program:
timer_create(0xfffffffffffffffd, 0x0, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x77359400}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000140)={{}, {0x0, 0x3938700}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ifreq(r0, 0x89a3, &(0x7f0000000000)={'bridge0\x00', @ifru_addrs=@l2={0x1f, 0x0, @fixed}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x30, r2, 0x1, 0x0, 0x0, {{}, {}, {0x6, 0x18, {0x732, @bearer=@udp='udp:syz2\x00'}}}}, 0x30}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100), r0)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x2b}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0xd9a4c981588919af)
[ 80.712454][ T5306] Bluetooth: hci0: command tx timeout
[ 80.729407][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[ 80.731965][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[ 80.810071][ T5322] bridge_slave_1: left allmulticast mode
[ 80.812385][ T5322] bridge_slave_1: left promiscuous mode
[ 80.815154][ T5322] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.818283][ C0]
[ 80.819272][ C0] =============================
[ 80.821181][ C0] [ BUG: Invalid wait context ]
[ 80.822861][ C0] 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0 Not tainted
[ 80.825280][ C0] -----------------------------
[ 80.827190][ C0] syz.0.0/5322 is trying to lock:
[ 80.829137][ C0] ffff88805ffd7298 (&zone->lock){..-.}-{3:3}, at: get_page_from_freelist+0xb3d/0x37a0
[ 80.832826][ C0] other info that might help us debug this:
[ 80.834893][ C0] context-{2:2}
[ 80.836131][ C0] 5 locks held by syz.0.0/5322:
[ 80.837950][ C0] #0: ffffffff8fc9af08 (br_ioctl_mutex){+.+.}-{4:4}, at: br_ioctl_call+0x57/0xb0
[ 80.841348][ C0] #1: ffffffff8fcb5908 (rtnl_mutex){+.+.}-{4:4}, at: br_ioctl_stub+0xa4/0xb00
[ 80.844683][ C0] #2: ffff8880003fcd98 (&br->lock){+...}-{3:3}, at: del_nbp+0x177/0xb40
[ 80.847764][ C0] #3: ffff8880003fcdd8 (&br->hash_lock){+.-.}-{3:3}, at: br_fdb_delete_by_port+0x3c/0x310
[ 80.851512][ C0] #4: ffff88801fc44ad8 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x7d3/0x37a0
[ 80.855177][ C0] stack backtrace:
[ 80.856604][ C0] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0
[ 80.860527][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 80.864471][ C0] Call Trace:
[ 80.865739][ C0]
[ 80.866870][ C0] dump_stack_lvl+0x241/0x360
[ 80.868544][ C0] ? __pfx_dump_stack_lvl+0x10/0x10
[ 80.870398][ C0] ? __pfx__printk+0x10/0x10
[ 80.872151][ C0] ? __find_rr_leaf+0x747/0x8e0
[ 80.874085][ C0] __lock_acquire+0x15a8/0x2100
[ 80.875926][ C0] lock_acquire+0x1ed/0x550
[ 80.877595][ C0] ? get_page_from_freelist+0xb3d/0x37a0
[ 80.879748][ C0] ? stack_trace_save+0x118/0x1d0
[ 80.881634][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 80.883535][ C0] ? __asan_memset+0x23/0x50
[ 80.885328][ C0] ? unwind_next_frame+0x193b/0x22d0
[ 80.887322][ C0] ? validate_chain+0x11e/0x5920
[ 80.889241][ C0] ? ret_from_fork_asm+0x1a/0x30
[ 80.891159][ C0] _raw_spin_lock_irqsave+0xd5/0x120
[ 80.893123][ C0] ? get_page_from_freelist+0xb3d/0x37a0
[ 80.895225][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 80.897433][ C0] get_page_from_freelist+0xb3d/0x37a0
[ 80.899447][ C0] __alloc_pages_noprof+0x292/0x710
[ 80.901423][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10
