0x8, 0x1ff, 0x0, [{0x3, 0x6, 0x9, '\x00', 0xe}, {0x5, 0xb, 0x72, '\x00', 0x6}, {0xfe, 0x5, 0x9, '\x00', 0x5}, {0x81, 0x3, 0x8, '\x00', 0x5}, {0xb, 0x50, 0x7f, '\x00', 0x60}, {0x0, 0x0, 0x2}, {0x6, 0x9, 0x1, '\x00', 0xa}, {0xd, 0x7, 0xb, '\x00', 0x45}, {0x8, 0x5, 0x0, '\x00', 0xff}, {0x6, 0x3, 0x0, '\x00', 0x6}, {0x40, 0x4, 0x2, '\x00', 0x1}, {0x8, 0x4, 0x19, '\x00', 0xff}, {0x3, 0x86, 0xc, '\x00', 0xf9}, {0x5, 0x4f, 0x2}, {0x64, 0x87, 0x96, '\x00', 0x7}, {0xb, 0x0, 0x23, '\x00', 0x7b}, {0x3, 0x7, 0xd1}, {0x68, 0x3, 0x2, '\x00', 0x10}, {0x8, 0x9e, 0xc0, '\x00', 0x2}, {0x3e, 0x48, 0xa, '\x00', 0x2}, {0x7, 0x1, 0x2, '\x00', 0x1}, {0x3, 0x7, 0x6, '\x00', 0x4}, {0x93, 0x9, 0x4, '\x00', 0xe6}, {0x3, 0x7f, 0xe0, '\x00', 0x47}]}}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @pic={0x0, 0x7, 0x5, 0x93, 0x0, 0x0, 0x4, 0xbb, 0x2, 0xc0, 0x6d, 0x26, 0x61, 0x7, 0x95, 0xd}}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2m15.889534019s ago: executing program 2 (id=209): ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000002c0)={'erspan0\x00', &(0x7f0000000240)={'ip_vti0\x00', 0x0, 0x20, 0x7800, 0xffff, 0x6, {{0x5, 0x4, 0x1, 0x6, 0x14, 0x68, 0x0, 0xff, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x1c}, @multicast2}}}}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000001d00070f000200000000000007000000", @ANYRES32=r0], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 2m14.695815188s ago: executing program 2 (id=211): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9"], 0x0}, 0x94) sched_setscheduler(0x0, 0x1, 0x0) tkill(0x0, 0x13) socket$packet(0x11, 0x3, 0x300) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4040044) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000040)={0x2, 0x3, @remote}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newlink={0x30, 0x10, 0x1, 0x70bd28, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_TXQLEN={0x8, 0xd, 0x1}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) 2m14.695493509s ago: executing program 4 (id=213): syz_clone(0x623f, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 2m14.087244993s ago: executing program 4 (id=215): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x548, 0x1c0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x478, 0xffffffff, 0xffffffff, 0x478, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x1, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @private2, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xff, 0xffffffff, 0xff000000], 'netpci0\x00', 'ipvlan0\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x298, 0x2b8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x3, 0x1, 0x1, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a8) 2m13.845275202s ago: executing program 4 (id=216): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) dup(r0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x30, 0x3a, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, {[], @dest_unreach={0x1, 0x4, 0x0, 0x0, '\x00', {0xd, 0x6, "2318d3", 0xf4e, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1}}}}}}}, 0x0) inotify_init1(0x0) socket(0x2, 0x80805, 0x0) socket$inet6(0xa, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x2, 0x0) socket$unix(0x1, 0x1, 0x0) socket$inet(0x2, 0x80001, 0x84) socket(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket(0x28, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000039000000080000000b"], 0x48) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup\x00', 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYRES32=r1], 0x20) 2m13.329060734s ago: executing program 3 (id=217): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002c00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_POLICY={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c) 2m12.319079043s ago: executing program 3 (id=218): mmap(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x3, 0x20132, 0xffffffffffffffff, 0x391e1000) mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x1000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0xb, &(0x7f0000000100)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x8, 0xd9, &(0x7f0000003e40)=""/217}, 0x94) 2m12.270154797s ago: executing program 3 (id=219): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) openat$cgroup_devices(r0, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000000c0)={'b', ' *:* ', 'r\x00'}, 0x8) 2m12.081145057s ago: executing program 3 (id=220): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000001d00070f000200000000000007000000", @ANYRES32=r1], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 2m12.029608238s ago: executing program 2 (id=221): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000100)=0x800000, 0x48) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newtaction={0x4c, 0x1c, 0x1, 0x0, 0xffffffff, {0x0, 0x0, 0x1300}, [{0x4}, {0x34, 0x1, [@m_mpls={0x30, 0xe, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4010}, 0x0) 2m11.982628179s ago: executing program 4 (id=223): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f00000006c0)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0xfffffffc}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)="aa", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000300)="307ddfb8", 0x4}, {&(0x7f0000000340)="ced98c1a5f5a93258dfa9a8c31878af8d7be921a531da9e6c50efdba96722424d55ce610a4d9b534b3aa09618dfc04f5504e30a263ad", 0x36}], 0x2}}], 0x3, 0x2000c8c0) recvmmsg(r0, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000000780)=""/115, 0x73}, {0x0}], 0x2}, 0x2}], 0x1, 0x100, 0x0) 2m11.929458447s ago: executing program 1 (id=224): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r0, 0x2) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={0x0, 0x7}, &(0x7f0000000140)=0x8) 2m11.698603187s ago: executing program 1 (id=225): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a000000040000000500000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40010) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 2m11.547099583s ago: executing program 1 (id=226): r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00') unlinkat(r1, &(0x7f00000001c0)='./file0/../file0/file0\x00', 0x0) 2m11.545850343s ago: executing program 2 (id=227): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002c00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_POLICY={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c) 2m11.544938679s ago: executing program 3 (id=228): mmap(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x3, 0x20132, 0xffffffffffffffff, 0x391e1000) mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x1000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0xb, &(0x7f0000000100)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x8, 0xd9, &(0x7f0000003e40)=""/217}, 0x94) 2m11.349878705s ago: executing program 1 (id=229): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) openat$cgroup_devices(r0, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000000c0)={'b', ' *:* ', 'r\x00'}, 0x8) 2m11.201029063s ago: executing program 3 (id=230): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9"], 0x0}, 0x94) sched_setscheduler(0x0, 0x1, 0x0) tkill(0x0, 0x13) socket$packet(0x11, 0x3, 0x300) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4040044) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @random="5a01f3c2f136", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @local, @remote, @local, @remote}}}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newlink={0x30, 0x10, 0x1, 0x70bd28, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_TXQLEN={0x8, 0xd, 0x1}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) 2m10.90229771s ago: executing program 4 (id=231): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000003c0)={'a', ' *:* ', 'r\x00'}, 0x8) r2 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r2, &(0x7f00000000c0)={'b', ' *:* ', 'r\x00'}, 0x8) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r3 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000004c0)='syz0\x00', 0x1ff) write$cgroup_devices(r3, &(0x7f0000000500)=ANY=[@ANYBLOB='b *:* r'], 0x8) 2m10.883369784s ago: executing program 1 (id=232): gettid() timer_create(0x8, 0x0, &(0x7f0000bbdffc)=0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000300)={{0x77359400}, {0x77359400}}, &(0x7f0000000840)) 2m10.431867468s ago: executing program 1 (id=233): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) dup(r0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x30, 0x3a, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, {[], @dest_unreach={0x1, 0x4, 0x0, 0x0, '\x00', {0xd, 0x6, "2318d3", 0xf4e, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1}}}}}}}, 0x0) inotify_init1(0x0) socket(0x2, 0x80805, 0x0) socket$inet6(0xa, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x2, 0x0) socket$unix(0x1, 0x1, 0x0) socket$inet(0x2, 0x80001, 0x84) socket(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket(0x28, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup\x00', 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYRES32=r1], 0x20) 2m10.425304894s ago: executing program 2 (id=234): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x4ea3, 0xc54, @local, 0x59d5}}, 0x0, 0x0, 0x23, 0x0, "b25dd300350731437df94f0a338977934d6951cdd6c61e31687172d956b141e3f4e87e6ab615ea379a12c5a6f5c6e7b3ab38f5f3570909f89f3e47ec97b12cc30a1c48cd0300fd5dfad4624800"}, 0xd8) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @random="0000101d00", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x23, 0x40, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xb, 0x8, 0x87, 0x0, 0xe7, {[@md5sig={0x13, 0x12, "98fe88b447db0cc9ddbd7ef7711d47bf"}, @exp_fastopen={0xfe, 0x4}]}}}}}}}, 0x0) 1m49.560401874s ago: executing program 33 (id=233): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) dup(r0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x30, 