[ 80.903454][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 80.905770][ C0] ? __kernel_text_address+0xd/0x40
[ 80.908008][ C0] ? unwind_get_return_address+0x4d/0x90
[ 80.909915][ C0] alloc_pages_mpol_noprof+0x3e1/0x780
[ 80.911901][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 80.914234][ C0] ? stack_trace_save+0x118/0x1d0
[ 80.916122][ C0] ? alloc_pages_noprof+0x43/0x170
[ 80.918049][ C0] stack_depot_save_flags+0x72d/0x940
[ 80.920156][ C0] kasan_save_stack+0x4f/0x60
[ 80.921957][ C0] ? kasan_save_stack+0x3f/0x60
[ 80.923885][ C0] ? __kasan_record_aux_stack+0xac/0xc0
[ 80.925941][ C0] ? task_work_add+0xd9/0x490
[ 80.927752][ C0] ? run_posix_cpu_timers+0x6ac/0x810
[ 80.929823][ C0] ? tick_nohz_handler+0x37c/0x500
[ 80.931751][ C0] ? __hrtimer_run_queues+0x551/0xd30
[ 80.933681][ C0] ? hrtimer_interrupt+0x403/0xa40
[ 80.935608][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420
[ 80.937929][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0
[ 80.940165][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 80.942563][ C0] ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 80.944815][ C0] ? __rmqueue_pcplist+0x21fd/0x2a90
[ 80.946697][ C0] ? get_page_from_freelist+0x886/0x37a0
[ 80.948699][ C0] ? __alloc_pages_noprof+0x292/0x710
[ 80.950802][ C0] ? alloc_pages_mpol_noprof+0x3e1/0x780
[ 80.952900][ C0] ? stack_depot_save_flags+0x72d/0x940
[ 80.954959][ C0] ? save_stack+0x109/0x1f0
[ 80.956542][ C0] ? __set_page_owner+0x92/0x800
[ 80.958231][ C0] ? post_alloc_hook+0x1f3/0x230
[ 80.960059][ C0] ? get_page_from_freelist+0x365c/0x37a0
[ 80.962020][ C0] ? __alloc_pages_noprof+0x292/0x710
[ 80.963972][ C0] ? alloc_pages_mpol_noprof+0x3e1/0x780
[ 80.966012][ C0] ? alloc_slab_page+0x6a/0x110
[ 80.967721][ C0] ? allocate_slab+0x5a/0x2b0
[ 80.969245][ C0] ? ___slab_alloc+0xc27/0x14a0
[ 80.971023][ C0] ? __slab_alloc+0x58/0xa0
[ 80.972676][ C0] ? kmem_cache_alloc_node_noprof+0x269/0x380
[ 80.974841][ C0] ? kmalloc_reserve+0xa8/0x2a0
[ 80.976554][ C0] ? __alloc_skb+0x1f3/0x440
[ 80.978321][ C0] ? fdb_notify+0xa8/0x170
[ 80.980016][ C0] ? fdb_delete+0xf49/0x1210
[ 80.981731][ C0] ? br_fdb_delete_by_port+0x150/0x310
[ 80.983714][ C0] ? br_stp_disable_port+0x11b/0x1c0
[ 80.985825][ C0] ? del_nbp+0x17f/0xb40
[ 80.987518][ C0] ? br_del_if+0x145/0x320
[ 80.989265][ C0] ? br_ioctl_stub+0x47b/0xb00
[ 80.991140][ C0] ? br_ioctl_call+0x7d/0xb0
[ 80.992912][ C0] ? dev_ifsioc+0xc20/0xe70
[ 80.994634][ C0] ? dev_ioctl+0x719/0x1340
[ 80.996395][ C0] ? sock_do_ioctl+0x240/0x460
[ 80.998045][ C0] ? sock_ioctl+0x626/0x8e0
[ 80.999932][ C0] ? __se_sys_ioctl+0xf5/0x170
[ 81.001749][ C0] ? do_syscall_64+0xf3/0x230
[ 81.003504][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.005762][ C0] ? __phys_addr+0xba/0x170
[ 81.007476][ C0] __kasan_record_aux_stack+0xac/0xc0
[ 81.009396][ C0] task_work_add+0xd9/0x490
[ 81.010993][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 81.012759][ C0] ? __pfx_task_work_add+0x10/0x10
[ 81.015034][ C0] run_posix_cpu_timers+0x6ac/0x810
[ 81.017119][ C0] ? __pfx_run_posix_cpu_timers+0x10/0x10
[ 81.019329][ C0] ? sched_balance_trigger+0x51/0x890
[ 81.021353][ C0] tick_nohz_handler+0x37c/0x500
[ 81.023297][ C0] ? __pfx_tick_nohz_handler+0x10/0x10
[ 81.025242][ C0] __hrtimer_run_queues+0x551/0xd30