0x3a, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, {[], @dest_unreach={0x1, 0x4, 0x0, 0x0, '\x00', {0xd, 0x6, "2318d3", 0xf4e, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1}}}}}}}, 0x0) inotify_init1(0x0) socket(0x2, 0x80805, 0x0) socket$inet6(0xa, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x2, 0x0) socket$unix(0x1, 0x1, 0x0) socket$inet(0x2, 0x80001, 0x84) socket(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket(0x28, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup\x00', 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYRES32=r1], 0x20) 1m2.765649551s ago: executing program 34 (id=234): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x4ea3, 0xc54, @local, 0x59d5}}, 0x0, 0x0, 0x23, 0x0, "b25dd300350731437df94f0a338977934d6951cdd6c61e31687172d956b141e3f4e87e6ab615ea379a12c5a6f5c6e7b3ab38f5f3570909f89f3e47ec97b12cc30a1c48cd0300fd5dfad4624800"}, 0xd8) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @random="0000101d00", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x23, 0x40, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xb, 0x8, 0x87, 0x0, 0xe7, {[@md5sig={0x13, 0x12, "98fe88b447db0cc9ddbd7ef7711d47bf"}, @exp_fastopen={0xfe, 0x4}]}}}}}}}, 0x0) 33.143477965s ago: executing program 35 (id=230): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9"], 0x0}, 0x94) sched_setscheduler(0x0, 0x1, 0x0) tkill(0x0, 0x13) socket$packet(0x11, 0x3, 0x300) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4040044) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @random="5a01f3c2f136", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @local, @remote, @local, @remote}}}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newlink={0x30, 0x10, 0x1, 0x70bd28, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_TXQLEN={0x8, 0xd, 0x1}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) 0s ago: executing program 36 (id=231): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000003c0)={'a', ' *:* ', 'r\x00'}, 0x8) r2 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r2, &(0x7f00000000c0)={'b', ' *:* ', 'r\x00'}, 0x8) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r3 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000004c0)='syz0\x00', 0x1ff) write$cgroup_devices(r3, &(0x7f0000000500)=ANY=[@ANYBLOB='b *:* r'], 0x8) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.97' (ED25519) to the list of known hosts. [ 88.352739][ T5826] cgroup: Unknown subsys name 'net' [ 88.594499][ T5826] cgroup: Unknown subsys name 'cpuset' [ 88.629542][ T5826] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 90.635332][ T5826] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 91.953169][ T1238] cfg80211: failed to load regulatory.db [ 93.465394][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.480409][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.481632][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.483058][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.483829][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.641393][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.659718][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.660642][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.665950][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.679246][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.725533][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.727345][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.728326][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.730384][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.732007][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.776716][ T5157] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.777911][ T5157] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.785649][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.787055][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.787989][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.880000][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 93.883904][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 93.885279][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 93.887479][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 93.888185][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 94.645134][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 94.790739][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 95.016234][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 95.352486][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 95.440554][ T5851] chnl_net:caif_netlink_parms(): no params data found [ 95.465946][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.466177][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.466765][ T5838] bridge_slave_0: entered allmulticast mode [ 95.473726][ T5838] bridge_slave_0: entered promiscuous mode [ 95.549915][ T5840] Bluetooth: hci0: command tx timeout [ 95.602488][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.602677][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.602890][ T5838] bridge_slave_1: entered allmulticast mode [ 95.605391][ T5838] bridge_slave_1: entered promiscuous mode [ 95.710939][ T5840] Bluetooth: hci1: command tx timeout [ 95.788909][ T5840] Bluetooth: hci2: command tx timeout [ 95.869056][ T5840] Bluetooth: hci3: command tx timeout [ 95.957108][ T5840] Bluetooth: hci4: command tx timeout [ 95.972070][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.972220][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.972501][ T5842] bridge_slave_0: entered allmulticast mode [ 95.987100][ T5842] bridge_slave_0: entered promiscuous mode [ 96.172662][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.172874][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.173214][ T5842] bridge_slave_1: entered allmulticast mode [ 96.175104][ T5842] bridge_slave_1: entered promiscuous mode [ 96.182425][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.395077][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.417888][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.418104][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.421293][ T5844] bridge_slave_0: entered allmulticast mode [ 96.424522][ T5844] bridge_slave_0: entered promiscuous mode [ 96.670535][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.670705][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.670937][ T5844] bridge_slave_1: entered allmulticast mode [ 96.673892][ T5844] bridge_slave_1: entered promiscuous mode [ 96.754429][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.185565][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.187411][ T5838] team0: Port device team_slave_0 added [ 97.187989][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.188129][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.188312][ T5846] bridge_slave_0: entered allmulticast mode [ 97.225858][ T5846] bridge_slave_0: entered promiscuous mode [ 97.316802][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.316970][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.317451][ T5851] bridge_slave_0: entered allmulticast mode [ 97.320850][ T5851] bridge_slave_0: entered promiscuous mode [ 97.422097][ T5838] team0: Port device team_slave_1 added [ 97.422788][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.422905][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.423040][ T5846] bridge_slave_1: entered allmulticast mode [ 97.424934][ T5846] bridge_slave_1: entered promiscuous mode [ 97.431520][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.431791][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.431951][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.432152][ T5851] bridge_slave_1: entered allmulticast mode [ 97.435281][ T5851] bridge_slave_1: entered promiscuous mode [ 97.629039][ T5840] Bluetooth: hci0: command tx timeout [ 97.783825][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.785948][ T5842] team0: Port device team_slave_0 added [ 97.788964][ T5840] Bluetooth: hci1: command tx timeout [ 97.869964][ T5840] Bluetooth: hci2: command tx timeout [ 97.949366][ T5840] Bluetooth: hci3: command tx timeout [ 98.029722][ T5840] Bluetooth: hci4: command tx timeout [ 98.132611][ T5842] team0: Port device team_slave_1 added [ 98.134471][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.134486][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.134517][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.265367][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.278568][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.430706][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.430721][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.430741][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.435511][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.438192][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.441405][ T5844] team0: Port device team_slave_0 added [ 98.804272][ T5844] team0: Port device team_slave_1 added [ 98.808515][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.808530][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.808550][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.100773][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.100792][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.100822][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.105677][ T5846] team0: Port device team_slave_0 added [ 99.234250][ T5851] team0: Port device team_slave_0 added [ 99.314486][ T5846] team0: Port device team_slave_1 added [ 99.422998][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.423017][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.423048][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.427239][ T5851] team0: Port device team_slave_1 added [ 99.625617][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.625631][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.625652][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.716044][ T5838] hsr_slave_0: entered promiscuous mode [ 99.717762][ T5838] hsr_slave_1: entered promiscuous mode [ 99.728725][ T5840] Bluetooth: hci0: command tx timeout [ 99.869027][ T5840] Bluetooth: hci1: command tx timeout [ 99.955059][ T5840] Bluetooth: hci2: command tx timeout [ 99.982090][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.982108][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.982131][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.985515][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.985528][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.985548][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.029240][ T5840] Bluetooth: hci3: command tx timeout [ 100.109008][ T5840] Bluetooth: hci4: command tx timeout [ 100.172465][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.172479][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.172498][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.174409][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.174421][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.174441][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.185300][ T5842] hsr_slave_0: entered promiscuous mode [ 100.187093][ T5842] hsr_slave_1: entered promiscuous mode [ 100.188236][ T5842] debugfs: 'hsr0' already exists in 'hsr' [ 100.188385][ T5842] Cannot create hsr debugfs directory [ 100.668055][ T5844] hsr_slave_0: entered promiscuous mode [ 100.675046][ T5844] hsr_slave_1: entered promiscuous mode [ 100.676031][ T5844] debugfs: 'hsr0' already exists in 'hsr' [ 100.676057][ T5844] Cannot create hsr debugfs directory [ 101.220984][ T5846] hsr_slave_0: entered promiscuous mode [ 101.222371][ T5846] hsr_slave_1: entered promiscuous mode [ 101.223357][ T5846] debugfs: 'hsr0' already exists in 'hsr' [ 101.223383][ T5846] Cannot create hsr debugfs directory [ 101.328567][ T5851] hsr_slave_0: entered promiscuous mode [ 101.331062][ T5851] hsr_slave_1: entered promiscuous mode [ 101.332061][ T5851] debugfs: 'hsr0' already exists in 'hsr' [ 101.332093][ T5851] Cannot create hsr debugfs directory [ 101.788851][ T5840] Bluetooth: hci0: command tx timeout [ 101.949051][ T5840] Bluetooth: hci1: command tx timeout [ 102.029821][ T5840] Bluetooth: hci2: command tx timeout [ 102.109236][ T5840] Bluetooth: hci3: command tx timeout [ 102.197086][ T5840] Bluetooth: hci4: command tx timeout [ 102.821452][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 102.867715][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 102.910210][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 102.963396][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 103.094344][ T5842] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 103.138133][ T5842] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 103.174156][ T5842] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 103.226087][ T5842] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 103.408032][ T5844] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 103.455477][ T5844] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 103.490179][ T5844] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 103.548612][ T5844] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 103.714357][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 103.766212][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 103.805828][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 103.865988][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 104.023636][ T5851] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 104.073812][ T5851] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 104.137280][ T5851] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 104.187039][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.193986][ T5851] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 104.336910][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.347234][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.422051][ T84] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.422746][ T84] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.494022][ T1016] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.494257][ T1016] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.506595][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.577595][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.577749][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.627824][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.648438][ T1016] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.648610][ T1016] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.777827][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.826956][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.846401][ T1815] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.846633][ T1815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.908423][ T1815] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.908548][ T1815] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.037179][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.062201][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.124063][ T1815] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.136051][ T1815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.228174][ T1815] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.228966][ T1815] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.315147][ T5851] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.381531][ T3549] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.381758][ T3549] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.451918][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.452077][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.546693][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.787938][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.971959][ T5838] veth0_vlan: entered promiscuous mode [ 106.081939][ T5838] veth1_vlan: entered promiscuous mode [ 106.132914][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.423504][ T5838] veth0_macvtap: entered promiscuous mode [ 106.460941][ T5838] veth1_macvtap: entered promiscuous mode [ 106.506944][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.533800][ T5844] veth0_vlan: entered promiscuous mode [ 106.591145][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.621448][ T5844] veth1_vlan: entered promiscuous mode [ 106.635832][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.647042][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.717674][ T1815] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.741397][ T1815] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.747438][ T1815] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.775388][ T1815] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.067945][ T5846] veth0_vlan: entered promiscuous mode [ 107.129797][ T5844] veth0_macvtap: entered promiscuous mode [ 107.146146][ T5842] veth0_vlan: entered promiscuous mode [ 107.199168][ T5844] veth1_macvtap: entered promiscuous mode [ 107.225407][ T5846] veth1_vlan: entered promiscuous mode [ 107.247996][ T1500] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.248021][ T1500] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.265099][ T5851] veth0_vlan: entered promiscuous mode [ 107.292516][ T5842] veth1_vlan: entered promiscuous mode [ 107.373987][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.393938][ T5851] veth1_vlan: entered promiscuous mode [ 107.426975][ T1815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.426997][ T1815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.439644][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.511229][ T1016] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.518414][ T1815] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.543131][ T1815] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.563619][ T1815] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.564592][ T5846] veth0_macvtap: entered promiscuous mode [ 107.636790][ T5846] veth1_macvtap: entered promiscuous mode [ 107.654687][ T5842] veth0_macvtap: entered promiscuous mode [ 107.779433][ T5842] veth1_macvtap: entered promiscuous mode [ 107.883864][ T5851] veth0_macvtap: entered promiscuous mode [ 107.958150][ T5851] veth1_macvtap: entered promiscuous mode [ 107.984377][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.147779][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.157572][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.158974][ T1500] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.158993][ T1500] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.272950][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.361967][ T1815] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.396014][ T1815] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.431273][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.432862][ T1815] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.467084][ T1815] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.477686][ T3549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.477712][ T3549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.492010][ T1016] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.502377][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.563749][ T3549] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.572132][ T3549] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.608313][ T3549] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.716314][ T3549] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.748809][ T3549] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.856467][ T3549] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.883049][ T3549] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.692914][ T3549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.692937][ T3549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.919657][ T5983] netlink: 'syz.0.16': attribute type 4 has an invalid length. [ 110.020751][ T3200] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.020772][ T3200] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.281464][ T1500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.281486][ T1500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.425949][ T5987] team0: Port device vlan2 added [ 110.593914][ T3632] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.593937][ T3632] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.702529][ T84] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.702551][ T84] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.008469][ T1500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.008492][ T1500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.683344][ T5995] syz.1.21 (5995) used greatest stack depth: 18296 bytes left [ 112.796978][ T6032] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 114.031828][ T38] audit: type=1326 audit(1757209871.926:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6054 comm="syz.1.41" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f90fd70ebe9 code=0x0 [ 114.066188][ T6060] fuse: Unknown parameter 'group_i00000000000000000000' [ 116.237207][ T6097] fuse: Unknown parameter 'group_id00000000000000000000' [ 116.893792][ T6086] sctp: failed to load transform for md5: -2 [ 118.914753][ T6133] netlink: 4 bytes leftover after parsing attributes in process `syz.0.65'. [ 119.047608][ T6139] fuse: Unknown parameter 'group_id00000000000000000000' [ 120.129560][ T6145] netlink: 28 bytes leftover after parsing attributes in process `syz.3.71'. [ 122.247496][ T6178] fuse: Unknown parameter 'group_id00000000000000000000' [ 123.470168][ T6194] netlink: 4 bytes leftover after parsing attributes in process `syz.1.87'. [ 123.660449][ T6199] Zero length message leads to an empty skb [ 124.436095][ T6220] fuse: Bad value for 'user_id' [ 124.436118][ T6220] fuse: Bad value for 'user_id' [ 124.543847][ T6223] syz.0.98 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 124.968749][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.978745][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.988705][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 124.998704][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.008704][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.018701][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.028693][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.038699][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.048699][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 125.058698][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 129.710167][ T6265] fuse: Bad value for 'user_id' [ 129.710190][ T6265] fuse: Bad value for 'user_id' [ 134.651656][ T6312] fuse: Bad value for 'user_id' [ 134.651679][ T6312] fuse: Bad value for 'user_id' [ 138.022968][ T6350] fuse: Bad value for 'fd' [ 138.118089][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.127421][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.864968][ T6358] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 139.254416][ T6364] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 139.587917][ T6373] netlink: 20 bytes leftover after parsing attributes in process `syz.1.150'. [ 139.657989][ T6378] tun0: tun_chr_ioctl cmd 1074025673 [ 140.494272][ T6393] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 143.450996][ T6419] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0104 with DS=0x91 [ 149.716008][ T5157] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 149.744321][ T5157] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 149.745676][ T5157] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 149.746979][ T5157] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 149.748165][ T5157] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 151.868958][ T5157] Bluetooth: hci2: command tx timeout [ 153.948905][ T5157] Bluetooth: hci2: command tx timeout [ 156.028822][ T5157] Bluetooth: hci2: command tx timeout [ 158.110874][ T5157] Bluetooth: hci2: command tx timeout [ 159.756228][ T57] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.832709][ T57] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.290375][ T6565] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 165.645845][ T6594] sctp: [Deprecated]: syz.1.224 (pid 6594) Use of struct sctp_assoc_value in delayed_ack socket option. [ 165.645845][ T6594] Use struct sctp_sack_info instead [ 165.705759][ T57] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.198793][ C0] sched: DL replenish lagged too much [ 216.545395][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 220.725242][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 250.306857][ T6642] Bluetooth: hci3: command tx timeout [ 250.308512][ T6642] Bluetooth: hci0: command tx timeout [ 250.724681][ T57] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.378326][ T6645] Bluetooth: hci4: command tx timeout [ 252.378367][ T6645] Bluetooth: hci1: command tx timeout [ 264.751975][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 264.761314][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 281.710486][ T6655] Bluetooth: hci2: command 0x0406 tx timeout [ 322.616113][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.656505][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.835212][ T39] INFO: task kworker/u8:12:3549 blocked for more than 151 seconds. [ 323.835245][ T39] Not tainted syzkaller #0 [ 323.835257][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 323.835272][ T39] task:kwor[ 323.835272][ T39] task:kworker/u8:12 state:D stack:20264 pid:3549 tgid:3549 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 323.835346][ T39] Workqueue: events_unbound linkwatch_event [ 323.835391][ T39] Call Trace: [ 323.835399][ T39] [ 323.835415][ T39] __schedule+0x16f3/0x4c20 [ 323.835459][ T39] ? unwind_next_frame+0xa5/0x2390 [ 323.835495][ T39] ? ret_from_fork_asm+0x1a/0x30 [ 323.835534][ T39] ? __pfx___schedule+0x10/0x10 [ 323.835588][ T39] ? _raw_spin_unlock_irq+0x23/0x50 [ 323.835627][ T39] rt_mutex_schedule+0x77/0xf0 [ 323.835649][ T39] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 323.835678][ T39] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 323.835735][ T39] rt_mutex_slowlock+0x2b1/0x6e0 [ 323.835767][ T39] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 323.835796][ T39] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 323.835837][ T39] ? linkwatch_event+0xe/0x60 [ 323.835868][ T39] ? process_scheduled_works+0x9ef/0x17b0 [ 323.835903][ T39] ? linkwatch_event+0xe/0x60 [ 323.835924][ T39] mutex_lock_nested+0x16a/0x1d0 [ 323.835949][ T39] ? _raw_spin_unlock_irq+0x23/0x50 [ 323.835983][ T39] ? process_scheduled_works+0x9ef/0x17b0 [ 323.836015][ T39] linkwatch_event+0xe/0x60 [ 323.836037][ T39] process_scheduled_works+0xade/0x17b0 [ 323.836100][ T39] ? __pfx_process_scheduled_works+0x10/0x10 [ 323.836150][ T39] worker_thread+0x8a0/0xda0 [ 323.836211][ T39] kthread+0x70e/0x8a0 [ 323.836251][ T39] ? __pfx_worker_thread+0x10/0x10 [ 323.836281][ T39] ? __pfx_kthread+0x10/0x10 [ 323.836323][ T39] ? __pfx_kthread+0x10/0x10 [ 323.836361][ T39] ret_from_fork+0x3f9/0x770 [ 323.836395][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 323.836433][ T39] ? __switch_to_asm+0x39/0x70 [ 323.836455][ T39] ? __switch_to_asm+0x33/0x70 [ 323.836475][ T39] ? __pfx_kthread+0x10/0x10 [ 323.836513][ T39] ret_from_fork_asm+0x1a/0x30 [ 323.836554][ T39] [ 323.836600][ T39] INFO: task syz-executor:6465 blocked for more than 151 seconds. [ 323.836616][ T39] Not tainted syzkaller #0 [ 323.836628][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 323.836638][ T39] task:syz-executor state:D stack:23912 pid:6465 tgid:6465 ppid:6453 task_flags:0x400140 flags:0x00004000 [ 323.836702][ T39] Call Trace: [ 323.836710][ T39] [ 323.836735][ T39] __schedule+0x16f3/0x4c20 [ 323.836776][ T39] ? sched_clock+0x3f/0x60 [ 323.836803][ T39] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 323.836843][ T39] ? __pfx___schedule+0x10/0x10 [ 323.836904][ T39] rt_mutex_schedule+0x77/0xf0 [ 323.836925][ T39] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 323.836968][ T39] ? rt_mutex_slowlock_block+0x351/0x6d0 [ 323.837001][ T39] rt_mutex_slowlock+0x2b1/0x6e0 [ 323.837032][ T39] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 323.837061][ T39] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 323.837087][ T39] ? __lock_acquire+0xab9/0xd20 [ 323.837132][ T39] ? __tun_chr_ioctl+0x37d/0x1df0 [ 323.837171][ T39] ? __tun_chr_ioctl+0x37d/0x1df0 [ 323.837190][ T39] mutex_lock_nested+0x16a/0x1d0 [ 323.837224][ T39] __tun_chr_ioctl+0x37d/0x1df0 [ 323.837254][ T39] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 323.837284][ T39] ? __pfx_fput_close_sync+0x10/0x10 [ 323.837315][ T39] ? bpf_lsm_file_ioctl+0x9/0x20 [ 323.837349][ T39] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 323.837385][ T39] __se_sys_ioctl+0xfc/0x170 [ 323.837415][ T39] do_syscall_64+0xfa/0x3b0 [ 323.837435][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 323.837469][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.837493][ T39] ? clear_bhb_loop+0x60/0xb0 [ 323.837521][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.837545][ T39] RIP: 0033:0x7f47b2a4e7eb [ 323.837570][ T39] RSP: 002b:00007ffcb5d1e580 