[ 81.027039][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 81.029239][ C0] ? kvm_clock_get_cycles+0x52/0x70
[ 81.031164][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0
[ 81.033479][ C0] hrtimer_interrupt+0x403/0xa40
[ 81.035345][ C0] __sysvec_apic_timer_interrupt+0x110/0x420
[ 81.037460][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0
[ 81.039620][ C0]
[ 81.040775][ C0]
[ 81.041861][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 81.043975][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[ 81.046423][ C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 fe 0f 3a f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 43 b6 a1 f5 65 8b 05 b4 f8 37 74 85 c0 74 43 48 c7 04 24 0e 36
[ 81.053724][ C0] RSP: 0018:ffffc9000d3066a0 EFLAGS: 00000206
[ 81.056125][ C0] RAX: 82eb1e80a256ef00 RBX: 1ffff92001a60cd8 RCX: ffffffff817b387a
[ 81.059000][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0a98e0 RDI: 0000000000000001
[ 81.062043][ C0] RBP: ffffc9000d306738 R08: ffffffff942ab887 R09: 1ffffffff2855710
[ 81.064976][ C0] R10: dffffc0000000000 R11: fffffbfff2855711 R12: dffffc0000000000
[ 81.067897][ C0] R13: 1ffff92001a60cd4 R14: ffffc9000d3066c0 R15: 0000000000000246
[ 81.070800][ C0] ? mark_lock+0x9a/0x360
[ 81.072455][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.074914][ C0] __rmqueue_pcplist+0x21fd/0x2a90
[ 81.076864][ C0] get_page_from_freelist+0x886/0x37a0
[ 81.078972][ C0] ? validate_chain+0x15c0/0x5920
[ 81.080780][ C0] __alloc_pages_noprof+0x292/0x710
[ 81.082732][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10
[ 81.084812][ C0] ? br_stp_disable_port+0x11b/0x1c0
[ 81.086893][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 81.089102][ C0] alloc_pages_mpol_noprof+0x3e1/0x780
[ 81.091099][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 81.093276][ C0] ? stack_trace_save+0x118/0x1d0
[ 81.095305][ C0] ? alloc_pages_noprof+0x43/0x170
[ 81.097185][ C0] stack_depot_save_flags+0x72d/0x940
[ 81.099213][ C0] save_stack+0x109/0x1f0
[ 81.100915][ C0] ? mark_lock+0x9a/0x360
[ 81.102611][ C0] ? __pfx_save_stack+0x10/0x10
[ 81.104659][ C0] ? post_alloc_hook+0x1f3/0x230
[ 81.106471][ C0] ? get_page_from_freelist+0x365c/0x37a0
[ 81.108586][ C0] ? __alloc_pages_noprof+0x292/0x710
[ 81.110514][ C0] ? alloc_pages_mpol_noprof+0x3e1/0x780
[ 81.112629][ C0] ? alloc_slab_page+0x6a/0x110
[ 81.114517][ C0] ? allocate_slab+0x5a/0x2b0
[ 81.116307][ C0] ? ___slab_alloc+0xc27/0x14a0
[ 81.118094][ C0] ? __slab_alloc+0x58/0xa0
[ 81.119737][ C0] ? kmem_cache_alloc_node_noprof+0x269/0x380
[ 81.121988][ C0] ? kmalloc_reserve+0xa8/0x2a0
[ 81.124023][ C0] ? __alloc_skb+0x1f3/0x440
[ 81.126054][ C0] ? fdb_notify+0xa8/0x170
[ 81.127878][ C0] ? fdb_delete+0xf49/0x1210
[ 81.129487][ C0] ? br_fdb_delete_by_port+0x150/0x310
[ 81.131527][ C0] ? br_stp_disable_port+0x11b/0x1c0
[ 81.133654][ C0] ? del_nbp+0x17f/0xb40
[ 81.135324][ C0] __set_page_owner+0x92/0x800
[ 81.137132][ C0] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 81.139605][ C0] ? get_page_from_freelist+0x891/0x37a0
[ 81.141686][ C0] ? __pfx_lock_release+0x10/0x10
[ 81.143629][ C0] ? __pfx___set_page_owner+0x10/0x10
[ 81.145658][ C0] post_alloc_hook+0x1f3/0x230
[ 81.147501][ C0] get_page_from_freelist+0x365c/0x37a0