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.837593][ T39] RAX: ffffffffffffffda RBX: 00007f47b2c85f40 RCX: 00007f47b2a4e7eb [ 323.837610][ T39] RDX: 00007ffcb5d1e600 RSI: 00000000400454ca RDI: 00000000000000c8 [ 323.837626][ T39] RBP: 00007f47b2c867b8 R08: 0000000000000000 R09: 0000000000000000 [ 323.837640][ T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 323.837654][ T39] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 323.837688][ T39] [ 323.837698][ T39] INFO: task syz.3.230:6608 blocked for more than 151 seconds. [ 323.837713][ T39] Not tainted syzkaller #0 [ 323.837733][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 323.837743][ T39] task:syz.3.230 state:D stack:26504 pid:6608 tgid:6606 ppid:5851 task_flags:0x400140 flags:0x00004004 [ 323.837809][ T39] Call Trace: [ 323.837816][ T39] [ 323.837830][ T39] __schedule+0x16f3/0x4c20 [ 323.837885][ T39] ? __kernel_text_address+0xd/0x40 [ 323.837914][ T39] ? __pfx___schedule+0x10/0x10 [ 323.837967][ T39] ? _raw_spin_unlock_irq+0x23/0x50 [ 323.838007][ T39] rt_mutex_schedule+0x77/0xf0 [ 323.838029][ T39] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 323.838057][ T39] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 323.838104][ T39] rt_mutex_slowlock+0x2b1/0x6e0 [ 323.838135][ T39] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 323.838163][ T39] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 323.838189][ T39] ? __lock_acquire+0xab9/0xd20 [ 323.838233][ T39] ? rtnl_newlink+0x8db/0x1c70 [ 323.838265][ T39] ? safesetid_security_capable+0xa9/0x1a0 [ 323.838295][ T39] ? bpf_lsm_capable+0x9/0x20 [ 323.838324][ T39] ? security_capable+0x7e/0x2e0 [ 323.838362][ T39] ? rtnl_newlink+0x8db/0x1c70 [ 323.838391][ T39] mutex_lock_nested+0x16a/0x1d0 [ 323.838424][ T39] rtnl_newlink+0x8db/0x1c70 [ 323.838470][ T39] ? __pfx_rtnl_newlink+0x10/0x10 [ 323.838498][ T39] ? migrate_enable+0x29c/0x3c0 [ 323.838528][ T39] ? reacquire_held_locks+0x127/0x1d0 [ 323.915011][ T39] ? __pfx_migrate_enable+0x10/0x10 [ 323.915055][ T39] ? __pfx_migrate_enable+0x10/0x10 [ 323.915101][ T39] ? __local_bh_enable+0x23f/0x3d0 [ 323.915131][ T39] ? reacquire_held_locks+0x127/0x1d0 [ 323.915171][ T39] ? __pfx___local_bh_enable+0x10/0x10 [ 323.915209][ T39] ? __local_bh_enable_ip+0x1b2/0x270 [ 323.915239][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 323.915279][ T39] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 323.915307][ T39] ? dev_hard_start_xmit+0x7f5/0x870 [ 323.915332][ T39] ? __dev_queue_xmit+0x26f/0x3b70 [ 323.915366][ T39] ? __dev_queue_xmit+0x26f/0x3b70 [ 323.915390][ T39] ? __dev_queue_xmit+0x26f/0x3b70 [ 323.915418][ T39] ? __dev_queue_xmit+0x1d3d/0x3b70 [ 323.915450][ T39] ? __lock_acquire+0xab9/0xd20 [ 323.915510][ T39] ? __pfx_rtnl_newlink+0x10/0x10 [ 323.915542][ T39] rtnetlink_rcv_msg+0x7cf/0xb70 [ 323.915580][ T39] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 323.915611][ T39] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 323.915640][ T39] ? ref_tracker_free+0x61e/0x7c0 [ 323.915677][ T39] ? __asan_memcpy+0x40/0x70 [ 323.915702][ T39] ? __pfx_ref_tracker_free+0x10/0x10 [ 323.915743][ T39] ? __skb_clone+0x63/0x7a0 [ 323.915777][ T39] netlink_rcv_skb+0x205/0x470 [ 323.915812][ T39] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 323.915846][ T39] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 323.915892][ T39] ? netlink_deliver_tap+0x2e/0x1b0 [ 323.915934][ T39] netlink_unicast+0x843/0xa10 [ 323.915974][ T39] ? __pfx_netlink_unicast+0x10/0x10 [ 323.916005][ T39] ? netlink_sendmsg+0x642/0xb30 [ 323.916037][ T39] ? skb_put+0x11b/0x210 [ 323.916075][ T39] netlink_sendmsg+0x805/0xb30 [ 323.916121][ T39] ? __pfx_netlink_sendmsg+0x10/0x10 [ 323.916163][ T39] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 323.916187][ T39] ? __pfx_netlink_sendmsg+0x10/0x10 [ 323.916222][ T39] __sock_sendmsg+0x219/0x270 [ 323.916255][ T39] ____sys_sendmsg+0x508/0x820 [ 323.916285][ T39] ? __pfx_____sys_sendmsg+0x10/0x10 [ 323.916319][ T39] ? import_iovec+0x74/0xa0 [ 323.916353][ T39] ___sys_sendmsg+0x21f/0x2a0 [ 323.916379][ T39] ? __pfx____sys_sendmsg+0x10/0x10 [ 323.916445][ T39] ? __fget_files+0x2a/0x420 [ 323.916478][ T39] ? __fget_files+0x3a6/0x420 [ 323.916525][ T39] __x64_sys_sendmsg+0x1a1/0x260 [ 323.916552][ T39] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 323.916588][ T39] ? rcu_is_watching+0x15/0xb0 [ 323.916631][ T39] ? do_syscall_64+0xbe/0x3b0 [ 323.916658][ T39] do_syscall_64+0xfa/0x3b0 [ 323.916678][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 323.916721][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.916745][ T39] ? clear_bhb_loop+0x60/0xb0 [ 323.916774][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.916797][ T39] RIP: 0033:0x7f9696e0ebe9 [ 323.916817][ T39] RSP: 002b:00007f9695076038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 323.916841][ T39] RAX: ffffffffffffffda RBX: 00007f9697045fa0 RCX: 00007f9696e0ebe9 [ 323.916858][ T39] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000005 [ 323.916874][ T39] RBP: 00007f9696e91e19 R08: 0000000000000000 R09: 0000000000000000 [ 323.916888][ T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.916902][ T39] R13: 00007f9697046038 R14: 00007f9697045fa0 R15: 00007ffcbc10d6a8 [ 323.916939][ T39] [ 323.916950][ T39] INFO: task syz.4.231:6613 blocked for more than 151 seconds. [ 323.916967][ T39] Not tainted syzkaller #0 [ 323.916979][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 323.916989][ T39] task:syz.4.231 state:D stack:28200 pid:6613 tgid:6610 ppid:5842 task_flags:0x400040 flags:0x00004004 [ 323.917060][ T39] Call Trace: [ 323.917068][ T39] [ 323.917082][ T39] __schedule+0x16f3/0x4c20 [ 323.917146][ T39] ? __pfx___schedule+0x10/0x10 [ 323.917206][ T39] rt_mutex_schedule+0x77/0xf0 [ 323.917227][ T39] ? __rt_mutex_slowlock_locked+0x1a7/0x25e0 [ 323.917254][ T39] __rt_mutex_slowlock_locked+0x1e04/0x25e0 [ 323.917295][ T39] ? __rt_mutex_slowlock_locked+0x1a7/0x25e0 [ 323.917333][ T39] ? __pfx___rt_mutex_slowlock_locked+0x10/0x10 [ 323.917373][ T39] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 323.917413][ T39] ? rcu_is_watching+0x15/0xb0 [ 323.917453][ T39] __rwbase_read_lock+0xbc/0x180 [ 323.917477][ T39] ? __pfx___rwbase_read_lock+0x10/0x10 [ 323.917503][ T39] ? dput+0x37/0x2b0 [ 323.917543][ T39] down_read+0x127/0x1f0 [ 323.917565][ T39] ? __pfx_down_read+0x10/0x10 [ 323.917593][ T39] ? lookup_fast+0x3cb/0x5b0 [ 323.917619][ T39] lookup_slow+0x46/0x70 [ 323.917645][ T39] walk_component+0x2d2/0x400 [ 323.917665][ T39] ? path_lookupat+0x156/0x430 [ 323.917691][ T39] path_lookupat+0x163/0x430 [ 323.917729][ T39] do_o_path+0x97/0x1f0 [ 323.917755][ T39] ? __pfx_do_o_path+0x10/0x10 [ 323.917789][ T39] path_openat+0x312b/0x3840 [ 323.917824][ T39] ? try_to_take_rt_mutex+0x840/0xb00 [ 323.917854][ T39] ? arch_stack_walk+0xfc/0x150 [ 323.917900][ T39] ? rtlock_slowlock_locked+0xd8/0x4010 [ 323.917945][ T39] ? __pfx_path_openat+0x10/0x10 [ 323.917974][ T39] ? do_raw_spin_lock+0x121/0x290 [ 323.918012][ T39] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 323.918048][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 323.918084][ T39] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 323.918129][ T39] do_filp_open+0x1fa/0x410 [ 323.918159][ T39] ? __pfx_do_filp_open+0x10/0x10 [ 323.918183][ T39] ? rt_mutex_slowunlock+0x493/0x8a0 [ 323.918239][ T39] ? alloc_fd+0x64f/0x6c0 [ 323.918285][ T39] do_sys_openat2+0x121/0x1c0 [ 323.918313][ T39] ? __pfx_do_sys_openat2+0x10/0x10 [ 323.918338][ T39] ? exc_page_fault+0x76/0xf0 [ 323.918376][ T39] ? do_user_addr_fault+0xc8a/0x1390 [ 323.918409][ T39] __x64_sys_openat+0x138/0x170 [ 323.918440][ T39] do_syscall_64+0xfa/0x3b0 [ 323.918460][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 323.918494][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.918517][ T39] ? clear_bhb_loop+0x60/0xb0 [ 323.918546][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.030834][ T39] RIP: 0033:0x7f057c6febe9 [ 324.030866][ T39] RSP: 002b:00007f057a945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 324.030890][ T39] RAX: ffffffffffffffda RBX: 00007f057c936090 RCX: 00007f057c6febe9 [ 324.030908][ T39] RDX: 0000000000200002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 324.030924][ T39] RBP: 00007f057c781e19 R08: 0000000000000000 R09: 0000000000000000 [ 324.030939][ T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 324.030952][ T39] R13: 00007f057c936128 R14: 00007f057c936090 R15: 00007ffe08127428 [ 324.030990][ T39] [ 324.031006][ T39] INFO: task syz.1.233:6615 blocked for more than 151 seconds. [ 324.031023][ T39] Not tainted syzkaller #0 [ 324.031034][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 324.031045][ T39] task:syz.1.233 state:D stack:24392 pid:6615 tgid:6615 ppid:5838 task_flags:0x400040 flags:0x00004006 [ 324.031191][ T39] Call Trace: [ 324.031200][ T39] [ 324.031214][ T39] __schedule+0x16f3/0x4c20 [ 324.031263][ T39] ? __lock_acquire+0xab9/0xd20 [ 324.031308][ T39] ? __pfx___schedule+0x10/0x10 [ 324.031363][ T39] ? _raw_spin_unlock_irq+0x23/0x50 [ 324.031401][ T39] rt_mutex_schedule+0x77/0xf0 [ 324.031424][ T39] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 324.031452][ T39] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 324.031500][ T39] rt_mutex_slowlock+0x2b1/0x6e0 [ 324.031532][ T39] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 324.031561][ T39] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 324.031609][ T39] ? __pfx___fsnotify_parent+0x10/0x10 [ 324.031650][ T39] ? tun_chr_close+0x41/0x1c0 [ 324.031682][ T39] mutex_lock_nested+0x16a/0x1d0 [ 324.031720][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 324.031755][ T39] tun_chr_close+0x41/0x1c0 [ 324.031792][ T39] __fput+0x45b/0xa80 [ 324.031830][ T39] task_work_run+0x1d4/0x260 [ 324.031858][ T39] ? __pfx_task_work_run+0x10/0x10 [ 324.031888][ T39] ? exit_to_user_mode_loop+0x40/0x110 [ 324.031925][ T39] exit_to_user_mode_loop+0xec/0x110 [ 324.031958][ T39] do_syscall_64+0x2bd/0x3b0 [ 324.031981][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.032004][ T39] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 324.032027][ T39] ? clear_bhb_loop+0x60/0xb0 [ 324.032055][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.032076][ T39] RIP: 0033:0x7f90fd70ebe9 [ 324.032094][ T39] RSP: 002b:00007ffecd360f98 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 324.032115][ T39] RAX: 0000000000000000 RBX: 0000000000028bf7 RCX: 00007f90fd70ebe9 [ 324.032130][ T39] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 324.032143][ T39] RBP: 00007f90fd947da0 R08: 0000000000000001 R09: 00000015cd36128f [ 324.032159][ T39] R10: 0000001b30a20000 R11: 0000000000000246 R12: 00007f90fd945fac [ 324.032174][ T39] R13: 00007f90fd945fa0 R14: ffffffffffffffff R15: 00007ffecd3610b0 [ 324.032210][ T39] [ 324.032248][ T39] [ 324.032248][ T39] Showing all locks held in the system: [ 324.032257][ T39] 2 locks held by kthreadd/2: [ 324.032270][ T39] #0: ffffffff8dac53a8 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 324.032329][ T39] #1: ffff88801d293858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390 [ 324.032384][ T39] 4 locks held by kworker/0:0/9: [ 324.032397][ T39] #0: ffff88805b12d538 ((wq_completion)wg-kex-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.032463][ T39] #1: ffffc900000e7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.032544][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.032603][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.032663][ T39] 4 locks held by kworker/0:1/10: [ 324.032676][ T39] #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.032745][ T39] #1: ffffc900000f7bc0 ((work_completion)(&(&tbl->gc_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.032806][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.032864][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.032924][ T39] 5 locks held by kworker/u8:1/13: [ 324.032937][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.032997][ T39] #1: ffffc90000127bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.033056][ T39] #2: ffff88805f5b0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 324.033119][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.033177][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.033238][ T39] 4 locks held by pr/legacy/17: [ 324.033251][ T39] 2 locks held by rcuc/0/20: [ 324.033263][ T39] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.033322][ T39] #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.033383][ T39] 2 locks held by rcuc/1/28: [ 324.033395][ T39] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.033454][ T39] #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.033513][ T39] 7 locks held by ktimers/1/29: [ 324.033526][ T39] 2 locks held by ksoftirqd/1/30: [ 324.033539][ T39] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.033597][ T39] #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.033657][ T39] 2 locks held by kworker/1:0/31: [ 324.033670][ T39] 3 locks held by kworker/u8:2/37: [ 324.033683][ T39] 1 lock held by khungtaskd/39: [ 324.033696][ T39] #0: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 324.033796][ T39] 6 locks held by kworker/u8:3/57: [ 324.033809][ T39] #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.033868][ T39] #1: ffffc9000123fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.033926][ T39] #2: ffffffff8ecc6280 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800 [ 324.033989][ T39] #3: ffff88805d55c0d8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x10a/0x3d0 [ 324.034043][ T39] #4: ffff888020b6e300 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x11c/0x3d0 [ 324.034102][ T39] #5: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: nsim_destroy+0xe5/0x670 [ 324.034157][ T39] 6 locks held by kworker/u9:0/59: [ 324.034170][ T39] #0: ffff888027e4b938 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.034230][ T39] #1: ffffc9000125fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.034289][ T39] #2: ffff888024460e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 324.034345][ T39] #3: ffff8880244600a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 324.034406][ T39] #4: ffffffff8ee3ab38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 324.034471][ T39] #5: ffff888027f74b58 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680 [ 324.034542][ T39] 5 locks held by kworker/u8:4/67: [ 324.034555][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.034614][ T39] #1: ffffc9000152fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.034674][ T39] #2: ffff88805fd90898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 324.034742][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.034800][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.034860][ T39] 5 locks held by kworker/u8:5/84: [ 324.034872][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.034932][ T39] #1: ffffc900015bfbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.035004][ T39] #2: ffff88805e9d0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 324.035063][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.035119][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.035202][ T39] 3 locks held by kworker/u8:6/1016: [ 324.035218][ T39] 7 locks held by kworker/u8:7/1210: [ 324.035230][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.035290][ T39] #1: ffffc90005147bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.035351][ T39] #2: ffff88805d792300 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 324.035421][ T39] #3: ffff88805d5f8d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 324.035486][ T39] #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 324.035542][ T39] #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.035600][ T39] #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.035662][ T39] 5 locks held by kworker/u8:9/1500: [ 324.035674][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.035741][ T39] #1: ffffc90005987bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.035800][ T39] #2: ffff88805ec30898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 324.035862][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.035920][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.035981][ T39] 5 locks held by kworker/u8:10/1815: [ 324.035994][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.036053][ T39] #1: ffffc90005f17bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.036114][ T39] #2: ffff888060010898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 324.036174][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.036232][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.036303][ T39] 5 locks held by kworker/u8:11/3200: [ 324.036317][ T39] 3 locks held by kworker/u8:12/3549: [ 324.036330][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.036390][ T39] #1: ffffc9000dbcfbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.036449][ T39] #2: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 324.036502][ T39] 5 locks held by kworker/u8:13/3632: [ 324.036515][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.036574][ T39] #1: ffffc9000debfbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.036632][ T39] #2: ffff88805f910898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 324.036694][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.036761][ T39] #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.036820][ T39] 5 locks held by kworker/u8:14/3636: [ 324.036833][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.036893][ T39] #1: ffffc9000dc4fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.036952][ T39] #2: ffff88805eca0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 324.037014][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.037072][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.037131][ T39] 5 locks held by kworker/u9:1/5157: [ 324.037144][ T39] #0: ffff88802715a138 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.037203][ T39] #1: ffffc900100a7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.037263][ T39] #2: ffff888056bd0e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 324.037317][ T39] #3: ffff888056bd00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 324.037379][ T39] #4: ffffffff8ee3ab38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 324.037443][ T39] 2 locks held by klogd/5197: [ 324.037456][ T39] 3 locks held by dhcpcd/5503: [ 324.037468][ T39] #0: ffff88803b1aaf50 (sk_lock-AF_UNIX){+.+.