[ 81.149600][ C0] __alloc_pages_noprof+0x292/0x710
[ 81.151458][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10
[ 81.153532][ C0] alloc_pages_mpol_noprof+0x3e1/0x780
[ 81.155497][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 81.157673][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 81.159931][ C0] ? alloc_pages_noprof+0x43/0x170
[ 81.161769][ C0] alloc_slab_page+0x6a/0x110
[ 81.163475][ C0] allocate_slab+0x5a/0x2b0
[ 81.165179][ C0] ___slab_alloc+0xc27/0x14a0
[ 81.167020][ C0] ? kmalloc_reserve+0xa8/0x2a0
[ 81.168783][ C0] ? kmalloc_reserve+0xa8/0x2a0
[ 81.170666][ C0] __slab_alloc+0x58/0xa0
[ 81.172338][ C0] kmem_cache_alloc_node_noprof+0x269/0x380
[ 81.174557][ C0] ? kmalloc_reserve+0xa8/0x2a0
[ 81.176342][ C0] kmalloc_reserve+0xa8/0x2a0
[ 81.178126][ C0] __alloc_skb+0x1f3/0x440
[ 81.179791][ C0] ? __pfx_br_switchdev_fdb_notify+0x10/0x10
[ 81.181991][ C0] ? __pfx___alloc_skb+0x10/0x10
[ 81.183976][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 81.186153][ C0] fdb_notify+0xa8/0x170
[ 81.187807][ C0] fdb_delete+0xf49/0x1210
[ 81.189410][ C0] ? fdb_delete+0x3b0/0x1210
[ 81.191146][ C0] ? __pfx_fdb_delete+0x10/0x10
[ 81.192910][ C0] ? __timer_delete+0xdf/0x380
[ 81.194823][ C0] ? br_fdb_delete_by_port+0x3c/0x310
[ 81.196832][ C0] br_fdb_delete_by_port+0x150/0x310
[ 81.198816][ C0] br_stp_disable_port+0x11b/0x1c0
[ 81.200750][ C0] del_nbp+0x17f/0xb40
[ 81.202260][ C0] br_del_if+0x145/0x320
[ 81.203908][ C0] ? br_ioctl_stub+0x46e/0xb00
[ 81.205746][ C0] br_ioctl_stub+0x47b/0xb00
[ 81.207524][ C0] ? br_ioctl_call+0x57/0xb0
[ 81.209294][ C0] ? __pfx_br_ioctl_stub+0x10/0x10
[ 81.211373][ C0] ? __pfx___mutex_lock+0x10/0x10
[ 81.213256][ C0] ? netdev_run_todo+0xf88/0x1000
[ 81.215199][ C0] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 81.217194][ C0] ? __pfx_netdev_run_todo+0x10/0x10
[ 81.219145][ C0] ? __pfx_br_ioctl_stub+0x10/0x10
[ 81.221034][ C0] br_ioctl_call+0x7d/0xb0
[ 81.222774][ C0] dev_ifsioc+0xc20/0xe70
[ 81.224299][ C0] ? __pfx_dev_ifsioc+0x10/0x10
[ 81.226296][ C0] ? dev_load+0x21/0x1f0
[ 81.227936][ C0] dev_ioctl+0x719/0x1340
[ 81.229469][ C0] sock_do_ioctl+0x240/0x460
[ 81.231384][ C0] ? __pfx_sock_do_ioctl+0x10/0x10
[ 81.233215][ C0] sock_ioctl+0x626/0x8e0
[ 81.234787][ C0] ? __pfx_sock_ioctl+0x10/0x10
[ 81.236334][ C0] ? __fget_files+0x2a/0x410
[ 81.237988][ C0] ? __fget_files+0x2a/0x410
[ 81.239863][ C0] ? __pfx_sock_ioctl+0x10/0x10
[ 81.241562][ C0] __se_sys_ioctl+0xf5/0x170
[ 81.243249][ C0] do_syscall_64+0xf3/0x230
[ 81.245158][ C0] ? clear_bhb_loop+0x35/0x90
[ 81.246942][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.249120][ C0] RIP: 0033:0x7fc9da985d29
[ 81.250870][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 81.257972][ C0] RSP: 002b:00007fc9db79c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 81.261284][ C0] RAX: ffffffffffffffda RBX: 00007fc9dab75fa0 RCX: 00007fc9da985d29
[ 81.264696][ C0] RDX: 0000000020000000 RSI: 00000000000089a3 RDI: 0000000000000003
[ 81.268527][ C0] RBP: 00007fc9daa01b08 R08: 0000000000000000 R09: 0000000000000000
[ 81.272205][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 81.275941][ C0] R13: 0000000000000000 R14: 00007fc9dab75fa0 R15: 00007ffdd2ce3948
[ 81.279696][ C0]
[ 81.288656][ T56] cfg80211: failed to load regulatory.db