}-{0:0}, at: sk_setsockopt+0xc2f/0x2a70 [ 324.037532][ T39] #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.037590][ T39] #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.037650][ T39] 2 locks held by getty/5599: [ 324.037662][ T39] #0: ffff88823bf780a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 324.037736][ T39] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 324.037796][ T39] 2 locks held by syz-executor/5826: [ 324.037809][ T39] #0: ffffffff8dac53a8 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60 [ 324.037864][ T39] #1: ffff88801d293858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390 [ 324.037917][ T39] 6 locks held by kworker/1:3/5827: [ 324.037930][ T39] #0: ffff88805b902d38 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.037995][ T39] #1: ffffc900043f7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.038074][ T39] #2: ffff88803bae55f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x115/0x970 [ 324.038134][ T39] #3: ffff8880374e9928 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x126/0x970 [ 324.038191][ T39] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.038250][ T39] #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.038309][ T39] 4 locks held by kworker/u9:2/5840: [ 324.038322][ T39] #0: ffff8880282c1138 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.038381][ T39] #1: ffffc900044a7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.038441][ T39] #2: ffff888056bf0e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 324.038495][ T39] #3: ffff888056bf00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 324.075562][ T39] 5 locks held by kworker/u9:3/5848: [ 324.075584][ T39] #0: ffff888028a0f938 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.075651][ T39] #1: ffffc90004507bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.075720][ T39] #2: ffff8880596f4e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 324.075776][ T39] #3: ffff8880596f40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 324.075839][ T39] #4: ffffffff8ee3ab38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 324.075906][ T39] 4 locks held by kworker/R-wg-cr/5878: [ 324.075919][ T39] #0: ffff88805b903138 ((wq_completion)wg-crypt-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.075984][ T39] #1: ffffc90004ad7ba0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.076044][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.076103][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.076163][ T39] 4 locks held by kworker/0:3/5897: [ 324.076179][ T39] 2 locks held by kworker/0:4/5918: [ 324.076191][ T39] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.076250][ T39] #1: ffffc90004e17bc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.076309][ T39] 2 locks held by napi/wg2-0/5923: [ 324.076321][ T39] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.076380][ T39] #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.076440][ T39] 4 locks held by kworker/0:6/5926: [ 324.076452][ T39] #0: ffff88805b119938 ((wq_completion)wg-kex-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.076517][ T39] #1: ffffc90004e97bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.076599][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.076657][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.076725][ T39] 3 locks held by kworker/1:6/6017: [ 324.076739][ T39] 1 lock held by syz-executor/6465: [ 324.076752][ T39] #0: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x37d/0x1df0 [ 324.076804][ T39] 4 locks held by kworker/1:8/6469: [ 324.076817][ T39] #0: ffff88805af4f538 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.076881][ T39] #1: ffffc90005767bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.076961][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.077019][ T39] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.077079][ T39] 1 lock held by syz.3.230/6608: [ 324.077091][ T39] #0: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 324.077153][ T39] 4 locks held by syz.4.231/6612: [ 324.077166][ T39] #0: ffff888036b2a488 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 324.077225][ T39] #1: ffff88805f190c98 (&type->i_mutex_dir_key#7/1){+.+.}-{4:4}, at: filename_create+0x1f8/0x3c0 [ 324.077293][ T39] #2: ffffffff8d9e0698 (cgroup_mutex){+.+.}-{4:4}, at: cgroup_kn_lock_live+0x13c/0x230 [ 324.077355][ T39] #3: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: cgrp_css_online+0x91/0x300 [ 324.077421][ T39] 1 lock held by syz.4.231/6613: [ 324.077434][ T39] #0: ffff88805f190c98 (&type->i_mutex_dir_key#7){++++}-{4:4}, at: lookup_slow+0x46/0x70 [ 324.077492][ T39] 1 lock held by syz.1.233/6615: [ 324.077505][ T39] #0: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 324.077569][ T39] 3 locks held by kworker/u8:15/6620: [ 324.077581][ T39] #0: ffff88802fafc138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.077641][ T39] #1: ffffc900063ffbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.077708][ T39] #2: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 324.077766][ T39] 7 locks held by kworker/u8:16/6622: [ 324.077780][ T39] 7 locks held by kworker/u8:17/6623: [ 324.077793][ T39] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.077851][ T39] #1: ffffc900063efbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.077913][ T39] #2: ffff88801cb06300 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 324.077979][ T39] #3: ffff88805d073520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 324.078045][ T39] #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 324.078102][ T39] #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.078160][ T39] #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.078220][ T39] 6 locks held by kworker/u8:18/6624: [ 324.078233][ T39] #0: ffff888035dd9138 ((wq_completion)wg-kex-wg1#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.078297][ T39] #1: ffffc9000640fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.078358][ T39] #2: ffff88803601d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0 [ 324.078416][ T39] #3: ffff88805d534388 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0 [ 324.078473][ T39] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.078531][ T39] #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.147301][ T39] 4 locks held by kworker/u8:19/6625: [ 324.147317][ T39] #0: ffff88814dbdd938 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.147380][ T39] #1: ffffc9000641fbc0 ((work_completion)(&(&bat_priv->tt.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.147439][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.147496][ T39] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.147557][ T39] 2 locks held by kworker/u8:20/6626: [ 324.147571][ T39] 2 locks held by kworker/u8:21/6627: [ 324.147586][ T39] 4 locks held by kworker/0:8/6631: [ 324.147598][ T39] #0: ffff88805b73ed38 ((wq_completion)wg-kex-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.147663][ T39] #1: ffffc9000630fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.147745][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.147803][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.147862][ T39] 3 locks held by kworker/1:9/6632: [ 324.147876][ T39] #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.147936][ T39] #1: ffffc9000647fbc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.148001][ T39] #2: ffffffff8ecd3178 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf30 [ 324.148069][ T39] 4 locks held by kworker/1:10/6634: [ 324.148082][ T39] #0: ffff888019899138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.148141][ T39] #1: ffffc900064afbc0 ((work_completion)(&(&ipvs->defense_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.148202][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.148260][ T39] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.148321][ T39] 5 locks held by kworker/0:9/6635: [ 324.148333][ T39] #0: ffff88805b914138 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.148398][ T39] #1: ffffc9000637fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.148480][ T39] #2: ffff88805ba115f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900 [ 324.148539][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.167089][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.167151][ T39] 5 locks held by kworker/0:10/6636: [ 324.167165][ T39] #0: ffff88805af4f538 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.167228][ T39] #1: ffffc900064cfbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.167306][ T39] #2: ffff88805d57a3c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0 [ 324.167363][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.167419][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.167477][ T39] 10 locks held by syz-executor/6637: [ 324.167491][ T39] 4 locks held by kworker/0:11/6638: [ 324.167503][ T39] #0: ffff888039b6d538 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.167566][ T39] #1: ffffc900064dfbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.167644][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.167700][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.167757][ T39] 5 locks held by kworker/1:11/6639: [ 324.167770][ T39] #0: ffff88805b914138 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.167832][ T39] #1: ffffc90004d97bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.167909][ T39] #2: ffff88805ba115f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x1c7/0xb00 [ 324.167973][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.168029][ T39] #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.168087][ T39] 4 locks held by kworker/0:12/6640: [ 324.168100][ T39] #0: ffff88805b916d38 ((wq_completion)wg-kex-wg2#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.168162][ T39] #1: ffffc90004447bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.168240][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.168296][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.168354][ T39] 4 locks held by kworker/1:12/6641: [ 324.168366][ T39] #0: ffff888039b6d538 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.168428][ T39] #1: ffffc900064ffbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.168505][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.342180][ T39] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.342261][ T39] 5 locks held by kworker/u9:4/6642: [ 324.342275][ T39] #0: ffff888037e01138 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.342337][ T39] #1: ffffc9000650fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.342397][ T39] #2: ffff88805a8e4e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 324.342452][ T39] #3: ffff88805a8e40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 324.342516][ T39] #4: ffffffff8ee3ab38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 324.342582][ T39] 4 locks held by kworker/1:13/6644: [ 324.342595][ T39] #0: ffff88805b12f538 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.342660][ T39] #1: ffffc9000652fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.342741][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.342800][ T39] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.342860][ T39] 1 lock held by dhcpcd/6646: [ 324.342873][ T39] #0: ffff88803d64ee78 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 324.342937][ T39] 4 locks held by kworker/0:13/6647: [ 324.342950][ T39] #0: ffff88805b915138 ((wq_completion)wg-kex-wg1#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.343022][ T39] #1: ffffc9000639fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.343101][ T39] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.343160][ T39] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.343219][ T39] 6 locks held by kworker/u8:27/6648: [ 324.343232][ T39] #0: ffff88805b7fc938 ((wq_completion)wg-kex-wg2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.343297][ T39] #1: ffffc9000655fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.343358][ T39] #2: ffff888031d3d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0 [ 324.343417][ T39] #3: ffff88805d57ce20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0 [ 324.343475][ T39] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.343533][ T39] #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.343593][ T39] 1 lock held by syz-executor/6649: [ 324.343608][ T39] 2 locks held by syz-executor/6653: [ 324.343622][ T39] 6 locks held by kworker/u8:29/6657: [ 324.343634][ T39] #0: ffff888035dd9138 ((wq_completion)wg-kex-wg1#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.343699][ T39] #1: ffffc900065cfbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.343760][ T39] #2: ffff88803601d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0 [ 324.343818][ T39] #3: ffff88805d5338f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0 [ 324.343874][ T39] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.343932][ T39] #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.343999][ T39] 4 locks held by kworker/1:19/6661: [ 324.344012][ T39] #0: ffff88805b3c4938 ((wq_completion)wg-kex-wg1#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.344076][ T39] #1: ffffc9000660fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.344158][ T39] #2: ffff88803601d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900 [ 324.344217][ T39] #3: ffff88805d534388 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x4de/0x900 [ 324.344275][ T39] 6 locks held by kworker/u8:31/6662: [ 324.344288][ T39] #0: ffff88805b9f2138 ((wq_completion)wg-kex-wg1#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.344353][ T39] #1: ffffc9000661fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.344414][ T39] #2: ffff88805ba155f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0 [ 324.344471][ T39] #3: ffff8880374ea3c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0 [ 324.344529][ T39] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.344587][ T39] #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.344646][ T39] 1 lock held by dhcpcd/6663: [ 324.344659][ T39] #0: ffff888036d6a350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0 [ 324.344718][ T39] 4 locks held by kworker/u8:32/6665: [ 324.344731][ T39] 5 locks held by kworker/0:14/6666: [ 324.344743][ T39] #0: ffff88805b3c4938 ((wq_completion)wg-kex-wg1#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 324.344808][ T39] #1: ffffc9000636fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 324.344887][ T39] #2: ffff88803601d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x1c7/0xb00 [ 324.344945][ T39] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.345009][ T39] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.345068][ T39] 3 locks held by dhcpcd/6667: [ 324.345081][ T39] #0: ffff8880199dc350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0 [ 324.345138][ T39] #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 324.345196][ T39] #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 324.345258][ T39] [ 324.345264][ T39] ============================================= [ 324.345264][ T39] [ 324.345291][ T39] NMI backtrace for cpu 0 [ 324.345319][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 324.345344][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 324.345358][ T39] Call Trace: [ 324.345366][ T39] [ 324.345376][ T39] dump_stack_lvl+0x189/0x250 [ 324.345416][ T39] ? __pfx_dump_stack_lvl+0x10/0x10 [ 324.345450][ T39] ? __pfx__printk+0x10/0x10 [ 324.345490][ T39] nmi_cpu_backtrace+0x39e/0x3d0 [ 324.345522][ T39] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 324.345554][ T39] ? __pfx__printk+0x10/0x10 [ 324.345584][ T39] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 324.345616][ T39] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 324.345648][ T39] watchdog+0xf93/0xfe0 [ 324.345685][ T39] ? watchdog+0x1de/0xfe0 [ 324.345719][ T39] kthread+0x70e/0x8a0 [ 324.345758][ T39] ? __pfx_watchdog+0x10/0x10 [ 324.345788][ T39] ? __pfx_kthread+0x10/0x10 [ 324.345828][ T39] ? __pfx_kthread+0x10/0x10 [ 324.345864][ T39] ret_from_fork+0x3f9/0x770 [ 324.345897][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 324.345934][ T39] ? __switch_to_asm+0x39/0x70 [ 324.345954][ T39] ? __switch_to_asm+0x33/0x70 [ 324.345981][ T39] ? __pfx_kthread+0x10/0x10 [ 324.346017][ T39] ret_from_fork_asm+0x1a/0x30 [ 324.346057][ T39] [ 324.346066][ T39] Sending NMI from CPU 0 to CPUs 1: [ 324.346093][ C1] NMI backtrace for cpu 1 [ 324.346108][ C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 324.346128][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 324.346139][ C1] RIP: 0010:lockdep_hardirqs_on_prepare+0x107/0x2a0 [ 324.346167][ C1] Code: 20 0b 00 00 45 31 ff 4d 89 f4 eb 13 49 ff c7 48 63 83 18 0b 00 00 49 83 c4 28 49 39 c7 7d 44 49 83 ff 31 73 2d 41 8b 44 24 20 00 00 04 00 74 db 25 00 00 03 00 83 f8 01 ba 03 00 00 00 83 da [ 324.346182][ C1] RSP: 0018:ffffc90000a3f660 EFLAGS: 00000083 [ 324.346197][ C1] RAX: 0000000000040128 RBX: ffff88801caf1dc0 RCX: ffffffff929f7768 [ 324.346211][ C1] RDX: 0000000000000003 RSI: ffff88801caf28e0 RDI: ffff88801caf1dc0 [ 324.346223][ C1] RBP: ffffc90000a3f730 R08: ffffffff8f1d5a37 R09: 1ffffffff1e3ab46 [ 324.346237][ C1] R10: dffffc0000000000 R11: fffffbfff1e3ab47 R12: ffff88801caf2908 [ 324.346251][ C1] R13: ffffc90000a3f788 R14: ffff88801caf28e0 R15: 0000000000000001 [ 324.346264][ C1] FS: 0000000000000000(0000) GS:ffff8881269bf000(0000) knlGS:0000000000000000 [ 324.346279][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 324.346292][ C1] CR2: 00007ff193365f40 CR3: 0000000035944000 CR4: 00000000003526f0 [ 324.346308][ C1] Call Trace: [ 324.346315][ C1] [ 324.346323][ C1] trace_hardirqs_on+0x28/0x40 [ 324.346347][ C1] _raw_spin_unlock_irqrestore+0x85/0x110 [ 324.346375][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 324.346402][ C1] ? NF_HOOK+0x9a/0x3a0 [ 324.346430][ C1] rt_spin_lock+0x167/0x2c0 [ 324.346453][ C1] ? __pfx_rt_spin_lock+0x10/0x10 [ 324.346477][ C1] ? process_backlog+0x27b/0x900 [ 324.346503][ C1] process_backlog+0x425/0x900 [ 324.346533][ C1] __napi_poll+0xb3/0x540 [ 324.346556][ C1] net_rx_action+0x707/0xe00 [ 324.346589][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 324.346630][ C1] handle_softirqs+0x22f/0x710 [ 324.346657][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 324.346685][ C1] run_ktimerd+0xcf/0x190 [ 324.346715][ C1] ? __pfx_run_ktimerd+0x10/0x10 [ 324.346740][ C1] ? schedule+0x91/0x360 [ 324.346768][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 324.346789][ C1] smpboot_thread_fn+0x53f/0xa60 [ 324.346813][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 324.346840][ C1] kthread+0x70e/0x8a0 [ 324.346868][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 324.346891][ C1] ? __pfx_kthread+0x10/0x10 [ 324.346920][ C1] ? __pfx_kthread+0x10/0x10 [ 324.346948][ C1] ret_from_fork+0x3f9/0x770 [ 324.346974][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 324.347001][ C1] ? __switch_to_asm+0x39/0x70 [ 324.347018][ C1] ? __switch_to_asm+0x33/0x70 [ 324.347034][ C1] ? __pfx_kthread+0x10/0x10 [ 324.347061][ C1] ret_from_fork_asm+0x1a/0x30 [ 324.347086][ C1] [ 324.348096][ T39] Kernel panic - not syncing: hung_task: blocked tasks [ 324.348113][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 324.348138][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 324.348150][ T39] Call Trace: [ 324.348159][ T39] [ 324.348168][ T39] dump_stack_lvl+0x99/0x250 [ 324.348203][ T39] ? __asan_memcpy+0x40/0x70 [ 324.348228][ T39] ? __pfx_dump_stack_lvl+0x10/0x10 [ 324.348263][ T39] ? __pfx__printk+0x10/0x10 [ 324.348301][ T39] vpanic+0x281/0x750 [ 324.348338][ T39] ? __pfx_vpanic+0x10/0x10 [ 324.348371][ T39] ? __x2apic_send_IPI_mask+0x1e4/0x260 [ 324.348395][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 324.348440][ T39] panic+0xb9/0xc0 [ 324.348473][ T39] ? __pfx_panic+0x10/0x10 [ 324.348512][ T39] ? irq_work_queue+0xc3/0x140 [ 324.348545][ T39] ? nmi_trigger_cpumask_backtrace+0x234/0x300 [ 324.348580][ T39] watchdog+0xfd2/0xfe0 [ 324.348614][ T39] ? watchdog+0x1de/0xfe0 [ 324.348651][ T39] kthread+0x70e/0x8a0 [ 324.348690][ T39] ? __pfx_watchdog+0x10/0x10 [ 324.348719][ T39] ? __pfx_kthread+0x10/0x10 [ 324.348760][ T39] ? __pfx_kthread+0x10/0x10 [ 324.348796][ T39] ret_from_fork+0x3f9/0x770 [ 324.348829][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 324.348867][ T39] ? __switch_to_asm+0x39/0x70 [ 324.348887][ T39] ? __switch_to_asm+0x33/0x70 [ 324.348908][ T39] ? __pfx_kthread+0x10/0x10 [ 324.348944][ T39] ret_from_fork_asm+0x1a/0x30 [ 324.348991][ T39] [ 324.349391][ T39] Kernel Offset: disabled